Comcast to warn of infected machines

This week numerous sources reported on news that Comcast will deliver popups to alert customers with infected machines. I agree with Phil Lin, marketing director at network security firm FireEye Inc as reported in the linked AP story above, if this catches on we’ll soon see this used in social engineered attacks. According to Brian …

Continue reading ‘Comcast to warn of infected machines’ »

CheckFree Attack

Brian Krebs reports on a attack on CheckFree in todays Security Fix blog. It looks like someone used phishing to get credentials for their Network Solutions account. Brian says “This may seem like a logical stretch, and perhaps it is.” I dont know about that. If they just phished the email address in the whois …

Continue reading ‘CheckFree Attack’ »

Adobe Reader Exploit Drops Trojan.Zonebac

As I was driving into work this morning, my blackberry was flooded with Trojan.Zonebac alerts. When I got into work, I could see that a single computer at one of our sites was getting this detection on pretty much every major exe. When I read the Technical writeup of Trojan.Zonebac at Symantec, I found out …

Continue reading ‘Adobe Reader Exploit Drops Trojan.Zonebac’ »

JAVA 1.6 Update 4

SANS blogged about the latest JAVA 1.6 Update 4 release back on January12th. Brian Krebs today wrote a piece in his Washington Post blog Security Fix. I admit it. I have no idea whether or not this update is critical. SANS seemed to say ‘you might want to do this soon.’ Brian said ‘it contains …

Continue reading ‘JAVA 1.6 Update 4’ »

Got Windows 2000 and want to run Quicktime? tough luck

Through reading comments over at Brian Krebs Security Fix, is found out that Quicktime 7.2 is not supported on Windows 2000. Just to verify that for myself, I tried installing on Windows 2000 and found that only XP and Vista are supported. Windows 2000 is slowly riding into the sunset, however Microsoft still supplies security …

Continue reading ‘Got Windows 2000 and want to run Quicktime? tough luck’ »

A whole new kind of bluejack

Johnny Cache has uncovered flaws in bluetooth implementations from Toshiba. Brian Krebs reports in his SecurityFix blog. Apparently its a Toshiba bluetooth driver that is also used by Dell. In a refreshing change from how Apple responded to their wireless driver vulnerability, A Dell spokesperson said SecureWorks shared an exploit with the company that worked …

Continue reading ‘A whole new kind of bluejack’ »

Microsoft Antispyware false positive pooches SAV

Looks like I should blog this since Chris Mosby is linking over here. (thanks for the linkage chris). I posted about it on the myitforum.com antivirus discussion list rather than posting here so I could see what others were seeing. An blog entry by tech reporter Brian Krebs notes that Microsoft Antispyware (MSAS) is (or …

Continue reading ‘Microsoft Antispyware false positive pooches SAV’ »