SECURITY WARNINGS & Notices - Please post them here

[bob3160]

New ransomeware found on Android

http://www.theguardian.com/technology/2014/may/08/android-porn-koler-a-ransomware

http://forum.avast.com/index.php?topic=147567.msg1089993#msg1089993

[polonus]

Is making websites wiretap-ready for FBI surveillance backdoors undermining cybersecurity?
These experts think it is: https://cdt.org/blog/leading-security-experts-say-fbi-wiretapping-proposal-would-undermine-cybersecurity/
They did not listen, because that was a year ago and now? -> http://www.cnet.com/news/fbi-we-need-wiretap-ready-web-sites-now/
link article author = Declan McCullagh

polonus

[Para-Noid]

Two interesting articles...

http://www.scmagazine.com/ransomware-on-android-scares-users-with-govt-notices-asks-for-300/article/346005/
http://www.scmagazine.com/report-shows-major-spike-in-malicious-emails-at-years-start/article/346003/

[Asyn]

Microsoft Security Bulletin Summary May 2014
https://technet.microsoft.com/library/security/ms14-may

[Asyn]

Adobe Security Bulletin
http://helpx.adobe.com/security/products/reader/apsb14-15.html

[polonus]

System admins upgraded to get a vulnerable Hearbleed server: https://vivaldi.net/en/blogs/entry/heartbleed-status-upgrading-to-heartbreak
link article author =  Yngve Pettersen
Worse still that only 14 % of secure website admins were capable of coping with three step securing properly against Heartbreak: http://news.netcraft.com/archives/2014/05/09/keys-left-unchanged-in-many-heartbleed-replacement-certificates.html
What we call this, a case of "epic fail"?

polonus

[polonus]

CryptoWall ransomware gives you an additional fine: http://www.bleepingcomputer.com/forums/t/533715/cryptowall-a-new-ransomware-from-the-creators-of-cryptodefense/  (poster = Grimler)

polonus

[Asyn]

Urgent Security Update Regarding Your Bitly Account
http://blog.bitly.com/post/85169217199/urgent-security-update-regarding-your-bitly-account

[Charyb-0]

Why You Should Ditch Adobe Shockwave

http://krebsonsecurity.com/2014/05/why-you-should-ditch-adobe-shockwave/

[AdrianH]

eBay users, change passwords NOW!

http://www.bbc.co.uk/news/technology-27504142

[polonus]

Hole in IE8 left open: http://zerodayinitiative.com/advisories/ZDI-14-140/  (deadline passed 108 days ago)

polonus

[bob3160]

Hole in IE8 left open: http://zerodayinitiative.com/advisories/ZDI-14-140/  (deadline passed 108 days ago)

polonus

All the more reason to update to something more secure than Windows XP
If you're still using XP, then at least change to a more secure browser like Chrome or Firefox

[AdrianH]

More on the eBay disaster.

http://www.telegraph.co.uk/technology/internet-security/10849689/eBay-hacking-online-gangs-are-after-you.html

Up to 233 million people have had their personal details stolen – their telephone numbers, their names, their postal and email addresses, their dates of birth and the passwords to their accounts. Of those 233 million, 15 million were eBay customers in Britain.

[abruptum]

How to Update Windows XP After End of Support

  http://news.softpedia.com/news/How-to-Update-Windows-XP-after-End-of-Support-443631.shtml

I am not brave enough to try this on my other PC.

[mchain]

IoT, cloud computing, and nation-state threats redefine enterprise security

http://www.computerworld.com/s/article/9248523/IoT_cloud_computing_and_nation_state_threats_redefine_enterprise_security