Q:
I read something about a password exploit in Firefox 2 the other day. Is this true and if it is, what all does it mean?
A:
Yes, unfortunately, it is true. On November 21, 2006, Mozilla announced that there is a flaw in the new Firefox 2′s password manager. The Chapin Information Services (CIS) company is actually who discovered it first. Basically, the exploit consists of a… Continue reading
Let’s Keep You Safe
Have I got a neat trick for you this week! It’s a little program from Microsoft itself that was designed to help users stay safe while they’re online. As I have pointed out before, the most secure way to run any Windows application is under a restricted user format during your normal day to day use. I’ve also suggested that you should bump up… Continue reading
Internet Browser Anti-phishing Protection
The new versions of both Microsoft’s and Mozilla’s Internet browsers have been out for a little while now and while Internet Explorer addressed some much needed issues, Firefox’s new update was less groundbreaking. Both browsers however, did add some anti-phishing functionality, including components that check Web sites for validity before it opens up the Web page for your viewing.
The browser’s anti-phishing tools use slightly different… Continue reading
Net Dog Internet Filter
We all know that we can’t be too cautious on the Web these days. One wrong turn and Junior could get a crash course on the birds and the bees and that’s not the only thing. The Web, in all its grandeur, really has some locations that I can’t believe serve any real purpose, especially for children. Having two children myself, I always have my… Continue reading
Online E-mail Scanner
This week, the security front seemed a little quiet. Now, don’t get me wrong, that’s good. There have been little tremors here and there, but nothing really worth causing hysteria over. So, during the times of peace, we should utilize procedures and services to strengthen our system’s defenses and test them against outside threats. Of course, you always have the day-to-day, or at least weekly, security maintenance… Continue reading
SpamThru Trojan
Everything you know about viruses is about to change, because this week’s security article is about a spamming Trojan that marches to the beat of a different drummer. The SpamThru Trojan, as they are calling the new threat on the block, not only eliminates other malware on your system, but uses P2P technology in order to communicate with its master, among other things.
The… Continue reading
Social Engineering
Last week, I touched on the subject of Social Engineering, as it was brought to my attention in Kasperky’s monthly online scanner as a prevalent and successful avenue of infection for attackers. Social Engineering is basically a method in which some ill purposed entity tries to convince company officials, or simply individuals, to divulge certain information. For example, bank account information, social security numbers, birthdays, etc… Continue reading
October Security Bulletin
Hey, it’s October and I have a ton of security issues to go over with you folks this week. First of all, Kaspersky’s Online Scanner for September 2006 has uncovered the truth behind social engineering and the spread of malware. Of course, I also have a few vulnerabilities and attacks to talk about, so let’s get the show on the road and take a look at October’s… Continue reading
Symantec Threat Report
The security company of Symantec are the creators of the highly popular Norton Antivirus software (among other products) has released their new Security Threat Report for the first half of 2006. The report is an analysis of threats and trends in the area of online attacks, viruses, phishing scams and malware. The report has become a very popular tool for developers and security specialists. There is so… Continue reading
AIM Bots
FaceTime Communications recently discovered a worm that uses America Online Instant Messenger, otherwise known as AIM, to create a network of controlled PCs or also known as a bot network. It’s called the “Pipeline Worm” and it is revolutionary.
Bot networks are networks of PCs controlled by an outside entity. This entity gains control of these PCs by infecting them by using one of several procedures… Continue reading
Find My Credit Card
How long do you think you have had your PC? Two to three years? Maybe longer? Well, in that time, might it be safe to say that you have probably ordered a thing or two online? Maybe you have registered with a Web site or two? The holidays will be upon us before we know it and will anyone in your house be using the PC… Continue reading
Privacy and Cell Phones
Cell phones and PDAs (personal digital assistants) have really become more than simply phones. People rely on them and consequently, they become warehouses of personal data. People use their cellular devices as their personal assistant for storing addresses, contacts, event reminders and even things as business negotiations. The cell phone’s versatility and remarkable capabilities are making people more dependent on them than ever.
With these devices… Continue reading
This Week in Security
There sure was a lot going on in the past couple of days in the world of cyber security. Let’s see, we have a fix for the fix and a new free phishing protection service from a major online player, all while another online giant gets criticized for its client software. So, read on and get the low down on what’s going on this week in… Continue reading
Lost in the Crowd
I don’t know how many of you are familiar with what happened over at AOL during the first week of August, but it was some pretty big news. Apparently, two AOL employees released information on over twenty million private online search records. Although AOL states that the information was stripped of any identifying information, ensuring that none of this information would compromise any of the individual… Continue reading
Patch Day
This week seemed to be the week for the patching of holes. There has been a number of security vulnerabilities discovered as of late, forcing companies like Microsoft and Intel to fix the problems. So, I thought I would take some time this week and inform everyone of some important downloads that could play a major role in keeping you and your system safe.
Microsoft’s Monthly Update
First… Continue reading
Ebay Feedback Scam
I have good news and bad news. The good news is that reports for July by certain security experts claim that e-mail viruses are actually down. The bad news, on the other hand, is that the rise of a whole new genre of scams is coming quickly over the horizon, with the newest meaning to separate Ebay customers from their hard earned money.
The Feedback Scam, as… Continue reading
Hide Files
What’s the best way to keep people out of your personal data? You know, those important documents or incriminating pictures. Well, you can encrypt it, you can burry it in some unsuspecting location on your PC, use dummy folder names, etc. The list goes on and on. Well, with the help of Hide Files by Spydex Inc., you can take your protection to the next level… Continue reading
Phone Phishing
There’s a new type of phishing scam on the horizon. It’s one that mixes the traditional methods, such as sending bogus e-mails, with social engineering techniques. Don’t let it catch you off guard!
As you probably know by now, the term phishing refers to an attempt to gain personal information from end users by spoofing legitimate companies and financial institutions such as PayPal or Ebay. In order to… Continue reading
Worm Attacks Yahoo! Mail
Early Monday, June 12, 2006, it was discovered that the most popular Web based e-mail of Yahoo! was being exploited. The threat is a mass mailing worm that uses a vulnerability within JavaScript to allow itself into unsuspecting PCs. J.S.Yomanner@m is the name given to it by the Symantec corporation, and I could think of a few myself, but my professionalism restrains… Continue reading
Firefox and Thunderbird Critical Updates
On June 1st, Mozilla, the creators of the highly popular Open Source applications, such as Firefox and Thunderbird (alternate Internet browser and e-mail client), released an update. The update addresses several vulnerabilities in both applications with more than five of them getting a “highly critical” rating from two very reputable security companies (Secuna, ZDNet), and the Mozilla corporation itself.
For most… Continue reading
Microsoft Word Vulnerability
Back on May 19th, a vulnerability was discovered in Microsoft Word that allowed a specially crafted Word document to arbitrarily install malware. This vulnerability is a Zero-Day Flaw, meaning there are yet to be any patches or fixes to stop it. To make matters worse, this particular vulnerability was released to the public, as well as, Microsoft, so anyone who whishes to exploit the Word… Continue reading
Yahoo! IM Worm
Whenever you see a title like that, you know there’s a virus goin’ around. This week’s exploit is a self-propagating worm that affects those of us who enjoy Yahoo’s Instant Messenger service.
This worm was discovered in late May by Face Time Security Labs. They were using a “Honey Pot,” which is an industry trick to attempt to ensnare attackers by using an unsecured un-updated PC… Continue reading
GoogleAnon
If you’re like everybody else who uses the Web, I imagine you use Google’s popular search engine to look up information about different topics. Well, just like about any other Web site out there, Google sets cookies on your browser for various reasons, such as remembering preferences.
With Google however, it keeps cookies that track user searches and stores them on its database for possible future needs. Some of… Continue reading
Firefox Update
Do you use Firefox? Well, if you do, you’re sure to be interested in this update. Mozilla recently released a patch update for the Firefox browser, which will fix a security flaw that has been hanging around. What’s the flaw, you ask? It has to do with how Firefox handles JavaScript codes. It mainly deals with the “contentWindow.focus( ) code.
This bug could easily be controlled… Continue reading
SiteAdvisor
If you are serious about securing your system, you are in for a treat today, because I have a free security application that is going to help protect your PC in new, proactive ways. It’s called SiteAdvisor and it’s actually been around since April of 2005 when a group of students from MIT got tired of cleaning all the spyware and spam out of their folks’ PCs on school… Continue reading
Microsoft Re-Engineers April’s Security Update
Well, it seems as though Microsoft isn’t completely out of the woods from the critically rated vulnerabilities that plagued its operating systems late last month. It appears that the remedy for these security holes wasn’t entirely without consequences. There were six scheduled update patches for April, three of which were critical and three that had less severe ratings. Microsoft did come out with the fix… Continue reading
Strider URL Tracer With Typo-Patrol
There are lot of ways online attackers can get information from you. They can attempt to install malware on your computer or they might just send you popups. Anyone who has spent any time on the Web has experienced at least one of these annoyances, if not all of them. Well, as you know, here at WorldStart, we try to arm and inform our readers… Continue reading
