Recently people around the world are receiving phishing attempts targeting their g-mail accounts. Be very careful with these as they are very crafty in their ability to fool people. They are using graphics that recreate the G-mail login page perfectly. The full story is described over at Help Net Security
I have heard it said over and over again, buy a MAC and you won't have security issues. Well, time catches up and we are seeing hackers taking advantage of vulnerabilities in Apple software. Recently we were made aware that versions 4 and 5 of Apple's Safari browser have a critical vulnerability. It has to do with a form fill feature that can reveal personal information about the user. Last week Jeremiah Grossman wrote about this on his blog. There is a way to prevent your identity from being revealed. You can Go to Preferences > AutoFill > AutoFill web forms and uncheck “Using info from my Address Book card”.
Jeremiah Grossman addresses this in detail on his blog and offers a video on how to correct this issue.
Apple has not addressed this vulnerability to date. Welcome to the real world Apple users.
Adobe recently announced what should be a vast improvement in its popular Adobe Reader. With its next release they will be employing "sandboxing" which effectively puts a shell around the software protecting it from being injected with code from malicious hackers. This move by Adobe has been long overdue seeing as the reader program has been one of the leading vehicles for hackers to inject code that can infect end-users when they happen upon a malicious PDF file.
I have been speaking out about this vulnerability for over a year now and imploring people to use alternatives such as the free Foxit Reader, which also take up miniscule amounts of overhead in comparison to Adobe, but have also had attempts to inject code in it as well.
Now we will have to wait and see how effective this measure is, but it is definitely is a positive step in ...
read moreIf you use iTunes on a Windows based PC, Apple has released a new version to fix a critical security flaw in their popular software. My suggestion is that based on the recent breach in security where an application developer was possibly stealing user ID and password credentials, you go to their website and download it today. Version 9.2.1 is the most current version. you can visit their download page here:
Just got done reading this article this morning and it got my attention. PC vulnerabilities are increasing exponentially compared to last year. It is only July and we have gotten to 90% of where we were at this time last year. Which means there will most likely be twice as many as last year.
Many of these vulnerabilities are coming from third party software vendors. The best way to remediate these vulnerabilities for end users is to head over to Secunia and let them scan your PC. It will look at all available software on your system and provide you with links to make sure you have the latest versions, which can go along way in preventing your PC from being hacked. You can also read their report for yourself. Take the time to patch your system!! If you are not comfortable doing this, by all means, we can help ...
read moreSeems that Apple has some vulnerabilities that it has quietly gone ahead and taken care of. Mac OS X 10.6.4 includes limited protection against a trojan labeled OSXPinhead -B. this one has capabilities to allow a hacker to gain remote control for the purpose of identity theft.
I guess the days of MAC users professing how they never have to worry about viruses and trojans are officially over.
Apple secretly updates Mac malware protection, Sophos reveals
There is a known vulnerability in Windows Help and Support Center that could lead to your PC becoming infected from a visit to a malicious website. Experts are now seeing hackers taking advantage of it. There will be an official patch coming from Microsoft, however you can remediate this rather easily with a fix that Microsoft has issued. Simply visit this site and click the Enable This Fix button. You will be prompted to download a small file which you can save to your desktop or other convenient spot that you can easily find it. Once downloaded double click it to execute and follow the simple instructions. My suggestion is to take the time to do this to prevent any possibilities of getting hit with this vulnerability. The Micosoft Fixit Site:
Adobe has released an official upgrade to its Flash Player. It includes 31 patches. Be sure if prompted to do the upgrade if it is installed on your PC. Also you will have to do this twice if you are using more than one browser. Once for IE and then again for alternative browsers like Firefox, Chrome and Opera.
Here is a link to Adobe's Installation Page
Okay Apple users, wanna comment on this one? It appears that the IPad has been hacked and 114,000 users e-mail and possibly other personal information has been exposed. Nice! Although it does appear that AT&T was also at fault. Apparently the hackers obtained the information from AT&T's website to harvest the data on the IPad users. Huge screw-up and doesn't do much for confidence in either the IPAD, or the AT&T network.
Full Story:
From Adobe:
A critical vulnerability exists in Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris operating systems, and the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and UNIX operating systems. This vulnerability (CVE-2010-1297) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being actively exploited in the wild against both Adobe Flash Player, and Adobe Reader and Acrobat. This advisory will be updated once a schedule has been determined for releasing a fix.
Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x
versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for
Windows, Macintosh and UNIX
Note ...
read more