Saturday, February 28, 2009

Adobe, Microsoft, Facebook

Well this week has been all about the Adobe Reader/Acrobat 0day vulnerability, but Adobe did release updates to Flash this week. Along with the 0day that Adobe has, word comes out that Microsoft has their own 0day vulnerability that is being seen in only targeted attacks.

Really the best defense against these types of attacks is YOU. You have to decide if you are going to click on either a link that takes you to a document either through e-mail or a web site. Trust no one is my best advice.

Now turning to Facebook. This past week there have been a couple of apps that folks fall for. Both attacks are types of social engineering that try to get you to enter your login credentials. Folks, if you are already logged on to Facebook or whatever other site you are on and you click something that prompts you to login, DON'T DO IT!! Something is wrong with that scenario.

OK, hope you all are having a fabulous weekend and snow sucks. Stay safe and Rock Chalk Jayhawk!!

Friday, February 20, 2009

Adobe Reader and Acrobat Being Exploited

Thursday, the folks at Adobe announced that there was a vulnerability that is currently being exploited in all version 9 and earlier. The security group over at Shadowserver.org has been seeing targeted attacks that exploit this vulnerability that allows an attacker remote code execution. That sucks.

Brian Krebs from SecurityFix blog has a write up that you can read more details. Brian does a fabulous job keeping folks informed of computer security issues. Click here to read his post about the Adobe vulnerability. Adobe has a write up on their site too and you can click here to read that post.

As always you should never click on attachments or links in unsolicited e-mails. Stay safe and have a fabulous weekend.

Saturday, February 14, 2009

More Scareware, Rogue Security Software

The folks over at Silent Noise indicated there is yet another version of the fake anti-virus that has been plaguing folks for many months now. This version isn't being recognized by anti-virus very well at all at this point. It is called AntispyKnight. Click here to read about Silent Noise's write-up on this new.

Great game today by the Kansas University Jayhawks. They beat those nasty KSU Wildcats. Stay safe and have a fabulous rest of the weekend.

Friday, February 13, 2009

Spammers Ready to use Stimulus as Bait

OK folks. I'm not going to bring politics into too much of my blog, but this stimulus bill absolutely sucks. Spending money we don't have. Well beware, spammers are already sending out spam for people to click here to get YOUR STIMULUS CHECK. OMG!!! Don't do it! But you know some will. If you are a reader of mine, just dump this just like you do the other spam that arrives in your e-mail inbox.

Hope all is well with everyone and all of you remember those you love on Valentine's Day. Rock Chalk Jayhawk. Hope we kick some Wildcat tail.

Thursday, February 12, 2009

Heartland Payment Systems Breach Growing

I wrote about the Heartland Payment Systems breach that was announced on January 20, 2009. Financial institutions all across North America have been contacting their customers in the past few weeks informing them that their credit card or debit card has been compromised due to this large breach. I personally know many folks affected where I live in the great Mid-west. They’ve got their letters telling them a new card is on its way.

I believe this breach will surpass the breach that TJMaxx had. Their final total was around 94 million cards that were compromised. This one, I believe, will surpass the 100 million total. There is a site that has been reporting what banks have contacted them stating that they have been affected by this breach. It is far from complete. Click here to see an update from the site bankinfosecurity.com.

Hope you have all had a great week. Friday is just around the corner. Have a fabulous weekend. And of course, Rock Chalk Jayhawk…Let’s kick the Wildcats behind Saturday!!

Sunday, February 8, 2009

CCleaner A Good Tool for Your Toolbox

OK, I have a tool for you to check out if you are a Windows user. The tool is called CCleaner. Click here for additional information. I'm going to give you some things I like about it. First of all, it is a free tool. I recommend you download it use it on a regular scheduled basis.

It combines a system cleaner that cleans your PC of unused temporary files from your PC. On top of that, it also has a great registry cleaner too. The reason you want to run this is that it allows you to keep your Windows system running faster and it also frees up hard drive space. It also has a nice section that helps you clean up all those tasks that happen when your system starts up. Seems like every application that you install with the default setup will always start up at boot time. You don't need to do this and this can slow your PC when your system tray is full of all these started applications.

Hope you all had a great weekend and of course ROCK CHALK JAYHAWK!!

Friday, February 6, 2009

Best Buy West Palm Beach - Breach

Sucks to be a customer of the Best Buy store in West Palm Beach. Sounds like a former employee was skimming credit cards from Best Buy customers. Best Buy has an announcement on their website. They believe that approximately 4,000 people could be affected. The time frame of this breach was in November and December of 2008

Click here for Best Buy's announcement on their website.

Sunday, February 1, 2009

Injection Attacks Continue - Update iwdown

Well the Super Bowl is going to be starting in an hour and I'm ready to check those commercials out. I've watched the number of sites showing up that have been affected by hxxp://iwdown.com/inc/e.js that is hosted in China. A few days ago when I wrote my first post on this injection attack, the Google search results showed roughly 135,000 sites that been affected. Today, it is roughly 430,000. Now realize these numbers aren't exact, but it gives you an idea how things are progressing.

Hope your team wins tonight in the Super Bowl and hope your weekend has been great.

February = Malicious E-cards for Valentine's Day

February is here and with it, love is in the air. As February 14 nears, expect to see some fake e-cards from people you don't know to show up in your inbox. They are already being seen by some security research companies. All you have to do is remember this easy statement. NEVER click on any attachments or links in unsolicited e-mails. Anymore today, you can't even trust e-mail from those you know because if they are hacked, expect everyone in their contact list to get malicious spam e-mails also.

Have a happy Super Bowl Day today. I'm cheering for the Cards. Always hanging with the underdogs. Stay safe.