A new malware was discovered by a security firm Lookout which has already infected millions of user phones via compromosed apps.

The malware called BadNews has spread through apps by pretending to be an ad platform to unsuspecting developers. As much as 32 apps from 4 developers have been affected and have since been removed from the Play store. It targets mostly Russian users.

BadNews is bad news because it fakes alerts in user’s phone and entice them to download more infected apps, subscribes them to premium sms services and sends the IMEI code to the malware creators.

The list of affected apps is available so you can check your installed apps against it to make sure your phone is not infected.

Microsoft has been rolling out a two step authentication process for their products starting April 17th. A two step authentication process already employed by companies like PayPal, Facbook, Google, Apple, is a process that besides the user password requires a one time verification code that could be sent to user’s phone via app or text message.

Microsoft is rolling out this option to such products as Office, Windows, Windows Phone, Xbox, and others. It improves the security against account hijacking and identity theft.

Oracle has released 128 security patches to a number of their products, including Java for web browsers. Most of the fixes relate to remote exploitation.

A few months ago Java web browser plugin has been exposed to have a zero-day vulnerability, and many end users were affected, including corporate networks.

It’s a good idea to keep the plugin up to date, however my tip would be to remove it from your computer entirely. Few websites use Java functionality and it’s not necessary to most users. Install it only if you really must use it.

Microsoft has been under the pressure of criticism regarding the Start Screen in Windows 8. The Start Screen has proved to be quite an annoyance to desktop users who have been pestering Microsoft to bring the Start menu back, in fact, third party options to do that have been quite popular.

In Windows 8.1 (codename Windows Blue) there will be an option to boot to the desktop by avoiding the Start Screen, albeit there will still be no Start menu.

That’s a good option considering the “Metro” style is really only useful with touchscreen devices.

There’s been a massive attack originating from a botnet of about 90,000 IPs that targets WordPress installations all over the internet, regardless of the host being used. The attack brute forces the admin password of a WordPress installation and installs a backdoor, presumably for a later attack. CloudFlare says it has blocked 60 million requests against this attack. And that’s just one hosting provider, so you can imagine the extent of the attack.

Attack such as this uses infected PCs but once the botnet has a huge number of hacked websites it could do a lot more damage.

It’s difficult to protect a website from brute force attacks such as this, but for starters you can use a more complicated password for your WordPress site.

There’s been an outbreak in malware that once infected a computer uses its resources to mine bitcoin.

Bitcoin is a digital currency based on a P2P network that uses user machines to solve transactions and reward the user with some of the currency. The malware creators can abuse a big number of computers to generate this currency much faster. There’s an obvious monetary incentive.

The virus infects the computer via Skype messages by sending a link and enticing the victim to click it. The messages usually say something like “here’s a picture of you”. Once on the computer it launches the bitcoin mining process which uses the CPU and slows down your machine significantly.

You can read more about this virus on the Kaspersky Lab blog.

Be careful and never click suspicious links!

Besides the usual password complexity requirements AT&T now won’t also accept passwords that contain obscene language (as first noted by @janinda). This seems funny enough while harmless, however, is it?

This raises a question as to why it is necessary when passwords should never be seen by anyone but the user in first place.

Passwords are stored in the database in an encrypted form and they are compared during authentication in this form as well. Technically no one should ever see them.

Perhaps AT&T is afraid that in case of a hacked database a list of obscenities would be revealed.

The win32 Trojan viruses are pretty common so you need to know how to remove them in case your computer gets infected. This virus infects your hard drive, and may cause your computer to run slowly, take a longer amount of time to launch your programs, and the virus can even install unwanted software on your system. This makes it a good idea to remove any software that has installed itself recently onto your computer and to unregister the files from your computer that are harboring the virus.

(Continue reading…)

A loud fan noise can indicate a number of causes, the majority of which are relatively easy fixes. The trick to diagnosing the noise is recognizing the type of use that might lead to heavy fan noise. The biggest indicator is that loud fans usually coincide with an overheating computer, which in itself can have different causes. Resolving the problem will help maximize the lifespan of the computer as well as solve the noisy fan problem for the user.

(Continue reading…)

One of the nastiest computer viruses out there is the Sality virus, which is a virus that allows hackers to remotely access your computer, steal information, download additional viruses into your computer, and cause your computer to perform at a low level. If your computer is infected with this virus, you will notice that it runs slowly, has less available memory, and that you are being flooded with pop-up ads. This virus can also alter your desktop settings and Internet settings. It is important to eradicate this virus as soon as possible after you detect that it has invaded your system. Usually, the sality virus is downloaded via email.

(Continue reading…)