Tag: Security

Posted on

Java 7 Update 7

Following the revelations of the critical vulnerabilities, Oracle releases Java 7 Update 7 to address the issues.

From Java.com:

Free Java Update
Version 7 Update 7

Your system currently has an older version of Java and you are receiving this update notification because a newer version has been automatically detected.
Install this free update for Java to get the following features:

  • improves performance and stability
  • enhances security

Please install this free Java Update by clicking on the Install button on the Java Update window.

Posted on

SpamCop.net

The evil admin forwarded me a message from a reader just a few minutes ago.

I’m writing to see if you’ve been able to make any headway on the “milkcheesedns.com” spammer that you posted about several times this year. I’ve been receiving a large amount of this junk mail through one of my accounts and it’s practically unbearable. There’s a new domain name every day and my email host isn’t doing anything to improve their filters. The WHOIS records of these offending domains all point back to eNom.com / namecheap.com. I’ve tried contacting eNom, as you did, but my results were the same — their abuse form is broken and they don’t seem very cooperative to begin with. Can you offer any suggestions on how this jerk can be stopped? Besides the registrar and the usual “abuse@___.com” address, which is useless, what else can be done? I appreciate your thoughts.

Fighting spammer is an ongoing battle. We suggest users to create accounts at SpamCop.net and report the spam.

Posted on

Hax-o-rama!

NVIDIA Forums (forums.nvidia.com) was recently hacked.

Posted July 12, 2012

NVIDIA suspended operations of the NVIDIA Forums (forums.nvidia.com) last week.

We did this in response to suspicious activity and immediately began an investigation. We apologize that our continuing investigation is taking this long. Know that we are working around the clock to ensure that secure operations can be restored.
Our investigation has identified that unauthorized third parties gained access to some user information, including:

  • username
  • email address
  • hashed passwords with random salt value
  • public-facing “About Me” profile information

NVIDIA did not store any passwords in clear text. “About Me” optional profiles could include a user’s title, age, birthdate, gender, location, interests, email and website URL – all of which was already publicly accessible.

Earlier on Thursday, username and passwords from multiple services were stolen. It’s a Hax-o-rama Thursday.

Posted on

Casualty of MobileMe Closure: Drew Thaler’s JavaScript Blacklist Safari Extension.

UPDATE:
JavaScript Blacklist Safari Extension 1.0.1 is available.

What is Drew Thaler’s JavaScript Blacklist Safari Extension?

JavaScript Blacklist is a simple extension for Safari 5 which blacklists scripts from a configurable list of domains. If a common “utility” script used by sites that you visit is annoying you, this will let you opt out quickly and easily.

John Gruber linked to Drew Thaler’s page which was hosted on MobileMe: http://homepage.mac.com/drewthaler/jsblacklist/

The problem is that Apple has shut MobileMe down starting July 1st, 2012.

You can easily copy Drew Thaler’s JavaScript Blacklist Safari Extension from other computers. You can also download it here. I copied it from one of my computers and zipped it.

Proudly powered by WordPress