eHarmony Passwords Stolen

by Andy on June 7th, 2012 in Security Alert.

Hot on the heels of the LinkedIn password breach, dating site, eHarmony have reported that "a small fraction" (about 1.5 million) of their user base have also been affected. Like LinkedIn, eHarmony have reset the compromised account's passwords and will send out notification explaining how to reset them. Probably a good time to change your password - check the best practices in the LinkedIn post from earlier today.


LinkedIn have confirmed that a number of user accounts have been compromised. While they have not published the amount of compromised accounts, a Russian forum user uploaded around 6.5 million encrypted user passwords to demonstrate the security breach took place. While the user names have not been included, it's a pretty good bet that they have also been stolen. You can check this site to see if your password was amongst those stolen.


Microsoft have published a Security Bulletin Summary for November 2011. A number of updates have been released including one "critical" and two "important" severity updates.

The patches address remote code execution, elevation of privilege and denial of service vulnerabilities. Importantly, an update has been released to patch the critical vulnerability in the TCP/IP stack (MS11-083). Microsoft report that "the vulnerability could allow remote code execution if an attacker sends a continuous flow of specially crafted UDP packets to a closed port on a target system."


Duqu, Son of Stuxnet

by Andy on October 20th, 2011 in Security Alert.

An apparently modified version of the well-publicised Stuxnet worm has been discovered on a number of corporate computer systems in Europe. Analysis suggests that the malware, named Duqu (pronounced dyü-kyü), appears to be based on the Stuxnet source code, giving rise to the possibility  that Duqu may have been developed either by the Stuxnet authors or by developers who have had access to the source code.



A huge amount of personal data was exposed in a recent Sony hack. Today, Sony disclosed that the security breach affecting almost 77 million PlayStation Network users, may also have affected 24.5 million users of Sony Online Entertainment, making this the largest personal data heist in history.


The latest versions of Firefox and Thunderbird have been published, fixing a number of security issues.

Firefox 3.5.17 & 3.6.14 includes fixes listed here.

Thunderbird 3.1.8 includes fixes listed here.

To update either application, click on Help -> Check for updates.


Adobe Reader X Released

by Andy on November 22nd, 2010 in Security Alert.

In response to the volume of malware exploiting Adobe products, Adobe Reader X was released last week with its much anticipated new security feature, Protected Mode.


Protected Mode is based on Microsoft’s "Practical Windows Sandboxing" technique which you can read about here.


What does Protected Mode do? It displays PDF files in a highly restricted and confined  environment. The restricted environment will help prevent a booby trapped PDF file from doing anything to your system.


SecurityInspector2010 is a new rogue anti-virus application. It is a another clone of DesktopDefender2010.
















Critical vulnerabilities have been identified in Adobe Flash Player 10.1.85.3 and earlier versions for Windows, Macintosh, Linux, and Solaris, and Adobe Flash Player 10.1.95.1 for Android. These vulnerabilities, including CVE-2010-3654 referenced in Security Advisory APSA10-05, could cause the application to crash and could potentially allow an attacker to take control of the affected system.


Full Adobe advisory info here.


Affected software includes:


Microsoft has released a security advisory concerning a vulnerability affecting Internet Explorer versions 6, 7 and 8. This vulnerability may allow an attacker to execute arbitrary code. Full details here.


Visit Microsoft's page here to get full instructions. You can find the workarounds under the "Suggested Actions" twisty.


Marijuana and Mid-Terms

by Andy on November 2nd, 2010 in Security Alert.

Over Halloween we saw the usual glut of malicious sites hijacking spooky search engine results. Today looks to bring some more search engine result hijacking opportunities for the bad guys.


HDDDefragmenter is a new rogue application, a clone of SystemDefragmenter.