Well that was short-lived. After much publicity, the PDF exploit that jailbreakme.com utilises (that site and others) to jailbreak your iPhone has been fixed by the big A. Apple this morning released the 4.0.2 update to fix that specific issue. That is all. No antenna fixing issues. No 3G painkillers. Nothing. Just a PDF, font-subsystem fix to keep Apple’s iPhone and iOS happy. Oh, and to stop youngsters (both real and young-at-heart) from breaking Apple’s retail display iPhones.
Microsoft has today pushed a critical update to its operating systems that will fix a vulnerability, acknowledged a few weeks ago, that has been present since Windows 2000. The fix itself, however, does not extend to those using Windows 2000, most likely because it is no longer covered by its Life Cycle policy.
The vulnerability allowed attackers to control a computer, if not patched, through a weakness in how shortcut icons are handled by Windows. It was very worrying to many security analysts because the attacker did not need to write a file to gain control, it had to open a file with the .lnk extension.
… and it’s the end of July. Yes, an entire month with posts dedicated on helping you protect your identity and security online. That was our first themed-month, and it was an excellent thing to run on our blog.
We would like to personally thank BitDefender for partnering with us for the month. Hopefully our security-themed articles helped you. And don’t worry, we’re not going to stop covering security – we will be still doing some tips periodically.
And don’t think those entries for our competition go to waste, BitDefender representatives are reading them, and hopefully use this insight to better their already-good security solutions.
If you missed the action, here’s a quickie recap on what happened on Security Month (July):
This article is part two of two covering blog hacking for Security Month, a month-long look in the importance of security. You can read the previous part (one dealing with prevention) here. Part Two covers what to do after your blog just got hacked. Enjoy!
This article was written by Catalin Cosoi.
Recovering from a hack can be a painstaking experience, and the effects of a hack may be felt over a long period of time. The faster you identify and solve the issues though, the less damage will be inflicted to your blog. Here is a short list of immediate actions to be taken after a potential attack has been discovered.
This article is part one of two covering blog hacking for Security Month, a month-long look in the importance of security. Part two covers what to do when hacked, while this will focus on covering how to prevent your blog from getting hacked.
This article was written by Catalin Cosoi.
Blogging is undoubtedly one of the most popular ways of expression on the Web. While some bloggers opt for a hosted account with major blogging platform developers, others go with a self-hosted plan that offers extra flexibility, but at the same time, needs extra attention to avoid incidents.
Five alleged hackers have been arrested by Pakistani authorities in raids that led to the closure of the website Pakbugs, known for being a community site for hacking and carding – a technique to verify if stolen credit card details are still valid by purchasing something.
The operation, run by the Cyber Crime division of the Federal Investigation Agency (FIA), went ahead after numerous complaints by, according to a report on PakSpider, “national and multinational organisations” after getting their websites hacked.
Since July is Security Month for us, we should write something up about keeping your shared hosting account secured. Most hosting companies will have their shared hosting servers pretty well nailed down. However, you do come across some hosting companies that haven’t bothered and your website would be potentially opened to nasties such as XIS attacks and brute-forcing. This guide will only cover the shared hosting side, the customers side. A guide for a server administrator will be out soon.
So read this simple, easy to follow guide on how to keep your hosting account safe. Making your account safe is the best thing you can do for your personal site, blog or online business!
Did you know, you can actually win one of ten copies of BitDefender Total Security 2010 for free. Yes, you heard that right. For FREE! You can enter the competition right here.
Since July is Security Month for us, why not write something that is basically a huge problem for all of us, even the tech community. That topic is password security. There is no doubt that this is a huge problem, especially when we are told to make it complicated and make it easy to remember – and most often, and I’m sometimes guilty, of making my passwords often easy to remember than complicated.
That is why we have made this easy guide on how to make some secure passwords, and make it easy to remember your password.
Did you know, you can actually win one of ten copies of BitDefender Total Security 2010 for free. Yes, you heard that right. For FREE! You can enter the competition right here.
This article is part of Security Month, a month-long TECHGEEK.com.au initiative to have a look at the security industry and the entire subject as a whole.
This guest post was written by Catalin Cosoi, BitDefender senior antispam researcher.
Anyone who has ever created something new is granted the right to name it. However, given that computer viruses are born with the purpose of underhand destruction and disruption, they are perhaps an exception to the norm. Why would any virus creator in their right mind want to drop any hints via their virus’s name that may incriminate them? Further, why would we want to give them the glory or the limelight?
Which begs the question, how do computer viruses get their names? The short answer: there is no unanimous way to classify viruses and their names but in order to raise the general awareness of viruses, more familiar terms are often chosen.
If you have ever used a Big W photo kiosk, then we really suggest you scan your computers right now.
Why? Well, the store has confirmed that some of its kiosks have been infected with malware, after a posting by an IT profesional claimed that his USB was infected with Trojan.Poison-36.
The company told ZDNet Australia, “In a small number of cases we have detected isolated viruses which have been introduced to the machines through a customer’s USB device.”
As Risky Business, a security blog, has found out, Woolworths – the parent company of Big W – has also revealed that most don’t even come with anti-virus protection, and only some are part of a trial.
So, what can you do to avoid such an entanglement? Well, first off, you can always go and use a DVD or CD, especially one that is rewritable so you can write new photos if you want them professionally printed. That way, the nasty malware viruses don’t infect your USB.
As well, if you don’t have anti-virus or anti-malware software, we really suggest you go and get one now! You think you might be safe, but one day, you will be infected.
Did you know, we have a competition running? You can actually win a copy of BitDefender Total Security 2010 (rrp $105). Yes. How to enter? Well, click this link to find out more.
TECHGEEK.com.au is starting July with a huge competition, especially when this month we have dubbed it “Security Month”, giving you some advice on how to be secure online and at home when you are on your PC. Of course, with this we might as well offer a competition – and that is what we have done.
In partnership with the good pals of BitDefender, we are offering ten copies, chosen at random, of BitDefender Total Security 2010 (which retails for AU$105) for free. Total Security 2010 protects your identity while removing the threats from spyware and viruses.
All you need is just to answer a simple question: What is your most wanted feature in an ideal security solution (i.e. anti-virus/anti-malware, etc)?
The terms: you have got until Sunday 25 July to get your entires in. To get them in, just place your answers when writing a comment. No seriously. That’s all it takes. Don’t forget, please provide your email address, so we can confirm you.
EDIT: In order to get a winner on the same day for our Podcast recording, we will close entries at 6:30PM AEST. After that, the comments section will be closed and you will no longer be able to post your entries.
EDIT [2]: And it’s over! We’ll be announcing the winners soon.
Security Month kicks off this month, so why not win something. Don’t worry, your emails will not be used for spamming purposes or sold to third parties.
Google has introduced a new feature called Google Search SSL Beta. Basically, you can now perform web searches using an SSL encryption by going to https://www.google.com . Google note that this beta functionality is only available to web searches and not (yet) to Maps, Images, Books and other Services. And to be double-sure you are browsing secure, Google has updated their famous Google search page to reflect this new beta period.
Hit up the Google KB Article here.
Boxers or briefs. No seriously.
Microsoft’s new advertising campaign for its browser, Internet Explorer 8, has appeared on US television with a simple concept – how many people can it dupe into giving private information. This, apparently, was to highlight how vulnerable your personal information is and to focus on the security aspects of the latest version of IE. (Well, the latter might be a bit questionable, as the study showing this was funded by Microsoft).
“To prove just how vulnerable your personal information is, Internet Explorer 8 re-recreated notorious internet scams–live, off the web– in the most street-smart city in world: New York. We used hidden cameras to film reactions of real people. In the first spot we asked people to provide very personal information in order to open a new bank account which would give them a cash reward of $500,” Microsoft blogger Brandon LeBlanc said.
However, will scaring users to Internet Explorer be enough to stop their downward spiral? Will it be another Microsoft advertising failure? Keep your eyes peeled on your TV set (if you are in the USA) for more of these types of ads coming in the next few weeks from Microsoft.
You can watch the ad for yourself, after the jump.
Thought that message about you cheating on your test was within your Facebook friends? Or maybe you took a HIV test and found out negative (or positive), or just want to shout out that you have lost your virginity. Well, get ready to learn something harsh. Your status messages are public, and now they are searchable. Yes, just like Google, I can type something in Openbook and find out what you and the over 300 million people on Facebook are talking about – unless you are smart and lock down your account.
Even though your profile may be locked down, it does not mean your status messages are. And that is what they try and use to power the service.
Google’s claims that Vietnamese computer users were spied on and blogs critical of the government were hacked into were rejected by Vietnamese authorities talking to the AFP, telling the news agency that these were “groundless opinions”.
A spokeswoman from the Ministry of Foreign Affairs said that Vietnam has “specific regulations against computer viruses, harmful software and for ensuring information security and secrecy.”
