Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Australian Bureau of Statistics waves a big red flag at a bull (aka hackers)

August 3rd 2016

The 5 yearly Australian Census is collecting the names and addresses of all Australians (nothing unusual there), matching that information to myriad questions in the Census (again, nothing unusual). However, they are now retaining names and addresses to enable the Census to be linked to other national data for up to four years, instead of just 18 […]

Read On No Comments

Information about the AdGholas Malvertising Campaigns

July 29th 2016

Cite: https://www.proofpoint.com/us/threat-insight/post/massive-adgholas-malvertising-campaigns-use-steganography-and-file-whitelisting-to-hide-in-plain-sight The checks that were made to identify infection candidates are especially interesting, going so far as to check for OEM branding.

Read On No Comments

NetGear and Symantec vulnerabilities

July 1st 2016

NetGear Web GUI Password Recovery and Exposure Security Vulnerability: http://kb.netgear.com/app/answers/detail/a_id/30632 “NETGEAR is aware of the security issue that can expose web GUI login passwords while the password recovery feature is disabled. This vulnerability occurs when an attacker can access the internal network or when remote management is enabled on the router.” Norton vulnerability: unclicked links […]

Read On No Comments

Are you being prompted to download a JS (javascript) from areyouahuman.com?

April 23rd 2016

Apparently an areyouadownload.com partner incorrectly implemented a tag, causing the download prompt. Cite: https://twitter.com/areyouahuman/status/723529493202137088 areyouahuman.com is a service that tries to differentiate between bots, and “verified humans” before content, services and ads are presented to a website visitor.

Read On Comments Off on Are you being prompted to download a JS (javascript) from areyouahuman.com?

No more Wepawet or Anubis

April 11th 2016

How unfortunate 🙁

Read On Comments Off on No more Wepawet or Anubis

Warning: malware via Facebook

April 11th 2016

Displayed URL in FB wall posts: IPV6.GOOGLE.COM Displayed picture associated with the URL: the infected victim’s Facebook profile pic Facebook wall post is set to Public. Behavior: The text of the FB wall post is only a lot of friends being tagged.  Sometimes multiple Facebook wall posts appear.  Some people report that clicking on the link on […]

Read On Comments Off on Warning: malware via Facebook

Safe Harbor is now EU-US Privacy Shield

February 3rd 2016

“After months of intensive negotiations, today (February 2) the European Commission and the United States announced agreement on a new framework for transatlantic data flows: the EU-US Privacy Shield. This new framework will protect the rights of Europeans where their data is transferred to the United States and provide a path to legal certainty for […]

Read On Comments Off on Safe Harbor is now EU-US Privacy Shield

Oracle settles with FTC over “deceptive” security updates?

January 5th 2016

https://www.ftc.gov/news-events/press-releases/2015/12/oracle-agrees-settle-ftc-charges-it-deceived-consumers-about-java How were Oracle deceptive? By only removing the most recent vulnerable version of Java from user’s computers, leaving older versions in situ. “In 2011, according to the FTC’s complaint, Oracle was aware of the insufficiency of its update process. Internal documents stated that the “Java update mechanism is not aggressive enough or simply not […]

Read On Comments Off on Oracle settles with FTC over “deceptive” security updates?

Bugged electronic typewriters

October 14th 2015

Sure, it’s from the 1980’s, but gee it’s very interesting: https://www.nsa.gov/about/_files/cryptologic_heritage/center_crypt_history/publications/learning_from_the_enemy_the_gunman_project.pdf

Read On Comments Off on Bugged electronic typewriters

Sophos: Linux machines represented approximately 80% of the 178,635 newly malicious websites discovered during one week.

October 14th 2015

80%.  Really.  And here are the reasons they gave: Linux servers are preferred by budget cloud hosting providers for their low cost (free) and flexibility. These providers do not provide security services and largely cater to amateur web enthusiasts. Linux servers are undefended. Linux administrators and server operators have the perception that Linux is immune […]

Read On Comments Off on Sophos: Linux machines represented approximately 80% of the 178,635 newly malicious websites discovered during one week.