Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Ransomware… again…

June 28th 2017

Microsoft released patches against the infamous Wannacrypt (SMB) vulnerability for older operating systems going back to Windows XP. Get them from the Microsoft website: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ They later issued warning about “potential nation state activity” and issued additional security patches. Again, get them from the Microsoft website. Those patches can be found at the URL below. […]

Read On No Comments

ALERT – StrawberryNet.Com is revealing the name, addresses and phone numbers associated with a purchaser’s email address without authentication

May 3rd 2017

If you, your family or friends have used that website, please warn them. Here is what happens: Go to the website and put anything into the shopping cart. Click “checkout”. Enter an email address when prompted. If the email address is already in their database the name, address and phone number associated with that email […]

Read On Comments Off on ALERT – StrawberryNet.Com is revealing the name, addresses and phone numbers associated with a purchaser’s email address without authentication

Do you have an ASK Toolbar installed? Beware…

November 23rd 2016

Discovery by Red Canary: https://blog.redcanary.com/ask-partner-network-compromise “On 5 November, Red Canary detected suspicious activity associated with Windows applications distributed by the Ask Partner Network (a.k.a. APN, Ask.com, or simply Ask). Upon further inspection, we discovered that Ask’s software was being co-opted by a malicious actor to execute malicious software on victims’ endpoints. “

Read On Comments Off on Do you have an ASK Toolbar installed? Beware…

Urgent call to action: uninstall QuickTime for Windows

April 17th 2016

Cite: http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/  

Read On Comments Off on Urgent call to action: uninstall QuickTime for Windows

Microsoft’s Edge browser to auto pause Flash based advertisements

April 12th 2016

It’s a good step forward in protecting users from malvertizing, but not a panacea. Cite: https://blogs.windows.com/msedgedev/2016/04/07/putting-users-in-control-of-flash/ By the way, have you updated Flash recently on your local computer? Please do so.  You can check the version you have installed here.  

Read On Comments Off on Microsoft’s Edge browser to auto pause Flash based advertisements

Oracle settles with FTC over “deceptive” security updates?

January 5th 2016

https://www.ftc.gov/news-events/press-releases/2015/12/oracle-agrees-settle-ftc-charges-it-deceived-consumers-about-java How were Oracle deceptive? By only removing the most recent vulnerable version of Java from user’s computers, leaving older versions in situ. “In 2011, according to the FTC’s complaint, Oracle was aware of the insufficiency of its update process. Internal documents stated that the “Java update mechanism is not aggressive enough or simply not […]

Read On Comments Off on Oracle settles with FTC over “deceptive” security updates?

Active X blocking delayed until September 9th

August 12th 2014

Details here: http://blogs.msdn.com/b/ie/archive/2014/08/06/internet-explorer-begins-blocking-out-of-date-activex-controls.aspx  

Read On Comments Off on Active X blocking delayed until September 9th


Archives