Archive for the ‘Security Notices’ Category

Java DangerThe most commonly used Java 6 Update 20, which contains 96 vulnerabilities of the highest level of danger.

The company Bit9 has conducted a study, the results of which indicate that the Java carries a significant risk to the safety of the enterprise, as it is often the software is the ultimate target of cyber criminals.

In the study, experts analyzed the use of Java on one million cars in hundreds of companies around the world and found that older versions of Java contain vulnerabilities that pose the threat.

Main results of research:

– At 5% Percentage of all analyzed more than 100 computers installed versions of Java;
– The presence of multiple versions of Java on their computers due to the fact that when you install new versions of the old ones are not always removed; (more…)

Trend MicroTrend Micro has studied cyber threat to modern TVs

Trend Micro has released a infographic for today’s cyber threats such as TV Smart TV. According to statistics, by 2016 the share of Smart TV will account for 85% of the market.

According to experts at Trend Micro, the fact that the Smart TV allows its owners to access the Internet, in particular, to the accounts on different sites, is likely to lead to the fact that in the near future attackers will launch phishing attack on the Smart TV.

In addition, experts point out that the lack of Smart TV standard keyboard, most likely, will lead to the fact that users will be too simple passwords. (more…)

Vulnerabilities in Xen

Vulnerabilities in Xen

Vulnerabilities in Xen allowing from a guest environment to get access to a host system

In the components of virtualization based on the Xen hypervisor revealed a series of security vulnerabilities. An integer overflow (CVE-2013-2194) in the parser ELF format, used to load the cores for guest systems can be used for the organization of the code on the host system.

The problem occurs only when the guest system operating mode paravirtulizatsii (PV) has the power to indicate a custom kernel. System in which the use of nuclear specified by the host system, the issue does not occur. (more…)

Firefox logo

Multiple vulnerabilities

The new version was implemented regime Firefox Health Report, which allows to monitor the performance of the browser.

According to the developers of the browser from the Mozilla, users have available the new version, Firefox 21, which was removed a number of vulnerabilities, including three critical.

Experts was eliminated a total  of eight gaps. It should be noted that two of the critical vulnerabilities affect only Firefox, Thunderbird, and since the other company’s products are no vulnerable components.

Among the updates that are not related to security, it is worth noting the expansion of the user interface to configure the Do Not Track, an increase in graphics performance and support for the implementation of the default technology WebRTC, designed to work with multi-user web-applications. (more…)

D-LinkThe flaw allows unauthorized users to gain access to the video stream.

Company D-Link has released updates that fixes vulnerabilities in routers 5 and 8 IP-cameras. Experts point out that gaps in the software routers resemble vulnerabilities that were previously eliminated in the other models, but the cameras found dangerous, previously unknown vulnerabilities, which proved to be quite an unpleasant surprise for developers – vulnerability allows unauthorized viewers to intercept the video stream from the camera or from ASCII-output. (more…)

MicrosoftIn the second half of the 2012 attack on web-browsers have surpassed even the level of the spread of a dangerous virus Conflicker.

Microsoft submitted a report Microsoft Intelligence Report, which indicates that browsers represent the main threat for corporate networks.

The report is based on data collected in the second half of 2012, with one billion computers users in more than 100 countries. The study found that attacks on users’ browsers are currently the greatest threat, exceeding the level of risk, even a computer worm Conflicker, which since 2003 has infected millions of home and corporate systems in more than 200 countries. (more…)

Microsoft

Fix to update MS13-036

Microsoft has released an update for computers affected by the detected error in one of the security bulletins that were released last week. Fix – is ​​a program to recover that can automatically remove the update.

The company introduced the users to boot the image file used to create the backup DVD or USB-disk, which can remove security updates automatically.

The  ISO image, can be used to write data. For Windows 8 developers have native support for ISO-files within Windows Explorer. (more…)

Error in the update

Error in the update

In view of the error, the company deactivated bulletin MS13-036.

Microsoft has found that after installing the update 2823324, entered into Bulletin MS13-036, which addresses a number of vulnerabilities, the system did not boot after a reboot and some applications do not run.

In addition, after downloading the update 2823324 installed on computers Kaspersky Anti-Virus Kaspersky Anti-Virus for Windows Workstations and Kaspersky Anti-Virus for Windows Servers 6.0.4.1424 and 6.0.4.1611 also receive an error message, which states that the user to the software license is invalid . As a result, some components of the anti-virus to stop functioning. (more…)

browser history for blackmail

Blackmail

The virus has learned to use the browser history for blackmail

Fraudsters who send fake notifications on behalf of the government or law enforcement authorities that the user’s computer listed for suspicious activity, began to use the new technology. For greater credibility of its threats cybercriminals started using browsers history of victims.

Recall that extortionists usually send notice to potential victims that they have ever visited prohibited resources, or are engaged in distribution of illegal content, and so the system was subjected to blocking. To unlock the computer user to pay a fine.

Malefactors are sure that scared owners of the blocked computers won’t understand the events and silently will pay fine. (more…)

Valentine Day ThreatsOn the Internet a lot of social services intended for communication and personal acquaintances.

Sometimes users find their other half is in the vast global network. For this reason, Valentine’s Day is very popular with cybercriminals is coming is a good time to spread malicious content of unsuspecting users.

“The popular holidays such as Valentine’s Day, increase the vulnerability of Internet users. Attackers prepare thematic content of interest to people in this day. Users willing to click on an infected link disguised as a greeting card or a love message, and can easily become victims of cybercrime. “

Antivirus companies offer a number of ways to protect themselves and their information on Valentine’s Day:

Avoid opening the congratulatory messages from unknown senders, probably love letter instead of a mysterious stranger that proved fraudulent letter from cybercriminals. The same recommendation applies to downloading attachments in such a report files – besides infecting your computer, they can lead to unwanted ads while browsing the site. (more…)