About This Blog   |   Archives   |   RSS Feeds RSS Feed   (What's RSS?)

Archive: February 2009

Microsoft: Attackers Target Unpatched Excel Flaw

Microsoft Corp. is warning computer users that attackers are now exploiting a previously unknown security hole in the company's Excel spreadsheet software to break into vulnerable systems. The vulnerability, which appears to be present in all supported versions of Microsoft...

By Brian Krebs | February 27, 2009; 7:30 AM ET | Comments (7)

ID Fraud, Abusive Debt Collectors Top Consumer Gripes in '08

Identity fraud was the top complaint consumers lodged last year with the Federal Trade Commission, followed by gripes about harassing and abusive debt collectors, the agency reported today. Of the 1,223,370 complaints the FTC received last year, 313,982 - or...

By Brian Krebs | February 26, 2009; 2:55 PM ET | Comments (1)

Adobe Issues Security Update for Flash Player

Adobe Systems Inc. has shipped an update for its ubiquitous Flash player that fixes at least five security flaws. A few of the flaws are critical, meaning users could have malicious software installed on their system merely by visiting a...

By Brian Krebs | February 25, 2009; 2:00 PM ET | Comments (3)

Adobe Urges Stopgap Changes To Blunt Cyber Threat

Adobe Systems Inc. has found itself in the midst of a public relations maelstrom of the sort once reserved only for Microsoft Corp., as security experts chastise the company for not moving fast enough to address a critical security hole...

By Brian Krebs | February 25, 2009; 7:20 AM ET | Comments (21)

Just Say "No" To Gmail "ViddyHo" Chats

A crazy number of readers have written in asking what they should do about unsolicited instant messages coming in from their Gmail accounts. The messages are from a site called ViddyHo urging them to "check out this video." I hope...

By Brian Krebs | February 24, 2009; 7:45 PM ET | Comments (3)

The Tigger Trojan: Icky, Sticky Stuff

A relatively unknown data-stealing Trojan horse program that has claimed more than a quarter-million victims in the span of a few months aptly illustrates the sophistication of modern malware and the importance of a multi-layered approach to security. When analysts...

By Brian Krebs | February 24, 2009; 8:20 AM ET | Comments (11)

Attackers Exploiting Unpatched Flaw In Adobe Reader, Acrobat

Hackers are exploiting an unpatched security hole in current versions of Adobe Reader and Acrobat to install malicious software when users open a booby-trapped PDF file, security experts warn. Adobe issued an advisory Thursday warning that its Reader and Acrobat...

By Brian Krebs | February 20, 2009; 6:55 AM ET | Comments (27)

Travel-Booking Site for Federal Agencies Hacked

Govtrip.com, which handles travel reservations for at least a dozen U.S. government agencies, last week was infected with a virus that tried to install malicious software when users visited the site, causing some agencies to block employees from accessing it,...

By Brian Krebs | February 18, 2009; 10:20 AM ET | Comments (12)

Verizon to Implement Spam Blocking Measures

Verizon.net is home to more than twice as many spam-spewing zombies as any other major Internet service provider in the United States, according to an analysis of the most recent data from anti-spam outfit Spamhaus.org. Verizon, however, says it plans...

By Brian Krebs | February 17, 2009; 8:00 AM ET | Comments (18)

Apple Patches More Than 50 Security Holes

Apple last week issued security updates to plug more than 50 security holes in its OS X operating system and other software. The patches, which affect Mac OS X 10.4 and 10.5, Java for the Mac and Safari for Windows...

By Brian Krebs | February 15, 2009; 4:05 PM ET | Comments (3)

As Tax Season Continues, Beware of Scams

As sure as the taxman cometh each year, so do the scam artists. The Internal Revenue Service is warning U.S. taxpayers to be prepared for a steady increase in scams and virus attacks via e-mail, telephone and the Web as...

By washingtonpost.com Editors | February 14, 2009; 2:00 PM ET | Comments (1)

Microsoft Offers $250,000 Reward for Conficker Worm Author(s)

Microsoft Corp. today said it is offering a $250,000 reward for information that leads to the arrest and conviction of those responsible for launching the "Conficker" computer worm, a threat that has infected millions of Microsoft Windows PCs over the...

By Brian Krebs | February 12, 2009; 2:10 PM ET | Comments (21)

Critical IE, Exchange Flaws in Microsoft's Patch Tuesday

Microsoft Corp. today released four patch bundles to fix at least eight security vulnerabilities in PCs powered by its Windows operating system and other software. The fixes are available through Microsoft Update or via Automatic Updates. Half of the flaws...

By Brian Krebs | February 10, 2009; 6:15 PM ET | Comments (11)

Covering Your Tracks in Firefox

Firefox users looking for a little more control over the privacy of their Web browsing habits should check out a handy add-on called "RefControl," a Firefox extension that lets you decide which sites should be allowed to see your most...

By Brian Krebs | February 9, 2009; 6:45 AM ET | Comments (22)

Consider the Source, Not Just the File Type

An uptick in malware that infects music files being traded on popular peer-to-peer (P2P) file-sharing networks should give Windows users pause about downloading songs from unknown sources. Symantec is reporting a spike in the number of audio files infected with...

By Brian Krebs | February 6, 2009; 4:52 PM ET | Comments (3)

Quick Poll: Many Smaller Banks Hit By Heartland Breach

In another sign that the recently disclosed data breach at credit card processing giant Heartland Payment Systems may indeed be one for the record books, a quick survey of community banks indicates that a majority of institutions have been notified...

By Brian Krebs | February 6, 2009; 9:51 AM ET | Comments (7)

Data Breach Led to Multi-Million Dollar ATM Heists

A nationwide ATM heist late last year netted thieves $9 million in cash in one day, according to published reports. The coordinated attack stemmed from a computer intrusion at payment processor RBS WorldPay. Atlanta-based RBS WorldPay announced on Dec. 23...

By Brian Krebs | February 5, 2009; 3:45 PM ET | Comments (6)

OpenOffice Installs Insecure Java Version

An alert reader let me know that the latest version of OpenOffice, the open source alternative to the Microsoft Office productivity suite, also installs a very old, insecure version of Java. Users who accept the default installation options for OpenOffice...

By Brian Krebs | February 4, 2009; 5:30 PM ET | Comments (24)

Report: Most Spam Sites Tied to Just 10 Registrars

Nearly 83 percent of all Web sites advertised through spam can be traced back to just 10 domain name registrars, according to a study to be released this week. The data come from millions of junk messages collected over the...

By Brian Krebs | February 4, 2009; 11:15 AM ET | Comments (5)

Data Breaches More Costly Than Ever

Organizations that experienced a data breach paid an average of $6.6 million last year to rebuild their brand image and retain customers following public disclosures of the incidents, according to a new study. The fourth annual survey by the Ponemon...

By Brian Krebs | February 2, 2009; 11:27 AM ET | Comments (9)

 

©  The Washington Post Company