Security posts on CNET

Security

Protect your passwords with a free year of RoboForm Everywhere

In the wake of Heartbleed, netizens are scrambling to change their passwords. But then how do you handle the headache of remembering all those new passwords? RoboForm has the answer: one free year of RoboForm Everywhere, a $19.95 value.

A convenient password manager, form-filler, and bookmarking app, RoboForm Login eliminates the manual steps required to log in to online accounts. You keep your passwords and log-in info in RoboForm's encrypted cloud, and then you only have to remember one master password. RoboForm Everywhere applies the convenience of RoboForm Desktop to all your devices, even mobile ones. Compare the features below.… Read more

Get Malwarebytes Anti-Malware Premium for $19.95

When it comes to malware protection, no name is as trusted as Malwarebytes Anti-Malware. Known for its reliable scanner and high detection rate, Malwarebytes Anti-Malware is one utility we consistently recommend users have in their arsenal alongside their antivirus.

The latest 2.0 update brings substantial changes to Malwarebytes including an integrated rootkit detection engine and an updated, sleeker UI. Celebrating this release, Malwarebytes is offering their premium anti-malware scanner at a discounted price for a limited time. Get an entire year of Malwarebytes Anti-Malware Premium for three PCs (orig. $24.95) for only $19.95.

What makes Malwarebytes Anti-Malware … Read more

Spring into cleaning with Wise Care 365 Pro

Spring is here, which means it's time to give your home a good deep cleaning. Why not give your computer a refresher as well? Fortunately for you, we're bringing back our popular Wise Care 365 Pro deal. An all-in-one utility, Wise Care 365 Pro will clean, optimize, and slim down your PC for faster booting. Now you can get a lifetime subscription of Wise Care 365 Pro for half off! Pay only $27 (regularly $54), exclusively on Download.com.

With all the PC optimizers, Registry cleaners, and disks sweepers, it can be time-consuming to switch between different utilities … Read more

Microsoft revises privacy policy in wake of Hotmail search case

Microsoft promised to toughen policies regarding the company's potential reading of Hotmail users' emails, after an outcry over Microsoft searching a user's Hotmail account to discover the identity of someone now charged with stealing company secrets.

John Frank, Microsoft's deputy general counsel, said that in the future, the company would meet a more rigorous standard before peeking into a non-employee's Hotmail account.

There are four parts to the new standard, Frank said:

We will not conduct a search of customer email and other services unless the circumstances would justify a court order, if one were available. … Read more

NSA top lawyer says tech giants knew about data collection

The top lawyer for the National Security Agency and others from the Obama administration made it clear to the US government's independent oversight board that tech titans knew about government surveillance while it was going on.

NSA general counsel Rajesh De told the Privacy and Civil Liberties Oversight Board on Wednesday that tech titans were aware that the NSA was collecting communications and related metadata both for the NSA's "PRISM" program and for "upstream" communications crossing the Internet. PRISM is a surveillance program designed to collect and process "foreign intelligence" that passes … Read more

Beware this big iOS flaw -- and it's not alone

VANCOUVER -- A change that Apple imposed to make iOS 7 more secure instead has dramatically weakened the security of devices running that mobile operating system, a security researcher has charged.

At the CanSecWest conference here last week, Azimuth Security researcher Tarjei Mandt said that Apple made a major mistake when it changed its random-number generator to make its kernel encryption tougher in iOS 7. The kernel is the most basic level of an operating system and controls things like security, file management, and resource allocation.

"In terms of security, it's much worse than iOS 6," Mandt … Read more

All hacking eyes on the prize money at CanSecWest

VANCOUVER -- When it comes to hacking, it turns out that greed really is good.

All four of the major desktop browsers, plus two Adobe browser plug-in programs, succumbed to the predations of the hacker community in two different contests.

Pwn2Own, sponsored by Hewlett-Packard and organized by the HP-owned Zero-Day Initiative, featured up to $1.085 million in prizes, and security researchers going after Adobe Flash and Reader, Apple Safari, Google Chrome, Microsoft Internet Explorer, and Mozilla Firefox.

Eight research teams earned $850,000, with another $82,500 going to charity for Pwn4Fun over the two-day competition, which concluded on … Read more

How Target detected hack but failed to act -- Bloomberg

The November data breach that affected as many as 110 million Target customers could have been stopped in its tracks, according to a story published Thursday by Bloomberg.

Speaking with more than ten former Target employees and eight people with knowledge of the hack, Bloomberg said that Target already had in place a sophisticated malware detection system designed by security firm FireEye. The $1.6 million system was set up specifically to identify hacks and cyberattacks before they had a chance to do real damage.

Highlighting the ingenuity of FireEye's detection system, Bloomberg explained that it creates a parallel … Read more

Samsung Galaxy devices may have backdoor to user data, developer says

Samsung's Galaxy devices might have a built-in security flaw that could allow for "remote access to data," a developer claims.

The folks behind Replicant, a free and open-source OS that aims to replace proprietary Android components with free alternatives, claim to have discovered a flaw in certain Samsung devices that allows for access "to read, write, and delete files on the phone's storage." In addition, the developers said that the flaw has "sufficient rights to access and modify the user's personal data."

In a blog post detailing the issue on Wednesday, … Read more

WhatsApp pooh-poohs report of security flaw

The people behind WhatsApp are rebutting a report contending that the app is vulnerable because your chats can be stored on an Android phone's SD card.

Earlier this week, DoubleThink chief technology officer Bas Bosschert posted a blog alleging that hackers could use a malicious app to tap into your WhatsApp conversations by uploading the database from the SD card to a Web site. To prove his point, Bosschert said he created an app that was able to snag and read the database files.

In response, a spokesperson for WhatsApp called the report "overstated" and issued the … Read more