A researcher has recently made available a database of 100 million Facebook users who have left their privacy settings on their profile at the default level as set by Facebook. His reasoning is to bring attention to the confusing privacy settings for end users. He has put the database out on the Bitorrent network.

Full story on Network World

I have heard it said over and over again, buy a MAC and you won't have security issues. Well, time catches up and we are seeing hackers taking advantage of vulnerabilities in Apple software. Recently we were made aware that versions 4 and 5 of Apple's Safari browser have a critical vulnerability. It has to do with a form fill feature that can reveal personal information about the user. Last week Jeremiah Grossman wrote about this on his blog. There is a way to prevent your identity from being revealed. You can Go to Preferences > AutoFill > AutoFill web forms and uncheck “Using info from my Address Book card”.

Jeremiah Grossman addresses this in detail on his blog and offers a video on how to correct this issue.

Apple has not addressed this vulnerability to date.  Welcome to the real world Apple users.

Adobe recently announced what should be a vast improvement in its popular Adobe Reader. With its next release they will be employing "sandboxing" which effectively puts a shell around the software protecting it from being injected with code from malicious hackers. This move by Adobe has been long overdue seeing as the reader program has been one of the leading vehicles for hackers to inject code that can infect end-users when they happen upon a malicious PDF file.

I have been speaking out about this vulnerability for over a year now and imploring people to use alternatives such as the free Foxit Reader, which also take up miniscule amounts of overhead in comparison to Adobe, but have also had attempts to inject code in it as well.

Now we will have to wait and see how effective this measure is, but it is definitely is a positive step in ...

read more

Apparently Microsoft saw this as a serious enough flaw that it immediately released a Fix-It for this vulnerability. It dealt with a shell vulnerability which can impact a huge number of critical infrastructure PC's, and was an easy one to implement by hackers. You should also take advantage and patch your own PC as soon as possible. The Fix-It tools are becoming a good way for end-users as well as IT staff to quickly apply patches.

Microsoft Fix-IT For Shell Vulnerability

 

Security Gurus Scream for Microsoft Shell Patch

If you use iTunes on a Windows based PC, Apple has released a new version to fix a critical security flaw in their popular software. My suggestion is that based on the recent breach in security where an application developer was possibly stealing user ID and password credentials, you go to their website and download it today. Version 9.2.1 is the most current version. you can visit their download page here:

Apple iTunes Download

Just got done reading this article this morning and it got my attention. PC vulnerabilities are increasing exponentially compared to last year. It is only July and we have gotten to 90% of where we were at this time last year. Which means there will most likely be twice as many as last year. 

Many of these vulnerabilities are coming from third party software vendors. The best way to remediate these vulnerabilities for end users is to head over to Secunia and let them scan your PC. It will look at all available software on your system and provide you with links to make sure you have the latest versions, which can go along way in preventing your PC from being hacked. You can also read their report for yourself. Take the time to patch your system!! If you are not comfortable doing this, by all means, we can help ...

read more

One thing that we all tend to overlook is the fact of how much we are being tracked on the internet. Especially by Google. Did you ever look at their icon? What do you see? I see a giant eye looking at me. And essentially that's what they are doing, how they make their money, watching, observing what people search for and then monetizing it. Let's face it, they know their business, kudos to them.

However, you don't have to help them, and in effect, you might be better off if you don't. Alternative search engines exist, and one of the safest and most private that I have found to date is Startpage.com It does not record your IP address and is completely private with no data captured. In this day and age where so many people are involved with viewing our data, it makes ...

read more

All the recent privacy issues and rather shady dealings with Facebook have promted the development of a group of students who might have a better idea on how to do social networking. I for one am hoping they succeed. Facebook has some issues that need to be addressed. The most glaring that I can see is their policy of having rights to content that is posted. Such as pictures. This post on The Consumerist does a good job of summing up the T.O.S. at Facebook.

These students recently acquired full funding and as we speak are most likely hard at work developing what we hope will be a MUCH better social network than Facebook.

Recent news on the alternative to Facebook: Diaspora

Seems that Apple has some vulnerabilities that it has quietly gone ahead and taken care of. Mac OS X 10.6.4 includes limited protection against a trojan labeled OSXPinhead -B. this one has capabilities to allow a hacker to gain remote control for the purpose of identity theft.

I guess the days of MAC users professing how they never have to worry about viruses and trojans are officially over.

Apple secretly updates Mac malware protection, Sophos reveals

There is a known vulnerability in Windows Help and Support Center that could lead to your PC becoming infected from a visit to a malicious website. Experts are now seeing hackers taking advantage of it. There will be an official patch coming from Microsoft, however you can remediate this rather easily with a fix that Microsoft has issued. Simply visit this site and click the Enable This Fix button. You will be prompted to download a small file which you can save to your desktop or other convenient spot that you can easily find it. Once downloaded double click it to execute and follow the simple instructions. My suggestion is to take the time to do this to prevent any possibilities of getting hit with this vulnerability. The Micosoft Fixit Site:

 

Vulnerability in Help Center could allow remote code execution