Tag: Security Update
Unpatched Adobe PDF bug results in large-scale attacks
by Don Fosen on Jan.08, 2010, under Security Updates
Adobe has acknowledged a bug in their Reader and Acrobat software that is being used to conduct large-scale attacks against users. The bug was acknowledged on December 14th but Adobe decided not to fix it until January 12th at the earliest. Please be very careful about opening PDF files from unknown sources until this is resolved. I highly recommend that you disable Javascript in Reader, click here for detailed instructions on how to do this. If you running Adobe Reader 9 you should get the update automatically when it is released, if you are not running version 9 you should install it. You can also consider alternative PDF Reader software, Foxit Reader has been well reviewed. Download it here.
Additional Information:
New Adobe Reader and Acrobat Vulnerability
Large-scale attacks exploit unpatched PDF bug
Adobe probes new in-the-wild PDF bug
Small Business Cyber-Threat
by Don Fosen on Nov.05, 2009, under Security Updates
Cyberthieves are breaking into computers used at small businesses that are used to interact with online bank accounts and intercepting login information. They then login into the bank account and create fraudulent ACH transfers or add fake employees to payroll. Unfortunately banks are all too often allowing these things to happen even when proper documentation has been provided. Several organizations have lost hundreds of thousands of dollars. The most frequent way the thieves gain access to the computer is through sending a fake email with links that when clicked allows the thief to install a key logger. A key logging program captures all of the input that a user enters and transmits it to the cyberthief.
As always, the best way to prevent this happening to you is to be very careful what email you open and links you click on. Make sure you have good anti-virus software installed and it is current and that you have installed the latest Windows Updates. Also, if it is possible, consider keeping a separate computer that is used for nothing but accessing critical information like online bank accounts.
Additional information:
FBI warns of $100M cyber-threat to small business
Keylogger Definition
