Original release date: September 16, 2014
Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB14-20 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
This example of a like-harvesting scam page promises an iPhone 6 giveaway.
In the newest iteration of a scam used every time a new product is launched with fanfare, Facebook pages have been popping up claiming that people who like, share, and comment on a post can win an iPhone 6.
This type of scam is referred to as like-harvesting. The scammer makes the page popular by collecting likes and then sells the page to other scammers. The offer of a new device, like the iPhone 6, entices people to click the like button then spam their friends with the bogus promotion. Thousands of likes can accumulate within a few hours, making the page quite valuable on the black market. The new owner rebrands it to peddle more questionable products and services with their built-in audience.
A variation on this scam is the Survey Scam. As with like-harvesting, you must first like the Facebook page. The difference is that you need to also share a link with your Facebook friends.
This link takes you to a page where you are instructed to download a “Participation Application.†Generally, a pop-up window leads you to participate in a survey before you can download the application. Some surveys will ask for personal information like your mobile phone number or name and address. If you provide those details, you open yourself up to expensive text-messaging services, annoying phone calls, and junk mail. In some cases, the download contains malicious code. The only thing you can be guaranteed not to get is an iPhone 6! Meanwhile, the scammer earns money for every survey through an affiliate marketing scheme.
What to do if you liked a ‘Win iPhone 6′ page
If you fell for the scam, then learn from it and don’t do it again! Make sure you unlike the page, delete comments that you made, and remove the post from your news feed. You may also want to alert your friends to the scams, so they don’t fall for it.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
Business continuity is a term that can sound strange the first time you hear it; after all, you probably have every intention of being in business for the long haul. Right now you may be preparing the 2015 sales forecast and budget, with hopes for a great year ahead. But in your planning, have you thought about how your business would handle the bad things that can happen, from a computer virus outbreak to a biological virus outbreak, and all the other perils in-between, like fires, floods, tornadoes, hurricanes, earthquakes, and tsunamis?
Putting a plan in place to survive such “adverse events” is the goal of business continuity management or BCM, and it could well be the key to securing your digital future. Here is a 50 minute webinar that I recorded on this topic earlier this year. If you want to get a handle on planning for the future of your business, take a listen:
The post Is your business prepared to continue? Watch now and get started with BCM appeared first on We Live Security.
Adobe released a new version of Reader and Acrobat, patching eight security vulnerabilities in the PDF reader. The patches were delayed a weeks because of issues during regression testing.
The researcher who originally discovered the same-origin policy bypass in the Android browser said he reported the vulnerability to Google some time ago, but that the company’s Android security team said it was unable to reproduce the issue. Rafay Baloch said he first reported the vulnerability to Google on Aug. 13, informing the company’s Android […]
Protecting your computer is, very often, much easier than you might think. If you follow these four steps to prevent viruses, your computer won’t become infected again.
As we have seen in practically all the PandaLabs reports, these programs are a key target for cyber-criminals. That’s why it’s best to ensure they are always up-to-date or, if you don’t use them, uninstalled.
Viruses and malware can slip past antivirus programs and infect PCs by exploiting programs that haven’t been kept up-to-date.
It is essential to be aware of what you’re installing or running on your computer. Virus creators earn a lot of money from programs or applications which, at first glance, seem harmless but can infect your computer when they are run. That’s why you should:
Malware and viruses exploit security holes in outdated versions of Windows. To prevent this, you must install the latest security patches.
Windows makes this easy for you, so you can enable automatic updates so you don’t have to worry about it.
A good antivirus can do much more than keep your computer virus-free. It can protect your identity and that of your business and can also prevent fraud when you shop online.
Find out what is the best antivirus for your needs from our new 2014 product range.
What’s more, if you have an antivirus with parental control, you can protect your children from danger on the Internet.
The post 4 steps to avoid viruses appeared first on MediaCenter Panda Security.
USB & WiFi Flash Drive version 1.3 suffers from a code execution vulnerability.
WordPress Slideshow Gallery plugin version 1.4.6 shell upload exploit.
This bulletin summary notes that MS14-055 has undergone a major revision increment as of September 15, 2014.
Red Hat Security Advisory 2014-1244-01 – The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. It contains a DNS server, a resolver library with routines for applications to use when interfacing with DNS, and tools for verifying that the DNS server is operating correctly. These packages contain version 9.7 of the BIND suite. A denial of service flaw was found in the way BIND handled queries for NSEC3-signed zones. A remote attacker could use this flaw against an authoritative name server that served NCES3-signed zones by sending a specially crafted query, which, when processed, would cause named to crash.
