Email is still the most common method used for security update notifications from all major vendors, but it is also the most commonly used trigger for launching the chain of infection attacks by malware writers. When I came to work today I found in my Inbox a message from Microsoft with the Security Bulletin Advance…
This is a new one: bribeware. They’ll pay you a dollar to install their product. Nice idea, but unfortunately in this case it comes bundled with malware. We detect it as C4DLMedia, a group of installers that include adware and agents that change browser home pages. It’s considered a “moderate” risk. I wonder if Microsoft…
According to the 2002 Census of the Population, 42% of the population of Ireland has the ability to speak Irish. Irish has also had official and working language status at the EU level since January 1, 2007. Recently, some examples of spam messages in Irish—the official language of the Republic of Ireland—have been observed. While…
It has come to our attention recently that a website is giving out instructions on how to use a low tech social engineering trick to view private Facebook profiles. To view the instructions, a third-party application must be first downloaded and installed. While this application is not malware, it may impact computer performance. The instructions…
We recently alerted our readers to spam campaigns using the H1N1 vaccination program to prompt recipients to open the mail. And we have frequently mentioned that crooks love to take advantage of news, disasters, and other events. Now that the final draw for the FIFA World Cup in South Africa next year has taken place,…
It’s the second Tuesday of the month and there are important updates being released. From Microsoft, of course, but also from Adobe. There’s a critical security issue in Adobe Flash Player 10.0.32.18 and earlier. It’s important that organizations deploy these updates before the Christmas holiday reduces IT staffing. Fortunately, this patch cycle is as early…
Sunbelt analyst Adam Thomas came across this ugly new social engineering technique when he analyzed the DefenceLab rogue security product. It does the usual scare-ware stuff: a fake scan and fake “Windows Security Center” alert: Then it directs the potential victim to a Microsoft Support page, but injects html code into the page in his…
Matisyahu (born Matthew Paul Miller, June 30, 1979) is an American reggae musician. Known for blending traditional Jewish themes with Reggae, rock and hip hop sounds, Matisyahu is most recognizable for his single “King Without a Crown”, which was a surprise Top 40 hit, and for being an orthodox Jew. Since 2004, he has released…
It’s not possible to emphasise enough the importance of using sensible passwords on your network. Not just on the areas of your network that you don’t want your users to traipse through, but also on the default network shares that are present on installations of commonly used operating systems like Windows NT/2000/XP/2003. One of the…
Treat your passwords with as much care as you treat the information that they protect. Use strong passwords to log on to your computer and to any site where you enter your credit card number, or any financial or personal information—including social networking sites. Never provide your password over e-mail or in response to an…