Online Security Guide

Geolocators a Privacy Problem

admin — Tue, 06 Jul 2010 10:25:36 +0000

Although the Foursquare check-in service was only supposed to divulge users’ locations to their friends, it was possible to trace users movements by using scripts to permanently monitor locations.

Source: The H Security

No related posts.

Phishing under the name of Wikipedia

admin — Tue, 06 Jul 2010 10:24:22 +0000

Spammers are currently sending out large numbers of phishing emails entitled “Wikipedia e-mail address confirmation” that are designed to trick people into visiting compromised web pages.

Source: The H Security

CSI:Internet – The image of death

admin — Tue, 06 Jul 2010 10:22:39 +0000

One morning when checking my emails, one subject line really drew my attention: “Air France Flight 447 (crash pictures)”. The email claimed that images on the camera memory stick of a passenger on the crashed plane had been successfully reconstructed and could now be viewed in the attached PowerPoint presentation. When someone is trying that hard, my alarms go off.

Source: The H Security

No related posts.

Google closes vulnerabilities in Chrome 5

admin — Tue, 06 Jul 2010 10:21:11 +0000

Google has released version 5.0.375.99 of Chrome, a security update that addresses four “high” risk vulnerabilities in its WebKit-based browser, and a new Dev channel release that on Windows systems enables the new consolidated menu by default.

Source: The H Security

Adobe’s protection against embedded scripts incomplete

admin — Tue, 06 Jul 2010 10:20:04 +0000

Despite the recent update, the protection against Adobe PDF /launch attacks is incomplete. By enclosing the commands they embed in PDF documents in double quotation marks, attackers can bypass the protection

Source: The H Security

Microsoft installs another Firefox add-on without asking users’ permission

admin — Fri, 18 Jun 2010 10:28:59 +0000

Last year Microsoft caused annoyance with a furtively installed Firefox add-on. With the update for its Search Enhancement Pack the vendor has now slipped unaware Firefox users another add-on

Source: The H Security

Mass website hack aimed at online gamers

admin — Fri, 18 Jun 2010 10:27:24 +0000

Attackers have embedded an exploit for the recent vulnerability in Flash Player in tens of thousands of web sites. The hacked web servers are Microsoft Internet Information Server and ASP.NET-based

Source: The H Security

Facebook worms are spreading freely

admin — Fri, 18 Jun 2010 10:24:57 +0000

Facebook has, for weeks, been plagued by a security flaw which, so far, it has been unable to fix and more and more exploits are coming into circulation. The latest of them promises the 101 hottest women in the world and displays an image of Jessica Alba

Source: The H Security

Comment: Mozilla does it their way

admin — Mon, 07 Jun 2010 10:17:23 +0000

In recent years we have become used to selling our soul for access to useful online services, usually in the form of intimate data. The new Firefox synchronisation platform from Mozilla however, will ensure that the server operators have no access to my data. Source: The H Security

Personally I think it’s great that somebody takes steps against collecting more information.

No related posts.

Click-jacking on Facebook

admin — Mon, 07 Jun 2010 10:12:39 +0000

Several hundred thousand Facebook users are said to have fallen victim to a click-jacking attack by inadvertently clicking on a hidden “Like” button on a specially crafted page

Once the button was clicked, a message (for example “User Noob likes LOL This girl gets OWNED after a POLICE OFFICER reads her STATUS MESSAGE.”) was posted to the user’s news feed, which is visible to other users. Other users clicking on the news feed link in Facebook also landed on the click-jacking page – Sophos compares the way the link spreads to that of a worm and has, therefore, called the attack a click-jacking worm. A similar attack was launched on Twitter in early 2009.

Source: Sophos