Let’s see there are a couple more notes to pass along on Sony DRM rootkit news. This story could go on for some time, it’s already had legs for about a week or more and just when things started to wind down a bit, there’s a bit more. First up, the EFF has a writeup […]
Incidents.org is reporting that realplayer has issued a patch in response to two vulnerabilities discovered by eEye. The first involves a skin file which could be loaded through the browser without permission and the second, a specially made .rm file which could allow code execution. Update 11/11 – The security fix has further coverage […]
A bit of good news on the spyware front, the FTC has announced that it’s frozen the assets of a spyware ring. Apparently they spread spyware through a network of sites and blogs that pushed ringtones, lyrics, and pictures. Good to see some progress made against spyware pushers…. Send article as PDF
Unfortunately a LOT of people that have bought Sony-BMG cds (or borrowed, whatever…) are going to have some headaches too. By stock in Tylenol or Aleve or something…. anyway… here’s todays roundup of Sony Rootkit news. Including a virus borrowing the gift of SONY… First up is some “backstory” that reminds us of Sony’s attitudes […]
Two notes on the Windows vulnerability patched day before yesterday. There is a trojan in the wild exploiting it and Symantec’s AV definition to detect such an exploit is a bit too paranoid and flags lot’s of emf files as having an exploit for the same. The workaround is to disable emf files from virus […]
Incidents.org is reporting scanning for phpbb include vulnerabilities through Google. Apparently there is an IRC botnet being “cultivated”. They are scanning for versions of phpBB prior to 2.0.10, the current release is 2.0.18. The new IRC bot scans for vulnerable systems using Google, when successful it announces that “oopz and sirh0t and Aleks g0t pwned […]
Sunbeltblog has a story about the “VideoC” video player… apparently they discovered this when visiting a site. A video starts to play and then abruptly stops and claims that “VideoC” player needs to install to view the clip. VideoC is not REALLY a video player just a clever way to get loads of spyware on […]
That most wonderful day of the month has come when we get an idea of what vulnerabilities we may see exploited…. Seriously, if you run Windows, go to windowsupdate.microsoft.com or ensure you have automatic updates if at all possible. This months most critical update relates to a vulnerability in the way windows renders (draws) images. […]
This reminds me of the emails that used to circulate claiming that Microsoft and Disney were testing a way to trace email and to keep forwarding the message, when it got to 500 people they all supposedly would win a trip to DisneyWorld. I guess people are generally trusting and willing to believe they may […]
There seems to be a new variation on the xml rpc worm spreading about, so patch patch patch. If you have php and vulnerable software on a web facing server, patch. Send article as PDF
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Security category.
