Serious bug in fully patched Internet Explorer puts user credentials at risk

Wednesday, February 4th, 2015

A vulnerability in fully patched versions of Internet Explorer allows attackers to steal login credentials and inject malicious content into users' browsing sessions. Microsoft officials said they're working on a fix for the bug, which works successfully on IE 11 running on both Windows 7 and 8.1. The vulnerability is known ...

Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

Monday, February 2nd, 2015

A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh.  Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.  We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer ...

New version of Autoruns integrates with VirusTotal

Sunday, February 1st, 2015

The new version of Microsoft's Autoruns (version 13 - released last week) integrates the VirusTotal API for quick analysis and verification of unknown and questionable processes.  After running the program, just right-click on any entry and select Check VirusTotal: You will need to accept VirusTotal's Terms of Service by clicking Yes: Once ...

How to Log In To Your Linux Desktop With Google Authenticator

Sunday, February 1st, 2015

For additional security, you can require a time-based authentication token as well as a password to log into your Linux PC. This solution uses Google Authenticator and other TOTP apps. This process was performed on Ubuntu 14.04 with the standard Unity desktop and LightDM login manager, but the principles are the same ...

D-Link routers vulnerable to DNS hijacking

Thursday, January 29th, 2015

At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered. Todor Donev, a member of the Ethical Hacker research team, says that ...