Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"
Syndication feeds available

Naughty Adobe!!!

January 12th 2017 in Google Chrome

Not only is it impossible for the typical user to disable or change the software update settings for Adobe Acrobat Reader DC, the most recent SILENT update of Adobe Acrobat Reader DC also installed an Adobe Acrobat extension to Google Chrome without notice or consent. To add insult the injury, the extension’s option to “Allow […]

Read On No Comments

That moment one “privacy” app interferes with another “privacy” app

January 7th 2017

Ghostery interfering with HTTPS Everywhere.

Read On No Comments

Do you have an ASK Toolbar installed? Beware…

November 23rd 2016

Discovery by Red Canary: https://blog.redcanary.com/ask-partner-network-compromise “On 5 November, Red Canary detected suspicious activity associated with Windows applications distributed by the Ask Partner Network (a.k.a. APN, Ask.com, or simply Ask). Upon further inspection, we discovered that Ask’s software was being co-opted by a malicious actor to execute malicious software on victims’ endpoints. “

Read On Comments Off on Do you have an ASK Toolbar installed? Beware…

New security steps for linked Skype and Microsoft accounts

November 23rd 2016

I received a spam message via Skype today from a person who I normally think of as too sophisticated to do something silly like re-use passwords.  And heard of another person who had also been compromised, but had absolutely no idea how it may have happened. I learned as part of my research into what may […]

Read On Comments Off on New security steps for linked Skype and Microsoft accounts

Kryptowire discovers mobile phone firmware that transmitted personally identifiable information without user consent or disclosure

November 16th 2016

The Kryptowire article can be seen here: http://www.kryptowire.com/adups_security_analysis.html Adups response can be found here: http://www.adups.com/article/show_article.php?id=162

Read On Comments Off on Kryptowire discovers mobile phone firmware that transmitted personally identifiable information without user consent or disclosure

Microsoft’s new Security Updates Guide

November 9th 2016

Microsoft have released a preview of their new single destination for security vulnerability information, the Security Updates Guide. Instead of publishing bulletins to describe related vulnerabilities, the new portal lets you view and search security vulnerability information in a single online database. I quite like the Software Update Summary. Microsoft will continue to publish bulletins while also […]

Read On Comments Off on Microsoft’s new Security Updates Guide

Google Chrome extensions sold and adware/tracking behavior added without notice

November 8th 2016

This morning I have read about four extensions, all of which have now been removed from the Chrome Store and which should have been automatically disabled if installed to Chrome: “Live HTTP Headers”, “Tab Manager”, “Appspector” and “Give Me CRX”. The common thread is the extensions started injecting code into webpages pointing to “s3.eu-central-1.amazonaws.com/forton/*****.js”.  The goal […]

Read On Comments Off on Google Chrome extensions sold and adware/tracking behavior added without notice

Web of Trust (WOT) scandal

November 7th 2016

Originally reported in Germany (http://www.ndr.de/nachrichten/netzwelt/Nackt-im-Netz-Millionen-Nutzer-ausgespaeht,nacktimnetz100.html) and picked up by PCMag (http://www.pcmag.com/news/349328/web-of-trust-browser-extension-cannot-be-trusted). From the German site (apologies for the translation errors): “In the background, however, the extension also logs and transmits the data for the surfing behavior of the user to a server abroad. A profile is created where the date, time, location, and controlled web […]

Read On 1 Comment

Fix for when Windows 7 is stuck at “checking for updates”

September 26th 2016

It works a treat: https://support.microsoft.com/en-us/kb/3172605

Read On Comments Off on Fix for when Windows 7 is stuck at “checking for updates”


Archives