Seven months ago, the New York Attorney General's office slapped both Symantec and McAfee with $375,000 in fines to settle charges that they automatically charged customers software subscription renewal fees without their consent. Symantec may have been slow to learn its lesson, because now a New York man is suing the security software maker for the same reason.

In the lawsuit, Kenneth Elan says he purchased a copy of Norton Antivirus in 2007. According to Elan, Symantec notified him in early 2009 that his software license had been automatically renewed and his credit card charged $76.03. Now Elan is taking Symantec to court, claiming the company did not abide by the above-mentioned settlement, in which Symantec and McAfee agreed to "provide electronics notification to consumers before and after renewal of the subscription."

"Prior to the automatic renewal, defendant failed to offer plaintiff an opportunity to decline to renew the license for another year," the lawsuit alleges. "If plaintiff had notice of an opportunity to decline the automatic renewal, plaintiff would not have renewed the license."

Elan is seeking both a refund and has asked the court to grant the lawsuit class-action status.

Image Credit: Flickr Joe Gratz

Internet Explorer users who have yet to upgrade to IE8 should take note. According to security firm Symantec, there's a pretty nasty Zero Day exploit that affects both IE6 and IE7.

"The exploit currently exhibits signs of poor reliability, but we expect that a fully-functional reliable exploit will be available in the near future," Symantec explained in a blog post. "When this happens, attackers will have the abilty to insert the exploit in websites infecting potential visitors."

Symantec said the attack requires JavaScript and recommends that users disable it. The security firm also suggested potentially affected users limit web surfing to only trusted sites until Microsoft releases a fix.

Image Credit: cybernetnews.com

Millions of credulous internet users fall prey to scareware every year and voluntarily end up compromising their systems. According to a new Symantec report, more than 40 million users found themselves prey to “increasingly persuasive online scare tactics” being adopted by cyber criminals during the 12-month period between July 2008 and June 2009.

The price of a fake security software program usually hovers between $30 and $100. But the hidden costs seem to be greater. Installing rogue security software can not only wreck the system but it also makes the owner vulnerable to identity theft. Deceptive ads linking to rogue software appear on both malicious and legit sites. Cybercriminals are also using search engine optimization (SEO) and social media tricks to ensnare even more people.

Have you installed SpywareGuard 2008, AntiVirus 2008, AntiVirus 2009, SpywareSecure, or XP AntiVirus yet? Don’t! They top the list of the most reported rogue security software.

Image Credit: F-secure

Symantec has published a list of the dirtiest 100 websites. The websites are said to contain around 18,000  threats apiece on an average. However, the average number of threats shoots up to 20,000 for the top 40 websites on the list, which has been compiled by Symantec’s Norton Safe Web service. Aladel.net, a US-based websites, alone houses 56,371 threats.

Although almost half of the websites are expectedly based around mature content, the remaining sites deal with a wide variety of subjects. Viruses dominate the list of threats found on these sites. Security risks and browser exploits are the other common threats found on them. The owners of the websites that figure on the list must be feeling a sense of elation and achievement. As for the rest of us, we now know which sites not to visit.

Image Credit: Symantec