MicroHelp, Inc.

NIST, Maryland Plan New Cybersecurity Center

The US National Institute of Standards and Technology (NIST) announced plans Tuesday to break ground on a new center that will be committed to cybersecurity research. The National Cybersecurity Center of Excellence will be built near NIST’s Gaithersburg, Md., campus in hopes of strengthening the country’s cybersecurity products and services.

Groupon Piggyback Site Offers $500 Voucher, Charges Users for Allegedly ‘Free’ Trial Offers

A domain registered two days ago as groupon500.com, which claims to offer a $500 voucher toward Groupon or its primary competitor, LivingSocial, is actually registering users for ‘free’ trial offers that aren’t free at all. The best part, however, is that everything about this scam is perfectly legal according to Zscaler’s Julien Sobrier.

Waves of Attacks Target Adobe Reader Bug From 2010

Thanks to the wonderful tendency of users not to update their applications, old vulnerabilities never die, they just get overtaken by newer and shinier ones. The attackers know this well, and every once in a while they serve up a nice reminder to the rest of us. The most recent one of these is a string of attacks against an Adobe Reader vulnerability from 2010.

iOS 5 Flaw Allows Unfettered Access to User’s Contacts, Calls

A passcode flaw in Apple’s iOS 5 could allow unauthorized access to an iPhone user’s contacts list, recent calls, voicemail, text messages and more, according to a recent blog post from CultofMac.com.

DDoS attacks in H2 2011

All statistical data used in this report were obtained using Kaspersky Lab's botnet monitoring system and Kaspersky DDoS Prevention.

Gatekeeper to Bring Tight App Controls to OS X Mountain Lion

Apple's implementation of a semi-new set of technologies collectively known as Gatekeeper in the upcoming Mountain Lion release of Mac OS X is set to give users better control of the security of the machines, specifically which apps are allowed to run. The Gatekeeper system will enable users to decide which apps they trust and then prevent pretty much anything else from running.

Microsoft Says Google Bypassing Users’ IE Privacy Settings

The relations among Microsoft, Apple and Google, which are testy in the best of circumstances, are being pressured even more of late as the controversy surrounding Google's actions with cookies and user tracking grows. In the latest installment, Microsoft has said that it has found that Google "is employing similar methods to get around the default privacy protections in IE and track IE users with cookies."

Spam report: January 2012

In January, more than a month before Valentine’s Day, our spam lab usually starts registering the first emails exploiting the Valentine’s theme

Analyzing ASLR in Android Ice Cream Sandwich 4.0

By Jon Oberheide

When I first saw the release notes for the new Android Ice Cream Sandwich (ICS) platform, I was excited to see that Google mentioned that “Android 4.0 now provides address space layout randomization”. For the uninitiated, ASLR randomizes where various areas of memory (eg. stack, heap, libs, etc) are mapped in the address space of a process. Combined with complementary mitigation techniques such as non-executable memory protection (NX, XN, DEP, W^X, whatever you want to call it), ASLR makes the exploitation of traditional memory corruption vulnerabilities probabilistically difficult.

Facebook Hacker Gets 8 Months in Jail

A 26-year-old Briton was sentenced to eight months for hacking Facebook in 2011.