TechBlog

Security News? Just a few clicks away

Monthly Archives: January 2011

Again critical vulnerability in VLC

Just a few days after the VLC developers fixed a vulnerability in the popular VLC video player, a new critical security vulnerability in the processing of .mkv files became public. By opening specially crafted .mkv files, the computer can be … Continue reading

Internet Explorer Vulnerability with workaround

In all currently supported Windows operating systems a security vulnerability in the so-called MHTML handler can lead to information disclosure; speculations in the media indicate possibly even worse things. The cyber criminals just need a manipulated link to trigger the … Continue reading

Improve your Security #1: Complex passwords aren’t always better

This article is the first one from a series of technical advices how to improve your IT security at home and at work. To be honest, I hate passwords and PINs. Those of you who have more than one email … Continue reading

DynDNS mistakenly blocks many hosts for abuse (Update)

Earlier today many DynDNS users have received a notification email that their account has been blocked for abuse. DynDNS offers a free service which allows users without fixed IP address to be able to access their computers through a unique … Continue reading

Cartasi Italy under heavy phishing attack

We are currently observing an attack with different phishing emails and websites, targeting the customers of the Italian bank Cartasi. We have spotted 4 different phishing attacks, 3 of them using the classical technique of faking the target URL (pictures … Continue reading

Facebook improves security

The social network Facebook starts to roll out a new security feature: Secure Browsing (https). It will be available in the options of “Account Security”, below the “Account Settings” page. This means that all data sent from and to Facebook … Continue reading

Critical Vulnerabilities and Updates (Update)

A critical security vulnerability has been found in the web browser Opera. It allows attackers to infect the computer with manipulated websites, for example. An update is currently not available, so using for example Windows Browser Choice to temporarily switch … Continue reading

Phishing, Spam and Malware Statistics for December 2010

Most abused TLDs The trend we observed in the last months when the non “classical” TLD increased massively continued in December as well. Contrary to November, where the .com has seen a slight increase, we are noticing this month that it … Continue reading

Bredolab Malware spammed via fake Facebook Mails

The popularity of the social network Facebook is abused again to spread Malware via Email. The spam mails arrive with the subject “Facebook password has been changed. ID” and contain a ZIP archive as attachment. Inside the ZIP a file … Continue reading

Protection from Exploits for Windows Thumbnail Vulnerability

With our recent update of the engine we added generic protection against exploitation of the thumbnail vulnerability in all current Microsoft Windows operating systems. Microsoft warned of this security hole in a security advisory. On the January Patchday, no update … Continue reading