Now pointlessly enhanced with AI
Microsoft Office 2008 for Mac 12.3.6 Update
This update fixes critical issues and also helps to improve security. It includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.
Microsoft Office for Mac 2011 14.3.2 Update
This update fixes critical issues and also helps to improve security. It includes fixes for vulnerabilities that an attacker can use to overwrite the contents of your computer’s memory with malicious code.
A Mozilla Firefox user reported popup ads from movieplayerupdate.com (movieplayerupdate.com/mtrack/free_download/1/pre/).
Another Mozilla Firefox user also reported the popup ads from movieplayerupdate.com (movieplayerupdate.com/flashplayer/download_free/).
Both links now show 404 not found, but not before we managed to grab a screenshot. It says:
http:// movieplayerupdate.com
WARNING! Your Flash Player may be out of date. Please update to continue
The site is also telling user:
Please Install Flash Player Pro to Continue
Remember folks, there is no such thing as “Flash Player Pro”.
The links on both “REMIND ME LATER” and “INSTALL” point to: mtrack10.com/base2.php
By clicking either button, an executable file will be downloaded.
A user sent us a note that similar popups from videoplayerdownload.co were found (videoplayerdownload.co/free-download/mt/1/pre/).
The “Install Now” link also points to mtrack10.com/base2.php
It seems that both movieplayerupdate.com (whois info) and videoplayerdownload.co (whois info) are registered by the same individual through GoDaddy on the same day (Feb 20, 2013).
The domain mtrack10.com (whois info) is also registered through GoDaddy one week earlier (Feb 14, 2013).
By clicking the “Install Now” button, an executable file will be downloaded.
——-
It is pretty obvious the individuals behind the domain names mentioned above are unscrupulous. Do not blindly download some programs just because a popup told you so.
To update Flash Player, download it direct from Adobe.
http://www.adobe.com/products/flashplayer/distribution3.html
Apple releases update for Java SE 6 to 1.6.0_43. This update is available for Mac OS X Snow Leopard, OS X Lion, and OS X Mountain Lion.
Oracle recently updates Java SE 7.
The Evernote team has been sending out emails to users regarding the hack attack. The Evernote also initiate a service-wide password reset.
Evernote’s Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.
As a precaution to protect your data, we have decided to implement a password reset. Please read below for details and instructions.In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost. We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed.
The investigation has shown, however, that the individual(s) responsible were able to gain access to Evernote user information, which includes usernames, email addresses associated with Evernote accounts and encrypted passwords. Even though this information was accessed, the passwords stored by Evernote are protected by one-way encryption. (In technical terms, they are hashed and salted.)
Most people had no idea who or what Zendesk are, but they should. Zendesk provides customer service portals to companies such as Pinterest, Tumblr and Twitter. Zendesk revealed in their blog that they’ve been hacked.
Pinterest, Tumblr and Twitter have been sending notices to their affected users regarding the security breach.
From Tumblr support:
Important information regarding your security and privacy
For the last 2.5 years, we’ve used a popular service called Zendesk to store, organize, and answer emails to Tumblr Support. We’ve learned that a security breach at Zendesk has affected Tumblr and two other companies. We are sending this notification to all email addresses that we believe may have been affected by this breach.
This has potentially exposed records of subject lines and, in some cases, email addresses of messages sent to Tumblr Support. While much of this information is innocuous, please take some time today to consider the following:
- The subject lines of your emails to Tumblr Support may have included the address of your blog which could potentially allow your blog to be unwillingly associated with your email address.
- Any other information included in the subject lines of emails you’ve sent to Tumblr Support may be exposed. We recommend you review any correspondence you’ve addressed to support@tumblr.com, abuse@tumblr.com, dmca@tumblr.com, legal@tumblr.com, enquiries@tumblr.com, or lawenforcement@tumblr.com.
- Tumblr will never ask you for your password by email. Emails are easy to fake, and you should be suspicious of unexpected emails you receive.
Your safety is our highest priority. We’re working with law enforcement and Zendesk to better understand this attack. Please monitor your email and Tumblr accounts for suspicious behavior, and notify us immediately if you have any concerns.
Oracle releases Java 7 Update 15. The update is available on Java site or through Java Control Panel. Linux, Mac, Solaris and Windows users who use Java should get the update as soon as possible.
Apple has also updates Java SE 6 for Mac OS X Snow Leopard, OS X Lion and Mountain Lion; following the news of hacker attack on Apple and Facebook.
Apple releases Java SE 6 updates for Mac OS X Snow Leopard, OS X Lion and Mountain Lion.
In related news, Apple admits to being victim of hacker attack through vulnerability in Java.