Category Archives: Security

Keeping users safe online.

Protected: Private Email – Part 2

There is no excerpt because this is a protected post.

Posted in How the Net Works, Interesting Items, Resources, Security, Tips and Tricks | Enter your password to view comments.

Protected: Private Email – Part 1

There is no excerpt because this is a protected post.

Posted in How the Net Works, Interesting Items, Resources, Security, Tips and Tricks | Enter your password to view comments.

Critical New Microsoft Security Flaws Revealed

There’s a certain rich irony in the recent hack of the notorious Hacking Team. Though they self-righteously claim to be selling solutions to law enforcement, Hacking Team is an evil group of professional hackers and malware vendors. They got pwned themselves recently, possibly by disgruntled employees. It’s paid off nicely in revealing some of their slimy methods and sleazy clients (including dictators and the DEA), as well as a number of zero-day exploits they were selling on the black market. One of these involved, of all things, fonts. Yes, even innocent-seeming type on the page can now be a weapon. If the victim opens a specially-crafted webpage or document with embedded OpenType fonts, this vulnerability would allow an attacker to elevate their user privileges, allowing them to run remote code and completely take over the unwitting victim’s machine. Leveraging the Adobe Type Manager‘s abilities to handle type, the bad guys could then install malware, view and delete or manipulate data, or create new accounts with full user privileges. This led to the discovery of a similar flaw affecting all Windows machines that is even more critical. It also uses the Adobe Type Manager and OpenType fonts, but this is not as constrained as the previous flaw. It’s so worrisome Microsoft issued an emergency patch. However, Microsoft seems rather blase about it: “The majority of customers have automatic updating enabled and will not need to take any action because the update … Continue reading

Posted in News, Security, Warnings | Tagged , , , , , | Leave a comment