Is resetting password enough?

'using Facebook to spread'

looking forward to...

important security info

remote, encrypted backups

Note: This is not an endorsement.

Be careful out there!

Related: Password Do's and Don'ts (ads)

'mobile privacy application'

Note: This is not an endorsement.

7 vulnerabilities (at least)

Flash updates are available for Windows, Mac, Linux and Android systems. Adobe AIR patches are available for Windows, Mac and Android platforms.

'social engineering trick'

'not a guarantee'

Check website or URL/link safety: reports of phishing, hosting malware and viruses, or poor reputation.

[Chainsaw on a Tire Swing]

reminder: update plugins

standalone tool (OS X Lion)

contains the same malware removal tool as Java for OS X 2012-003...

This update is recommended for all OS X Lion users without Java installed.

[Macworld (heavy advertising)]

See dwt: OS X security advisory for more background information.

'growing number of attacks'

on 'data co-ownership'

Online Social Networks (OSNs) offer access control mechanisms to protect users' sensitive information from undesired accesses. Yet, their information is still vulnerable to disclosure when their friends assign conflicting privacy policies: a user prohibits everyone from accessing his own content or profile but his friends allow others to see it...

not-so-safe browsing

a reminder to Firefox users

...and another reminder - watch out for checkboxes which are checked by default when updating certain plugins...;~))

rise in malware

'gauntlet of crapware'

QR code-related security risks

Java plugin vulnerability

the illusion of trust

Mozilla was informed today about the issuance of at least one fraudulent SSL certificate for public websites belonging to Google, Inc.

Related:
Falsely issued Google SSL certificate in the wild for more than 5 weeks | Naked Security

Google Online Security Blog: An update on attempted man-in-the-middle attacks

How honest is your ISP?

Don't do that!

'easy hacking'

interesting concept

Note: This is not an endorsement. Use at your own risk.

'In the meantime...'

Note: Though somewhat incomplete on the 'how to avoid' side, this information (provided by Apple) may be helpful in identifying and/or removing the malware from your system if you've downloaded it.

protect your sensitive data... (2)

protect your sensitive data...

Topical: Internet Security

49 flaws addressed!

Microsoft said four of the new patches – software updates that write over glitches – were of the highest priority and should be deployed immediately to protect users from potential criminal attacks on the Windows operating systems.

'something very odd going on'

adventures in scripting

'fight back'

'unsurprisingly common' vulnerability

'sophisticated and dangerous'

How to protect yourself from trojans when banking online

• Make sure your anti-virus software is up to date.
• Keep firewalls set to the highest level.
• Never open an e-mail attachment from someone you don't know.
• Never double-click on an e-mail attachment that ends in .exe. It is an 'executable' file and can do what it likes in your system.
• If you think your machine has already been infected, contact your bank immediately. If the bank thinks you are a genuine victim of fraud it will reimburse you.

common sense...

Related: Social Networking Privacy: How to be Safe, Secure and Social

noteworthy traveling precautions

important security fixes

don't trust the bunny

trojan-infected add-ons found

Is your data safe? (2)

• Official Google Blog: A new approach to China

  Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis. In mid-December, we detected a highly sophisticated and targeted attack on our corporate infrastructure originating from China that resulted in the theft of intellectual property from Google.

• Official Google Enterprise Blog: Keeping your data safe

  This attack may understandably raise some questions, so we wanted to take this opportunity to share some additional information and assure you that Google is introducing additional security measures to help ensure the safety of your data.

• Google's half-truths and a plea for perspective

  Coordinated enough to get at GMail's internal data store, if only the one with e-mail headers. If that doesn't scare you, it should. What Google does with their .cn site is relatively minor news.

banking/e-commerce at risk

This successful proof of concept shows that the certificate validation performed by browsers can be subverted and malicious attackers might be able to monitor or tamper with data sent to secure websites. Banking and e-commerce sites are particularly at risk because of the high value of the information secured with HTTPS on those sites. With a rogue CA certificate, attackers would be able to execute practically undetectable phishing attacks against such sites.

'jail-break' with care

The worm, known as ikee, only affects "jail-broken" phones, where a user has removed Apple's protection mechanisms to allow the phone to run any software.

Is your data safe?

Facebook and MySpace fixed this quickly after being notified...

'subtle security holes'

'still in the works'

(still) full of holes

'sophisticated ways'

Flash: Security and Privacy (2)

Flash: Security and Privacy

'to give users control'

gone phishing

'users should exercise caution'

'surveillance solutions'

new version fixes security issue

compiler bug

Related:
Mozilla Foundation Security Advisory 2009-41

'widespread computer attack'

'notorious rogue'

Related: US cuts off 'criminal' net firm

'new type of fraud'

'scam directed at Twitter users'

an echo in here...

Related (12/17/08): Microsoft plans quick fix for IE

don't click

a web of villians

fakes selling fakes

the scum never sleeps

Yet another reminder to "never follow links in unsolicited email messages." (and beware of intrusive/annoying ad tactics if you visit the news site's home page)

'Big Brother' indeed

from BBC's 'Click' program

Related: Click's Facebook security advice

beware of 'fake E-shops'

Don't be cheap, if you're to buy any kind of software, do so through the official site, and cut the fraudulent intermediaries like the ones in this case.

security and privacy concerns

'digg' danger?

according to 'Wikinews'

'mandatory update'

here's your proof...

TV presenter Jeremy Clarkson has lost money after publishing his bank details in his newspaper column.

The Top Gear host revealed his account numbers after rubbishing the furore over the loss of 25 million people's personal details on two computer discs.

He wanted to prove the story was a fuss about nothing...

'critical update'

fixed in Firefox 2.0.0.7

'unacceptable intrusion'

how secure?

Google's Blogger site is being used by malicious hackers who are posting fake entries to some blogs.

The fake entries contain weblinks that lead to booby-trapped downloads that could infect a Windows PC.

illegal = immoral?

company denies security breach

US job website Monster.com has suffered an online attack with the personal data of hundreds of thousands of users stolen...

cookie thieves

Adobe Security Advisory

'DomainKeys Identified Mail'

attack of the botnets?

'open to attack'

beware of IE7 promo

'highly organised'

3 'key servers' targeted

good to know...

simple advice worth repeating...

To protect yourself against these threats, do not trust unsolicited files or documents about 'interesting' topics. Do not open attachments unless they are expected and come from a known and trusted source.

'a worthwhile reminder'

caution: plugin vulnerability

We have received reports of a significant problem relating to Adobe Acrobat files and Cross Site Scripting (XSS). A weakness was discovered in the way that the Adobe Reader browser plugin can be made to execute JavaScript code on the client side...

You can avoid this problem by implementing a work around in your browser so that it does not use the Acrobat Reader plugin.

new exploit...

for Wordpress