Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Bigpond Phishing Email

June 12th 2018

Yeah, nah.

Read On Comments Off on Bigpond Phishing Email

Fake Westpac email

November 1st 2017

Note the URL:

Read On Comments Off on Fake Westpac email
Read On Comments Off on Fake Amazon themed email.

Yeah… nah.

May 17th 2017
Read On Comments Off on Yeah… nah.

ALERT – StrawberryNet.Com is revealing the name, addresses and phone numbers associated with a purchaser’s email address without authentication

May 3rd 2017

If you, your family or friends have used that website, please warn them. Here is what happens: Go to the website and put anything into the shopping cart. Click “checkout”. Enter an email address when prompted. If the email address is already in their database the name, address and phone number associated with that email […]

Read On Comments Off on ALERT – StrawberryNet.Com is revealing the name, addresses and phone numbers associated with a purchaser’s email address without authentication

Big news re Google and Symantec issued EVs

March 24th 2017

Cite: https://arstechnica.com/security/2017/03/google-takes-symantec-to-the-woodshed-for-mis-issuing-30000-https-certs/ “In a severe rebuke of one of the biggest suppliers of HTTPS credentials, Google Chrome developers announced plans to drastically restrict transport layer security certificates sold by Symantec-owned issuers following the discovery they have issued more than 30,000 certificates. Effective immediately, Chrome plans to stop recognizing the extended validation status of all certificates issued […]

Read On 1 Comment

That moment one “privacy” app interferes with another “privacy” app

January 7th 2017

Ghostery interfering with HTTPS Everywhere.

Read On Comments Off on That moment one “privacy” app interferes with another “privacy” app

New security steps for linked Skype and Microsoft accounts

November 23rd 2016

I received a spam message via Skype today from a person who I normally think of as too sophisticated to do something silly like re-use passwords.  And heard of another person who had also been compromised, but had absolutely no idea how it may have happened. I learned as part of my research into what may […]

Read On Comments Off on New security steps for linked Skype and Microsoft accounts

Google Chrome extensions sold and adware/tracking behavior added without notice

November 8th 2016

This morning I have read about four extensions, all of which have now been removed from the Chrome Store and which should have been automatically disabled if installed to Chrome: “Live HTTP Headers”, “Tab Manager”, “Appspector” and “Give Me CRX”. The common thread is the extensions started injecting code into webpages pointing to “s3.eu-central-1.amazonaws.com/forton/*****.js”.  The goal […]

Read On Comments Off on Google Chrome extensions sold and adware/tracking behavior added without notice

Web of Trust (WOT) scandal

November 7th 2016

Originally reported in Germany (http://www.ndr.de/nachrichten/netzwelt/Nackt-im-Netz-Millionen-Nutzer-ausgespaeht,nacktimnetz100.html) and picked up by PCMag (http://www.pcmag.com/news/349328/web-of-trust-browser-extension-cannot-be-trusted). From the German site (apologies for the translation errors): “In the background, however, the extension also logs and transmits the data for the surfing behavior of the user to a server abroad. A profile is created where the date, time, location, and controlled web […]

Read On 1 Comment


Archives