Peaches

Jun4-2009 Search Results for Air France Flight 447 Lead to Rogue Antivirus 4:37 am (UTC-7) | by JM Hipolito (Technical Communications) Issues surrounding the crash of Air France Flight 447 have not been fully resolved up to now but, it didn’t need be for cybercriminals; they’re already taking advantage of this tragedy too. Through SEO poisoning, searches for reports related to the plane crash yield links that when opened trigger multiple redirections to various sites, which ultimately lead to download of rogue antivirus software. The URLs are detected as follows: hxxp:// cnnnews2009.{BLO

"Part of the deal" for consumers who buy a Vista PC prior to Oct. 22, Microsoft says. By Paul McDougall InformationWeek June 3, 2009 06:59 AM "A senior Microsoft official said Wednesday that the software maker and its PC manufacturing partners would soon launch a program under which customers who purchase a computer running the Windows Vista operating system will be eligible to upgrade their systems to Windows 7 "as part of the deal" when the latter becomes available on October 22nd. Speaking at the Computex computing expo in Taipei, Steve Guggenheimer, corporate VP for Microsoft's OEM co

did you know that in New zealand they sell wine called "cat pee on gooseberry bush". It says on the bottle a slight armona of cat pee ... they lied cuz it is a very nice white wine. The wine is sold mostly in specialty shops, the proceeds, can't remember if all or partial, I was told, go to animal shelters [for cats] to provide care for them. Kiwi's are very much into cat ownership.

Fake Outlook config scam aims to harvest logins New spin on social engineering also punts scareware By John Leyden , 3rd June 2009 11:19 GMT "Cybercrooks have come up with a new way to trick prospective marks into handing over login credentials or installing fake security (scareware) packages. The first of two similar batches of scam emails doing the rounds claim that users have a new message in Microsoft Outlook - which can supposedly only be seen after users reconfigure their settings. This might sound technically tricky but the dubious emails come complete with a handy link, which serves o

June 2009, 12:20 Tens of thousands of web sites fall victim to a mass hack attack "Websense, a security services provider, says it has observed mass hack attacks in which criminals embed their own JavaScript on web sites. Apparently, visitors to those sites are diverted to a domain bearing a name such as google-analytics.com, where a server attempts to infect their PCs with exploits for Internet Explorer, Firefox and QuickTime. The server is reportedly located in the Ukraine. Websense says the recognition rate for the malware is still relatively low and, up to now, more than twenty thousand l

June 2009, 12:20 Tens of thousands of web sites fall victim to a mass hack attack "Websense, a security services provider, says it has observed mass hack attacks in which criminals embed their own JavaScript on web sites. Apparently, visitors to those sites are diverted to a domain bearing a name such as google-analytics.com, where a server attempts to infect their PCs with exploits for Internet Explorer, Firefox and QuickTime. The server is reportedly located in the Ukraine. Websense says the recognition rate for the malware is still relatively low and, up to now, more than twenty thousand l

3 June 2009, 11:40 Security Updates for strongSwan "The developers of strongSwan, the free IPsec implementation, have released new versions and patches to eliminate two denial of service vulnerabilities in the IKEv2 Charon, key exchange daemon. One vulnerability allows a malformed IKE_SA_INIT request to leave the Charon daemon in an incomplete state, which could lead to a crash if CREATE_CHILD_SA was received later. The other vulnerability could be triggered by a malformed IKE_AUTH request that was missing its traffic selector payload, which would also cause the IKEv2 Charon to crash. In prac

Analysts expect the cloud computing field to grow rapidly over the coming years as companies look to slash costs by outsourcing costly data center operations. By Reuters InformationWeek June 2, 2009 11:58 PM BOSTON - "Tibco Software Inc will sell products to help companies build and run programs on Amazon.com's cloud computing system, a move that may spur adoption of the fledgling technology. Tibco Executive Vice President Ram Menon said in an interview Tuesday that his company will start customer trials of the software at the end of this month and expects to begin selling it by the end

eMusic doubles prices, snares Sony And faces a mighty backlash By Andrew Orlowski , 3rd June 2009 10:44 GMT "Pioneer music service eMusic has finally snagged a major label in Sony - but was it worth it? On the back of the announcement there's a hard kick in the nuts for loyal subscribers: bundles have been cut and prices raised, leaving customers with half or a third of the download power they previously enjoyed. eMusic offers DRM-free independent music with a fixed download allowance per month. The Sony deal brings back catalogue more than two years old from labels such as Columbia and RCA (

we've been had ... oh my!!

which buttons shall I press .. I was just testing 2 new remote controls for women ..

2 June 2009, 16:26 Critical vulnerabilities in ACDSee Photo Managers "The French security services provider VUPEN (Formerly FrSIRT) has reported several vulnerabilities in the photo managers from ACD Systems. Specially crafted TIFF images and Fonts can lead to buffer overflows, causing the affected application to crash and allow for the remote execution of code. For an attack to be successful, a victim has only to open one of the specially crafted files using one of the vulnerable ACD System products. VUPEN has created proof of concept exploits and made them available for testing." Read more

Dump the File Cabinet and Scan Your Important Papers Lincoln Spector "You can't get rid of all your important papers, but with a shredder and a scanner, you can reduce them to a handful. Of course, you have to know what you should keep, what you should scan, what you should shred, and what can safely be tossed into the recycling. You should keep your original of birth and death certificates, passports and other citizenship documents, and your current will. Because of something called the Best Evidence Rule, you should also keep contracts in their original form. Courts will usually accept a cop

Confirmed: Windows 7 Launches October 22 Nick Mediati, PC World It's official: Windows 7 will make its debut on October 22. Microsoft confirmed the late-October launch date with PC World, details of which leaked out earlier today. Windows 7 development should finish up in July, at which time it will be released to manufacturing. The October 22 date will be a full retail rollout, although pricing has yet to be announced. Read more at PCWorld - http://www.pcworld.com/article/165960/conf...october_22.html

Jun2 - 2009 Phishing Attack Targets Microsoft Outlook Users by Sarah Calaunan (Fraud Analyst) Seems like since micro-blogging, social networking, and banking sites are the ones commonly targeted by phishers nowadays, one attack pulled itself away from the trend and went for a more direct approach: email accounts. We’ve recently found a phishing email that informs users to re-configure their Microsoft Outlook through an online procedure. Users are instructed to click on the link to setup, leading them to a phishing website. Read more plus screenshot - TrendMicro - http://blog.trendmicro.com/

2 June 2009, 10:36 Apple patches QuickTime and iTunes vulnerabilities "Apple has released updates to its iTunes and QuickTime applications that fix several critical security vulnerabilities in the popular media players. In addition to reliability and compatibility improvements, QuickTime 7.6.2 addresses 10 security vulnerabilities which could be used to execute arbitrary code. The QuickTime update patches a total of six buffer overflows, a Sorenson 3 video file memory corruption issue, a sign extension problem in image description atoms and an uninitialised memory access issue. Two vulnerabi

Omniformat ImageMagick Integer Overflow Vulnerability Highly critical .. "A vulnerability has been reported in Omniformat, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to the inclusion of vulnerable ImageMagick code. For more information see vulnerability #1 in: SA26926 NOTE: Other vulnerabilities included in SA26926 may also be present. The vulnerability is confirmed in version 1.0. Other versions may also be affected." Secunia advisories - http://secunia.com/advisories/35316/

Reverse 'Uh-Oh' Moments with Undo "Just about every application known to man has an Undo feature--usually in the Edit menu, and almost always a Ctrl-Z-press away. What's more, many programs support multiple levels of undo, meaning you can reverse not only the most recent action, but also the one before that, the one before that, and so on. Need to undo an undo? Some apps offer a "redo" option: Tap Ctrl-Y to un-reverse whatever action you just reversed. Or, if you're more of a menu person, look for Redo in the Edit menu. It won't be far from Undo." PCWorld - http://www.pcworld.com/article/16559

Windows Bug Attracts Hackers Gregg Keizer, Computerworld "For the third time in the last 90 days, Microsoft Corp. has warned that hackers are exploiting an unpatched critical vulnerability in its software. Late Thursday, Microsoft issued a security advisory that said malicious hackers were already using attack code that leveraged a bug in DirectX, a Windows subsystem crucial to games and used when streaming video from Web sites. Hackers are using malicious QuickTime files -- QuickTime is rival Apple Inc.'s default video format -- to hijack PCs, Microsoft said. "The vulnerability could allow r

ID Theft Use of Credit Cards Leaps Erik Larkin "ID theft victims are much more likely to get hit with fraudulent charges on their credit cards or debit cards, according to a new study from the Identity Theft Resource Center that tracks the effects of ID theft. In 2008, 39 percent of victims saw such charges, more than twice the 15 percent from 2007, according to the study. Opening a new credit account in the victim's name is still the most common use of a victim's identity, involving about two-thirds of all ID theft cases. The data is based on the experiences of ID theft victims who contact t

Microsoft Ditches Windows 7 Starter App Limit Nick Mediati, PC World "Windows 7 Starter Edition took some criticism with its three-application limit. Today, however, Microsoft announced on its WIndows Team Blog that it would be removing the three-application limit on Windows 7 Starter, and that Windows 7 Starter will be available worldwide for use on "small notebook PCs," which presumably means it'll be geared toward netbooks. There were some rumblings earlier in the week that Microsoft would remove the three-app limit, but with today's anouncement, Microsoft made it official." read more at PC

Windows Vista SP2: Readers Report Big Increases in Free Disk Space Nick Mediati, PC World "Windows Vista Service Pack 2 went final earlier this week, with numerous fixes and tweaks to improve performance, bolster security, and squash bugs. But some PC World readers are seeing another welcome change to SP2: a lot more free disk space. In comments posted in our forums, several readers reported large increases in free hard disk space after installing Vista SP2. Mind you, I'm not talking about a gigabyte here or there; one reader claimed that installing Vista SP2 freed up a massive 40 GB chunk of

30 May 2009, 13:37 Security update for Xvid The Xvid developers have released version 1.2.2 of their MPEG-4 codec to fix three security-related issues. One of the flaws reportedly prevents a function of the xvidcore library from checking the resync marker range correctly. In its short announcement, Xvid Solutions do not mention whether the flaws can be exploited for injecting code via specially crafted videos. However, the developers highly recommend that users update. The update also offers various minor improvements, for example more precision for RGB-to-YUV colour conversions. The source c

Dell Unveils Entertainment Laptop For Students The Studio 14z is available with an optional 500-GB hard drive, enough to store up to 125,000 songs, 142,000 photos, or 133 DVD-quality movies. By Antone Gonsalves InformationWeek May 29, 2009 05:00 AM "Dell on Thursday introduced a thin laptop aimed at students looking for a mobile entertainment PC that also can handle the more mundane homework assignments The Studio 14z has a 14-inch LED display with a resolution of 720p, which is sufficient for high-definition content. In addition, the system is available with an optional 500-GB hard drive

May 29, 2009 4:44 PM PDT Data backup service leads to recovery of stolen laptop by Elinor Mills "Using a data backup program helps recover lost data but can also help get a stolen laptop back--if you're lucky. A Berkeley, Calif., man recently recovered his stolen laptop after seeing photos the thief took of himself with the built-in camera via his Internet-based data backup program. That's according to a police officer's article in an e-mail newsletter from Berkeley City Councilmember Susan Wengraf that was posted to the Web by open-source advocate Bruce Perens. It all started on May 5, w