Microsoft has issued an advance notification for Patch Tuesday next week. The company said it expects to issue two patches, one for Windows and one for Office. Both are intended to patch vulnerabilities that could allow remote code execution and both are rated “important.” Microsoft Security Bulletin Advance Notification for March 2010 here.
This morning while I was enjoying my coffee I received an event notification for my personal Facebook account. It was for a group called “See Who’s Spying On Your Profile – GET NOTIFIED -”. and “See Everyone Who Views Your Profile”. Immediately, my security hat went on and I started to investigate. At first glace, they are both pyramid schemes. In both, you become a fan, then you have to suggest the page to 50 of your friends to move onto the next stage. From there the tactics diverge slightly. In the first one, you need to take a marketing quiz that asks for all sorts of personal info, and you need to put in your Facebook username and password, so they can “monitor” your profile. AND you have to provide them with your mobile number. Now wait a minute… why would they need my mobile number? ...
As we have commented before when content served up from adservers is compromised, the effects can be far reaching, potentially exposing huge numbers of victims to the malicious code as they innocently browse legitimate sites. The problem is further complicated by the fact that legitimate ad content is often heavily obfuscated, in order to evade ad-blocking technology. During the latter half of this week we have seen a whole batch of compromised adservers injected with malicious JavaScript to silently load malicious content from a remote site. A significant number of popular sites that load ads content from these servers have therefore been affected by this attack. ...
It’s official: Twitter has surpassed 10 billion tweets. While Gigatweet’s counter is down due to over-traffic., you can tell by the actual tweet ID numbers that we have crossed the magical threshold. The milestone shows that Twitter’s still growing at a rapid pace: it broke 1 billion tweets in November 2008 and 5 billion tweets just four months ago. So who was the lucky person that sent out tweet 10 billionth tweet? Tweet #10 billion apparently belongs to a protected user, as API calls won’t allow us to see that specific status update. Via @timdorr, here is Tweet #9,999,999,999 and tweet #10,000,000,001. ...
Barcode and QR code reader applications are now standard fare for smartphones and can be commonly found for free in any of the major app stores. But far less common are comprehensive services that let users make their own QR codes for free. This is why Microsoft’s TagReader, which was released in the Android Market today, is worth checking out. It’s similar to any number of barcode scanners available on the Android platform, except that it is designed to read Microsoft’s unique “Tags.” ...
Charlie Miller, the Pwn2Own contest winner for two years in a row, gives his take on Internet security. Guess what — your Mac OS is no less vulnerable than its Microsoft Windows counterpart. Windows 7 or Snow Leopard, which of these two commercial OS will be harder to hack and why? Windows 7 is slightly more difficult because it has full ASLR (address space layout randomization) and a smaller attack surface (for example, no Java or Flash by default). Windows used to be much harder because it had full ASLR and DEP (data execution prevention). But recently, a talk at Black Hat DC showed how to get around these protections in a browser in Windows. ...
Web-based photo editing suite Picnik announced today that it has been acquired by Google for an unspecified amount that Picnik CEO Jonathan Sposato called a “very, very happy number.” The startup opened in 2005 and was chosen to be Flickr’s default photo editor in 2007 when Yahoo was introducing a host of new features to the popular photo sharing site. Long before Adobe released its Web-based version of Photoshop, Picnik was already going strong. ...
One of the issues malware writers deal with is having their programs load and execute on a victim’s computer. An unwary victim may click on an email attachment and have the malware run once. But in order to continue to be of value to the author, that piece of malware has to arrange for itself to be run after the computer inevitably gets rebooted. There are several well known ways to accomplish this task. The problem here is these methods are well known and security software know where to look. Which brings us to the topic of this blog entry. We recently came across a hacked copy of imm32.dll which is Microsoft’s Input Method Manager library. The authors inserted an extra imported library into the file’s import directory. The extra library name starts with “net” and the imported function name is randomized. ...
The 2010 Winter Olympics were held in Vancouver, Canada, from February 12-28. With more than 82 countries participating and millions across the globe catching day-to-day action, it was sadly quite obvious that we would see spam attacks centered on this event. However, the volume of spam relating to the Winter Olympics is actually very low, which is unlike the Beijing Olympics, when spam campaigns had started way before actual event. In the case of the Winter Olympics, spammers seem to be only now waking up from their slumber. ...
Communications security firm FaceTime of Belmont, Calif., has released the results of a survey (of 1654 people) that strongly indicates we are all using a lot of Web 2.0 applications at work and a third of our IT staffs aren’t aware of it. It was FaceTime’s fifth annual survey. Social media and Web 2.0 apps are being used by virtually all end users (99 percent) to support business processes, but 38 percent of IT professionals surveyed think there is no social networking on their networks. ...