If you receive such a message containing an HTML page attached, don’t open it. The email pretends to come from “craigslist – automated message, do not reply <robot@craigslist.org>” and has the subject ”Efax Corporate”. What I find interesting is that the fraudsters didn’t even bother to write JS code to detect if the script runs in […]
We and pretty much the rest of IT world, have written about the Java zero-day exploit, about the fast patch that Oracle release to remove some of the market pressure and also about the fact that such a quick move can only mean that even more bugs were probably introduced, which might lead to other […]
We wrote a couple of times already about spams pretending to come from LinkedIn which advertise online pharmacy websites. There is a new spam campaign which changed a bit the way the messages are presented to the users. Now the emails pretend to come from “LinkedIn Co. Technical Support”, “LinkedIn Co. Administration” and from “LinkedIn Reminders”. […]
We don’t know yet if this is a bad joke intended to discredit Oracle and Java, but the media is buzzing about a possible new undetected exploit in Java. This was started by a post of the security researcher Brian Krebs who observed a thread in a known online crime forum where somebody was selling […]
Facebook has introduced some time ago two-factor authentication for Login. This means that if someone or something tries to login using your account, there will be two steps needed: authentication using username and password (something that you know) and a mobile phone (something that you have). Step 1 Set up the two-step authentication […]
We have written about Java and its regular vulnerabilities, two (here and here) of which were zero-day vulnerabilities. Java is a very strong tool because it is cross platform and if a vulnerability is being found on one platform, it can easily be found on all others. If used used properly, Java can provide an […]
After the huge media impact that followed up the full disclosure of the vulnerability in Java 7 Update 10, many national and international organizations have started to recommend to their readers to uninstall Java (Germany’s BSI, US-Cert). Oracle couldn’t just stand and see how their market share is disappearing and has started over the weekend […]
Unfortunately, it is really the case to say that Java has “yet another zero-day exploit”. The latest version of Java, v7 Update 10 is affected and currently there is no plan for a patch. The vulnerability which is already used in online attacks is a code injection onto a fully patched Windows system running the […]
We introduced the two-factor authentication, or two-step authentication how Dropbox calls it, and why it is necessary. Here is how you do this for Dropbox: Step 1: 1. Go to Settings -> Security 2. Click on “(change)” on the “Two-Step verification” IMPORTANT: There seems to be a bug in the web application of Dropbox because as […]
The year is starting with a lot of pressure for Adobe, Mozilla, Microsoft, NVIDIA and Asterisk which had to push security updates to fix several critical security vulnerabilities. Microsoft has released their monthly patch containing seven bulletins which close 12 security problems rating as Critical and Important. All versions of Windows are affected, including Windows 8 […]
You must be logged in to post a comment.