Posted by chris on Wednesday, July 15, 2009 – 6:06 PM
Looks like there is another ActiveX vulnerability. If you are unfamiliar with ActiveX, basically, a web page can do stuff like read and write files when you use Internet Explorer and allow ActiveX options. This nice for the Microsoft Update site to see which files it needs to update, but that’s about it in my opinion. Sure, there is a pop-up that asks you if you want to allow a website to use ActiveX but history shows that too many people allow ActiveX when the shouldn’t. There is an unbelievable amount of attacks that use ActiveX. That’s one of the main reasons I use Firefox instead of Internet Explorer, it doesn’t have ActiveX so you don’t have to worry. Google’s Chrome is another web browsers that doesn’t have ActiveX.
Our friends over at the Internet Storm Center are keeping an active eye on this new vulnerability. You can read all about it and follow their updates here. So do your Microsoft Updates, several just came out, and if you really want to be safe, stop using Internet Explorer or use it as little as possible and switch to Firefox, Chrome or even Opera. Stay Safe.
Posted by chris on Tuesday, March 31, 2009 – 12:35 PM
Filed under blog support, botnets, conficker, cybercrime, fix, free software, patch, security, software, spam, video games, virus, Windows
Tagged as conficker, security, virus
With all the media hype about conficker, I thought you might like a good collection of trustworthy resources. Beware of websites that have recently registered as “conficker help.” In fact, just avoid them all together. There’s also reports of malicious software masquerading as detection and cleaning tools for Conficker-infected computers, as well as spam offering the same.
There’s no need to try and figure out what’s safe or real and what has more sinister plans in mind. The good folks at dshield.org have been keeping an updated list of third party information on conficker. Here you can find plenty of free conficker detection and removal tools, general information and the microsoft patch. That should help keep you updated, safe and informed.
I’ve also found out about one other real neat way of detecting it, but it’s for more advanced users, so I’m going to make a seperate post about it.
Posted by chris on Tuesday, March 31, 2009 – 10:39 AM
I’m going to post some helpful info about conficker in a bit. I’m at work right now and can’t. Will do it at lunch… Some real good and timely resources. Be sure to check back
Posted by chris on Monday, March 30, 2009 – 12:45 PM
An interesting post today, on the Internet Storm Center, reminds us to look over our router logs. Also, disable remote administration of the router, unless it’s absolutely necessary.
You can see what happens when someone guesses an easy password and gets into a router, and the lsessons learned, here.
Posted by chris on Tuesday, December 30, 2008 – 1:52 PM
You may have noticed when you go to certain websites, you’ll get a signed certificate that is supposed to prove that you are at that actual website. I say supposed to because there was demonstration at the Chaos Computer Congress on how to spoof (fake) a MD5 certificate of authentication. There are a couple kinds of certificates and it appears that only the MD5 CA has been spoofed. This is an older type of certificate but is still used by many websites. There has been a warning about this concept for sometime, however, it was just demonstrated . So it’s no longer a concept because there is proof it can be, and has been done.
You can read all about it here http://www.win.tue.nl/hashclash/rogue-ca/
Microsoft has also issued a security bulletin about it here http://www.microsoft.com/technet/security/advisory/961509.mspx
The guys who figured out how to do this will not release all the details of how it was done for a couple of months, to give time for a fix to be developed.
I’ll post more details as they become available.
