Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

Tag Archives: CNet

MS NUads: They watch you watching them

Interactive NUads advertisements tied to the Kinect sensor will roll out in late spring, Microsoft tells CNET. But will all other Kinect apps be as privacy-sensitive?

via Microsoft readies NUads: They watch you watching them | Security & Privacy – CNET News.

Two weeks of smartphone charging in your pocket

Juice in a box. Lilliputian's portable fuel cell can deliver between 10 to 14 full charges for an iPhone with one replaceable cartridge.Fuel cell maker Lilliputian Systems today announced that Brookstone will be the first retailer to carry its portable USB power source, which will be sold under Brookstone’s brand. The fuel cell device is about the size of a thick smartphone, and the lighter fluid-filled cartridges are about the same size as a cigarette lighter.


 

via Two weeks of smartphone charging in your pocket | Cutting Edge – CNET News.

Bad Siri! She lets anyone use a locked iPhone 4S

Screen shot

The voice-activated feature on the new iPhone 4S will let anyone use the phone to send e-mails and text messages and make calls even if it is passcode locked….. There is an easy fix for this situation… In the Passcode Lock settings, switch Siri to “Off”.

via Bad Siri! Shell let anyone use a locked iPhone 4S | Security – CNET News.

Microsoft falsely labels Chrome as malware

“Wow, that’s certainly one way to win the browser war,” said Andrew Storms, director of security operations at nCircle Security, over on Network World.

Google has released a new version of Chrome after Microsofts antivirus software flagged the browser as malware and removed it from about 3,000 peoples computers on Friday.

Microsoft apologized for the problem and updated its virus definition file to correct the false-positive problem, according to a post from Ryan Naraine at ZDNet.

“…perhaps Microsoft should have included Google, not just its customers, in its apology”.

via Microsoft falsely labels Chrome as malware | Security – CNET News.

Phishers use HTML attachments to evade browser blacklists

To get around phishing blacklists in browsers, scammers are luring people by using HTML attachments instead of URLs, a security firm is warning.

Chrome and Firefox are good at detecting phishing sites and warning Web surfers via a browser notice when they are about to visit a site that looks dangerous. So good, in fact, that scammers are resorting to a new tactic to lure victims into their traps via e-mails–attaching HTML files that are stored locally when they are opened, according to an M86 blog post yesterday.

After the user fills in a form with the information the scammers want to steal and clicks “submit,” the HTML form sends the data through a POST request to a PHP Hypertext Preprocessor script hosted on a legitimate Web server that has been compromised…

“Months-old phishing campaigns remain undetected, so it seems this tactic is quite effective,” the blog post says…

To protect against this, people should avoid opening HTML attachments if the e-mail seems suspicious and [should] not provide any information in forms. Financial institutions do not send such attachments to customers.

via CNET News.

Report: Hackers penetrated Nasdaq computers

Federal authorities are investigating repeated intrusions into the computer network that runs the Nasdaq stock exchange, according to a Wall Street Journal report that cited people familiar with the matter.

The intrusions did not compromise the tech-heavy exchanges trading platform, which executes investors trades, but it was unknown which other sections of the network were accessed, according to the report.

“So far, [the perpetrators] appear to have just been looking around,” one person involved in the Nasdaq matter told the Journal.

via Report: Hackers penetrated Nasdaq computers | Security – CNET News.

Adobe reports ‘critical’ flaw in Flash, Acrobat

Adobe has issued a security advisory about a “critical” vulnerability in its Flash Player and Adobe Reader and Acrobat products that it says could let attackers take control of people’s computers.

The company said late Friday that there had been reports of the hole actually being exploited and that an official patch was not yet available.

Affected software includes:

  • Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux, and Solaris
  • Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh, and Unix

via Adobe reports ‘critical’ flaw in Flash, Acrobat | Security – CNET News.

T-Mobile experiencing widespread outage

In a statement, T-Mobile said it is working to get its service back up and running.

“T-Mobile customers may be experiencing service disruptions impacting voice and data,” the company said in a statement. “Our rapid response teams have been mobilized to restore service as quickly as possible. We will provide updates as more information is available.”

The above was at 8:00 pm Atlanta time.

Update 6:24 p.m. PT: T-Mobile issued an updated statement saying it now believes only 5 percent of customers are experiencing outages.

via T-Mobile experiencing widespread outage | Beyond Binary – CNET News.

MS to release free security software soon

Microsoft plans to release the final version of its free antivirus software soon, according to a note sent to testers late Sunday.

via Microsoft to release free security software soon | Security – CNET News.

Twitter DDoS info

There are articles in the below that nicely summarize the DDoS attack that affected Twitter (and other services) last week:

Security Weekly.