McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages.
Monthly Archives: October 2014
BlackEnergy Malware Used in Attacks Against Industrial Control Systems
Attackers are using BlackEnergy malware to attack HMI software running inside industrial control systems, according to an advisory from ICS-CERT.
CEBA-2014:1730 CentOS 6 scl-utils BugFix Update
CentOS Errata and Bugfix Advisory 2014:1730 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1730.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 2a9c813ef5bbf39c4a1e1a11af8064574a1a869a0fe8cf9874e6238362a39346 scl-utils-20120927-23.el6_6.i686.rpm 83f22c3f40dd93113cb29454d004fe600bc4137dbb0baf510e9dd52bd2e551a5 scl-utils-build-20120927-23.el6_6.i686.rpm x86_64: 86aed9001b6e58b37fbcbd5683decf44819f5c1b461f41ce3593a1bd0a6b39bf scl-utils-20120927-23.el6_6.x86_64.rpm d996609ddda588e0205f99d519906da87a7a52658c1654d7b7061a6e10b41092 scl-utils-build-20120927-23.el6_6.x86_64.rpm Source: c300e24a6f6a74a839c95d63a2e720649928ef88c6c4e7d7d4583152cc05f28c scl-utils-20120927-23.el6_6.src.rpm
CEBA-2014:1730 CentOS 7 scl-utils BugFix Update
CentOS Errata and Bugfix Advisory 2014:1730 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1730.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 80622a499644b33079aa67246a1fc7904c2dffcb22ca1da949f3f457313f6e8a scl-utils-20130529-9.el7_0.x86_64.rpm 5da346762d91e69cdaf12b1ba834af1e5aae0ea2ded6a3c8913871600e709b85 scl-utils-build-20130529-9.el7_0.x86_64.rpm Source: b8af440ef92ac14e980ea8856b83caac31ff967062d62bcf0cc0cb931f7294c3 scl-utils-20130529-9.el7_0.src.rpm
CEBA-2014:1729 CentOS 7 setup FASTTRACK BugFixUpdate
CentOS Errata and Bugfix Advisory 2014:1729 Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-1729.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 5715825d1d755ddd68cc4142ab44f8f9eb96e806a9edd21760e90290f79439f2 setup-2.8.71-5.el7.noarch.rpm Source: a30c4069129a4b2b652886edc6ee3e5371cfe71ad9ef07a0df303aab9d4de15f setup-2.8.71-5.el7.src.rpm
Look-alike Avast Online Security extension deceives users
We have been recently notified about a suspicious browser extension for Google Chrome. Suspicious because it was called “Avast Free Antivirus 2014″, while our browser extension is actually called Avast Online Security. You can see the fake extension along with our official ones in the printscreens from the Chrome Web Store.
The extension looks professional featuring printscreens of the PC version of Avast 2014 and a good rating of 4 stars. It is so well-done that it may trick users to install it – and indeed almost 2,000 users fell for this.
After installing, the only thing that is added is the little icon between the search bar and options button, as can be seen on the printscreen above, where the extension is already installed.
Viewing the extension code reveals that it is surprisingly lightweight. It merely opens a new tab with a predefined URL when the Avast icon is clicked.
The website, fortunately, is not malicious at all, so there is nothing harmful to the user, other than deceiving them with a false sense of security. The author of the extension created many more extensions, each leading to a different landing page on the same domain. The only comfort we received from this malicious extension, was that our extension was the most downloaded one! That confirms to us that our service is valued (and needed!).
To get the authentic Avast Online Security app for your browser, please visit us on the Chrome Web Store.
Avast Software’s security applications for PC, Mac, and Android are trusted by more than 200-million people and businesses. Please follow us on Facebook, Twitter and Google+.