US-CERT is reporting that they are aware of another vulnerability in RealPlayer on Windows.
This vulnerability is due to improper handling of the “Console” property in the RealPlayer ActiveX control (rmoc3260.dll). Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.
While US-CERT recommends disabling Active-X and securing your browser, which is […]
News.com has published a guide to customs-proofing your laptop so that you can breeze through US Customs with your notebook should it get a closer look by US Custom Agents. But is such a guide really needed?
The US Customs have been taking closer looks the data on computers that are being brought through Customs and […]
As widely reported everywhere and even here on other blogs on Lockergnome.com Apple released Safari 3.1 today but you might have missed out on why you shouldn’t delay installing it. The update corrects several severe vulnerabilities:
These vulnerabilities may allow an attacker to do the following:
Execute arbitrary code
Cause a denial-of-service condition
Bypass authentication
Elevate privileges
Obtain sensitive information
Cause […]
Here’s one for you nuts out there that believe Anti-Virus makers spread viruses to keep themselves in business…
InfoWorld is reporting that Anti-Virus vendor Trend Micro’s web site was hacked and used to infect visitors of the web site with viruses and malware.
The infected Web pages are not obviously malicious, but the attackers have added a […]
Malware watchdog group, StopBadware.org, has labeled RealPlayer as “badware” acording to a report on StopBadware’s website.
We find that RealPlayer 10.5 is badware because it fails to accurately and completely disclose the fact that it installs advertising software on the user’s computer. We additionally find that RealPlayer 11 is badware because it does not disclose […]
Expect to not only receive love emails from your sweetheart but also lots of spam messages sent by the Storm Worm through and after Valentines day.
This new variant of the Storm Worm sends emails with a file attachment or web page link that when opened installs a rootkit and other malware.
The Valentine’s Day […]
Skype has posted on their blog about a vulnerability in all versions of Skype for Windows prior to 3.6.x.216. A fix for this vulnerability was released on November 15 however they, “failed to bring the case to the public’s attention.”
The flaw exists within the skype4com URI handler component of Skype. An exploitable memory corruption may […]
Researchers report that a critical vulnerability in AIM could be used to create a massive worm attack.
The flaw was discovered by researchers at Core Security Technologies, which has been working with AOL over the past few weeks to patch the problem. AOL’s servers are now filtering instant messaging traffic to intercept any attacks, but […]
The same researcher that recently discovered a flaw in Quicktime and Firefox alleges to have found a serious vulnerability in Adobe Acrobat and Adobe Reader.
I am closing the season with the following HIGH Risk vulnerability: Adobe Acrobat/Reader PDF documents can be used to compromise your Windows box. Completely!!! Invisibly and unwillingly!!! All it takes is […]
Brian Krebs at the Washington Post is reporting that the web site for the Lawrence Livermore National Labs has been inadvertently hosting malicious content and spam.
The Lawrence Livermore National Labs are responsible for the safety and integrity of the US nuclear arsenal but if the allegations are true they seem to not even be […]
An article posted at TechSport.com alleges that a Yahoo! company, Right Media, accidentally served ads that contained trojan viruses on MySpace and PhotoBucket, among other Web sites.
The banner ads, which were brokered by Right Media, were served an estimated 12 million times over a three-week period starting in early August, according to ScanSafe, a managed […]
US-CERT is warning it’s aware of publicly available exploit code that can allow a remote attack that runs commands on computers with Firefox and QuickTime installed if you navigate to a malicious web page.
If you use Firefox and also have QuickTime installed, you can help mitigate this attack by only going to Web sites you […]
A new worm is targeting Skype users on Windows. The worm uses Skype’s chat function to send a message to other users that contains a link that appears to be a .jpg image file that when opened attempts to download and install a malicious .src file.
If the file is executed the host computer is infected […]
Vnunet reports that SoftScan is predicting a 40% surge in spam mail this September. The increase will supposedly target students returning to school after this summer break.
“It is a pattern we have seen in previous years, but this September looks as if it will be the largest increase yet,” said Diego d’Ambra, chief technology officer […]
McAfee Avert Labs is reporting that it has uncovered a new zero-day exploit in Yahoo! Messenger Webcam. It is advising that Yahoo! Messenger users stop accepting invites from anyone that they don’t know and trust until a patch has been released.
The bug consists of a “classic heap overflow” that may be triggered when a […]
InfoWorld is reporting a new worm that spreads via removable flash drives deletes MP3 files on infected machines.
Security companies say the worm is only low risk, although its unusual payload could give a nasty surprise to an ardent music fan. The motivation of the hackers who created it are unclear.
“The authors of this worm are […]
US-CERT is warning that a recent surge of phishing email messages are claiming to be from the United States National Medical Association.
The emails contain a link to a malicious web site and if visited can install malicious software and/or collect personal information to be used to perform identity theft. These email messages were not sent […]
Yahoo! Widgets engine versions prior to 4.0.5 for Microsoft Windows have a critical vulnerability.
The vulnerability is reported to be present in an ActiveX control buffer overflow. A malicious web page could trigger it and allow an attacker to execute arbitrary code.
Yahoo! has confirmed an update is available that closes this vulnerability.
[ July 24, 2007 Security […]
The Mozilla Corporation has released version 2.0.0.6 of the Mozilla Firefox web browser.
This update contains mostly security and bug fixes and is a recommended update for all Firefox users.
Firefox is a free, open source, web browser and I highly recommend it over Internet Explorer.
[Mozilla Firefox Mirrors]
Tags: firefox, web browser
If your computer starts talking and making threats it might already be too late for your data.
A new virus being spread over P2P networks, through USB drives, discs, and infected web sites starts talking once it has infected a system.
It uses the Windows Text Reader to say outloud, “You has [sic] been infected. I […]
#!/usr/bin/geek Recent Posts usrbingeek on Twitter... What I'm doing: