Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Hold off installing MS14-066 / KB 2992611

November 16th 2014

Word is it is breaking stuff, including the ability to access using secure sites using Chrome. Possible fixes if you’re already affected: Open gpedit.msc Go to computer configuration > administrative templates > Network > SSL Configuration Settings > SSL Cipher Suite Order Set it to enabled Reboot The policy populates the Windows registry with the […]

Read On No Comments

Malvertizing is still around…

October 28th 2014

Incident reported on 22 October 2014.  Cite: http://www.proofpoint.com/threatinsight/posts/malware-in-ad-networks-infects-visitors-and-jeopardizes-brands.php “Without having to click on anything, visitors to the impacted websites may be stealthily infected with the CryptoWall 2.0 ransomware. Using Adobe Flash, the malvertisements silently “pull in” malicious exploits from the FlashPack Exploit Kit. The exploits attack a vulnerability in the end-users’ browser and install CryptoWall 2.0 […]

Read On Comments Off

Do you use Chrome? And have a Google account? And use 2 Factor Authentication? You may want a “security key”

October 28th 2014

https://support.google.com/accounts/answer/6103523 “If you use 2-Step Verification, you can choose Security Key as your primary method, instead of having verification codes sent to your phone. With Security Key, there’s no looking at codes and re-typing―you simply insert your Security Key into your computer’s USB port when asked.” Yes, you have to make sure you don’t lose […]

Read On Comments Off

Fake support scammer take-down

October 27th 2014

A New York based tech support scam business made $2,500,000 in the past two-and-a-half years. Is it any wonder those ‘your computer is infected’ phone calls are increasing?  The company in question also purchased deceptive ads online that led consumers to believe they were calling the technical support line for legitimate companies. The defendants are Pairsys, Inc., […]

Read On Comments Off

16th MVP Award received

October 8th 2014

I really didn’t think it would happen this year

Read On Comments Off

More information about the Doubleclick / Zedo malvertizing incidents

October 1st 2014

http://arstechnica.com/security/2014/09/advertising-firms-struggle-to-kill-malvertisements/ Take particular note of the fact that only every 3rd to 100th ad was bad, making it very hard to catch the bad guys in the act. Also, this wasn’t a matter of a failure of due diligence when choosing to allow onto network. According to the report, one of the online tools that Zedo provides […]

Read On Comments Off

Silk Road pirate caught by CAPTCHA

October 1st 2014

Gotta laugh at the irony: captured thanks to CAPTCHA. http://securitywatch.pcmag.com/security/327646-the-dread-pirate-roberts-s-fatal-mistake

Read On Comments Off

Nasty malvertizing via doubleclick

October 1st 2014

Yep, it’s happened again – details here: https://blog.malwarebytes.org/malvertising-2/2014/09/googles-doubleclick-ad-network-abused-once-again-in-malvertising-attacks/ The days where people could say “only visit reputable sites and you’ll be safe” are well and truly gone.

Read On Comments Off

Google hit by malvertizing

September 23rd 2014

Sad to read this; its been a little while since we’ve read about such a big outbreak: http://arstechnica.com/security/2014/09/google-stops-malicious-advertising-campaign-that-could-have-reached-millions/ So, what can you do to protect yourself between the time something like this hits, the ad networks or others identify it, and it gets shut down? Update **all** software on your computer and your operating system, […]

Read On Comments Off

web-sniffer.net is back again… temporarily?

September 1st 2014

Functionality *seems* to be back.  But, the site is still listed for sale, and WHOIS has changed. Registrant is now a “Leonard Quack” of “MenschDanke GmbH”, Berlin.  Previously the Registrant was a Mario Mueller of Lingo4you GbR, Machern. Hosting has changed too, from Sedoparking.com to Namespace4you.com Be warned, things could go south again.  The domain has […]

Read On Comments Off