Category: Technology

OSX Sparkle Updater Vulnerability

Threat: OSX Sparkle Updater Vulnerability Solution: Update OSX impacted software on a secure network until applicable software patches have been made. URL: https://vulnsec.com/2016/osx-apps-vulnerabilities/ and https://www.evilsocket.net/2016/01/30/osx-mass-pwning-using-bettercap-and-the-sparkle-updater-vulnerability/ This is a pretty recent vulnerability that was found last Friday. Radek (a security researcher) found the vulnerability (or feature?) in the OSX Sparkle Updater that allowed it to use […]

Customer service a threat to your security?

Threat: Customer support leaking customer data in social engineering attacks. Solution: Reduce digital footprint of public personal information to limit access to information which can used with customer service. URL: http://arstechnica.com/security/2016/01/how-amazon-customer-service-was-the-weak-link-that-spilled-my-data/ This is an interesting article on how customer service can be targeted in social engineering attacks to give out your personal and financial information. […]

Users targeted with malware in advertising

Threat: Users targeted with malware in advertising Solution: Utilize adblocking technology and/or implement other security measures such as disabling javascript by default URL: http://www.engadget.com/2016/01/08/you-say-advertising-i-say-block-that-malware/ Specifically in this threat the website Forbes asked users to disable ad blockers but the ads served were found to contain malware. This particular instance is worse in my opinion than […]