Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Jasper The Rasper

Pages: [1]
Web TuneUp extension blocked from automatically installing with antivirus package
29 Dec 2015 at 22:59, Chris Williams

Google has banned AVG from automatically installing its Web TuneUp Chrome extension – after the widget wrecked the online security of nine million people.

Tavis Ormandy, a Google Project Zero researcher who has been auditing antivirus software, found the extension was riddled with vulnerabilities. Web TuneUp is installed with AVG's antivirus package, and it attempts to stop Chrome users from surfing to websites hosting malware. It is used by 9,050,432 people.

12/21/2015 Dark Reading Staff

Oracle will have to be more forthright and communicate the truth via social media and anti-virus companies going forward.

Oracle has agreed to settle Federal Trade Commission charges that it had deceived customers. Oracle told customers that by installing an update to JavaSE it would make their machines "safe and secure," despite the fact that the update often left vulnerable versions of JavaSE on the users' machines.

The update only replaced the most recent version of JavaSE residing on the machine -- it stopped short of uninstalling any other versions also residing on the computer, and did not uninstall any versions earlier than JavaSe 6 update 10 at all. According to the FTC, Oracle knew of this shortcoming in 2011 and did not fix it until August of 2014.

Written by Lorenzo Franceschi-Bicchierai
27 November 2015

The personal information of almost 5 million parents and more than 200,000 kids was exposed earlier this month after a hacker broke into the servers of a Chinese company that sells kids toys and gadgets, Motherboard has learned.

The hacked data includes names, email addresses, passwords, and home addresses of 4,833,678 parents who have bought products sold by VTech, which has almost $2 billion in revenue. The dump also includes the first names, genders and birthdays of more than 200,000 kids.

What’s worse, it’s possible to link the children to their parents, exposing the kids’ full identities and where they live, according to an expert who reviewed the breach for Motherboard.

Security & Technology News / Ransomware on Your TV, Get Ready, It's Coming
« on: November 25, 2015, 11:17:21 am »
By Catalin Cimpanu    25 Nov 2015

A PoC shows the future dangers for smart TV sets

Many cyber-security vendors view ransomware as 2016's biggest threat, and to help drive this point home, a Symantec security researcher demonstrated how easy it can be to infect smart TVs and how hard it can be to clean the infection afterwards.

The researcher did not reveal the TV's make and model but said it was running a modified version of Google's Android operating system, which many brands also use for their smart TV products.

I for 1 would not use an app like this if it meant giving away the rights to MY pics. What about the photos of the children which parents take, they could be used for anything without their knowledge.

By Ms. Smith   Nov 1, 2015

If you still believe your snaps will self-destruct, you might want to review Snapchat’s newest policy changes as the company can now potentially keep your photos forever and share them. Oh, and by using the app, you grant Snapchat the rights to your photos.

Users who update their Snapchat app must tap “Accept” to signify agreeing with the app’s newly updated Privacy Policy and Terms of Service. “Scary stuff,” is what actor Kal Penn, the former White House Associate Director of Public Engagement, called Snapchat’s new privacy and legal policies.

By Silviu Stahie    15 Oct 2015

Developers have been quick to fix the problem

An important security issue on Ubuntu phone that has been revealed this morning has been fixed by the Canonical team. This the first major issues revealed on Ubuntu Touch, and the developers have been quick to repair it.

October 9, 2015  Control Panel will be phased out in Windows 10

The Control Panel had been an integral part of Windows since the beginning and helped in tweaking and customizing the operating system. In a tweet by Gabriel Aul, the chief of Windows Insider Program, he said that Control Panel will be removed from Windows 10 in coming days.

Security & Technology News / Dow Jones Discloses Customer Data Breach
« on: October 09, 2015, 08:27:33 pm »
Wall Street Journal owner says financial data from 3,500 individuals may have been accessed

By Steven Perlberg
Updated Oct. 9, 2015 2:35 p.m. ET

Dow Jones & Co. disclosed that hackers had gained unauthorized entry to its systems, accessing contact information for current and former subscribers in order to send fraudulent solicitations.

The data breach potentially accessed payment card information for fewer than 3,500 individuals, said Dow Jones, a unit of News Corp and owner of The Wall Street Journal, MarketWatch and Barron’s. The goal of the broader hack seems to have been to obtain contact information, Dow Jones said.

Experts at Akamai discovered the Linux XOR DDoS Botnet,  a malicious infrastructure used to run potent DDoS attacks against dozens of targets.

Security researchers have discovered a Linux Botnet, dubbed XOR DDoS or Xor.DDoS botnet, that is targeting gaming and education websites with potent DDoS attacks with reached 150 gigabytes per second of malicious traffic.

Fraudsters try to scare users with BSOD-themed ads

Google's AdWords platform is the Internet's biggest advertising platform, allowing individuals and businesses to promote their offerings by placing ads in search results based on a list of keywords.

According to a recent Malwarebytes warning, cyber-criminals have found a way to exploit Google's advertising service in a covert and sneaky way, buying ads for popular keywords, and redirecting users to pages where they're served scareware.

Security & Technology News / Lavaboom's warrant canary has expired
« on: August 18, 2015, 10:21:44 pm »
Graham Cluley | August 18, 2015

Bad news for anyone trusting Lavaboom for their secure, encrypted communications.

The online service, which dangled the tempting offer of being "the first secure email service that's truly easy to use" and sadly failed to reach its $100,000 goal in a crowdfunding campaign earlier this year, is over two weeks late in updating its warrant canary.

Full Article -

Pages: [1]