Month: June 2010

On my desktop which is a dual-boot of Vista and 7, I downloaded and installed Adobe Reader v9.33 from ftp://ftp.adobe.com/pub/adobe/reader/win/9.x/9.3.3/misc/AdbeRdrUpd933_all_incr.msp.  No reboot is required after the install.  On the laptop, I decided to try installing v9.33 using Adobe Updater which notified me that an update is available:   I let it patch and there’s no reboot required as well after the install: But here’s the issue, a blog post that says its an incomplete fix or patch (Thanks to fellow CNET mod, Carol) because with the v9.33, an execution can still occur.  Someone (not sure if the comment is his … Continue reading Installed Update v9.33 for Adobe Reader. No Reboot for me but the patch is not complete?

Vuvuzelas and hearing problems are not the only issues that excited football fan can encounter at this year’s Football World Cup in South Africa. One month before the opening match between South Africa and Mexico the bad guys were already busy infecting popular related websites in anticipation of increased traffic. Compared to the same period last year, avast! identified a 200% increase in the number of infected web pages and successfully prevented 200 000 fans from visiting them and getting infected. The attached graph illustrates the dramatic increase in the number of infected websites. So, for the competition’s final stages, … Continue reading World cup threatens more than just your ears;Legitimate websites "outscore" the adult 99:1

In the ongoing debate over whether to use Flash or HTML5, Google has weighed in heavily in favor of using HTML5. The engineers at the Google-owned YouTube, however, still prefer Flash, if a company blog item posted Tuesday from the company is any indication. "While HTML5’s video support enables us to bring most of the content and features of YouTube to computers and other devices that don’t support Flash Player, it does not yet meet all of our needs," said YouTube software engineer John Harding in the post. "Today, Adobe Flash provides the best platform for YouTube’s video distribution requirements." … Continue reading YouTube backs Flash over HTML5 – YouTube engineers still need Adobe Flash

After 12 months of failed attempts to crack the encryption that protects information held on 5 hard drives that belong to a Brazilian banker suspected of money laundering, the FBI has returned the drives to the experts of the Brazilian National Institute of Criminology (INC). The contents of the drives – protected by a combined use of TrueCrypt (free open-source full-disk encryption software) and an unnamed algorithm though to be base on the 256-bit AES standard – are still a mystery. Both the INC and the FBI tried for months to break the encryption by using various dictionary-based brute-force attacks, … Continue reading FBI fails to decrypt suspect’s hard drives – after 12 months of trying‎

OASIS Identity in the Cloud TC will develop profiles of open standards for identity deployment, provisioning and management Last week I had the opportunity to participate in the "Cloudchasers" series of podcasts hosted by noted raconteur Mathew T. Grant. This one included Ajay Sharma, the product marketing manager for identity management at Novell, and myself talking about "Identity and the enterprise cloud." One issue that came up, and which we mostly danced around, was the issue of standards. Now we all know that there are lots of standards in identity (SAML, WS-Federation, OpenID, CardSpace, etc.) but — so far — … Continue reading Group to examine cloud standards

WellPoint Inc. has notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in the latest security breach of the health insurer’s records. The Indianapolis company said the problem stemmed from an online program customers can use to track the progress of their application for coverage. It was fixed in March. Spokeswoman Cynthia Sanders said an outside vendor had upgraded the insurer’s application tracker last October and told the insurer all security measures were back in place. But a California customer discovered that she could call up confidential information of other … Continue reading Security glitch exposes WellPoint data again

Mike Nash wrote today in his blog that he sold Online Armor Firewall to EmsiSoft, the maker of EmsiSoft Anti-Malware which is formerly known as A-squared Anti-Malware.  He also provided some information about the decision of selling the popular software firewall and why he chose EmsiSoft. Read more about it in http://onlinearmorpersonalfirewall.blogspot.com/2010/06/online-armor-sold-to-emsisoft.html To Mike:  Thank you for being part of the security community.  I’m sure you will still be around to.. you know, be informed and to interact to people you’ve met. You’ll be missed for sure if you won’t be around the forums you enjoy visiting! and thanks for … Continue reading Online Armor sold to EmsiSoft

    Oversharing on social networks has led to an overabundance of evidence in divorce cases. The American Academy of Matrimonial Lawyers says 81 percent of its members have used or faced evidence plucked from Facebook, MySpace, Twitter and other social networking sites, including YouTube and LinkedIn, over the last five years. "Oh, I’ve had some fun ones," said Linda Lea Viken, president-elect of the 1,600-member group. "It’s very, very common in my new cases." Facebook is the unrivaled leader for turning virtual reality into real-life divorce drama, Viken said. Sixty-six percent of the lawyers surveyed cited Facebook foibles as … Continue reading Divorce lawyers: Facebook tops in online evidence

With help from Eboc gang The Kraken botnet, believed by many to be the single biggest zombie network until it was dismantled last year, is staging a comeback that has claimed almost 320,000 PCs, a security researcher said. Since April, this son-of-Kraken botnet has infected an estimated 318,058 machines – about half as big as the original Kraken was at its height in the middle of 2008, according to Paul Royal, a research scientist at the Georgia Tech Information Security Center. Like its predecessor, the new botnet is a prodigious generator of spam, with a single machine with average bandwidth … Continue reading Notorious Kraken botnet rises from the ashes

From Sunbelt Blog: Not so long ago, I wrote about something called the Tango Toolbar. While digging around for more information, I actually came across another toolbar called “Tango” which is entirely unrelated (this one is about the dance, not…er…whatever the other one was about) yet also manages to raise some red flags: Turns out it was a file on Download.com [..] It’s been available since 2006. Here’s a VirusTotal report from the 18th of June, with 21/41 vendors flagging it. Here’s an updated report from the 20th, and now 34 vendors are saying “Boom, headshot”. If you want to … Continue reading Save the last dance…for Adware