aslr

New Kaspersky appeals to your cash sense

A safer way to conduct online transactions and a new exploit blocker are the keystones to Kaspersky Lab's 2013 security suites, the company announced today.

The major new feature that's in both Kaspersky Internet Security 2013 (download exclusively from Download.com today) and Kaspersky Anti-Virus 2013 (download) is the exploit blocking engine called Automatic Exploit Prevention. It's a response to the increase in the number of phishing attacks and includes an anti-phishing engine -- similar to the antivirus and anti-malware engines -- that updates daily.

Roel Schouwenberg, a senior antivirus researcher at Kaspersky and founding member of … Read more

Android's Jelly Bean aims to be hard to hack

New features on Google's latest Android mobile OS -- Jelly Bean 4.1 -- beef up the system's security over all other past OS iterations. With Jelly Bean's design, Google has aimed to defend against hacks that install viruses and other malware on mobile devices using the system.

"Android has stepped its game up mitigation-wise in the new Jelly Bean release," security researcher Jon Oberheide wrote in an analysis published this week.

Oberheide notes that the central difference between Jelly Bean and other Android systems is that it incorporates Address Space Layout Randomization (ASLR), which … Read more

Kaspersky to cut phisher lines before they hook you

SAN FRANCISCO--Ever click a link to a Web site and discover that while it looks like your banking site, or Facebook, the URL didn't match your expectations? That's called phishing. Kaspersky revealed a new feature at a reviewer's conference here yesterday that the company says can stop such credential-stealing attacks before you get hooked.

Automatic Exploit Prevention, as the feature is called, is expected in the Kaspersky 2013 security suites due in August. The premise behind it is simple: Phishing attacks are on the rise, due in large part to the plummeting cost of entry to the … Read more

Microsoft defends IE8 following hacking contest

Though Internet Explorer 8 was only one of several products hacked in a recent contest, Microsoft is standing up for its browser.

Microsoft's official Windows Security blog on Friday discussed the specific features that were hacked to win the contest, explaining that IE's security techniques aren't designed to thwart every attack forever, but more to slow down the bad buys and make it harder for them to exploit vulnerabilities.

Last Wednesday's annual Pwn2Own hacking contest at the CanSecWest security show in Vancouver, B.C., pitted security experts and researchers against each other to see who was … Read more

Security features expected within Mac OS X Leopard

In advance of Friday's general release of Apple Mac OS X Leopard, Apple has posted a variety of preview pages, one of which details new security features. In Apple's preview, the Cupertino vendor cites 11 specific enhancements that should make Leopard more secure than Tiger.

Library randomization: This is huge. The technology behind this, address space layout randomization (ASLR), randomly arranges the positions of key data areas. This prevents malware authors from predicting the targeted memory addresses for buffer overflows and malware exploitation. Windows Vista includes ASLR.

Sandboxing: Sandboxing allows applets to run without interfering with the overall … Read more