TechBlog

A malicious PDF file has turned up which exploits a new security vulnerability in Adobe Reader and Acrobat – even in the most current version 9.3.4 and 8.2.4, on all supported platforms. There is currently no update available from Adobe which fixes the vulnerability. The company is aware of the problem though. The weakness is a buffer overflow within the CoolType.dll of the Adobe Reader and Acrobat installation. While parsing a PDF document with specially prepared SING (Smart INdependent Glyphlets) fonts it is possible to abuse the vulnerability to execute malware. ...

The Mozilla foundation just released the popular web browser Firefox in version 3.6.9. The new version fixes overall 14 security vulnerabilities of which 10 are rated critical by the developers. Additionally, they added a new feature called “X-FRAME-OPTIONS“-header which shall help mitigating clickjacking attacks as web site owners can ensure with this header that their content isn’t inserted into other sites via frames. The update is available through the automatic update mechanism ( via the “Help” – “Search for updates” menu). ...

A whole bunch of Windows applications is vulnerable to a so-called binary-planting attack which allows for remote code execution. Microsoft released a security advisory about this issue which isn’t easy to fix properly. This issue arises due to the (defined and well documented) behavior of Windows when loading libraries by an application. A .dll to load gets searched in a certain standard path list. This list also includes the current working directory, which is the place a document gets opened from for example. When a file with the name of a DLL which the corresponding application needs to load is placed into the working directory, it will get loaded – this can be a malicious DLL though. ...

If you’re as big as Google, there’s no such thing as a small product launch. So when Google introduced voice calls into its webmail service Gmail, essentially launching a Skype competitor, it was bound to be a popular feature. How popular, exactly? Well, according to a tweet from Google, the users seem to love it, as more than one million calls were placed in the first 24 hours since the feature went live. ...

The following internet advice which may have a subject title such as above could just get you killed. Like any other middle aged, balding, over-weight chap my mother still worries about me. So when her friend sent this to her and many other people, she forwarded it to me first:- Just in case!!! Let’s say it’s 6.15pm and you’re going home (alone of course), after an unusually hard day on the job. ...

Like a lot of seedy stuff, this started with a Twitter post:. The current working version of Mozilla’s Firefox browser is 3.6.8. Version 4 is in beta testing. You get them FREE from Mozilla.. Why would you need a crack (program with its password broken) or a keygen (application that generates a password for a password-protected program) for something that is FREE? Well, there’s a sucker born every minute and the folks at this warez (pirated software) site are betting there are a lot of them using Twitter. ...

File-sharing organization Pirate Bay has been controversial for a long time, like maybe the length of its entire existence. It’s been in the news recently because a number of governments are trying to shut it down. That’s a situation ripe for social engineering. We found this scheme this morning: a number of typo-squatting sites carrying the following. (Note: the REAL Pirate Bay site is thepiratebay.org.) What would lead a victim to this? The phony site piratebay.com (below) comes up as the third result on a Google search for “piratebay” or fourth for “pirate bay.” ...

Microsoft has posted an advisory that explains the “DLL preloading attacks” and offers a work-around tool that “allows customers to disable the loading of libraries from remote network or WebDAV shares. This tool can be configured to disallow insecure loading on a per-application or a global system basis.” When an application loads a .dll file, but doesn’t name a full path name,Windows searches a pre-defined set of directories for it. Exploiting this, an intruder could social engineer a victim into loading a malicious .dll from a USB drive or from a network and execute arbitrary code. ...

One of the most common scenarios we observe on a daily basis are users coaxed into phishing campaigns and malicious applications on Facebook. As we interact with our friends and family on social networks, we tend to trust of any and all of the information that appears to be from our “trusted network.” However, Facebook is one of the most trolled social networks by cyber criminals. They are waiting for you to make a mistake and once you make it, they will be sure to hack you and exploit your friends trust through your newly hacked account. ...

Here’s one of the latest Facebook phish attempts: videos of “beautifull” girls: It might look like the Facebook login page, but, check out the URL. I don’t think you want to log in to Facebook there.