It’s not been a good launch week for Blizzard’s newest game, Diablo III. First, the servers melted completely with the onslaught of users trying to release 12-years worth of click-click-clicking. Then, there was a game breaking bug involving the Demon Hunter and Templar early on into the game, which left many users kicked out of the game and unable to enter. Then, there were problems with the game not being able to recognize quest  trigger points, leaving users(including me) losing achievements.

The latest egg in the face quite possibly be the most serious one – Blizzard forums are full of complaints from users about their accounts being hacked into, the items and loot being stolen. Rock Paper Shotgun mentions that Eurogamer’s Christian Donlan had a first-hand experience of this hack. The reason for this is not very clear, but some speculation on Reddit suggests that the battle.net sessions are being hijacked, giving the hacker full control of the accounts.

Even though Blizzard had two-factor authentication for Battle.net logins, reports around the forums suggest that even people with two-factor authentication enabled have had their accounts broken into. I took a quick glance into my account this morning and thankfully, as of now, there has been no break-in.

Bashiok makes it clear that there have been no session-hijacking exploits that are in the wild:

We’ve been taking the situation extremely seriously from the start, and have done everything possible to verify how and in what circumstances these compromises are occurring. Despite the claims and theories being made, we have yet to find any situations in which a person’s account was not compromised through traditional means of someone else logging into their account through the use of their password.

Though that still doesn’t say about how people with two-factor authentication have had their accounts accessed. Another speculation is that the two-factor authentication was enabled after the break-in.

Blizzard’s response has been fairly generic, attributing it to new game release. Quoting Lylirra, the community manager:

Historically, the release of a new game — such as a World of Warcraft® expansion — will result in an increase in reports of individual account compromises, and that’s exactly what we’re seeing now with Diablo III. We know how frustrating it can be to become the victim of account theft, and as always, we’re dedicated to doing everything we can to help our players keep their Battle.net accounts safe — and we appreciate everyone who’s doing their part to help protect their accounts as well.

We also wanted to reassure you that the Battle.net Authenticator and Battle.net Mobile Authenticator (a free app for iPhone and Android devices) continue to be some of the most effective measures we offer to help players protect themselves against account compromises, and we encourage everyone to take advantage of them. In addition, we also recently introduced a new service called Battle.net SMS Protect, which allows you to use your text-enabled cell phone to unlock a locked Battle.net account, recover your account name, approve a password reset, or remove a lost Authenticator. Optionally, you can set up the Battle.net SMS Protect system to send you a text message whenever unusual activity is detected on your account, keeping you aware of important (and possibly unwanted) changes.

For more information on the Authenticator, visit http://us.battle.net/support/en/article/battle-net-authenticator-faq

For more on the Battle.net Mobile Authenticator, visit http://us.battle.net/support/en/article/battle-net-mobile-authenticator-faq

For more on Battle.net SMS Protect, visit http://us.battle.net/support/en/article/battlenet-sms-protect

Blizzard also mentioned that users may be prompted with additional security questions, if the user is logging in from a previously unknown location

We also have other measures built into Battle.net to help protect players. Occasionally, when Battle.net detects unusual login activity that differs from your normal behavior — such as logging in from an unfamiliar location — we may prompt you for additional information (such as the answer to one of your security questions) and/or require you to perform a password reset through the Battle.net website. World of Warcraft players might be familiar with this security method already, and Diablo III players may begin to encounter it as well.

Blizzard has asked the users to contact them via their “I’ve Been Hacked!” tool, if the user believes they have been a victim of an account compromise.

If you have had an account compromise in Diablo III, do leave a comment mentioning the details and the extent of losses.

UPDATE: A recent tweet by @opindia_revenge reveals that Anonymous has successfully managed to take down the Department of Telecom’s website - dot.gov.in

UPDATE: Looks like both the sites - supremecourtofindia.nic.in and aicc.org.in are back in action again! However, @opindia_revenge has tweeted with the following message:

Anonymous group has successfully taken down the website of Supreme Court of India (supremecourtofindia.nic.in) and the official website of the All India Congress Committee (aicc.org.in). The reason being due to the fact that the Indian Government is taking Internet Censorship quite seriously, and has ordered most of the Indian ISPs to block websites including, Vimeo, ThePirateBay, Pastebin, Dailymotion, and many others.

Since yesterday, many users on Twitter were reporting that popular file sharing and torrent sites were blocked by major ISPs like Airtel, Reliance, MTNL and You Broadband ISP. Upon visiting the blocked sites, the following message is displayed – “Access to this site has been blocked as per Court Orders.”

Within hours, the government websites were taken down by Anonymous, an act of revenge, due to the very fact that the Indian Government had ordered ISPs to block ThePirateBay and other sites.

The first tweet came in from @opindia_revenge indicating that they’re going to “paralyze” the two websites. An hour later, a confirmation tweet followed stating – “We have successfully taken down our main enemy –>> http://dot.gov.in Department of telecom +1 for #opindia”

Although they mentioned that they had managed to take down the Department of Telecom’s websites (dot.gov.in), but at the time of writing this article, the website was fully functional.

The government websites are reportedly down since 17th May 2012, 15:30 IST

Back in June 2011, Anonymous has successfully hacked the National Informatics Centre’s (NIC) websites due to the action taken against Baba Ramdev’s anti-corruption campaign by the Delhi Police. They also managed to hack the Indian Army’s website, which was down for an hour or so.

In response to this, the Indian Twitter and Facebook account of Anonymous were suspended and all videos from its YouTube account were removed completely.

Until a few days ago, Adobe had decided not to fix one of its security vulnerabilities. Instead, it tried pushing the next release of its Creative Studio, CS6 as a solution to a critical security issue. This was wrong on multiple levels and was downright unacceptable. The intellectuals and Adobe received thumbs down for this decision. Finally seeing the wrong it has done, now Adobe has decided to retract its decision, and has announced that it is releasing a security fix for the CS5 after all.

Adobe is notorious for having security vulnerability in its products. For a company that is known for having poor security and releasing numerous fixes every few days, Adobe should take extra care when handling matters like these. Now that Adobe has come out in support of a security fix, it is being given the benefit of doubt by The Verge.

The confusion seemingly came from the original wording of the Adobe product security bulletin, which stated, “Adobe Photoshop CS6 addresses these vulnerabilities” without mentioning that a security patch for older versions was being worked on.

However, the security fix is not a complete one. Adobe is supposed to support all versions of its Creative Suite. However, the fix is appearing only on the CS5 for now. This means, CS4, which is also a supported version still remains vulnerable. This lax attitude from Adobe in time when hacks are the order of the day is appalling.

Adobe has posted a security bulletin for Adobe Photoshop recently, where it addressed a security vulnerability regarding TFF files. The vulnerability allows arbitrary code execution resulting in a system wide control for a cracker. This vulnerability affects all versions of Photoshop prior to and including CS5, on both Windows and Mac.

The vulnerability is specified on Symantec’s Security Focus as:

Adobe Photoshop is prone to a use-after-free memory-corruption vulnerability.
Attackers may exploit this issue to execute arbitrary code in the context of the user running the affected application.
Adobe Photoshop CS5.1 (version 12.1) is vulnerable; other versions may also be affected.

The only solution, which in reality is a non-solution, is to update to Adobe Photoshop CS6 and just in case you were wondering, no, it will not come for free if you already have CS5. With this shoddy decision, Adobe is creating a new trend in the world of security fixes, where a later paid version can be called as a fix for an existing vulnerability in an earlier version. In a way, it will force users to upgrade and while they are at it, Adobe will earn some free cash out of its own fault.

Adobe has released Adobe Photoshop CS6, which addresses these vulnerabilities. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources.

Whenever we install software, we agree to an EULA. The same EULA statement has liability provisions as well, and now that Adobe is (probably) psych testing its users for this new liability based business model, someone might just go ahead and file a class action lawsuit in the coming days.

If you want to see this vulnerability in action, proof-of-concept apps are available at this page.

(Via: Slashdot)

It seems security is still an issue with WhatsApp. Previously, it was a vulnerability that allowed users to remotely change status names on other accounts simply by entering the mobile phone number tied to their account.

The newest issue has to do with the message storage database that WhatsApp uses to keep a log of incoming and outgoing messages. While the SQLite database is stored in a directory that is only accessible through jailbreaking or rooting a device, and the database is encrypted using AES-192, it’s unfortunately crypted with a hard-coded and static key.

The entire contents of the database can be decrypted using the known key. The database, which is stored in /com.whatsapp/databases/msgstore.db on Android phones and ~/Documents/ChatStorage.sqlite on iOS devices, can be decrypted by supplying the key and requesting that openssl revert the database to plaintext;

openssl enc -d  -aes-192-ecb -in msgstore-1.db.crypt -out msgstore.db.sqlite -K346a23652a46392b4d73257c67317e352e3372482177652c

In order to make it easier for decryption, an online portal was created for doing the deed. Of course you’ll need a jailbroken or rooted device in order to get the crypted database, then you can simply upload the file to http://www2.unsec.net/whatsapp/ and it will be decrypted.

Last time, it took WhatsApp just under a week to patch the hole. In order for them to fix this issue, an update to the client will be required, in order to add a new key – hopefully one that is generated using device-specific information or something the user can input to create a strong key, and then encrypt the database again.

UPDATE: As pointed out by a reader, the original research and analysis conducted on the database can be found in a PDF and there is also a WhatsApp Xtract application posted on XDA-Developers. Thanks Martina!

“No news is good news” for cellular users concerned about security. Android seems to be going through a tough patch lately. The problem stems from the very quality that makes Android unique – the platform is too open. Hackers are developing spyware everyday that can infiltrate Android phones without user knowledge, and most of users have no idea that spyware is on their phones, or how it should be removed. Minimal check-ins and shaky security measures leave these Android devices constantly vulnerable. To top it off, the Android Market is open to all, and getting one’s app on it is as easy as signing up for an email account. By the time Google gets rid of an app, it’s already made its way to thousands of unsuspecting users.

“No permission” apps are not a no-no
Some people want to cut Google some slack, since the Android platform is relatively new. The security issues can be worked on and rectified. However, Android isn’t just failing at keeping developers from creating harmful apps, it’s also failing at controlling what permissions normal apps are acquiring. “No permission” apps have the ability to get access to things that have nothing to do with them. For example, the Facebook app has access to your text messages, even though it has nothing to do with them. An app may ask for ‘obvious’ permission which it requires to work, but can secretly gain access to, something as off limits as your SD card. A user’s sensitive data can very easily make its way into someone else’s hands.

Why so serious?
The extent of the danger can be seen in the fact that the SD card stores OpenVPN certificates, which are easily accessible to malicious apps for infiltration. The system files of an Android can also be manipulated to access information stored by other apps in the phone’s directories. Even if you don’t share sensitive information with a spy app, or a malicious app, it can just as easily find what it’s looking for in these directories.

The Facebook story
One new debacle with the Facebook app is a good example of app security gone wrong. Facebook’s app for Android (and iPhone) can help hackers steal people’s identity. Gareth Wright, a developer who created apps for both iPhone and Android, investigated the app directories on his phone and found a new loophole in the Facebook app’s architecture. He found a Facebook access token that he had managed to create for some games on his iPhone. Wright poked around the app a bit more and found that with that token, a user’s entire Facebook access can be stolen, right under their nose. All your pictures, videos, contact details, private messages, and everything else is in the hands of anyone who can access that one small piece of code. Although not directly linked to Android’s own security failures, this new discovery does nothing but add fuel to the fire. It forces people to stop and think about the number of apps that they add to their phone – and additionally, about apps that are supposedly trustworthy and will keep their data safe.

Author Bio:
Natalia David is a blogger by profession and writes about PC monitoring, keylogger, Cell phone security software, and spy software for BlackBerry. If you want to know more about Natalia you can follow her on twitter @NataliaDavid4

Microsoft has released a new version of Microsoft Security Essentials, the free anti-virus/anti-malware program for Windows PCs. The MSE 4.0 release is available via the Microsoft Download Center and the MSE Web site and also made available to existing customers automatically through the Microsoft Update service.

Interestingly, this version has been in beta since late 2011, and the last released version was 2.1. There is no indication of the need to skip v3 and the jump to v4; the latest build being 4.0.1526.0. The participants in the beta program who are subscribed to automatic updates will be upgraded to the final release of the latest version of Microsoft Security Essentials after they agree to a new license agreement. You can also do a manual upgrade from v2.1 or the beta release without uninstalling the previously installed version.

Microsoft Security Essentials provides real-time protection for your home or small business PCs (up to 10)  that guards against viruses, spyware, and other malicious software. MSE is designed to be simple to install and easy to use. It runs quietly in the background without annoying notifications or interruptions. It is available as a free download from Microsoft for genuine Windows users, in both x86 and x64 editions.

Respected antimalware product testing lab Av-Comparatives has just published the results of their latest file detection shootout. The on-demand file detection tests used as many as 291388 malware samples on twenty different antivirus applications. The only big name missing from the tests is Symantec who didn’t want to be included in the on-demand comparatives.

The top performers in the tests were G-Data and Avira. To anyone who follows antivirus shootouts from the likes of Av-Test or Av-Comparatives, this shouldn’t come as a surprise. Both G-Data and Avira have been dominating the on-demand tests for the past several years. G-Data isn’t very popular in the US, but its dual engine antivirus product (BitDefender and Avast) has consistently been a top performer as far as detection is concerned. G-Data and Avira managed to identify 99.7% and 99.4% of the virus samples respectively.

Although G-Data and Avira have always been among the very best when it comes to detection rates, they are known to falter when it comes to removing malware. This makes them great choices for a brand new system, but not something you can rely on to heal infected systems. In such cases, you might want to look at the Kaspersky, which came in third with a 99.3% detection rate. It’s pleasing to see Kaspersky in the top 3, as the Russian firm had been slipping over the past few years.

The worst performer in the tests was Microsoft Security Essentials, which managed to detect only 93.1% of the threats. Sophos, F-Secure, Panda, BitDefender, BullGuard, McAfee, Fortinet, eScan, Webroot, and Avast managed to detect more than 98% of the threats. However, Webroot also had an astoundingly high number of false positives.
Head over to av-comparatives.org for the full report.

Total detection rates (clustered in groups):
1. G DATA 99.7%
2. AVIRA 99.4%
3. Kaspersky 99.3%
4. Sophos 98.9%
5. F-Secure, Panda, Bitdefender,
BullGuard, McAfee 98.6%
6. Fortinet, eScan 98.5%
7. Webroot 98.2%
8. Avast 98.0%
9. ESET 97.6%

10. PC Tools 97.2%
11. GFI 97.0%
12. AVG 96.4%
13. Trend Micro 95.6%

14. AhnLab 94.0%
15. Microsoft 93.1%

Looking for a way to control your home security system from hundreds of miles away? Home security apps are some of the newest perks of the technology world we live in. The following are some of the benefits of having an app for your home security system.

Arm and Disarm Your Security System From Anywhere

Many home security systems such as FrontPoint, ADT, and LifeSheild now have their own free apps that can be easily installed on your smartphone or tablet. These apps allow users to check the status of their home security system from anywhere. Users are able to arm or disarm their home with a touch of a button. This feature is handy for the forgetful days when you arrive at work and realize you forgot to arm your security system or when you need to have someone check on your home or pet while you are away.

Keep Your Eyes on Your Home at All Times

Many smartphone and tablet apps have the capability of showing live streaming video straight from your home’s video surveillance system. Now, you not only can arm or disarm your system, but you can watch exactly what is happening in your home. This feature is very beneficial if you are away from home, but it is also useful when wanting to check on another area of your home from the comfort of your favorite chair.

Some apps even have a tilt and pan feature to allow you to view a wider area of your home with one camera. The live streaming feature can also come in handy when your older children are home alone for a few hours or you just can’t seem to figure out how the dog continually gets into the trash.

Stay Alert

What would a smartphone app be without alerts? Yes, even home security apps have alerts that will inform you if any sensor in your home has been set off. Sensors such as smoke, carbon monoxide, flood, or even freezing pipes can be installed with your home security system. These sensors will send alerts to your phone making you aware of exactly what is happening when it is happening.

A Virtual History Log of Your Home

Let’s face it, you can’t be everywhere at once, but when it comes to home security, you want to be. With home security apps, you’ll have a virtual log of what events take place in your home and when they take place. You can check up on times such as when the kids get home from school or when your cleaning crew comes into the house.

In addition to keeping track of times, you can also keep track of certain rooms. Your home security app can alert you if any off limit rooms, such as a gun room, has been entered. Although you can’t be at your home at all times, you can always stay aware of everything that takes place there.

We live in a world of constantly changing technology, and home security systems are keeping pace. Your smartphone is much more than just calendar of events, music, games, and organizational tools. Now there are apps for smartphones and tablets to protect one of the most valuable possessions you own. It’s security at your fingertips.

==== About the Author ====

Andrew Greene is a freelance writer and blogs for ppiclaims.org.uk where you can learn how to claim back PPI.

Mac OS X has been devoid of any large scale viruses and Trojans for a long time now. However, of late as the popularity of Mac has grown, virus creators have started targeting the OS with new viruses. This is evident with the number of viruses and Trojans which are being written for Mac. Take for example the Fake Mac Defender Anti-Virus (removal instructions).

A recent investigation by a security group has found out that a new virus called Flashback has been infecting nearly 600,000 Macs globally. The latest variation of this virus has been targeting an unpatched Java vulnerability in Mac based PCs. The OSX Flashback Trojan connects to a remote server and downloads instructions and payload. Once the payload has been downloaded the malware will modify webpages in the web browser and try to collect personal and other information and send it back to their servers.

If you are a Mac user, the first thing you should do is apply the new patch supplied by Apple that patches this vulnerability. However, there is a chance that you might have been already infected by the Trojan.

F-secure has put up some detailed instructions on their website to find out whether you are infected by the Flashback Trojan for Mac along with instructions to remove the OSX Flashback Trojan. You can visit this page to find instructions for removing Flashback Trojan and remove it from your system.

The detection and removal instructions are targeted towards advanced users so you might want to have someone familiar with Terminal taking a look at it for you.

Also, don’t forget to apply the latest update patch supplied by Apple. To do that, open the main system menu on your Mac by clicking on the “Apple icon” and click on the item “Software update”. Once the software update has checked for updates, apply any new patch/Java update that is available for your system.

We’ll try and post more simpler detection and removal instructions for this shortly.