When Opera Software announced late Monday that its Opera Mini browser would hit the iPhone App Store, we guessed it wouldn't be long before we saw other browser-makers follow suit by producing similar efforts that get around Apple's restrictions facing iPhone browsers that compete with the native Safari.

Looks like our guess was correct. On Tuesday, Skyfire, another mobile browser maker, blogged a post congratulating Opera for its success and stating Skyfire's intention to speed up its own development for "iDevices" like the iPhone, iPod Touch, and iPad.

Of course, as a competitor, it is Skyfire CEO Jeff Glueck's prerogative to point out that Skyfire supports Flash and plays back video with its mobile proxy browser where Opera Mini for iPhone doesn't.

We're always up for a good challenge, and we'd love to compare Safari, Opera Mini, and Skyfire side-by-side. We're also curious if Skyfire manages to avoid some of Opera Mini's proxy-related pitfalls, some of which we outline in this First Look video.

Alright, Skyfire, bring it on!

As April 15 approaches, U.S. citizens preparing to file their taxes are susceptible to online scams designed to steal their personal information and, ultimately, their money. Here is a roundup of tips for how people can protect themselves.

First off, the Internal Revenue Service does not initiate taxpayer communications through e-mail, and the agency does not request details on personal information via e-mail. The IRS has detailed information on how to report and identify phishing and e-mail scams and bogus IRS Web sites here. More information about specific tax fraud schemes is here.

Microsoft's Security Tips & Talk blog recommends that people filing taxes online should learn to recognize the official IRS Web site. In addition, people should make sure that the Web address of the site they are filing on is secure and begins with "https," the secure version of the Hypertext Transfer Protocol, and that there is a locked padlock icon at the bottom of the screen, the blog post says.

Tax-related phishing attacks have been going on for a few weeks, at least, according to Proofpoint. One particularly pernicious one arrives in e-mail in-boxes with a subject line of "Notice of Underreported Income" and asks recipients to review their tax information with a link to a site that is represented as an IRS site. Instead, according to this Proofpoint blog item, the link leads to a fake IRS page with an executable that installs the data-stealing Zeus Trojan.

Proofpoint's tips: Be suspicious of any e-mail requests for personal IDs, financial information, user names or passwords; don't fill out forms in an e-mail; don't click on links in e-mails that are unsolicited or suspicious; and type the legitimate URL for the organization in a new browser window or call the company directly.

SonicWall predicts that more than 100 million IRS-related phishing e-mails will be sent to tax payers in the days leading up to and after the April 15 tax-filing deadline. But not all tax-related e-mails will be scams, the company said.

"Myriad legitimate online filing services, online consultants who answer tax-related questions, and online tax calculators currently exist," SonicWall said in a statement.

"For example, if you file your taxes with an online tax preparation service, you are likely to get legitimate e-mail from them and the bank, which acts as the transfer agent for the transaction for the IRS," the company said. "Phishers use this opportunity to prey on taxpayers who are filing their tax refund--asking them for bank card information to deposit the refund and a Social Security number so they can verify a taxpayer's identity. Be wary of these types of inquiries."

SonicWall's tips include visiting the tax preparer's Web site or calling the company to check up on the status of the filing and being wary of offers that allow people to get loans on their income tax refund, many of which are scams.

Meanwhile, AVG Technologies has partnered with CyberTaxDay.com to offer AVG's free security software along with tax-filing tips for people preparing to file taxes electronically. The AVG software can be used to scan Web sites to make sure they are safe and to check for malware on the taxpayer's computer.

Originally posted at InSecurity Complex

Microsoft fixed 25 holes on Tuesday, including critical ones for Windows that could be triggered by browsing to a malicious Web page, while Adobe plugged 15 holes in Reader and Acrobat and launched its new updater service.

Oracle also released its own critical patch update, covering nearly 50 new vulnerability fixes across hundreds of its products, on what was turning out to be an uber Patch Tuesday.

Microsoft said customers should deploy all 11 of its security updates, which include five that are critical, as soon as possible. However, three were listed as top priorities:

• MS10-019, which affects all versions of Windows and would allow an attacker to alter signed executable content without invalidating the signature

• MS10-026, which is critical on Windows 2000, XP, Server 2003 and Server 2008, and could allow an attacker to take complete control if a victim were to open a malicious AVI (Audio Video Interleave) file or had it stream from a Web site

• MS10-027, which affects Windows 2000 and XP users and could be triggered if they visited a malicious Web page, according to its bulletin summary.

It is likely that there will be reliable exploit code developed for MS10-026 and MS10-027, according to a Security Research & Defense item that details the risks associated with each of the bulletins.

Microsoft also closed out two existing security advisories involving flaws for which exploit code is in the wild. One is 981169, which involves a vulnerability in VBScript that could allow the remote execution of code and a complete takeover of the system if a user pressed the F1 key while visiting a Web page with a malicious dialog box on it. Disclosed on March 1, it affects older versions of Windows running Internet Explorer. The other advisory to be closed is 977544, which involves a hole in Server Message Block (SMB) protocol that could allow a denial-of-service attack and that dates back to November.

Other vulnerabilities fixed in the bulletins include a hole in Windows Media Services on Windows 2000 Server, a vulnerability in Microsoft Office Publisher that could allow remote code execution, and holes in Exchange, Windows SMTP Service and Office Visio.

Microsoft said it made some technology changes affecting all Windows Kernel updates starting with MS10-021 to resolve an issue that led to some systems crashing during the February security update because they were infected with the Alureon rootkit program that had made changes to the operating system kernel.

Going forward, Kernel updates will include "detection logic for unusual conditions or modifications to the Windows Kernel binaries, " so that if certain conditions are detected the update will return an error message to the user and fail to install, Jerry Bryant, group manager for Microsoft Response Communications, wrote in a blog post. Customers who see the error should contact Microsoft's customer service and support team for help in determining if there is malware on the system.

Microsoft also updated its Malicious Software Removal Tool to include Win32/Magania, a password-stealing Trojan.

Software affected by the Microsoft updates is Windows 2000, XP, Vista, Windows 7, Server 2003, Server 2008, Office XP, Office 2003, 2007 Microsoft Office System and Exchange Server 2000, 2003, 2007, and 2010.

Meanwhile, Adobe released new versions of Acrobat and Reader that plugged critical holes that could cause the application to crash or even allow an attacker to take control of the system if a victim were to open malicious PDF files. The updates fix vulnerabilities involving cross-site scripting, memory corruption, font handling, buffer overflow and denial-of-service issues. They affect Reader 9.3.1 for Windows, Mac, and Unix, Acrobat 9.3.1 for Windows and Mac, and Reader 8.2.1 and Acrobat 8.2.1 for Windows and Mac. Adobe provides more information on its update and patch services in a blog post.

Finally, Oracle released its critical patch update covering 47 holes, 16 of them in Sun Solaris alone and many of which can be remotely exploited without authentication, according to an advisory. Affected software includes Oracle Database, Oracle Fusion Middleware, Oracle Collaboration Suite, Oracle Applications Suite, PeopleSoft and JDEdwards Suite and Oracle Industry Applications.

"This is going to be quite the month for IT administrators," Joshua Talbot, security intelligence manager at Symantec Security Response, said in a statement. "With a large number of patches coming from Microsoft and Oracle, including two from Microsoft for public vulnerabilities, and a handful more patches from Adobe, automating the patching process becomes even more critical to ensure that nothing slips through the cracks."

"The critical Microsoft WinVerifyTrust signature validation vulnerability can be used to really enhance social engineering efforts," said Talbot. "It allows an attacker to fool Windows into thinking that a malicious program was created by a legitimate vendor."

Update 1:45 p.m. PDT: Story now reflects that Oracle has released its security update.

Originally posted at InSecurity Complex

Looking for five minutes of fun? Then look elsewhere, because this week's new iPhone/iPod games are likely to consume considerable chunks of your time. You've been warned!

Babylonian Twins -- The Quest for Peace in Ancient Iraq: If you like running, jumping, puzzle-solving platform games (I know, are there any other kind?), you're sure to get a kick out of Babylonian Twins--a gorgeous, charming platformer with one of the most interesting backstories I've ever read. The game's launch price: $2.99. Oh, and don't miss Babylonian Twins HD for iPad ($4.99).

Giant Moto: Its name notwithstanding, this is a perfect little motocross game. Choose a track (there are six now; the developer promises more), then a color, and then decide if you want to ride solo or race against three AI riders. Giant Moto is all about jumps, turbo boosts, and scoring the best time. It's reminiscent of the Nintendo classic ExciteBike--but a lot purtier, to be sure. Well worth 99 cents.

N.Y.Zombies: A must-have for fans of Left 4 Dead, Resident Evil, and other zombies-run-amok games, this first-person shooter offers an endless onslaught of blood, guts, and gunplay. There's a plot, too, for those who like zombie-whompin' with a purpose. N.Y.Zombies' launch price is $1.99, but there's a free lite version if you want to test the undead waters.

Warlords: Call to Arms: Who says you can't get Flash on an iPhone? Well, Flash-based games, anyway: Warlords brings the eponymous Flash classic to the small screen. Choose an army (orcs, elves, humans, etc.), then deploy the right troops at the right time during real-time battles to claim territories. It's kind of like Plants vs Zombies, except that your plants move--and look like Warcraft characters. Relentless, addicting fun for $1.99.

Warpgate: A high-profile iPad launch title, Warpgate is now available for iPhone and iPod--putting batteries and productivity alike on notice. This open-ended game of space trading, conquest, and combat offers an incredible diversity of star systems to explore, ships to pilot, weapons to buy, and missions to complete. I think one word describes it best: depth. Warpgate costs $4.99.

What new games are occupying your time this week? I find myself going back to Words With Friends far more often than I thought I would. It's an addiction that can't be cured!

Originally posted at iPhone Atlas