TechBlog

Security News? Just a few clicks away

Monthly Archives: January 2013

The BKA/Ransom Trojan comes now with child pornography (updated)

The so called “BKA Trojan” (BKA stands for German Federal Criminal Police) malware which is also known as the Ransom trojan in other countries, has found a more convincing way to fool computer users to pay. Now, together with other eight possible … Continue reading

Security update for Apple: iOS 6.1 fixes browser flaws

Apple has released a new version of iOS, the operating system that powers the iPhone, iPad, iPod. The new version fixes 20 security flaws related to the Safari browser. Some of the vulnerabilities were allowing bypassing of authentication, cross-site scripting … Continue reading

Malware delivered with fake hotel reservations

We wrote last week about Malware delivered with fake Craigslist fax-to-email notifications.This week’s malware delivery mechanism is a fake email notification from the well-known online hotel reservations portal booking.com.   The malware is delivered when you click on “Print Booking … Continue reading

Malware delivered with fake Craigslist fax-to-email notifications

If you receive such a message containing an HTML page attached, don’t open it. The email pretends to come from “craigslist – automated message, do not reply <robot@craigslist.org>” and has the subject “Efax Corporate”. What I find interesting is that the … Continue reading

Be aware of fake Java patches for the zero-day exploits

We and pretty much the rest of IT world, have written about the Java zero-day exploit, about the fast patch that Oracle release to remove some of the market pressure and also about the fact that such a quick move … Continue reading

Pharma spam using LinkedIn again

We wrote a couple of times already about spams pretending to come from LinkedIn which advertise online pharmacy websites. There is a new spam campaign which changed a bit the way the messages are presented to the users. Now the … Continue reading

Yet a new Java zero-day exploit?

We don’t know yet if this is a bad joke intended to discredit Oracle and Java, but the media is buzzing about a possible new undetected exploit in Java. This was started by a post of the security researcher Brian … Continue reading

How to enable two-factor authentication for Facebook

Facebook has introduced some time ago two-factor authentication for Login. This means that if someone or  something tries to login using your account, there will be two steps needed: authentication using username and password (something that you know) and a … Continue reading

How to disable the Java web plug-in in all browsers

We have written about Java and its regular vulnerabilities, two (here and here) of which were zero-day vulnerabilities. Java is a very strong tool because it is cross platform and if a vulnerability is being found on one platform, it … Continue reading

Oracle has fixed the Java zero-day exploit

After the huge media impact that followed up the full disclosure of the vulnerability in Java 7 Update 10, many national and international organizations have started to recommend to their readers to uninstall Java (Germany’s BSI, US-Cert). Oracle couldn’t just … Continue reading