US-CERT is reporting that they are aware of another vulnerability in RealPlayer on Windows.
This vulnerability is due to improper handling of the “Console” property in the RealPlayer ActiveX control (rmoc3260.dll). Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.
While US-CERT recommends disabling Active-X and securing your browser, which is […]
As widely reported everywhere and even here on other blogs on Lockergnome.com Apple released Safari 3.1 today but you might have missed out on why you shouldn’t delay installing it. The update corrects several severe vulnerabilities:
These vulnerabilities may allow an attacker to do the following:
Execute arbitrary code
Cause a denial-of-service condition
Bypass authentication
Elevate privileges
Obtain sensitive information
Cause […]
Here’s one for you nuts out there that believe Anti-Virus makers spread viruses to keep themselves in business…
InfoWorld is reporting that Anti-Virus vendor Trend Micro’s web site was hacked and used to infect visitors of the web site with viruses and malware.
The infected Web pages are not obviously malicious, but the attackers have added a […]
Malware watchdog group, StopBadware.org, has labeled RealPlayer as “badware” acording to a report on StopBadware’s website.
We find that RealPlayer 10.5 is badware because it fails to accurately and completely disclose the fact that it installs advertising software on the user’s computer. We additionally find that RealPlayer 11 is badware because it does not disclose […]
Expect to not only receive love emails from your sweetheart but also lots of spam messages sent by the Storm Worm through and after Valentines day.
This new variant of the Storm Worm sends emails with a file attachment or web page link that when opened installs a rootkit and other malware.
The Valentine’s Day […]
Researchers report that a critical vulnerability in AIM could be used to create a massive worm attack.
The flaw was discovered by researchers at Core Security Technologies, which has been working with AOL over the past few weeks to patch the problem. AOL’s servers are now filtering instant messaging traffic to intercept any attacks, but […]
The same researcher that recently discovered a flaw in Quicktime and Firefox alleges to have found a serious vulnerability in Adobe Acrobat and Adobe Reader.
I am closing the season with the following HIGH Risk vulnerability: Adobe Acrobat/Reader PDF documents can be used to compromise your Windows box. Completely!!! Invisibly and unwillingly!!! All it takes is […]
Brian Krebs at the Washington Post is reporting that the web site for the Lawrence Livermore National Labs has been inadvertently hosting malicious content and spam.
The Lawrence Livermore National Labs are responsible for the safety and integrity of the US nuclear arsenal but if the allegations are true they seem to not even be […]
Last week at PodCamp Pittsburgh 2 “bacn” was coined to describe email that you want but don’t want to read right now. This can include social network notices from Twitter, MySpace, Facebook, email newsletters, and more.
‘Bacn’ is an emerging Web 2 term already being widely used. Putting it bluntly, ‘bacn’ is: “Notifications you want. But […]
Version 9.22 of the Opera Web Browser has been released for Windows, Mac, and other operating systems.
The release includes some minor user interface improvements, stability fixes, better support for Silverlight, and multiple important security fixes.
All Opera users are encouraged to upgrade immediately.
If you haven’t given Opera a try in a long time, you should […]
A security research firm is warning that using the Apple iPhone’s Safari web browser to dial phone numbers displayed on web pages by tapping the number allegedly could be exploited by attackers.
The attacks may include:
Redirecting phone calls placed by the user to different phone numbers of the attacker’s choosing
Tracking phone calls placed by the user
Manipulating […]
PC World is reporting that the U.S. is continuing to land behind other nations with the availability of high-speed broadband connections according to a report by the Communications Workers of America.
The report, based on aggregated data from nearly 80,000 broadband users, found that the median real-time download speed in the U.S. is 1.9Mbit/sec., compared with […]
If your computer seems to be posed and fixed on Harry Potter it probably has been infected with the W32/Hairy-A worm. The worm spreads from PC by USB memory drives.
According to the The Sunday Mail you should look out for the following symptoms:
A file called “HarryPotter-TheDeathlyHallows.doc” can be found on infected PCs and once […]
Google announced they’ll be releasing a very different looking version Docs & Spreadsheets tomorrow.
People have really come to rely on Docs & Spreadsheets since we launched last October, and lots of you have offered suggestions for ways we could improve the experience for both new and power users. Tomorrow’s update is a direct response […]
The LA Times is reporting that AT&T will be the first major Internet provider that will develop anti piracy technology to target individuals downloading and sharing music and movies.
It’s probable that AT&T has caved to the movie and record lobbies in order to receive a favorable deals so they can offer movies, TV shows […]
BroadbandReports.com is reporting that many Comcast customers were reporting significant problems with their DNS this weekend and were unable to reach many web sites.
This is at least the second time that Comcast has had significant DNS problems and Comcast customers had to resort to using other ISP’s DNS servers in order to view web pages.
One […]
SANS is warning of a fake Microsoft Security Bulletin that is making the rounds by email.
The email claims to come from Microsoft and includes a link to what is supposed to be a patch for the issue however it is actually a malicious browser add-on (BHO.)
Always remember that you shouldn’t click on links or […]
A known flaw in Microsoft Internet Explorer’s handling of iframes allows the Gozi Trojan to sneak in systems and thanks to new packing messages it can evade detection from some anti-virus and anti-malware programs.
Gozi installs a keylogger and grabs sensitive data including bank account and credit card numbers, user names, passwords and Social Security numbers […]
An update to my last RegisterFly post:
ICANN, the nonprofit corporation that administers the internet domain name system, has been given permission by a court ruling to terminate RegisterFly’s accreditation.
ICANN is immediately inviting statements of interest from accredited registrars to act as a transfer provider, so domain name registrants can gain full access to their domains. […]
The entire June issue of Business 2.0 was accidently deleted and then they found out that the backup server failed to get backups of everything. Oops! It’s not enough to just be backing up, you need to actually check that the backups are working.
Luckily, Business 2.0’s lawyers had email copies of all the article’s text […]
#!/usr/bin/geek Recent Posts usrbingeek on Twitter... What I'm doing: