Windows 8 is still several months away from being released; however, major software firms are already hard at work to ensure that their applications support the latest and greatest from Microsoft’s stables right out of the gate.

Earlier this month, Symantec kicked off the public beta testing phase of Norton 2013 series of products (Norton 360 2013, Norton Internet Security 2013, and Norton AntiVirus 2013). The biggest draw of Norton 2013 seems to be complete Windows 8 compatibility. In fact, Symantec has even tweaked Norton’s interface to make it better suited to Windows 8′s design aesthetics.

Official changelog for Norton 2013 is yet to be published. The only new feature that is readily apparent is bandwidth monitoring, which can restrict the download of non-critical updates over expensive networks. However, there are quite a few other minor tweaks that Download Crew has managed to spot. Norton Insight is now integrated with the Firewall, and the Insight File Reputation database is updated more quickly. SONAR (Symantec Online Network for Advanced Response), which is Norton’s heuristics engine, now works even in safe mode. And finally, Norton now automatically downloads and installs Norton Power Eraser tool if any infection is detected.

Head over to the official public beta forum to download Norton 2013. However, keep in mind that using non-release build of security products is not recommended.

I have been using Gmail for a few years now and have come to love their spam filtering and security among other things. Gmail was probably one of the first free email provider to allow users to see where they logged in from and also provide an additional security layer with 2-step verification logins.

Some of the most interesting features in Gmail have been the ability to detect suspicious emails from your contacts, ability to alert you whenever any suspicious activity takes place in your account and the feature which alerts you whenever any filters have been setup to forward emails to another account.

However, there is a chance that most of the users do not access their accounts through the web interface and instead prefer using IMAP, notifying such types of accounts is harder. To overcome that problem Gmail has now started sending out emails to users saying that they have detected and prevented a suspicious login from an unknown location.

The email which arrived in my inbox earlier today can be seen in the image above. The message reads:

Keith,

Someone recently tried to use an application to sign in to your Google Account, [redacted]. We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt:

May 8, 2012 8:37am GMT
IP Address: 204.15.240.72
Location: Sunnyvale, California, United States

If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. Find out how at http://support.google.com/accounts?p=reset_pw

If this was you, and you want to give this application access to your account, complete the troubleshooting steps listed at http://support.google.com/mail?p=client_login

Sincerely,
The Google Accounts Team

This email approach from Gmail seems to be new and will allow users who don’t access the web interface to find out if their account is being compromised. It is not clear though whether the user was able to login successfully or not. Nevertheless, you should definitely change your password if you receive it.

If you need help generating strong passwords, you can check out 4 unique apps to generate strong passwords.

Also Read: How to find if your Gmail account is hacked and what to do

Update: For all those asking I had already confirmed that this is a legit email and a Gmail community manager has also confirmed this it is legitimate in a stack exchange thread:

I am the Gmail Community Manager, and I can confirm that we do send email notifications in certain cases such as described here.

Always carefully check the URL and never enter your Google password on a page that is not hosted at google.com. For example, it is OK to enter your password at https://accounts.google.com or https://mail.google.com, but not gooogle.com, g00gle.com, etc.

Update 2: Turns out that Google is now actively blocking login attempts from services like Plaxo and Dropbox. A thread on Dropbox reports similar emails being sent out to users.

“No news is good news” for cellular users concerned about security. Android seems to be going through a tough patch lately. The problem stems from the very quality that makes Android unique – the platform is too open. Hackers are developing spyware everyday that can infiltrate Android phones without user knowledge, and most of users have no idea that spyware is on their phones, or how it should be removed. Minimal check-ins and shaky security measures leave these Android devices constantly vulnerable. To top it off, the Android Market is open to all, and getting one’s app on it is as easy as signing up for an email account. By the time Google gets rid of an app, it’s already made its way to thousands of unsuspecting users.

“No permission” apps are not a no-no
Some people want to cut Google some slack, since the Android platform is relatively new. The security issues can be worked on and rectified. However, Android isn’t just failing at keeping developers from creating harmful apps, it’s also failing at controlling what permissions normal apps are acquiring. “No permission” apps have the ability to get access to things that have nothing to do with them. For example, the Facebook app has access to your text messages, even though it has nothing to do with them. An app may ask for ‘obvious’ permission which it requires to work, but can secretly gain access to, something as off limits as your SD card. A user’s sensitive data can very easily make its way into someone else’s hands.

Why so serious?
The extent of the danger can be seen in the fact that the SD card stores OpenVPN certificates, which are easily accessible to malicious apps for infiltration. The system files of an Android can also be manipulated to access information stored by other apps in the phone’s directories. Even if you don’t share sensitive information with a spy app, or a malicious app, it can just as easily find what it’s looking for in these directories.

The Facebook story
One new debacle with the Facebook app is a good example of app security gone wrong. Facebook’s app for Android (and iPhone) can help hackers steal people’s identity. Gareth Wright, a developer who created apps for both iPhone and Android, investigated the app directories on his phone and found a new loophole in the Facebook app’s architecture. He found a Facebook access token that he had managed to create for some games on his iPhone. Wright poked around the app a bit more and found that with that token, a user’s entire Facebook access can be stolen, right under their nose. All your pictures, videos, contact details, private messages, and everything else is in the hands of anyone who can access that one small piece of code. Although not directly linked to Android’s own security failures, this new discovery does nothing but add fuel to the fire. It forces people to stop and think about the number of apps that they add to their phone – and additionally, about apps that are supposedly trustworthy and will keep their data safe.

Author Bio:
Natalia David is a blogger by profession and writes about PC monitoring, keyloggers, Cell phone security software, and spy software for BlackBerry. If you want to know more about Natalia you can follow her on twitter @NataliaDavid4

Since most tech security threats come from the Internet, a user’s web browser is often the first line of defense when it comes to keeping viruses and other malware off a computer or corporate network.

So which browser does the best job at blocking attacks from malicious websites? That depends on who you ask. All major browsers include features designed to warn users before they go to sites that may harm their computers and to isolate the threats before they can do any harm.

The question, “which one has the most effective security features?” is often the subject of debate. For example, a recent study released by security firm Accuvant claimed Google’s Chrome to be the most secure browser, followed by Internet Explorer and Mozilla’s Firefox. That ranking was based on factors such as the quality of the browsers’ URL blacklisting, how often updates and patches are released, and how well the software “sandboxes” threats, or keeps them from affecting the rest of the user’s system.

But there is one catch. Though Accuvant published the details of its analysis to show there was no bias, the study was commissioned by Google, so many observers don’t trust the results. Shortly after the study was released, Microsoft launched its own website, yourbrowsermatters.com, to test browser security. Not surprisingly, the company’s own Internet Explorer 9 gets a perfect score, while the most recent releases of Chrome and Firefox come in second and third place, respectively.

So which web browser is the most secure? The real answer is that each piece of software has its own advantages and disadvantages when it comes to security. But whichever browser a person or organization chooses to use, one thing is clear: They must make sure the browser is kept fully patched and updated.

One study conducted in 2011 found that 40% of all web traffic came from outdated browsers – including 10% from Microsoft’s Internet Explorer 6, which is ten years old. That’s a problem, because those old browsers likely contain many security vulnerabilities that put a computer at risk.

More important than the individual browser a user chooses, experts say, is keeping the browser and all of its plug-ins up-to-date.

About the Author: Sam Narisi writes about the latest business technology news as editor in chief of IT Manager Daily and recently authored the Business VOIP Resources Guide.

Popular security firm Sophos has published its annual security report, which analyzes the major security trends of the year gone by. The latest report dives into the various security threats that we witnessed in 2011.

Sophos dubbed 2011 as the year hacking evolved from being a way to steal money to a form of protest. The first year of the new decade witnessed Anonymous and its offshoot LulzSec capture public imagination and dominate headlines. It also saw an increase in data theft, drive by infections, and malwares for Mac.

The full report, which spans 31 pages, is available for download or online viewing from Sophos’ website. Here are some of the key takeaways.

• Since 2005, security breaches have compromised more than 500 million U.S. records alone.
• In 2010, the costs of a data breach reached $214 per compromised record, and averaged $7.2 million per data breach event.
• More than three years after its initial release, the Conficker worm was still the most commonly encountered piece of malicious software, representing 14.8% of all infection attempts seen by Sophos customers in the last six months.
• There has been a sharp decline in the threat posed by fake antivirus products, but they were still responsible for 5.5% of infections in the last six months of 2011.
• As a result of the Rustock botnet shutdown (previously responsible for the largest volume of spam), there was an immediate drop of about 30% in global spam volumes in March 2011. Unfortunately, Sophos Labs also witnessed an increase in the volume of spam with attached malware.

• According to Sophos Labs, more than 30,000 websites are infected every day and 80% of these infected sites are legitimate. Eighty-five percent of all malware, including viruses, worms, spyware, adware and Trojans, comes from the web. Today, drive-by downloads have become the top web threat. And in 2011, we saw one drive-by malware rise to number one, known as Blackhole.
  About 10% of detections are exploit sites, about two-thirds of which are Blackhole sites.

• 2011 saw the emergence of Mac malwares as a genuine threat. Fake antivirus schemes such as MacDefender, Mac Security, MacProtector and MacGuard all came to light this year.

• Windows may be the most attacked OS, but the primary vectors for hacking Windows have been through PDF or Flash.

Respected antimalware product testing lab Av-Comparatives has just published the results of their latest file detection shootout. The on-demand file detection tests used as many as 291388 malware samples on twenty different antivirus applications. The only big name missing from the tests is Symantec who didn’t want to be included in the on-demand comparatives.

The top performers in the tests were G-Data and Avira. To anyone who follows antivirus shootouts from the likes of Av-Test or Av-Comparatives, this shouldn’t come as a surprise. Both G-Data and Avira have been dominating the on-demand tests for the past several years. G-Data isn’t very popular in the US, but its dual engine antivirus product (BitDefender and Avast) has consistently been a top performer as far as detection is concerned. G-Data and Avira managed to identify 99.7% and 99.4% of the virus samples respectively.

Although G-Data and Avira have always been among the very best when it comes to detection rates, they are known to falter when it comes to removing malware. This makes them great choices for a brand new system, but not something you can rely on to heal infected systems. In such cases, you might want to look at the Kaspersky, which came in third with a 99.3% detection rate. It’s pleasing to see Kaspersky in the top 3, as the Russian firm had been slipping over the past few years.

The worst performer in the tests was Microsoft Security Essentials, which managed to detect only 93.1% of the threats. Sophos, F-Secure, Panda, BitDefender, BullGuard, McAfee, Fortinet, eScan, Webroot, and Avast managed to detect more than 98% of the threats. However, Webroot also had an astoundingly high number of false positives.
Head over to av-comparatives.org for the full report.

Total detection rates (clustered in groups):
1. G DATA 99.7%
2. AVIRA 99.4%
3. Kaspersky 99.3%
4. Sophos 98.9%
5. F-Secure, Panda, Bitdefender,
BullGuard, McAfee 98.6%
6. Fortinet, eScan 98.5%
7. Webroot 98.2%
8. Avast 98.0%
9. ESET 97.6%

10. PC Tools 97.2%
11. GFI 97.0%
12. AVG 96.4%
13. Trend Micro 95.6%

14. AhnLab 94.0%
15. Microsoft 93.1%

Mac OS X has been devoid of any large scale viruses and Trojans for a long time now. However, of late as the popularity of Mac has grown, virus creators have started targeting the OS with new viruses. This is evident with the number of viruses and Trojans which are being written for Mac. Take for example the Fake Mac Defender Anti-Virus (removal instructions).

A recent investigation by a security group has found out that a new virus called Flashback has been infecting nearly 600,000 Macs globally. The latest variation of this virus has been targeting an unpatched Java vulnerability in Mac based PCs. The OSX Flashback Trojan connects to a remote server and downloads instructions and payload. Once the payload has been downloaded the malware will modify webpages in the web browser and try to collect personal and other information and send it back to their servers.

If you are a Mac user, the first thing you should do is apply the new patch supplied by Apple that patches this vulnerability. However, there is a chance that you might have been already infected by the Trojan.

F-secure has put up some detailed instructions on their website to find out whether you are infected by the Flashback Trojan for Mac along with instructions to remove the OSX Flashback Trojan. You can visit this page to find instructions for removing Flashback Trojan and remove it from your system.

The detection and removal instructions are targeted towards advanced users so you might want to have someone familiar with Terminal taking a look at it for you.

Also, don’t forget to apply the latest update patch supplied by Apple. To do that, open the main system menu on your Mac by clicking on the “Apple icon” and click on the item “Software update”. Once the software update has checked for updates, apply any new patch/Java update that is available for your system.

We’ll try and post more simpler detection and removal instructions for this shortly.

Websites are constantly changing the way that they function and interact with the user. Although updates to most sites go largely unnoticed, Facebook updates often hold a controversial spot in the public eye.

Facebook has been slowly easing the world into its most recent update, Facebook Timeline.

Following up on a previous Techie Buzz post, Facebook Finalizes Timeline, Rolling Out to all Facebook Users Now, we’re going to show you 5 ways to secure your new Facebook Timeline. As always, with a Facebook update there’s an uproar from the community about privacy settings. If you haven’t made the switch quite yet, you will be automatically switched soon, or you can enable Facebook Timeline yourself.

Here’s what you need to know:

1. Old Status Updates: One new feature of Facebook Timeline is that it makes all of your Facebook content readily available. With Facebook’s update, it’s much easier for anyone to access your old information. To regulate the visibility of your old information, go to Privacy Settings, select Past Post Visibility and change the settings for all of your posts in one fell swoop.

2. Photo Albums: While many users believe their photos are hidden, they often neglect their mobile uploads, wall photos and profile pictures. As your profile is updated to Facebook Timeline, give your photo albums a quick look to make sure that they are all appropriate. If not, turn off their visibility.

3. Apps: With more and more apps clamoring to sink their teeth into Facebook and your status updates, you need to monitor your app visibility. The new policy called “frictionless sharing” requires an app to ask only once before it accesses your info and posts through your account whenever it wants. Go to “Apps and Websites” on the privacy settings page to monitor who can see your app activity or to hide an app altogether. Keep an eye on the apps that you’ve granted access, and be sure that no unruly apps are taking those liberties a bit too far.

4. Profile Search: For most people, their account settings allow people to search for their profile by name and contact info. To change this, go to “How You Connect” in your privacy settings. Along with this option make sure that only your friends can post on your Timeline and see the posts of others.

5. Location Tags: Remember that tagging a location not only tells your followers where you are, but also, and perhaps more importantly, where you are not. With the new Facebook update, make sure to turn on Tag Review in your privacy settings. This means that anytime one of your friends tags you, you have to review it before it’s posted to your timeline. Be mindful as well of checking the location icon on the lower left corner of your update box before you post updates to your timeline.

==== About the Author =====

This is a guest post from Daniel Levine, a writer at Grovo.com, where users can learn about everything from Facebook Timeline to how to use Pinterest.

After managing to remain unscathed for four consecutive years, Google Chrome has finally been breached, and Google is rewarding the hacker with $60,000. Google Chrome’s security features were bypassed successfully by hackers in both Pwn2Own and Pwnium.

Pwn2Own is an annual hacking fest sponsored by HP, which challenges hackers to breach fully patched web browsers and operating systems. Google Chrome was the only browser that couldn’t be hacked for the past four years. This year, it was the first to fall. A team from the French security firm VUPEN, lead by its co-founder and head of research Chaouki Bekrar, managed to take complete control of a fully patched 64-bit Windows 7 (SP1) machine within five minutes by using two zero-day exploits. VUPEN also claims to have zero-day exploits for Internet Explorer, Firefox, and Safari.

This year, Google is also running its own competition called Pwnium, which has a total bounty of $1 million. Google decided against sponsoring Pwn2Own, since its new rules don’t compel hackers to responsibly disclose vulnerabilities to the software developer. VUPEN itself intends on selling the exploits to its clients. Sergey Glazunov, a Russian university student, managed to bypass Google Chrome’s sandbox feature in Pwnium.

The breaches mean that Google will no longer be able to tout its clean record. However, Chrome developers aren’t mourning. While announcing the contest, Chris Evans and Justin Schuh from Chrome’s security team had explained that they have a big learning opportunity when they receive full end-to-end exploits. “Not only can we fix the bugs, but by studying the vulnerability and exploit techniques we can enhance our mitigations, automated testing, and sandboxing”.

After being repeatedly embarrassed and discomforted by Anonymous and its various offshoots, the feds have finally managed to land a telling blow on the notorious band of hackers. Fox News is reporting that Kayla (Ryan Ackroyd), Topiary (Jake Davis), pwnsauce (Darren Martyn), palladium (Donncha O’Cearrbhail), and Anarchaos (Jeremy Hammond) have been arrested in an intercontinental raid. The hackers were picked up from USA (Chicago), UK (London), and Ireland.

The arrests tell only part of the story. The real kicker is in the details. Apparently, the feds managed to track down Sabu, the kingpin of LulzSec and one of the leaders of Anonymous, in June, 2011. The man behind some of the most notorious attacks in the past 18 months turned out to be Hector Xavier Monsegur – an unemployed, 28-year-old father of two. Facing the charge of charge of aggravated identity theft, which carries a two year prison sentence, Sabu agreed to drop all his moral convictions and teamed up with the FBI. Turning him wasn’t easy, and ultimately it was the prospect of staying away from his kids that swayed him. Since then, Sabu has continued to work with the FBI, often from their offices, to help in collection of proof against his co-conspirators.

Although today’s news will send shockwaves through Anonymous, this wasn’t totally unexpected. Sabu had been doxed towards the end of last year itself, and several hackers believed that he was snitching. Here are excerpts from a prophetic interview given by Virus:

6:15:39 PM virus: he disappeared for a week, I don’t recall what day
6:15:52 PM virus: but when he returned he said his grand mother died and that’s why he was MIA
6:16:01 PM virus: after that he started offering me money to own people
…
6:19:19 PM virus: another reason why I believe he was converted after he disappeared and returned is everybody else started getting arrested one by one starting with ryan clearly, who was their ddos bitch
6:19:29 PM virus: yes, I believe he cut a deal to save himself

Back in November, Jester and others uncovered Sabu’s real name, email address, address, pictures and other personal details. Here are some of the stuff about Sabu that was already available on the internet:

Sabu

Sabu’s grandmom with his and his dad’s pictures (source)

Even though, many members of the inner circle had already predicted today’s events, it still is a massive blow to Anonymous. Not only have they lost several of their most visible faces, but they have been betrayed by their de facto leader.