Blog

The H-Online: Adobe has updated Shockwave Player on Windows and Mac OS X to version 11.6.4.634 after identifying nine critical vulnerabilities. The problems affect Shockwave Player 11.6.3.633 and all earlier versions on Windows and Mac OS X – Adobe recommend updating to the new release by downloading it from get.adobe.com/shockwave. To identify whether Shockwave Player is installed on a system, users should visit the test page on Adobe’s site. The majority of the problems are in the Shockwave 3D Asset where seven memory corruption vulnerabilities could lead to code execution; these were all reported by Hongnang Ren of FortiGuard Labs. An eighth memory corruption issue and a heap overflow vulnerability, both of which could also lead to code execution, were reported by “instruder” of vulnhunt.com and bring the flaw tally up to nine.

LifeHacker: Chrome 17 is out with a new pre-rendering feature designed to make your pages load faster, and both Firefox and Opera have also released speedy new versions since our last round of speed tests. So, we’ve once again pitted the four most popular web browsers against each other in a battle of startup times, tab loading times, and more, with more surprising results. Continue Reading: http://lifehacker.com/5884941/browser-speed-tests-chrome-17-firefox-10-internet-explorer-9-and-opera-1161 (Hint: As always Chrome is winner, no doubt!)

SophosLabs: A hacker, identified as a 17-year-old based in Morocco, claims to have stolen the personal information of 350,000 users from hardcore porn mavens Brazzers. The point, claims the hacker, was to highlight a security vulnerability on the adult site. According to reports, the teen uploaded a small small of the stolen data to the internet, displaying customer emails, usernames and passwords. Presumably to offer up proof that he was behind the breach. ...

SophosLabs: It’s Valentine’s Day tomorrow and the spammers are out in force to make the most of unwitting shoppers on the international day of love. Looking to buy a present for someone this Valentine’s Day? Ooh look what popped into my inbox, an email inviting me to buy my Valentine an *ahem* “romantic” gift. Valentine’s Day, the 14th February, is the day we celebrate our feelings of affection for our boyfriends, girlfriends, husbands and wives. It is traditional to do this with a special romantic gift. Looking for a Valentine’s Day Gift for him or the perfect token of love for her? Look no further than here! ...

Sorin Mustaca wrote at Avira TechBlog: In case you’ve seen this on Facebook, try to not click on it even if you understand French (it appears to be only in Franch) because it will take you on a road where you don’t want to be. But, we like to live dangerous, so we analyzed this for you. Continue Reading at Avira TechBlog: http://techblog.avira.com/2012/02/13/new-captcha-method-or-just-another-likejacking-scam/en/

The H-Online: Opera has published a development snapshot of version 12 of its web browser that adds support for Mozilla’s “Do Not Track” (DNT) header. Code-named “Wahoo”, the unstable release is the first from Opera to support the DNT header, which signals web sites that the browser user wishes to opt-out of online behavioral tracking; online advertising networks use cookies and other web technologies to recognize internet users and serve them tailored advertising. Support for DNT in Opera 12 is currently disabled by default. Users can enable it in the preferences dialogue by selecting “Preferences > Advanced > Security > Ask websites not to track me”. ...

Mashable: Reddit, known for its freewheeling approach to content management, instituted a new rule over the weekend that banned suggestive or sexual content featuring minors. “We have very few rules here on Reddit; no spamming, no cheating, no personal info, nothing illegal, and no interfering the site’s functions,” read a post on the site’s blog Sunday. “Today we are adding another rule.” The post noted that Reddit has dealt with content that “might be child pornography” by complying with legal guidelines and reporting procedures outlined by the National Center for Missing and Exploited Children. ...

SophosLabs: ComputerWorld today reports that the UK’s Metropolitan Police has warned Windows users of a malware attack that poses as a message from the computer crime-fighting cops themselves. The ransomware attack attempts to lock the computer, and posing as an unofficial notice from a law enforcement agency, claims that the victim’s PC has been determined to have visited illegal websites. Only payment for a fine, claims the message, will restore the computer’s functionality. ...

SophosLabs: Have you seen the news? Maybe your friends have shared it with you. Apparently, Facebook is going to shut down on March 15th, 2012. Mark Zuckerberg has reportedly found running the site just too stressful. Here’s the link that many Facebook users have been sharing with each other. Some worried Facebook users have even been sharing this photograph of a news report about the claimed closure of the world’s most popular social network: ...

The H-Online: Mozilla has released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1 and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients which appeared in version 10. The security advisory says that versions previous to Firefox 10, Thunderbird 10 and SeaMonkey 2.7 are unaffected by the use after free problem. The problem was discovered by Mozilla developers and causes a “potentially exploitable” crash in nsXBLDocumentInfo::ReadPrototypeBindings. Updates are available through Firefox, Thunderbird and SeaMonkey’s automatic update system and can be made to install by bringing up the “About” dialogue for the relevant application and selecting the “Apply Upgrade” button when it appears. Firefox and Thunderbird 10 were released at the end of January. ...