Malwarebytes has certainly been getting a lot of attention from other companies. In 2009, IOBit decided to take advantage of Malwarebytes definition files by implementing them into their own. Malwarebytes quickly caught wind of this and accused Chinese software firm IOBit so reverse engineering it's malware signatures. This of course brought about a lot of commotion and IOBit received a lot of negative press. Thankfully, they finally did the right thing and removed Malwarebytes definitions from their own definitions.
Recently, ChronoPay revealed to security researcher and journalist Brian Krebs that they've hired programmers to reverse engineer the free version of Malwarebytes in an attempt to create their own anti virus solution. Upon learning this to the researcher published screenshots from a ChronoPay internal system showing that they deal with distributing scareware, selling pirated music, running illegal online pharmacies and much more. When confronted about this, ChronoPay released an official statement denying any involvement in the distribution of scareware. "We assure both our customers and competitors that we have no involvement at all with scareware or malware and warn anyone attacking our company with likes and rumor that we will put the full weight of our company behind the appropriate legal response."
ChronoPay may be attempting to find a way of evading the Malwarebytes product since they deal with distributing scareware. Another possibility, is that they're interested in the code to use for one of their own products that they may release in the future. Either way, attempting to reverse engineer someone elses intellectual property without permission is never good news.
The update to the anti-malware engine will be starting with Microsoft Security Essentials and will also update security solutions such as: Forefront Client Security, Forefront Endpoint Protection, and Windows Intune Endpoint Protection.
The new engine version will be in the range of 1.1.700X.0. Aside from the change in the version number no other actual information has been revealed about what changes are being made. However, with the engine receiving an upgrade it is believed that the detection will improve. If this is anything like the last engine upgrade then it may be a little late.
Considering the recent studies have shown that the Microsoft Security Essentials is the most used security solution worldwide, many users will benefit from the engine upgrade. Those studies have shown estimates that over 10.6% of users are running Microsoft Security Essentials. More people are using Microsoft Security Essentials than other free and pay anti-virus solutions. While this may be surprising to some, I definitely must say, "Well done, Microsoft."
By now many of you have heard of LulzSec. You may have heard of their recent activities such as launching DDoS attacks against gaming sites to hacking into government affiliated web sites. They have also been using Twitter to talk about what they’re doing along with cracking a few jokes.
Recently, the group obtained a long list of e-mail addresses and approximately 62,000 passwords. Of these, some of the most common passwords were really to be expected. Some of those common passwords include “123456”, “11111”, “0000”, “1234” and of course “password”.
This should be a good reminder to many people to make sure that they use complex passwords. It’s very helpful to make sure you’re using a strong password while surfing the Internet. This way hackers will not be able to break into your account as easily if you’re using a strong password. If you’re concerned about losing your passwords you may want to try a program called KeePass. For those of you that are wondering KeePass is an open source password manager that stores your passwords in a highly encrypted data base I can only be unlocked with one master password or key.
The royalty free cross platform API for browser based 3D graphics known as WebGL has been found to be insecure and potentially harmful to machines. Apparently WebGL allows other web pages to exploit the browser. WebGL utilizes hardware acceleration and because of more of the user system can be exposed. The reason for that is that WebGL access is the graphics card drivers. So, if there are vulnerabilities that are discovered in graphics cards there isn’t a simple security update the can be run. The driver rules differ from one piece of hardware to the next.
Microsoft Security Response Center Engineering has issued an announcement and support of evidence stating that they cannot endorse the use of WebGL in its current form. They believe that WebGL exposes much more of a user’s system than previously and could result in remote compromise.
Hopefully in the near future WebGL we’ll be able to get these issues sorted out. It would be nice to see something of this nature implemented into browsers. In fact, the stable release is just over three months old. WebGL made its debut March 3, 2011 so it is still very young.
Twitter has become the owner of the domain name re-tweet.com. The article says Twitter bought the domain from an individual named David Quinlan on June 13, 2011.
The domain Re-tweet.com was sold through a Flippa auction a few months ago, but Twitter finally got it for only $150.
Twitter has long been trying to acquire a U.S. trademark for 'retweet', which is a way for users to easily spread other people's public messages on Twitter, but the company still hasn't made it its own.
A unique feature of Mozilla Firefox and its Gecko-based browser cousins is the Profile Manager, which allows each user to have multiple Firefox profiles (where bookmarks, add-ons, and other user data are stored). This is very useful to developers and testers - they can use separate profiles to try new browser versions or add-ons without risk of corrupting their regular profile. A user can also have different profiles for different purposes - one set of bookmarks and/or add-ons for work and another for personal use, for instance.
Many users don't know about it, though - profiles are in a hidden directory by default, and the Profile Manager is also hidden, accessed by command line. Not without cause, either; serious data loss hazards exist for those who create profiles in the wrong location, then delete the files with the Profile Manager. Profile files are created directly in the folder specified, when not using the default location. Deleting the files removes everything in the folder. Some have even wiped their entire system partition! Aside from a strong warning in the profile creation dialog, though, it remains the same as it's been since before Firefox 1.0.
That's supposed to change soon. Mozilla is planning to remove the Profile Manager from Firefox, "after Firefox 4.0" (How long after is not clear). When this change is implemented it should speed up starting of Firefox - since it will no longer be loading the hidden Profile Manager at startup - as well as eliminating a data loss hazard. As a replacement, A couple of Mozilla developers have created a new external Profile Manager.