Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Scammy stuff on Facebook

January 23rd 2014

Yeah, I know…  the sender of the invites to this “event” swears up-n-down that they didn’t like the page, or send me or others an invite, and he can’t find anything in his apps that looks suspicious Here’s the “event”.  Within hours the invite count had reached 784,432. If you’re silly enough to go to […]

Read On No Comments

Did you know you can see all recent signins to your Microsoft account?

January 22nd 2014

This is very useful information:http://sbs.seandaniel.com/2014/01/checking-your-sign-in-history-in.html 

Read On No Comments

Fridge sends spam emails as attack hits smart gadgets

January 17th 2014

Well, I suppose we knew it had to happen sooner or later… “A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets.  The fridge was one of more than 100,000 devices used to take part in the spam campaign. Uncovered by security firm Proofpoint the attack compromised computers, […]

Read On 1 Comment

Drive-by Download Attacks: Examining the Web Server Platforms Attackers Use Most Often

January 8th 2014

The top two – open source Apache and Nginx:http://blogs.technet.com/b/security/archive/2014/01/08/drive-by-download-attacks-examining-the-web-server-platforms-attackers-use-most-often.aspx 

Read On No Comments

Hitman Pro writeup about the Yahoo malvertizing incident

January 8th 2014

It’s an excellent write-up, and worth a read: http://hitmanpro.wordpress.com/2014/01/05/malware-served-via-yahoo-affected-millions/  Lessons for the layman: keep all software on your computer up to date and get rid of Java (you know, the stuff that runs java applets). Run antivirus and keep it up to date (but remember, antivirus is more reactive than proactive and may not catch […]

Read On No Comments

Important information from Google about Chrome support for NPAPI ending

January 8th 2014

Cite: http://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html “Starting in January 2014, Chrome will block webpage-instantiated NPAPI plug-ins by default on the Stable channel. To avoid disruption to users, we will temporarily whitelist the most popular NPAPI plug-ins that are not already blocked for security reasons. These are:  Silverlight (launched by 15% of Chrome users last month) Unity (9.1%) Google Earth (9.1%) Java (8.9%) […]

Read On No Comments

"The psychology of malware warnings"

January 8th 2014

A fascinating read:http://www.lightbluetouchpaper.org/2014/01/03/reading-this-may-harm-your-computer/  Direct link to report:http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2374379   

Read On 1 Comment
Read On No Comments

Ongoing problems at the English language Moscow Times

January 7th 2014

Excellent writeup here: http://blog.malwarebytes.org/exploits-2/2014/01/hard-times-on-the-moscow-times/

Read On No Comments

WA official faces prosecution over software favours: Gifts for contracts exchange uncovered

January 7th 2014

Just wow: http://www.itnews.com.au/News/368869,wa-official-faces-prosecution-over-software-favours.aspx More than $1 million in CA products purchased  

Read On No Comments