This basic Internet scams primer appeared on The Next Web today. It goes over four (five if you include the Nigerian Prince scam) methods scammers use to trick their victims, concentrating on email as the vector of choice to reach their marks. Focusing on email makes sense; many, if not most, malware infections come from email […]
The Ethiopian Red Cross’ web site appears to have been compromised and is being used in a phishing attack targeting Google login credentials. Sophos’ Naked Security reports that they received an email directing the reader to click on a link taking them to a fake Google Docs login page, designed to harvest usernames and passwords. […]
Microsoft Office 2013 pricing has been announced, the first to include a monthly subscription option. Microsoft’s licensing and pricing, especially for “Enterprise” software products, can be Byzantine, so it comes as little surprise that the first version of Office to have both boxed and Software-as-a-Service options will be available in no less than nine distinct […]
Kaspersky has recently released a detailed description of the “Red October” attack, an espionage operation involving the infection of hundreds of computers targeting government networks, embassies, and scientific organizations. The victims have mostly been in Eastern Europe, according to Securelist, but computers around the world have been infected, including some in the United States. The […]
Oracle has released a Java patch to address the major vulnerability reported a few days ago. Everyone is strongly recommended to install the update. Sophos’ Naked Security blog offers this article that includes information about the vulnerability and the patch. Oracle’s page for the the patch, Java 7 Update 11, includes technical details of the […]
Blackberry users in the UK and Ireland experienced an outage that lasted through the morning on Friday, in another blow to RIM’s reputation. The Independent reports that the service was back up by lunchtime, but any outage is bad news for RIM’s already shaky reputation. A number of system problems over recent years have weakened […]
A new 0-day Java vulnerability has been discovered that is already being used in malware distribution kits “in the wild.” No update to fix the problem is yet available. Naked Security has provided an overview of the vulnerability along with links to instructions on how to disable the Java extensions in all major browsers until […]
For a short period on Monday, Adobe Creative Suite 2 (CS2) was made available for free download without any activation requirement. As this Ars Technica post points out, it was a nearly brilliant move that turned out to have been done by mistake. When Adobe shut down the activation servers for Creative Suite 2, there […]
Microsoft has announced that it will be discontinuing its Windows Live Messenger on March 15th, 2013. All users aside from those in mainland China will be required to switch to Skype, which Microsoft acquired in 2011. As this OnSoftware blog post notes, this is an unusually bold action for Microsoft, which normally puts great effort […]
A significant Yahoo Mail vulnerability has been discovered that has reportedly already resulted in a number of compromised accounts. The attack was first demonstrated by a hacker named Shahin Ramezany, who now claims that Yahoo’s initial fix is easy to work around. The last link even includes a video explaining how the cross-site-scripting (XSS) vulnerability works. […]
