Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

In the news

Twitter spam campaign linked to Gawker breach

A massive spam campaign that rapidly spread on Twitter has been linked to a data breach at online media company Gawker.

On Sunday, Gawker disclosed that its servers were compromised by hackers to steal readers’ emails and passwords* belonging to its properties, including Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin, and Fleshbot.

Firefox 3.6.13 issued to fix 13 flaws, 11 “critical”

Mozilla on Thursday issued an updated version of its Firefox web browser to fix 13 vulnerabilities, most of which were labeled “critical.”

The update, Firefox 3.6.13 and 3.5.16, fixes 11 critical flaws that could result in a remote attacker installing malicious software on victim machines, according to Mozilla’s security advisory. Of the remaining bugs, one was rated “high” in severity, and another “moderate.”

In all, the vulnerabilities could allow an attacker to execute arbitrary code, operate with elevated privileges, or spoof the location bar*, according to an advisory posted Friday by the US-CERT.

Hackers access UW-Madison computer systems

Hackers infiltrated the University of Wisconsin (UW)-Madison computer systems and accessed the personal information of tens of thousands of individuals affiliated with the college.

Zeus botnet targeting Macy’s, Nordstrom account holders

A new Zeus botnet is targeting the credit card accounts of several major U.S. retailers*, including Macy’s and Nordstrom, according to researchers at online banking security firm, Trusteer.

Microsoft to address IE, Stuxnet flaws, 38 others

Two publicly known issues are expected to be addressed Tuesday when Microsoft releases 17 patches to correct 40 product vulnerabilities.

I have cautioned you, Dear Reader, that we are smack-dab in the middle of Prime Cybercrime Season, and to be on the lookout for online con artists and thieves. (Be sure to read, Beware “The Twelve Scams of Christmas”, if you haven’t already.)

Related: Because those stories came from just one newsletter I get, and are for just this week (and headlines like these are commonplace) I hope you’ll look at my article The Internet Is Not Disneyland.

* emphasis mine. Do you know what a “spoofed address bar” is? The address bar is your browser’s ‘toolbar’ with the window that shows the URL of the website you are on.. the “https://techpaul.wordpress.com/”.. a “spoofed bar” would be an identical-looking overlay, put on by the hacker, which showed what they wanted you to see.
This is the kind of stuff that makes me wonder when we are going to get serious, and declare war on these folks. Is it just me, or is it no wonder we’re loosing hundreds of billions a year to them?

What will it take, I wonder?

Copyright 2007-2010 © “Tech Paul” (Paul Eckstrom). All Rights Reserved.


>> Folks, don’t miss an article! To get Tech – for Everyone articles delivered to your e-mail Inbox, click here, or to subscribe in your RSS reader, click here. <<


Share this post :

December 14, 2010 - Posted by | computers, Internet, security | , , , ,

4 Comments »

  1. Really… Cyber-crooks are on their peak these days… As if someone has installed high voltage cables in their ßutT to remain sticked to their chairs and busy hacking.

    Like

    Comment by Ranjan | December 14, 2010 | Reply

    • Ranjan,
      I read somewhere that cybercrime was a bigger business than illegal drugs.

      I would not be terribly surprised to learn it was a bigger business than legal pharmaceuticals .. or “big oil”.

      The year 2007 was a ‘tipping point’…

      Like

      Comment by techpaul | December 14, 2010 | Reply

  2. I’m glad I have Firefox set to update automatically. I didn’t always have it set that way. I have this “I want to update a program when I decide to” thing. I have finally moved out of that mindset, due to issues just like this.

    I used to feel fairly “safe” on the internet (MANY years ago) because I thought that my security applications would take care of everything. WRONG!

    The internet is kind of like a skyscraper that was built on sand, not anchored into the bedrock.

    Imagine if you will the Empire State Building. Instead of using architectural plans that were reviewed by a panel of structural engineers and other specialists. Instead of using skilled laborers overseen by engineers, inspectors, superintendents and other professionals. Instead of being built on bedrock.

    Would you go up to the top of that building? Or even go anywhere near it?

    That’s how the internet was built folks. We are on extremely shaky ground. Follow Tech Pauls instructions and warnings carefully. He knows what he is talking about, and he has our best interest at heart…

    Thanks for making us aware of these issues Paul.

    Like

    Comment by KsTinMan | December 15, 2010 | Reply

    • KsTinMan,
      The Internet was not originally designed with any intention of it being the “world wide web” (open to all) that it grew into. It is quite true that it has been cobbled, and patched, cobbled and patched, as best could be to try to keep up with each new advance (and now they want to connect refrigerators to it.. and toasters.. and soon, your bathroom mirror). It was built before there were “hackers” and “cybercriminals”. Security was not a consideration. Also, we had to come up with a whole new addressing scheme, as it has grown so big, we ran out of numbers! (A fact completely inconceivable to the original designers.)
      (For a word from the experts, see Is The Whole Internet Still In Beta?.)

      I hope people will pay attention to your words, and “think before they click”. Here’s is a “top 10 list” that may help: Got A Computer? Top 10 Things You Should Do.

      Like

      Comment by techpaul | December 15, 2010 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: