Chris Brook

About

"Distrust and caution are the parents of security" - Benjamin Franklin

Early Windows 8 Users to Remain Vulnerable to Flash Exploits Until October

While Windows 8 won’t officially be released until Oct. 26, according to reports over the weekend, the operating system already has a handful of Flash holes that could open the system up to exploits by attackers. The problem stems from the system’s browser, Internet Explorer 10, that’s coming with its own integrated version of Adobe’s Flash Player which hasn’t been updated since it was initially shipped.

Report: Toll Fraud Emerges as Android’s Number One Threat

Mobile malware continues to run rampant, thanks to a growing glut of toll fraud malware – apps that have been engineered to bill its victims through premium SMS services. The malware type eclipsed spyware this year as the largest application-based threat according to mobile security firm Lookout who found it made up 79 percent of the malware it detected over the past year.

Apple Fixes Flaws, Updates Java 6 for OS X

Apple pushed out a Java update for its Snow Leopard, Lion and Mountain Lion systems Wednesday, fixing vulnerabilities Oracle tackled in last week’s emergency CVE-2012-4681 patch. Both Java for Mac OS X 10.6 Update 10 and Java for OS X 2012-005 update the Java SE 6 plugin and, in what might be a sign of Apple’s growing displeasure with the platform, help configure browsers to not automatically run Java applets.


Nearly 100,000 Facebook users have been duped into installing third-party Chrome plugins over the past few weeks that have access to all of their data on every Web site they visit. According to research recently conducted by security firm Barracuda Networks, the unsuspecting users were tricked into thinking the plugins could block Timeline, a new profile feature Facebook first introduced at the end of 2011.

UPDATE–The Antisec arm of hacktivist group Anonymous published one million unique device identifier numbers, or UDIDs, for Apple devices, including iPhones and iPads, on Monday night. The group alleges the slew of information was swiped from a laptop belonging to the FBI earlier this year.

There’s been a huge jump in malicious, web-based infections targeting companies in the last year, a nearly 400 percent increase from last year, according to research released today by network security company FireEye. The company’s “Advanced Threat Report – 1H 2012,” blames the jump on attackers’ ability to penetrate organizations’ usual security infrastructures.

Boasting a new silent updater and an optimized memory management system, Mozilla pushed out Firefox 15 this week, the latest build of its flagship browser. Following similar steps taken by Adobe and Google with its Flash, Reader and Chrome products, Firefox’s new updater will now perform updates in the background, saving users from those pesky, sometimes intrusive notifications.