Category: Uncategorized

Microsoft Microsoft has released 12 bulletins for February 2013 with 5 listed as critical (see the note below about MS13-010) and the remaining 7 listed as important.  It's important to note that ALL of the ones listed as critical can allow remote code execution (an attacker can install programs on your computer without your knowledge or permission).  Additional details are available from Microsoft here. MS13-010 is getting it's own special mention here.  If you're running Windows, you're affected.  This vulnerability affects IE6, IE7, IE8, IE9 and IE10 on all supported platforms.  I'll forego the normal warnings about using IE (don't use IE, I just can't help myself) but this vulnerability is reportedly being actively exploited in the wild.   Adobe As of the time of this article, Adobe has released 3 updates affecting Shockwave…

OK, so it's no secret that I'm really not a big fan of Kaspersky (if given the option between Norton / Symantec, McAfee, Trend Micro or Kaspersky, I honestly don't know which one I would choose but I would not like any of my options) and this is really a good example of why.  It appears that a recent update from Kaspersky antivirus took thousands of XP (which is still supported through April of 2014) offline.  The fix was to disable the antivirus and roll back the update.  A fix was available in about 2 hours (which is awesome, I have to give credit where credit is due) but this is something that should have *never* happened if proper QC was being done. Full Story Here

Microsoft The first round of updates for 2013 out of Redmond are mercifully small.  There are a total of 7 bulletins with 2 listed as critical and 5 listed as important.  Both of the critical updates address issues in MS Windows (between the two, all supported versions), Office, Developer tools and server products that can allow an attacker full control of your computer remotely.  Three of the 5 important address Elevation of Privilege vulnerabilities, 1 addresses a security bypass vulnerability and the remaining 1 addresses a DoS (denial of service) vulnerability.  Multiple reboots are required for the updates.  Additional details are available from Microsoft here. One additional note from Microsoft is the recent zero day vulnerability in Internet Explorer acknowledged in KB2794220.  Details on the vulnerability and the workaround were posted last…

Well, my Samsung Galaxy S3 phone was stolen from me on Friday, leaving me with no mobile phone over the weekend.  The good news is that my replacement phone arrived this morning and is good to go.  The better news is that I was able to remote wipe the phone and then report it stolen, so the thief got no use out of it and will not be able to activate it.  The bad news though is that, even though I knew about PreyProject.com, I had not installed it on my Samsung Galaxy S3 and as a result I wasn't able to track it or send the authorities over to the dirt bags house to retrieve my phone and arrange for at least a few nights at the Bartow County…

Cyber Tech Cafe will be closed for Christmas and New Year from 24 December 2012 until 3 January 2013.  Emergency support will be available by on-call technicians at this time.     We wish you and yours a very Merry Christmas and a Happy New Year!

"Security experts are warning webmasters over a series of attacks targeting the WordPress and Joomla publishing platforms." Wordpress is a website CMS (Content Management System) that's wildly popular with the 'pointy clicky' crowd because it requires very little knowledge or understanding of web development to deploy a very pretty site.  The downside to that 'pointy clickiness' though is that the code (that results from the pointing and clicking) is often bloated and requires permissions be somewhat limited on the web server directories.  The end result of the massive amounts of code and [often] poor permissions is that the sites get compromised and used to propagate malware, viruses, etc. More Information Available Here

Microsoft The December Microsoft updates include 5 listed as Critical and 2 listed as Important.  Three of the 5 Critical updates address problems in MS Windows, 2 affecting Windows Server products (primarily, Exchange) and one of those two affects Windows Server and Office.  All 5 of the critical vulnerabilities can allow remote code execution and one of of the Important vulnerabilities can allow remote code execution.  The remaining Important update can allow security feature bypass.  Multiple reboots are required for these updates.  Additional details are available from Microsoft here. Adobe As of this post, I am not aware of any new Adobe vulnerabilities for December (the last that I'm aware of were mid / late November).  Additional details are available from Adobe here. Java Ok, Java.  If you don't need it, remove it.  If…

The virus market is in a constant state of flux as the folks writing the viruses improve their products and the companies combating the viruses react to the improvements.  This dynamic state has made recommending a single antivirus product challenging at times and, along the way, we've changed our recommendations to meet the current challenges.  In the past, we have recommended AVG (for those keeping score, that was pre Ewido AVG), we've recommended ClamAv (we still recommend ClamAV for Linux, btw) and more recently have been quite fond of Microsoft Security Essentials as our 'first tier' products and have recommended ESET / NOD32 as our second tier product.  Recently though, we have seen growing trend in computers protected by Microsoft Security Essentials and often fully patched and updated becoming infected…

We're less than 1 week away from Black Friday, said to be the busiest shopping day of the year for brick-and-mortar shops and right at a week away from Black Monday, the cyber equivalent of Black Friday for online shopping.  These are exciting times for many folks but, for cyber criminals (I don't like to use the term hacker in a derogatory context, hackers aren't bad, cyber criminals are), it's quite literally hunting season.  We're already seeing news about new crimeware toolkits and phishing scams that the bad guys have at the ready (and already deployed) and we're going to try very hard to get the word out everywhere that we can to keep our customers aware and hopefully safe. To get things started, I got an article today about…