A new patch by Adobe Systems fixes the two Flash player vulnerabilities currently under attack. The attacks install malware and targets both Macs and PCs. The targets all seem to be Flash versions for OS X and Windows. The patch, however, is also available for Linux and Android.
The exploits target Safari as well as Firefox, of which the vulnerability is classified as CVE-2013-0634. The vulnerability is also reportedly tricking Windows users into opening Word documents containing the Flash content.
The bug, according to Adobe, was discovered by members of the Shadowserver Foundation, Lockheed Martin's Computer Incident Response Team and MITRE.
Apple just released a security update for Mountain Lion Developer Preview 4 that adds in some new tactics for OS X to keep you safe. First, it'll check for security updates from Apple each day, and gives you the option of having the updates installed automatically or after you restart your Mac. Mountain Lion launches next month on the Mac App Store.
Sohaib Athar, the man who accidentally livetweeted the raid on Osama bin Laden has been hacked, he confirmed via Twitter.
Athar, who goes by the Twitter handle @ReallyVirtual, said early this morning that his blog, which was linked via his Twitter page, had been infected with malware. Websense, for its part, said in a blog post that the poorly detected malware used a "blackhole exploit kit" to serve the malware. Not surprisingly, Websense said that its customers were protected.
"Anyone going to this page would also load content from the malicious URL above, and the Blackhole Exploit Kit would then try to use several exploits to automatically install malware on the PC," the firm wrote. "The malware that the drive-by-download attempts to install is a fake system tool named 'WindowsRecovery' that claims to have found problems on the victim's computer."
The malware then would have hidden all the files and folders in the user's hard drive and desktop - then offer to restore them for a price, which a Websense graphic indicated was $79.50.
It wasn't clear from Athar's account whether he had successfully removed the malware from his blog or taken it down.
Morro is finally available in beta, limited to users in the United States, Brazil, and Israel. The free security tool replaces Windows Live OneCare, which was a paid service. Available for 32- and 64-bit installations of Windows XP/Vista/7, it supplies you with protection against viruses, malware and others baddies on the Internet. Microsoft is hoping to target those who let their yearly software subscriptions expire, those who don’t buy it and users that never turned theirs on.
Read More | PC World
With Conficker and other evils running amok of late, Trend Micro has developed what it calls the first safe app for browsing on the iPhone and touch. Smart Surfing uses advanced “in the cloud” Web Reputation technology to block access of viruses, worms and other malware. When you use the application and come across an unfavorable URL, Smart Surfing will notify you visually. The application is free and available at the iTunes App Store.
Read More | Trend Micro
So did you wake up and wonder if your computer had been infected? It seems that Conficker did most of its damage in Asia, and was found to be modifying itself to make it more difficult to eradicate. While the threat is still not over, the best thing to come out of the virus is that security has been beefed up to try to find it. Symantic’s Vincent Weafer said that they believe that it was designed to make money. Maybe it can find Madoff’s missing millions.
Read More | BBC
Use your computer skills and earn enough to retire. Microsoft is offering $250,000 to find the person behind the Downadup/Conficker virus. Released in October, millions of Windows computers have been affected. The Conficker worm can infect computers or hide in USB flash drives. Downadup, as we previously told you to watch out for, can turn your PC into a botnet. The reward has been offered because the company views the virus as a criminal attack, so go out there and catch the bad guys.
Read More | BBC
Another virus has reared its
ugly head, this time in the guise of puppies for Valentine’s Day. Known as the Valentine Devkit, click on it and you will see the pooches and but also download lloveexe.exe, start.exe.or something similar. Be very careful if you decide to create an e-card for the holiday as there are those above as well as fake Hallmark cards that will infect your computer with malware.
Read More | McAfee Avert Labs
Even Google can screw up. If you noticed yesterday that when you hit a search you got the error screen “may harm your computer,” you weren’t the only one. The period only lasted about 40 minutes but we guess that was long enough to freak a few Googlers out. Their engine works with stopbadware.org that helps find malicious software then sends a list to them. After updating Saturday, Google accidentally flagged all of their sites. The company attributed the problem to “human error.”
Read More | BBC
Read More | Information Week