News Posts matching "Security"

Return to Keyword Browsing

Blizzard Intros WoW Authenticator Device to Counter Account Misuse

Following countless complaints of World of Warcraft (WoW) user account hijacks and misuse, Blizzard has come up with a device, a security code generator that each user possesses, the device generates a six-digit security code that the user has to enter when logging on to the WoW account. The generation pattern is unique for each user's generator and this effectively eradicates account misuse, or at least attempts to. Blizzard CEO and cofounder Mike Morhaime says "It's important to us that World of Warcraft offers a safe and enjoyable game environment", he further adds that an aspect of that is helping players avoid account compromise, so they are pleased to make this additional layer of security available to them.

Once activated with Blizzard, the authenticator offers a six-digit code that must be used within 60 seconds on a gamer's WoW account. The user has to enter this number alongside username and password. Similar methods are adopted by PayPal, banks, and other financial institutions to help protect data, PayPal charges US $5 for the PayPal Security Key.

Blizzard plans to charge US $6.50 for the device but no announcements are made as to when it will be available.

Source: Blizzard

Malicious Trojan Horse Plagues Apple Mac OS Users

Nowadays everyone will tell you that most virus, spyware, malware and other malicious definitions are written solely for Windows, but it appears that times have changed a bit. Security experts are warning now about a new Trojan horse released in the wild, targeting Apple operating systems or more specifically Mac OS X Tiger and Leopard (version 10.4 and 10.5). In addition to the usual stuff a trojan can do (run in background, open ports, steal your passwords, replicate etc.) this one can also log what you type in every moment, take screenshots of your active desktop and even take a picture of you using Mac's built-in iSight camera. Here's how it works: AppleScript.THT comes either as a 3.1MB application dubbed AStht_v06 or as a 60KB compiled AppleScript script called ASthtv05. Once started on a Mac OS system it adds itself to the System Login Items and thus runs with root privileges every time the OS is started. Once the system is infected AppleScript.THT also moves itself into the /Library/Caches/ folder. To protect your system against this threat, security experts advice to run SecureMac MacScan 2.5.2 anti-virus software with the latest Spyware Definitions update (2008011). More details on the malicious code and additional removal instructions are posted here.Source: TG Daily

Programming Error Made Years Ago turns Open Source Software into Ticking Time Bomb

When open source software makers made what would eventually become the more current versions of Linux, Unix, and Mac OS X, they undertook a very important task: ensuring that whenever a password was generated to keep confidential data secret, that it would actually be secure. However, they apparently made a rudimentary programming error, and it went out into the world of open source software unnoticed. A couple years down the road, some hackers pointed out with glee that the OpenSSL key generator is basically useless as a security measure (the actual flaw is explained much more thoroughly in the source link). Because OpenSSL is used in far more systems than a couple home servers, we have a serious problem on our hands. Even though the original authors have issued a patch, there's no guarantee that it will get around fast enough to prevent some serious damage.Source: Daily Tech
Return to Keyword Browsing