TechBlog

The H-Security: Following the release of new versions of its open source Firefox web browser, Thunderbird email client and SeaMonkey suite, Mozilla has detailed the security fixes included in each of the updates. According to the project’s Security Center page for Firefox, version 10.0 closes a total of 8 security holes in the browser, 5 of which are rated as “Critical” by Mozilla. The critical issues include an exploitable crash when processing a malformed embedded XSLT stylesheet, potential memory corruption when decoding Ogg Vorbis files, XPConnect security checks being bypassed by frame scripts, a use after free error in child nodes from nsDOMAttribute and various memory safety hazards. These vulnerabilities could be exploited remotely by an attacker to, for example, execute arbitrary code on a victim’s system. ...

SophosLabs: Facebook’s IPO is the most hyped initial public offering in years, with much speculation about just how many billions of dollars the social networking phenomenon will be valued at. There’s no doubt that 27-year-old Mark Zuckerberg, the founder of Facebook, is going to become a very rich man – and will be able to buy an even larger wardrobe of hoodies. So, congratulations to Zuck and his management team. Although we have often had our concerns about Facebook when it comes to their stand on privacy and security, there’s no doubt that they’ve done something extraordinary in commercial terms. ...

The H-Security: Apple has released Mac OS X 10.7.3 and, for Mac OS X 10.6.8 Snow Leopard users who have yet to upgrade to Lion, Security Update 2012-001; these maintenance and security updates addresses a number of vulnerabilities in the company’s desktop and server operating systems. According to Apple, the updates close more than 50 holes, many of which could be exploited by an attacker to, for example, remotely execute arbitrary code on a victim’s system, gain access to private information or cause a denial-of-service (DoS). ...

Have you seen this in your or your friends wall? or maybe in a page you “Like”? That’s another spam link spreading over Facebook, as I already showed you many more in older posts. Usually these links end up either in a phishing attack that theft your private information or infecting your computer. If your friend or even a stranger is posting these, don’t click on that and also report the post, here is how to do: ...

GFI: You’re probably aware that Megaupload has wandered into what can only be described as a bit of a pickle, assuming said pickle is roughly the size of a Vogon Constructor Fleet. Given that lots of people probably want to take a peek at the FBI Anti-Warning currently pasted across the front of Megaupload.com (or maybe even just see if the site is back online), it’s a fair bet that Ye Olde Typo Fairy will be called into action and some of them will end up going to Megaupload(dot)cm. ...

SophosLabs: Gift card scams are a common sight on Facebook, and this weekend it has been the turn of Amazon.com to be the brand used by cybercriminals as a way of making them cash. One Free Amazon.com Gift Card (limited time only) [LINK] Amazon is currently giving away gift cards to all facebook users. Click here to get one! When you see one of your friends share a link like this with you, the truth is that they have been duped into a scam. Be careful not to make the same mistake as them, or you’ll just be helping put cash into the pockets of the bad guys. ...

Recently I’m seeing more facebook scams which claim to be very hot videos, but they are nothing but scam, here is 2 samples: When you see any of them, hover your mouse over the post, and click on the x button in top right which says “Report/Mark Spam”.

Earlier today we have seen a new Facebook clickjacking scam which spreads quite fast. I KNOW WHEN YOU LOOK AT MY PROFILE USING THIS: http://bit.ly/ NEW! See who views your profile! www..com Do you want to know who is looking at your photos right now? Find out who looks at your profile the most and what they look at! or other variant even more provocative: CLICK HERE TO SEE WHO IS STALKING YOU: http://bit.ly NEW! See who views your profile! www..com Do you want to know who is looking at your photos right now? Find out who looks at your profile the most and what they look at! ...

Drew Houston’s wildly popular service allows people to access the latest version of all their digital stuff on any device no matter where they are. Every day 325 million files are saved on Dropbox. Drew Houston, 28, chief executive and co-founder of Dropbox, last fall pocketed $250 million from seven of Silicon Valley’s top venture capital firms. That eye-popping sum pegged the value of his company at $4 billion and his own net worth — at least on paper — at an estimated $600 million. (Matt Staver, Bloomberg / July 6, 2011) ...

SophosLabs: Have you been told to verify your Hotmail account? Did you receive a message saying that Hotmail’s email servers were congested, and so they were removing all unused accounts? If so, I hope you responded to the email with a roll of the eyes and a quick stab of the delete button. Because if you didn’t, you might have been at risk of having your login credentials stolen. ...