There are a number of vulnerabilities that are currently unpatched, but have working publicly known exploits for Excel (*2) and Internet Explorer (2 vulnerabilities here as well.) Proof of Concept code has been released for both the Excel and Internet Explorer vulnerabilities. This means, with the code publicly available, it won’t be long before it’s […]
There are several issues fixed by a bundle of updates for OS X (for 10.4 up to 10.4.6). The new release is 10.4.7 There are a number of issues fixed in addition to at least 3 security related problems. Incidents.org has more details. I know many Mac users feel the “aura of invincibility”, but…. keeping […]
Last week I got a notice of this warning…. it seems that scammers are sending out emails claiming to be from the FDIC (Federal Deposit Insurance Corp.) and the email claims that the government will no longer insure your bank deposits unless you validate certain information… Send article as PDF
In the last week there was a well documented writeup of a cross site scripting vulnerability which had allowed a phisher to pose as a paypal login with THE LEGIT PAYPAL SSL CERTIFICATE…. Brian Krebs at the Security Fix has some details on some of the new and interesting ways phishers are trying to exploit […]
There are a few Google related stories of the last few days to catch up. 1)55 Ways to have fun with Google is an e-book available for purchase on Amazon or Lulu.com, but it’s also avaiable as a free pdf download. (And it’s licensed so you can mix it up/etc…) It’s certainly not as deep […]
Yes, it’s another wolf in sheeps clothing. This time around Sunbelt is reporting on “Trust cleaner”. Keep your eyes out for this one, among other things it plants an altered version of the Google page complete with links to dating, gambling, ringtones, pharmacy, home loans and spyware removers…….. (the fake site is at mswindowssearch.com – […]
Hot on the heels of the Microsoft Word patch there’s a new threat to Microsoft Office. This vulnerability is with Excel documents. According to the MS security response center blog, they’ve received one report of a system being attacked by a previously unknown vulnerability in Excel. The moral of the story is to be suspicious […]
Updates for Windows for the month of June are out today and it looks like some list! 12 updates covering 20 or more vulnerabilities. MANY of these are tagged as critical. (Critical vulnerabilities are considered remotely exploited or with little (or no) user interaction.) Sans has a good listing of the advisories. This month it […]
The last couple days, there’s been a virus spreading making use of yahoo mail’s interface. Usually web mail is considered a fairly safe way to get email, but in this case all that was done was the user clicking on a malicious email and the virus ran. It appears that javascript/AJAX/Web 2.0 applications are going […]
Wolves in sheeps clothing are the label I give to those rogue antispyware, or antivirus programs that bring pests instead of protect against them, or are otherwise questionable in their tactics. Titan Shield seems to be a new threat on the block in this area, I haven’t seen it first hand yet, but it looks […]
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Security category.
