Details of a vulnerability in Apple’s Quicktime and iTunes reported at betanews.com. Secunia also has an advisory. It is listed as moderately critical and affects the current version of both quicktime and itunes on Mac or Windows.
Category: Security
-
Network Security guide for the home or small business network – Part 10 – use good passwords
In a small, trusted network you might be able to get away with weak passwords for file sharing for instance. What’s a weak password? Anything you might find in a dictionary. Most people don’t realize this, but there are programs designed to crack passwords. They’re designed to take a dictionary file and run through it trying every combination possible. It might take a while, but this kind of brute force attack can be VERY effective against a weak password.
-
Disinfecting a PC… part 9
Ok – about 22 or 23 critical updates for Windows ME. I’m suspecting it’s never visited the Windows update site. While it’s going I make sure that the adware scanners and antivirus scanner get to pull updates from the web as well. It’s also time to scan for running network services that shouldn’t be running. It may be a dialup machine, but we don’t want UPNP listening over the connection.
-
Antivirus update response times
We know that for Windows systems especially antivirus is a must. Up to date antivirus is the MOST important though. So how do the different vendors do in responsiveness and quick antivirus definition updates…? The SecurityFix has an article on just that today. The comparison is courtesy of av-test.org.
-
Spyaxe Spytrooper spysherriff et al removal
There are so many “wolves in sheeps clothing” or maybe I should say wolves in sheepdogs clothing… Anyway, so many nasty malware’s that pose as protective utilities. Spyaxe, spytrooper, spy sherriff, etc. There is a tool that is specialized towards removing these. Smitrem which is short for smitfraud removal. (After the viral name of one of the first of this class of rogue.)
-
Wow serious VMWare vulnerability HOST system infection
A flaw in vmware could allow malicious code to be run on the host machine according to Sunbeltblog and citing VMWare’s knowledge base. This is pretty big since this is something that’s not considered as a threat. (Many people use vmware and other virtual machines for malware/virus/spyware investigations because they’re supposed to be isolated from the host machine.)
-
The Santa Worm
More coverage is being given to the instant messaging worm that poses as a come on for a Santa Claus related site today. The only thing I think that I left out in last nights post was the name of the bug… IM.GiftCom.All On visiting the advertised site a rootkit is installed on the visiting machine.
-
Network Security guide for the home or small business network – Part 9 – Know your network
Once more into the breech… Ok you’ve taken account of the software and services on your pc. The next thing we need to talk about is knowing your network. Do you have any wireless access points? Not sure? Print servers? How many pcs? Are any of them portables? Public access? Are all of them secured?
-
Disinfecting a PC… part 8
All right, now it’s time to give ad-aware a spin. I like being able to use several spyware scanners to get full coverage and cleaning. Ad-aware and spybot s&d are usually my first two choices. Realize that I’ve already taken a pass at this machine with AVG, BHODemon (for the browser helper objects) and Spybot S&D. Ad-aware finds a total of 700+ items.
-
Lawsuit against 180solutions, eXact, Direct Revenue
Things are going to be interesting. A lawsuit has been filed against the three listed above, everyone’s favorites…. 180solutions, Direct Revenue, and eXact Advertising. This is coming from the Sunbelt Blog who received a tip. The suit has been filed in California, the defendants want to move the suit to Federal Court.