News, Announcements, Tech Discussions
Michaels stores: Possible data 'attack'
"The country's largest crafts chain may be the latest retailer hit by a security breach. "Michaels said Saturday that it learned recently of "possible fraudulent activity" on some of its customers' payment cards, suggesting there may have been a breach. "CEO Chuck Rubin said the company has not confirmed a breach, but wanted to alert customers. "We are concerned there may have been a data security attack on Michaels that may have affected our customers' payment card information and we are taking aggressive action to determine the nature and scope of the issue," Rubin said in a statement." [url=http://money.cnn.com/2014/01/25/news/companies/michaels-security-breach/index.html?hpt=hp_t2]Full Article[/url] It appears as though the long string of recent breaches continues....
Dyre Malware Targeting Salesforce User Credentials
[b]By [url=http://www.securityweek.com/authors/mike-lennon]Mike Lennon[/url] on September 08, 2014[/b] [b]In an advisory sent to Salesforce Account administrators late Friday, the largest provider of cloud-based CRM solutions warned that its customers are being targeted by key-logging malware known as Dyre.[/b] “On September 3, 2014, one of our security partners identified that the Dyre malware (also known as Dyreza), which typically targets customers of large, well-known financial institutions, may now also target some Salesforce users,” the company warned. Dyre, which is able to circumvent the SSL mechanism of web browsers, was first[url=http://www.securityweek.com/new-rat-bypasses-ssl-protection-targets-bank-credentials-phishme] detailed by PhishMe in June 2014[/url] after being spotted in an attack targeting online banking credentials. Salesforce said it had not yet seen any evidence that any of its customers have been impacted by the malware. “If we determine that a cu
Millions of accounts compromised in Snapchat hack
[b]"(CNN)[/b] -- Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available for download." "The hack was seemingly intended to urge Snapchat to tighten its security measures. The anonymous hackers said they used an exploit created by recent changes to the app, which lets users share photos or short videos that disappear after a few seconds." "In the statement, the hackers said they blurred the last two digits of the phone numbers they posted but were still considering whether to post more with the full number visible." [url=http://www.cnn.com/2014/01/01/tech/social-media/snapchat-hack/index.html?hpt=hp_t2]Full Article[/url] I do not know if this is related to the security hole initially reported to the Webroot Community in [url=https://community.webroot.com/t5/Security-Industry-News/Attackers-could-match-phone-numbers-to-Snapchat-accounts/td-p/752
Mozilla Firefox 45.0 Final / 38.7.0 ESR
[b]Mozilla Firefox 45.0 Final[/b] Changelog: [url=https://www.mozilla.org/en-US/firefox/45.0/releasenotes/]https://www.mozilla.org/en-US/firefox/45.0/releasenotes/[/url] En-Us [url=https://ftp.mozilla.org/pub/firefox/releases/45.0/win32/en-US/Firefox%20Setup%2045.0.exe]Download Firefox 45 for Windows 32-bit[/url] [url=https://ftp.mozilla.org/pub/firefox/releases/45.0/win64/en-US/Firefox%20Setup%2045.0.exe]Download Firefox 45 for Windows 64-bit[/url] [url=https://ftp.mozilla.org/pub/firefox/releases/45.0/linux-x86_64/en-US/firefox-45.0.tar.bz2]Download Firefox 45 for Linux x86, x64[/url] [url=https://ftp.mozilla.org/pub/firefox/releases/45.0/mac/en-US/Firefox%2045.0.dmg]Download Firefox 45 for Mac[/url] [url=https://www.mozilla.org/en-US/firefox/all/]Download Firefox 45 – All Systems and Languages[/url] or [url=https://ftp.mozilla.org/pub/firefox/releases/45.0/]https://ftp.mozilla.org/pub/firefox/releases/45.0/[/url] [b]Mozilla Firefox 38.7.0 ESR[
Webroot Community hits 10,000 members!
So there is something else to celebrate this week besides St. Patrick's Day - we've crossed over the threshold of 10,000 community members! A big thank you to everyone who has made this possible. We couldn't do it without all of your participating, answering questions, and welcoming new people. We teamed up with our awesome marcom team to create a special infographic in honor of this event. It includes fun stats about the community. Feel free to share this with your friends and family (I've attached the PDF version as well): [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/9130iA849BD185B0D7C84.jpg[/img]
Adobe Flash Player 126.96.36.199
Adobe Flash Player v188.8.131.52 - 2014-03-11 [url=http://www.adobe.com/software/flash/about/]Click here to check your version [/url]and [url=http://get.adobe.com/flashplayer/otherversions/]Here to Download [/url]and here is an [url=http://www.adobe.com/products/flashplayer/distribution3.html]Alternate Download[/url] make sure you uncheck any unwanted add-ons and download both the one for IE and the other for other Browsers such as Firefox, Safari, Opera plugins! Release Notes - Not yet available
Security experts advise bosses to ban Facebook Home
Employees that are allowed to use their own phones for work should be warned they will lose the privilege if they install Facebook Home, security experts have said. Facebook introduced Home on Thursday. Facebook Home changes the interface of the Android phone it is installed on. The company hopes it will give its one billion users a new and more in-depth way of keeping in contact with friends and family. However, security experts have said that bosses must consider the security implications of the app. Do any community members have an opinion on this? :) [url=http://www.t3.com/news/bosses-should-ban-facebook-home-say-experts]http://www.t3.com/news/bosses-should-ban-facebook-home-say-experts[/url]
Germany: 16 million email accounts may be compromised
In Germany, around 16 million email addresses, user names, and passwords may have been stolen, according to an announcement on Tuesday from the country’s Federal Office for Information Security. The theft was discovered through an analysis of botnets — collections of malicious software that an attacker can use to carry out tasks like collecting user information or sending spam. Because an investigation is ongoing, the office has not released any additional information about who was responsible, or how long the attack had been going on. The Federal Office of Information Security has set up [url=https://www.sicherheitstest.bsi.de]a website[/url] where people can check if their email accounts have been compromised. Concerned internet users can submit their email address, after which they will receive a four-digit PIN number. If the email address has been compromised, the user will receive an email with a matching PIN number. Although the office has the list of all 16 million email addre
Spammers buy Chrome extensions and turn them into adware
Changes in Google Chrome extension ownership can expose thousands of users to aggressive advertising and possibly other threats, two extension developers have recently discovered. At least two Chrome extensions recently sold by their original developers were updated to inject ads and affiliate links into legitimate websites opened in users’ browsers. The issue first came to light last week when the developer of the “Add to Feedly” extension, a technology blogger named Amit Agarwal, reported that after selling his extension late last year to a third-party, it got transformed into adware. The extension had over 30,000 users when it was sold. A second developer, Roman Skabichevsky, confirmed Monday that his Chrome extension called “Tweet This Page” suffered a similar fate after he sold it at the end of November. Skabichevsky accepted an offer to sell the simple extension for $500 because he didn’t have time to improve it anymore. ”A woman named Amanda who contacted me said they wante
Hello,I an currently using windows 10 pro and MS edge and successfully sign to the webroot community forum but after follow steps using the same email address and password I am unable to login to my.webrootanywhere.com.The error I get is always username and password does not match but I am sure it is correct. I have tried clearing my cache and cookies and still the same.How do you fix this? To log in to your account in the SecureAnywhere website:Open your browser to the SecureAnywhere website at my.webrootanywhere.com. In the Log in window, enter the email address and password you specified when you registered. Click the Log in button. At the personal security code prompt, type the requested characters and click the Log in button. This personal security code was defined when you created a Webroot account. Every time you log in, SecureAnywhere will require this extra security step. Be aware that it prompts for two random characters of your code. For example, if your code is 12345
Graphics Ram Low and Impacting performance
Hello all, I need some help. I have been reading about graphics ram low when running system analyzer. However, this is a true performance imacting problem. My daughter streams allot. I am sure that she saves the videos as well. What can I do at this point to dramatically increase graphics ram performance. Do I go in and move all media content to a flash drive? What should I do? --Mike
Ransomware Hits 20 Schools in Texas District
[i]Now this is a topic that should be read and should also be taken as a lesson to us all.[/i] [h2]Schools manage to recover data thanks to backup files[/h2] [img]http://i1-news.softpedia-static.com/images/fitted/340x180/ransomware-hits-20-schools-in-texas-district.jpg[/img] [b]Apr 9, 2016 21:01 GMT · By [url=http://news.softpedia.com/editors/browse/catalin-cimpanu]Catalin Cimpanu[/url][/b] [b]Representatives of the North East Independent School District, in Texas, USA, have admitted that many of their school campuses have fallen victim to the [u][url=http://news.softpedia.com/news/ransomware-epidemy-makes-two-new-victims-hospitals-in-california-and-indiana-502594.shtml]recent wave of ransomware infections[/url][/u] that's b
Snowden-inspired crypto-email service Lavaboom launches
[h2]German service pays tribute to Lavabit[/h2]By [url=http://www.theregister.co.uk/Author/2468]Phil Muncaster[/url], 16 Apr 2014 Lavaboom, a German-based and supposedly NSA-proof [url=http://www.lavaboom.com/]email service[/url], will go into private beta this week. Its mission is to spread the Edward Snowden gospel by making encrypted email accessible to all. Although it has been referred to in various parts of the interwebs as an heir to Lavabit, the now-defunct encrypted email service used by Snowden, the new service's name is a tribute to its predecessor and nothing more. Lavaboom is a free service with a 500MB mailbox limit made secure by three main principles: end-to-end encryption; “zero-knowledge privacy”; and “three-way authentication”. The firm said its aim is to make encryption as “simple as sending regular email” so anyone can use it. Three-way authentication is offered for Lavaboom’s “more security conscious users” as f
The MPAA wants the legal authority to infect your computer
[img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/3692iCC41B1204C67BCF3.jpg[/img]We all know about the FBI Ransomware that has been going around the web lately, right? Well, we all know that is fake. But what if that ransomware was legally allowed to be placed on your computer because the MPAA (Motion Picture Association of America) suspects you of downloading pirated films? That is exactly what they are asking the US Congress to allow them to do, all in the name of protecting their property. The idea, coming from what can only be assumed to be a lucid dream in a George Orwellian world similar to 1984, would allow the MPAA to infect your computer with rootkits, spyware, and ransomware, holding your files hostage until you turn yourself in to the proper authorities, all while under the guise of protection. Beyond the infection, an even more concerning aspect is that the MPAA wants to infect suspected computer users even if evidence is minimal or in
Beware: Free Antivirus Isn’t Really Free Anymore
Free antivirus applications aren’t what they used to be. Free antivirus companies are now bundling adware, spyware, toolbars, and other junk to make a quick buck. At one point, free antivirus was just advertising, pushing users to upgrade to the paid products. Now, free antivirus companies are making money through advertising, tracking, and junkware installations. [url=http://www.howtogeek.com/218675/beware-free-antivirus-isnt-really-free-anymore/]Full Article[/url]
Adobe Flash Player 184.108.40.206 (IE); 220.127.116.11 (Plugin-based browsers) Adobe Air 18.104.22.1680
New Adobe Flash build has been released today. Jan 14, 2014 [url=http://www.adobe.com/software/flash/about/]Click here to check your version[/url] and [url=http://get.adobe.com/flashplayer/otherversions/]Here to Download[/url] and here is an [url=http://www.adobe.com/products/flashplayer/distribution3.html]Alternate Download[/url] [b]make sure you uncheck any unwanted add-ons or in other words PUA's[/b] and download both the one for IE and the other for other Browsers such as Firefox & Opera plugins! [b]Note: Not needed for IE on Windows 8.1 but the plugin version still needed if using other Browsers above.[/b] Adobe Air v22.214.171.1240 Adobe Air Download: [url=http://get.adobe.com/air/?promoid=JZEFV]http://get.adobe.com/air/?promoid=JZEFV[/url] [i][b]TH[/b][/i]
Cat needs a TV...
Alright Webroot Community, I need your help. I'm buying a new TV and I have to admit, it's been awhile since I've shopped for one. Jim even made fun of me when I said, "Since when do TVs have 3D?!?" So that being said, I'd love your advice. What are some "must have" features? What should I stay away from? [b]What I know I want: [/b] LED - Flat screen Moderately priced 1080p vertical resolution 120 Hz refresh rate [b]What I know I DON'T need:[/b] 3D (seriously...3D?) [b]What I don't know if I need:[/b] "Smart TV" - I do love the idea of internet cable vs regular cable though... PC input vs. USB port DVI imports Brand Any advice?
Watch out for Counterfeit iOS and Android apps
Yesterday, PCWorld put out an [url=http://bit.ly/19xhNqp]article[/url] on a recent finding by software firm Arxan, who discovered that cybercriminals are reverse-engineering many of the most popular paid apps from both the Google Play and Apple App Store. "Looking at a total of 230 apps - the top 100 paid apps and top 15 free apps for Android and iOS - Arxan found that 100 percent of the top paid apps on Android and 56 percent on iOS were being impersonated in a compromised form on grey markets." Arxan's analysis also found that, when it comes to free apps, 73% of the top 15 Android (and 53% of the top 15 iOS) apps existed in obscure third-party stores, as well as half of 20 popular financial apps for Android. Obviously, these numbers stem mostly from countries outside of the US and UK, as thid-party stores are far less prevalent here in the states and in the UK. Nevertheless, while most users may never come across these bogus ads, this story further shows the signi
Criminals Use 3D-printed Skimming Devices on ATMs
If you're in Australia and use ATM's, [url=http://www.itnews.com.au/News/353590,criminals-use-3d-printed-skimming-devices-on-sydney-atms.aspx]this story[/url] should interest you. It should also interest anyone using an ATM just generally as this sort of attack becomes more and more prevalent in all regions. Credit card thieves are utilizing advanced 3D printers to create sophisticated credit card skimming devices that they attach to ATM's to capture the card number, as well as the pin number. This gives them enough data to start draining money out of accounts almost immediately. [img]https://d1qy7qyune0vt1.cloudfront.net/webroot-en/attachment/5826i565EA10384B6FE10.jpg[/img] Good luck catching this with only your eyesight. From [url=http://www.itnews.com.au/News/353590,criminals-use-3d-printed-skimming-devices-on-sydney-atms.aspx]itnews.com.au[/url]: [i]A gang of suspected Romanian criminals is using 3D printers and computer-aided design (CAD) to manufac
Airline Spam Used to Distribute Kuluoz Malware
In case you come across a suspicious email in your inbox purporting to come from an airline company, act with caution. The messages might be part of a cybercriminal campaign. According to Trend Micro, the notifications appear to come from companies such as American Airlines, US Airways, Delta Airlines or British Airways. They usually inform recipients that an electronic ticket has been purchased on their behalf. The file that’s attached to the emails is not an e-ticket, but a variant of the Kuluoz malware. This particular threat is designed to download and execute other pieces of malware, such as ZeroAccess or fake antiviruses. The spam messages are distributed with the aid of the Cutwail botnet. Experts believe that the cybercriminals might have started relying exclusively on fake airline emails because they know that a lot of people are traveling during this period. [url=http://news.softpedia.com/news/Airline-Spam-Used-to-Distribute-Kuluoz-Malware-410638.shtml]Full Topic[/u
Adobe Reader XI (126.96.36.199) and Adobe Air 188.8.131.52
Adobe Reader XI (184.108.40.206) Please see Advisory for more info: [url=https://community.webroot.com/t5/Security-Industry-News/Prenotification-Security-Advisory-for-Adobe-Reader-and-Acrobat/m-p/107012#M5300]https://community.webroot.com/t5/Security-Industry-News/Prenotification-Security-Advisory-for-Adobe-Reader-and-Acrobat/m-p/107012#M5300[/url] Download: [url=http://get.adobe.com/reader/]http://get.adobe.com/reader/[/url] Download Full Version: [url=http://get.adobe.com/reader/enterprise/]http://get.adobe.com/reader/enterprise/[/url] Also there is an update for Adobe Air here to Download: [url=http://get.adobe.com/air/?promoid=JZEFV]http://get.adobe.com/air/?promoid=JZEFV[/url] Daniel ;)
Cyber Resilient Best Practices
Those of us who are able to work remotely in response to the COVID-19 outbreak are now taking more of our IT security into our own hands. But beyond staying aware of the latest coronavirus-inspired scams, what we can do to look after our own online security in these uncertain times? What follows is our time-tested list of cybersecurity best practices that, in a perfect world, we’d all adhere to all the time. Nothing flashy, nothing dramatic. Just a list of habits cybersecurity experts agree could help make us all a little more cyber resilient. Use antivirus software While it sounds like a given from a company that makes it, antivirus software—we prefer the all-encompassing term anti-malware software, since viruses are only one strain of malicious software and you’re likely to be targeted by others—is an essential step in securing your devices. All your devices. While most anti-malware software was once list-based, meaning it relied on a semi-static list of known threats living o
Technical support over the Thanksgiving long weekend
Just wanted to let everyone know that the Webroot offices will be closed next week on Thursday and Friday for the Thanksgiving holiday. We will have support available only via [url=https://detail.webrootanywhere.com/servicewelcome.asp]the ticket submission form[/url] on those days, similar to our weekend support model. Have a safe and happy long weekend to all who will be celebrating this holiday next week!
Join the Conversation
Already have an account? Login
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.