Jun 26
Thursday, June 26th, 2008
Adobe has issued a security update for its Adobe Acrobat and free Adobe Reader applications. The patch plugs a critical flaw that Adobe said attackers could leverage to take control of a vulnerable system. The latest update, available here for both Microsoft Windows and Mac OS X systems, applies to the most recent versions of Acrobat and Reader (v. 8.1.2). It also plugs the vulnerability in the following Adobe products: -Adobe Reader 7.0.9 and earlier -Adobe Acrobat Professional, 3D and Standard 8.0 through 8.1.2 -Adobe Acrobat Professional, 3D and Standard 7.0.9 and earlier If you have any of these products installed, take a moment now to update them. As the SANS Internet Storm Center rightly notes, malicious software writers have traditionally been quick to incorporate critical Adobe vulnerabilities into their creations, so it’s probably best not to let any grass grow under your feet on this one.
Read more…
Posted in News, Security, Virus, Spam, Spyware | No Comments »
Jun 20
Friday, June 20th, 2008
One of my sources, the other day, tipped me off that Citibank was in the process of replacing most of its automated teller machines (ATMs), but the source couldn’t definitively say why. Citibank told ATM & Debit News that it was replacing some 2,000 proprietary ATMs in “a bid to improve customer service.” But a story today by Wired.com reporter Kevin Poulsen suggests that the financial giant is responding to a computer intrusion into a Citibank server that processes ATM withdrawals, an incident that appears to have led to an ATM crime spree. From the story at Wired.com’s Threat Level Blog: “Citibank denied to Wired.com’s Threat Level that its systems were hacked. But the bank’s representatives warned the FBI on February 1 that “a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached,” according to a sworn affidavit (.pdf) by FBI cyber-crime agent Albert Murray. […]
Read more…
Posted in News, Security, Spyware | No Comments »
Jun 20
Friday, June 20th, 2008
Apple today pushed out a new version of its Safari browser for Microsoft Windows users. The latest iteration plugs at least four security holes, including one that allowed automatic downloading of files to the Windows desktop. In some cases, these files could be started without the user’s knowledge. Safari version 3.1.2 corrects a flaw, which allows any rogue Web site to “carpet bomb” the user’s Windows Desktop. At the time this vulnerability was first detailed, many people down played its severity. But in a recent, exclusive interview with Security Fix last week, researcher Liu Die Yu demonstrated how he could force his proof-of-concept malicious code to automatically run on a Windows machine, just by convincing a Safari for Windows user to click on a link. Apple says it fixed the problem by changing two behaviors in Safari: First, the new version no longer saves downloaded files to the Windows desktop.
Read more…
Posted in News, Security, Spyware | No Comments »
Jun 19
Thursday, June 19th, 2008
Playing with Olympic fire
Supected botnet operators are using false reports that a fictitious earthquake near Beijing could disrupt the Olympic games to spread malware.…
Read more…
Posted in News, Security, Spyware | No Comments »
Jun 18
Wednesday, June 18th, 2008
No skills required to create malware
Miscreants have created a point-and-click toolkit designed to make it easier to both create and distribute Trojans.…
Read more…
Posted in News, Security, Spam, Spyware | No Comments »
