Month: April 2010
-
Anti-virus – is there really any point?
Last weeks epic FAIL by Mcafee brings the entire Microsoft platform into perspective. It’s all broken: Symantec says that it has detected botnet infections on more than 1,100 separate computers spread across multiple subnets within the UK National Health Service (NHS) network Criminals are increasingly attempting to conceal malware embedded in hacked websites from search…
-
Critical FAIL: Mcafee update cripples Windows machines
McAfee pushed out a virus definition update, 5958, today that causes false positive identification of the critical Windows system file svchost.exe. Machines running Windows XP Service Pack 3 using the 5958 definitions will delete the file, causing many key Windows services to fail to start. The Windows file is being mistakenly detected as W32/wecorl.a. Failure…
-
ProPublica and This American Life team up to expose investment bankers and hedge fund managers
A fascinating look into the financial crash in America and world wide: http://www.thisamericanlife.org/sites/all/play_music/play_full.php?play=405 For seven months a team of investigative journalists from ProPublica looked into a story for us, the inside story of one company that made hundreds of millions of dollars for itself while worsening the financial crisis for the rest of us. A…
-
What is Linux? and software confusion …
A recent posting on the Blog of Helios prompted me to write a short and simple definition of Linux that might be useful for current non-users of this operating system. It is however a difficult definition in the context of what people already know. And the fact of the matter is that what the general…
-
Net Neutrality – South Africa
Net Neutrality is currently, and has been for some time, a raging hot topic in the US. The FCC recently took Comcast to court for throttling customers’ bandwidth – and lost. NN basically means allowing data to flow from source to destination without interruption or alteration. But the big ISPs and carriers in America would…
-
Click-jacking 2.0
Click-jacking involves a crafted web site inserting a transparent iFrame underneath the cursor. Believing themselves to be clicking on the displayed web page, users in fact find themselves clicking on control elements (e.g. buttons) on a transparent iFrame from another website. Security expert Paul Stone demonstrated a new generation of click-jacking attacks at the recent…
-
Microsoft’s April Patch Tuesday
As part of its regular update cycle, Microsoft has released five critical, five important and one moderate risk update to fix security holes in Windows, MS Office and Exchange. The most prominent among them is the “F1 hole” in the VBScript engine for which exploits are already available on-line. Microsoft Security Bulletin Summary for April…
-
Adobe Acrobat Reader unpatched hole
According to several reports by anti-virus vendors, criminals have attempted to exploit an unpatched hole in Adobe Reader disclosed about two weeks ago to infect Windows PCs. The relevant malware includes the particularly dangerous ZeuS bot. The specially crafted documents are apparently sent to users as email attachments. The “Launch Actions/Launch File” function in Adobe…
-
Microsoft, patches and Blue Screens
Microsoft had a large Patch Tuesday in February – with an unintended side effect: large amounts of blue screens. This turned out to be due to an interaction between the Alureon rootkit and the patch for KB977165 which updates the Windows kernel. This month’s patches also contain kernel updates, and so have the same incompatibility…
-
Google hacks affect local SA users
So it seems that some South African users have been bitten by the GMail hack bug. Big Whoopy Ding! They’re not honestly using a free on-line email service for anything critical, are they? They are?!?!?! Well serves them right. I’ve written a number of articles on the security of cloud or internet-based services – my…
