Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

ALERT – StrawberryNet.Com is revealing the name, addresses and phone numbers associated with a purchaser’s email address without authentication

May 3rd 2017

If you, your family or friends have used that website, please warn them. Here is what happens: Go to the website and put anything into the shopping cart. Click “checkout”. Enter an email address when prompted. If the email address is already in their database the name, address and phone number associated with that email […]

Read On No Comments

Do you have an ASK Toolbar installed? Beware…

November 23rd 2016

Discovery by Red Canary: https://blog.redcanary.com/ask-partner-network-compromise “On 5 November, Red Canary detected suspicious activity associated with Windows applications distributed by the Ask Partner Network (a.k.a. APN, Ask.com, or simply Ask). Upon further inspection, we discovered that Ask’s software was being co-opted by a malicious actor to execute malicious software on victims’ endpoints. “

Read On Comments Off on Do you have an ASK Toolbar installed? Beware…

Urgent call to action: uninstall QuickTime for Windows

April 17th 2016

Cite: http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/  

Read On Comments Off on Urgent call to action: uninstall QuickTime for Windows

Microsoft’s Edge browser to auto pause Flash based advertisements

April 12th 2016

It’s a good step forward in protecting users from malvertizing, but not a panacea. Cite: https://blogs.windows.com/msedgedev/2016/04/07/putting-users-in-control-of-flash/ By the way, have you updated Flash recently on your local computer? Please do so.  You can check the version you have installed here.  

Read On Comments Off on Microsoft’s Edge browser to auto pause Flash based advertisements

Oracle settles with FTC over “deceptive” security updates?

January 5th 2016

https://www.ftc.gov/news-events/press-releases/2015/12/oracle-agrees-settle-ftc-charges-it-deceived-consumers-about-java How were Oracle deceptive? By only removing the most recent vulnerable version of Java from user’s computers, leaving older versions in situ. “In 2011, according to the FTC’s complaint, Oracle was aware of the insufficiency of its update process. Internal documents stated that the “Java update mechanism is not aggressive enough or simply not […]

Read On Comments Off on Oracle settles with FTC over “deceptive” security updates?

Active X blocking delayed until September 9th

August 12th 2014

Details here: http://blogs.msdn.com/b/ie/archive/2014/08/06/internet-explorer-begins-blocking-out-of-date-activex-controls.aspx  

Read On Comments Off on Active X blocking delayed until September 9th


Archives