[warning] Forum Topics

A 22 year old vulnerability, yes you read that right, has been discovered which some security experts suggest could be bigger than Heartbleed. The bug, reported as '[CVE-2014-6271:remote code execution through bash](http://seclists.org/oss-sec/2014/q3/649)' relates to how environment variables are processed: with trailing code in function definitions being executed independently of the …

Following on from the news that an eBay password database has been compromised, and universal advice from security experts that users should now change their passwords, one thing has been loud clear: the total lack of that password change requirement from eBay. Sign into eBay and there is nothing to …

Just as your average Joe starts to 'get' the importance of online security, and that means using anti-virus software, so the bad guys start exploiting this new found understanding by flooding the Internet with fake AV products. [attach]16913[/attach]Security researchers at [URL="http://www.sophos.com"]SophosLabs have today identified a major new fake anti-virus software …

[ATTACH=RIGHT]22213[/ATTACH]You may not be a big fan of Microsoft, but you wouldn't expect your computer to be held to ransom by the company would you? In recent months it has become quite commonplace, at least across Europe, for scammers posing as Microsoft technical support staff to 'cold call' people on …

Why has it taken six years for someone to take a contract out on my life? Or, more accurately, for a scammer to send me an email demanding payment of a bribe in order for him to cancel a supposed contract. The first hitman scam was spotted almost exactly six …

The latest VIPRE report, detailing the ten most prevalent malware threat detections spotted by [GFI Labs](http://malwareprotectioncenter.com/) and the ThreatNet Detection System, reveals that Google, LinkedIn, Skype and Mass Effect 3 were amongst the big brands being exploited by cybercriminals in order to leverage trust whilst distributing malware-laden emails. As a …

With the London 2012 Olympics due to open in just a few days time, the expected push by the bad guys has started. No, I don't mean the banning of wearing Pepsi T-Shirts in the Olympic Stadium as it might upset official sponsors Coke, or the fact that nobody is …

The 'World's Greatest Anti-Malware Software' is the spurious claim being made by Malwarebiter, which just so happens to sound an awful lot like Malwarebytes which could perhaps justifiably lay claim to that accolade. Take a look at this forum and you will see that Malwarebytes is a very valuable tool …

It's not often that Microsoft recommends that Windows users should disable a much hyped part of the OS, but that's exactly what has happened regarding the Windows Sidebar and Windows Gadgets found in Windows Vista and Windows 7. [Microsoft Security Advisory 2719662](http://technet.microsoft.com/en-us/security/advisory/2719662) clearly states "Disabling the Windows Sidebar and Gadgets …

The Flashback Trojan has infected at least 600,000 Apple computers running Mac OS X according to the Russian AV company [Dr Web](http://www.drweb.com/?lng=en) which researched the spread of the malware which was originally discovered at the end of last year and for which Apple issued a security patch just this week. …

If you are a user of Adobe Flash, be sure to apply the latest security update if you want to avoid becoming part of an in-the-wild attack exploiting a vulnerability which currently seems to be exploiting users of Internet Explorer on the Windows platform only. Adobe has, however, issued an …

Security researchers are warning that some 30,000 WordPress websites, 85% of them based in the US, have been compromised by a mass-injection hijack attack which sees visitors to any of more than 200,000 individual pages redirected to a Trojan infected rogue AV scam. [ATTACH=RIGHT]24076[/ATTACH]The senior security researcher with Websense Labs, …

The Ainslot.L Trojan appears to be much the same as any other at first glance; logging user activity and sending Gmail and Facebook passwords to the bad guys, downloading further malware, taking over your computer and the main payload of being a Banking Trojan stealing account login data. But Ainslot.L …

[ATTACH=RIGHT]21691[/ATTACH]“Your PC may be infected” says Google, which has taken the unusual step of [URL="http://googleblog.blogspot.com/2011/07/using-data-to-protect-people-from.html"]warning users[/URL] that a couple of million or so of them have most likely been taken in by a fake AV scam. According to a post on the official Google blog by security engineer Damian Menscher, …

Anyone who uses Twitter, and has at some point posted a link to something interesting, will have almost certainly used a URL-shortening service such as bit.ly for example. Now the spammers are exploiting the popularity of such link-reduction services by establishing their own fake URL-shortening services in order to redirect …

[ATTACH=RIGHT]21548[/ATTACH]Earlier this week a hacker group called Dev-Team launched a revamped website service that enables owners of the iPhone 4 and iPad 2 (amongst a myriad other iOS-powered devices) to jailbreak them in next to no time, for free, online. The [URL="http://blog.iphone-dev.org/post/890709355/the-return-of-jailbreakme-com"]JailBreakMe site exploits a vulnerability[/URL] with the way that …

Everyone involved in the DaniWeb community, from the membership right through to the management, would like to offer sympathy and support to those suffering as a consequence of unfolding events in Japan. Unfortunately, some despicable types just see such tragedy as an opportunity to scam the kind-hearted majority out of …

Viral videos are usually a great laugh, which is why they spread so quickly and the reason they get called viral in the first place. But the laughter soon stops when the bad guys use the lure of a viral video to launch a clickjacking attack. [attach]15852[/attach]Security researchers at Sophos …

It seems that the world has gone football crazy now that the World Cup is underway in South Africa, [URL="http://en.wikipedia.org/wiki/Vuvuzela"]vuvuzelas[/URL] and all. But with ticket sales not having been as successful as expected, and [URL="http://www.independent.co.uk/news/world/africa/seats-to-spare-ndash-but-fifa-wont-let-south-africans-fill-them-2002630.html"]reports[/URL] of rafts of empty seats which FIFA won't sell tickets to South Africans for, overseas …

Chip and PIN credit card attack leaves banks on shaky ground according to one analyst, although oddly enough the banks appear to disagree. Researchers at the University of Cambridge Computer Laboratory have revealed how the Chip and PIN credit card security system is flawed and left vulnerable to fraud. Steven …

Twitter users are being warned not to click the links in a Direct Message which has been circulating in large numbers since late Saturday. The message simply says either "LOL, is this you?" or "LOL, this is funny" or "ha ha, u look funny on here" and has a link …

Some 22,000 Acer Aspire Notebooks are being recalled because, according to the [URL="http://www.cpsc.gov/cpscpub/prerel/prhtml10/10103.html"]U.S. Consumer Product Safety Commission[/URL], they represent a burn hazard. Mainly because they have the potential to melt. Hot laptops are nothing new, of course, but generally speaking the seat of the [URL="http://www.daniweb.com/blogs/entry929.html"]fire risk is often to be …

Still using Adobe Acrobat or Adobe Reader? Maybe it is time to switch to something that's not glowing red on the bad guy radar, or which is more securely coded depending upon how you look at these things. Yes, Adobe has admitted that there is yet another possible zero-day vulnerability …

It is something of a good and bad news day for mobile phone giant Nokia. On the same day that it announces shipping of the new N900 handset, based on the open source Maemo 5 software, Nokia is also recalling a staggering 14 million mobile phone chargers due to concerns …

It seems that Google searches on terms that are related to iPhone SMS information are being used to return results that direct unsuspecting users to rogue AV sites. According to the Websense Security Labs ThreatSeeker Network [URL="http://securitylabs.websense.com/content/blogs.aspx"]blog[/URL] malicious URLs related to Apple iPhone SMS/MMS searches are ranking as high as …

Adobe has issued a security advisory following the discovery of what it describes as a "critical vulnerability" which exists within the current versions of Flash Player (v9.0.159.0 and v10.0.22.87) across all platforms, Windows, Macintosh and Linux operating systems, The same vulnerability can be found within the authplay.dll component that ships …

Everyone knows that the iPhone 3GS only comes in black or white varieties, but some unlucky users are claiming to have got their hands on a pink version. The thing is, these started out as bog standard white models but, according to some reports, they get so hot during extended …

It looks ever more likely that 2009 could indeed be the [URL="http://www.daniweb.com/blogs/entry3781.html"]year of the scam[/URL]. Symantec owned MessageLabs is warning that cases of advance fee [URL="http://www.daniweb.com/blogs/entry1198.html"]419 fraud[/URL], along with other financial scams, have spiked as we enter 2009. From December 22nd 2008, through into January 2009, the number of scams …