A Stopgap Fix for the IE8 Zero-Day Flaw
Microsoft has released an stopgap solution to help Internet Explorer 8 users blunt the threat from attacks against a zero-day flaw in the browser that is actively being exploited in the wild.
Category Archives: Latest Warnings
Zero-Day Exploit Published for IE8
Security experts are warning that a newly discovered vulnerability in Internet Explorer 8 is being actively exploited to break into Microsoft Windows systems. Complicating matters further, computer code that can be used to reliably exploit the flaw is now publicly available online.
Brute Force Attacks Build WordPress Botnet
Security experts are warning that an escalating series of attacks designed to break into poorly-secured WordPress blogs is fueling the growth of a botnet made up of Web servers that could be the precursor to a broad-scale campaign to distribute malicious software and launch debilitating network attacks.
Microsoft: Hold Off Installing MS13-036
Microsoft is urging users to who haven’t installed it yet to hold off on MS13-036, a security update that the company released earlier this week to fix a dangerous security bug in its Windows operating system. The advice comes in response to a spike in complaints from Windows users who found their machines unbootable after applying the update.
Critical Fixes for Windows, Flash & Shockwave
The second Tuesday of the month is upon us, and that means it’s once again time to get your patches on, people (at least for you folks running Windows or Adobe products). Microsoft today pushed out nine patch bundles to plug security holes in Windows and its other products. Separately, Adobe issued updates for its Flash and Shockwave media players that address four distinct security holes in each program.
DHS Warns of ‘TDos’ Extortion Attacks on Public Emergency Networks
As if emergency responders weren’t already overloaded: Increasingly, extortionists are launching debilitating attacks designed to overwhelm the telephone networks of emergency communications centers and personnel, according to a confidential alert jointly issued by the Department of Homeland Security and the FBI.
Privacy 101: Skype Leaks Your Location
The events of the past week reminded me of a privacy topic I’ve been meaning to revisit: That voice-over-IP telephony service Skype constantly exposes your Internet address to the entire world, and that there are now numerous free and commercial tools that can be used to link Skype user account names to numeric Internet addresses.
Oracle Issues Emergency Java Update
Oracle today pushed out the third update in less than a month to fix critical vulnerabilities in its Java software. This patch plugs a dangerous security hole in Java that attackers have been exploiting to break into systems.
Evernote Forces Password Reset for 50M Users
Online note-syncing service Evernote is forcing all of its 50 million users to reset their passwords after detecting suspicious activity on its network.
New Java 0-Day Attack Echoes Bit9 Breach
Once again, attackers are leveraging a previously unknown critical security hole in Java to break into targeted computers. Interestingly, the malware and networks used by the bad guys in this latest attack match those found in the recently disclosed breach at security firm Bit9.
