advice

Adobe posted a vulnerability report warning that vulnerabilities in Adobe Reader and Acrobat XI (11.0.1) and earlier versions are being exploited in the wild. Adobe is currently investigating this issue. According to the FireEye blog posted earlier today, the malicious file arrives as a PDF file. Upon successful exploitation of the vulnerabilities, two malicious DLL files are dropped. Symantec detects the malicious PDF file as Trojan.Pidief and the two dropped DLL files as Trojan Horse....

TheTelegraph: Internet Explorer users might want to consider upgrading or switching to another browser after a massive security hole was discovered in Windows’ native web browser. According to security forum, Rapid7 , Internet Explorer 7, 8 and 9 operating on Windows XP, Vista and Seven contains what is known as a “zero day exploit” which allows attackers to gain access to your personal data while you browse. The forum claimed the exploit would give cyber criminals “the same privileges as the current user”....

TheRegister: In an uncommon break with its thrice-annual security update schedule, Oracle has released a patch for three Java 7 security flaws that have recently been targeted by web-based exploits. “Due to the high severity of these vulnerabilities, Oracle recommends that customers apply this Security Alert as soon as possible,” Eric Maurice, the company’s director of software security assurance, said in a blog post published on Thursday. Maurice said that the vulnerabilities patched only affect Java running in browsers, and not standalone desktop Java applications or Java running on servers....

ZDNet: Security researchers from FireEye, AlienVault, and DeependResearch have intercepted targeted malware attacks utilizing the latest Java zero day exploit. The vulnerability affects Java 7 (1.7) Update 0 to 6. It does not affect Java 6 and below. Based on related reports, researchers were able to reproduce the exploit on Windows 7 SP1 with Java 7 Update 6. There’s also a Metasploit module available. Upon successful exploitation, the campaign drops MD5: 4a55bf1448262bf71707eef7fc168f7d – detected by 28 out of 42 antivirus scanners as Gen:Trojan....

h-online: Syrian activists, journalists and opposition group members are reportedly under attack by malware claiming to be a security tool that will help protect them against hackers. The fake “AntiHacker” tool is being spread through targeted phishing emails and via sites such as Facebook, and claims to provide “Auto-Protect & Auto-Detect & Security & Quick scan and analyzing” functionality. However, according to the Electronic Frontier Foundation (EFF), the fraudulent tool actually installs a program called DarkComet RAT (remote access tool)....

Cross-posted from Surelist The appearance of a new Android malware family is not that surprising at all today. Especially when we talk about SMS Trojans which are one of the most popular and oldest type of threats created for extracting money from users. A new family of SMS Trojans named Vidro appeared a few days ago but we’ve already collected a lot of APK files with very similar functionality. At the moment all the samples we have found target users only from Poland....

ZDNet: Phandroid’s AndroidForums.com has been hacked. The database that powers the site was compromised and more than 1 million user account details were stolen. If you use the forum, make sure to change your password asap. Read the whole story at ZDNet: http://www.zdnet.com/android-forums-hacked-1-million-user-credentials-stolen-7000000817/

Übergizmo wrote: If you use Yahoo! Voice a lot – Yahoo’s VoIP service via its Yahoo! Messenger instant messaging application, then you will definitely need to hear this report. Earlier today, more than 453,000 user accounts from an unidentified service owned by Yahoo were posted on a hacker site. The hackers reportedly said that they infiltrated the subdomain by using a union-based SQL injection. But the group responsible for the security breach added that the data breach was intended to be a wake-up call for Yahoo....

Tomorrow, July 9th, the FBI will shutdown the DNS servers which allow the computers infected with this malware to use the Internet. If you want to make sure you will keep your internet working, act today and check your computer to see if it’s infected by DNS Changer or not, here is a very easy to use tool: Tool available for those affected by the DNS-Changer

The H-Online: There have still been no official statements on the causes and extent of the recent password leaks at LinkedIn, eHarmony and Last.fm. A credible source is now reporting that the published 2.5 million Last.fm MD5 hashes, for example, are just the tip of a 17 million hash iceberg. That iceberg has reportedly been circulating since summer 2011.16.4 million of these – 95 per cent – have, the source claims, already been cracked, a claim which, for unsalted hashes, is entirely credible....