I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected. I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not […]
I’ve been seeing a lot of news this week about web browser plugins getting exploited to plant malware on computer systems. A lot of people know to keep Flash up to date, and to keep Java up to date or uninstall it–at least I hope so by now–but there are two targets that people generally […]
“Oh, so you think you’re Mr. Genius Man,” the crackly voice said, drowned out by static caused by his cheap VOIP connection. “Enjoy your broken computer, Mr. Genius Man. Goodbye, Mr. Genius Man.” So ended 23 minutes of my life that I’ll never get back, but I figure it’s 23 minutes he wasn’t spending scamming […]
I was listening to an interview between Paul Asadorian (of Pauldotcom fame) and Cigital CTO and software security expert Gary McGraw. They discussed how the target of attacks moved from Microsoft to Adobe and now that Adobe is showing signs of getting its act together, it’s going somewhere else. “If I were Nvidia,” McGraw said, […]
There’s an exploit in Flash, on all platforms, being actively exploited in the wild. Adobe rushed out an update. See more at Ars Technica. It allows remote code execution, so this one is as bad as it gets. Installing EMET is a potential mitigation against Flash exploits, so if you’re running Windows, protecting Flash with […]
As you probably know, last year some still-unknown criminals stole a whole bunch of credit and debit card data from Target. And the story keeps changing. First there weren’t any PINs. Then they got the PINs, but no personally identifiable data. Well, the latest news indicates they got credit card numbers, names, addresses, phone numbers, […]
I wish I’d posted this last week, since many of us see one set of relatives at Thanksgiving and a different set at Christmas (and perhaps New Year’s). Here are things you can do as preventative maintenance for relatives whose computers could use a little help.
I recently came into possession of an LG LD301EL dehumidifier. It was supposed to be draining out of the hose, but it wasn’t. I figured out why. If you have one of these or a similar dehumidifier, chances are you have the same problem. The instructions on the back of the dehumidifier aren’t as clear […]
Some revolutionary advice surfaced this past week–stop patching everything. And while I understand the argument that people need to stop letting the difficulty of patching everything paralyze them and cause them to do nothing–as I’ve seen some organizations do–and I agree that some patches are more critical than others, as someone who once had to […]
I was listening to the excellent Risky Business analysis of the Droidpocalypse this week, and I’m happy to report that the vulnerability that affects 90% of Android devices ever made, while serious, is vastly overstated.