« August 2009 | Main | November 2009 »

Sunday, October 18, 2009

Facebook Hacking

A new applications on Facebook, "City Fire Department," has been compromised by hackers. The application had been modified to deliver an iframe which can bring content from one Web site to another. This iframe tries to exploit vulnerabilities to download a fake antivirus program called Antivirus Pro 2010.

A few of the other hacked or bogus applications are:

  • MyGirlySpace
  • Ferrarifone
  • Mashpro
  • Mynameis
  • Pass-it-on
  • Fillinthe
  • Aquariumlif

Ok, here is the deal - When you find a wonderful new application on Facebook do a quick search on Google or bing to determine if anyone has had any problem with it. You can also wait, yes wait, for a day or two until enough newbies have started using it to provoke any disasters - if all is well after this then you might . . . might try it. Just make sure your Facebook preferences are locked down for maximum security. Or just don't use any of these silly applications until Facebook gets a grip and uses some mechanism to confirm these applications aren't a giant security hole!

Posted by Matthew Carrick at 11:40.55 AM EDT | Permanent Link

| Categories: Best Practices, Security Alerts, Viruses-Trojans-Worms

Firefox Plugs Microsoft Security Hole

If you use Firefox (and you should, imho) you have probably already seen a pop-up alert informing you that it is blocking Microsoft`s .NET Framework Assistant and Windows Presentation Foundation add-ons that were stealthily installed by Microsoft earlier this year.

This hole was supposed to have been fixed earlier by having users edit the Windows registry - but this idea stunk because editing the registry is potentially dangerous. Microsoft later released a simple point and click removal tool - except this left behind the Windows Presentation Foundation plug-in which is what was just killed by Mozilla.

So, the confusion up to now has been addressed by both Mozilla and Microsoft to remove both nasty bits. Whew!

Posted by Matthew Carrick at 10:43.15 AM EDT | Permanent Link

| Categories: Best Practices, Firefox Extensions, Mozilla Firefox, Security Alerts

Friday, October 09, 2009

Adobe Reader Critical Vulnerability

It appears the ever popular Adobe Reader (version 9.1.3 and earlier) has a gaping hole that could allow bad people to take over Windows installs. This problem as popped up before. One way to mitigate (but not eliminate) the threat is to disable Javascript in Adobe reader and/or change your browsers behavior to download .pdf files as opposed to view them. You also might want to try the free alternative called Foxit Reader which has a better record when it comes to security issues. Just sayin' . . .

Posted by Matthew Carrick at 8:37.37 PM EDT | Permanent Link
Edited on: Thursday, October 28, 2010 11:57.49 PM EDT

| Categories: Adobe, Alternative Apps, Privacy Issues, Security Alerts, Viruses-Trojans-Worms
Archives

Archive Index
Categories
Adobe
Adware/Spyware
All Things Mac
Alternative Apps
Best Practices
Bluetooth
Concepts
Eudora Email
Firefox Extensions
Google Chrome
Hardware Innovations
Hardware Recalls
Headlines
Instant Messaging
Internet Explorer
Mac Safari Browser
Mobile
Mozilla Firefox
Mozilla Thunderbird
Online Apps
Openoffice.org
Open Source
Opera
Penelope Email
Physical Security
Privacy Issues
RSS Applications
Security Alerts
Software Tools
Technology
TPDBP
Viruses-Trojans-Worms