LinkedIn have confirmed that a number of user accounts have been compromised. While they have not published the amount of compromised accounts, a Russian forum user uploaded around 6.5 million encrypted user passwords to demonstrate the security breach took place. While the user names have not been included, it's a pretty good bet that they have also been stolen. You can check this site to see if your password was amongst those stolen.

What can you do to stop the spread of rogues and save your hard-earned cash for genuine programs that protect your PC and personal information? Armed with a little knowledge and awareness of the problem, users will be able to stop falling for these fakes and help to make sure that rogue software vendors stop profiting from their unscrupulous business.

Never pay for malware! Here’s how you can tell what's real and what's not when it comes to security software, so you can keep from buying bogus products.

By: Andrew Browne, leader of Lavasoft Malware Labs Team 

Pop-up windows are a common form of online advertising and often appear so quickly that users are caught off-guard. However, some pop-ups, when clicked, trigger spyware that can cause serious damage to computers. That's why it's important to never click "agree" or "OK" to close a pop-up window, and only click on the red "X" in the corner or Alt + F4 to close it safely.

We have added a few sections under our malware lab blogs! This means that you will have more helpful tips, insights, facts and figures about all things malware!

Here are the new sections:

The latest Flash update patches two security vulnerabilities - the first (CVE-2012-0772),  resolves a memory corruption vulnerability related to URL security domain checking that could lead to code execution on Windows 7 or Vista. The second (CVE-2012-0773) fixes a memory corruption vulnerability in the NetStream class that could lead to code execution.

TLDR; vulnerable Flash player, exploits patched.

However, this time around, Adobe have introduced an automatic updating mechanism for Flash Player.

In Microsoft's Security Bulletin Summary for February 2012 a number of updates have been released including four "critical" and five "important" severity updates.

The holiday shopping season is right around the corner and 'tis the season to be safe. These 5 tips will help you to safely shop online and to stay away from hackers, identity thieves and scammers.

Phishing is a deviously clever strategy used by cybercriminals to steal your personal information (e.g., username, password or banking account information) by fooling you in handing it over to them.

By masquerading themselves as legitimate institutions and businesses you know and trust, cyber thieves bait users to hand over their passwords, Facebook accounts, banking information and even SIN numbers.

Beware of Christmas scams

by Jerome on November 23rd, 2011 in Security Tips.

Scammers absolutely love the holiday season. There are likely to be more online scam victims during those busy shopping and travelling December days than at any other time during the year. As such, we compiled a list of Christmas scams you should beware of.

Why install security updates?

by Andy on November 22nd, 2011 in Security Tips.

It's common to hear security vendors advise people to "keep their computer up to date with the latest patches" but what does that actually mean and why is it important?

Malware can infiltrate PCs via a number of attack surfaces, one of which being bugs in Windows and the programs on your PC.

Microsoft have published a Security Bulletin Summary for November 2011. A number of updates have been released including one "critical" and two "important" severity updates.

The patches address remote code execution, elevation of privilege and denial of service vulnerabilities. Importantly, an update has been released to patch the critical vulnerability in the TCP/IP stack (MS11-083). Microsoft report that "the vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system."

As the malware landscape evolves, it's helpful to understand how malware gets onto your machine. Knowing the bad guys' strategies gives you the edge while on-line and puts you in a stronger position to defend your data and PC against compromising threats.

We all know that we should install anti-malware software, keep it up to date and run regular scans, apply Windows and application security patches when they become available, use a firewall... well, I won't bore you - you know what to do. But what kind of attacks can we expect and where are they coming from?