The Tech Info Blog

Tech News, Work Arounds and General Goodness

Critical Exploit Found in Adobe Products

Jul 27

Posted by ttig in News | No Comments

The US-CERT has published a very serious Adobe flash vulnerability that has been uncovered. The vulnerability affects Adobe Flash versions 9.0.159.0 and 10.0.22.87 and earlier 9.x and 10.x versions. Adobe Reader 9, Acrobat 9, and other Adobe products (including Photoshop CS3, PhotoShop Lightroom, Freehand MX, Fireworks) provide Flash support independent of Flash Player. As of 2009-07-22, Adobe Reader 9.1.2 includes Flash 9.0.155.0, which is likely vulnerable to issues addressed by Flash 9.0.159.0.

This is a very serious vulnerability for which there is currently no patch. It allows an attacker to run malicious code on an affected system. We are systematically disabling the flash component as the temporary fix as we don’t like the provided workaround of deleting, renaming, or removing access to the authplay.dll component which will crash the component.

Adobe is expected to publish a fix on July 30th, which we’ll post here.
Aside from applying patches yourself, we are able to protect you and your organization from 0-day exploits such as this one with our Managed Host Intrusion Prevention system. We’ve been monitoring the exploit for about 2  weeks as it was being stopped cold by the system.  With the help of the system we are able to pick up malicious behavior and lock the exploits down before any patches or mentions show up. Shoot us an email for more info.

Stay tuned

Useful links:

http://www.kb.cert.org/vuls/id/259425

http://www.adobe.com/support/security/advisories/apsa09-03.html

Share:
  • Print
  • RSS
  • Digg
  • del.icio.us
  • Facebook
  • Twitter
  • Google Bookmarks
  • Technorati
  • StumbleUpon
  • Reddit

Tags: , , , , ,

Denial of Service Attacks

Jul 23

Posted by conrad.culling in News | No Comments

A recent string of attacks around the globe have put computer hackers into the international spotlight once again.  There have been speculations that the latest attacks were perpetrated by either North Korea itself, or its sympathizers, as the attack came from about a dozen IP addresses around the world.  The type of attack employed by these hackers is known as a Denial-of-Service (DOS) attack.  While this type of attack was used in this case to merely create a stir, it can be devastating if used against individuals or small businesses as well.

What is a DOS attack?

A DOS attack can come in a variety of forms, all with the purpose of causing the targeted system to become inoperable.  This is done by sending vast amounts of traffic to the intended target, consuming a vast amount of its resources, thus causing it to no longer be able to respond to legitimate traffic, or respond so slowly that it become essentially inoperable.

Email and Text Bombs

Another variety of DOS attacks are those that either only target individual people, or use an individual as a means of attacking a larger entity as a whole.  With Email Bombs, a single email address is sent multiple messages simultaneous from multiple senders, in hopes of overloading both the individuals email itself, halting productivity, as well as the server on which the email is hosted, thus halting productivity for an entire organization.  Furthermore, text bombs are also employed as a means to render the target’s phone inoperable as multiple text messages are sent from several phones simultaneously, causing the phone to become inoperable as it attempts to receive all the messages.

Who is Safe?

To be honest, no one is safe.  As you can see, these recent attacks were aimed at government websites in both The United States and South Korea, and have also been successfully used against large Internet sites such as The Pirate Bay as recent as June of this year.  However, these attacks are not commonly used against individuals and small businesses.

Share:
  • Print
  • RSS
  • Digg
  • del.icio.us
  • Facebook
  • Twitter
  • Google Bookmarks
  • Technorati
  • StumbleUpon
  • Reddit

Tags: ,

Cyber Security And Your Family

Jul 8

Posted by conrad.culling in News | No Comments

Fox News recently published an article on a popular children’s website, Neopets and how it was being used to by identity thieves to send links to the children from which a program would be installed on the computer to steal sensitive information from the children’s parents.  Such scams and attacks have been frequently used in sites such as Myspace, Twitter and Facebook, sites appealing to a slightly older age range.  However, this new string of attacks shows a new angle that identity thieves are using in which rather than attacking the primary victim, they are using children to act as a gateway, installing malware onto the family computer, which the parents then later use to do their weekly online banking, shopping and bill paying.

What Can You Do to be Safe?

According to the Federal Trade Commission, the number of registered complaints for the year 2008 was the highest ever, with 1.2 million registered instances of identity theft.  So, what should you do to help :

  1. Monitor your children while on the web, within reason
  2. Scan your computer weekly with free malware removal tools such as Sypbot S&D or Malwarebytes
  3. Enable phishing protection on your browser. Instructions for Firefox and Internet Explorer

Read the rest of this entry »

Share:
  • Print
  • RSS
  • Digg
  • del.icio.us
  • Facebook
  • Twitter
  • Google Bookmarks
  • Technorati
  • StumbleUpon
  • Reddit

Tags: , ,

Welcome to The Tech Info Blog

Jul 2

Posted by conrad.culling in Company News | No Comments

Welcome to the Tech Info Blog. Please check back often for new and interesting posts!

Share:
  • Print
  • RSS
  • Digg
  • del.icio.us
  • Facebook
  • Twitter
  • Google Bookmarks
  • Technorati
  • StumbleUpon
  • Reddit

Tags: