Well, well, well. It’s certainly been an interesting few weeks in the networking arena. I’ve been watching a discussion about a possible DNS exploit for a bit and it’s grown into a bigger problem.
I try to grab extremely critical vulnerabilities as they occur. Most of the other ones tend to be very anti climactic. The latest one is a nasty little exploit using Office’s snapshot viewer.
Macs have had the privy of not owning market share. Now, that’s good and bad. Good in that malicious individuals won’t target you because of the ROI. And it’s bad because you don’t have much market share! Anyway, Various sources are indicating that a Mac trojan, named AppleScript is actively being exploited.
You need to be aware that a particularly nasty exploit is being actively exploited in the wild. The actual exploit and vulnerability is not being disclosed. I’m assuming this is because Adobe and others are working on the problem. It seems that many thousands of sites have been exploited by means of a SQL injection vulnerability. They in turn are serving up malicious flash files that allow remote code execution on the unsuspecting computer.
Well, here it comes again. Hannaford Bros., Inc. issued a statement this week stating that hackers had made off with 2.6 million credit card and debit card numbers. They reassured their patrons by saying “no personal information, such as names or addresses, was accessed.” Um, does that strike anyone else as not so reassuring?
This past week has seen a little spike in security activity across the web. The biggest ones that will affect the broadest swath of users are exploits for Yahoo Music Jukebox, Apple iPhoto 7.2, and the Aurigma image uploader control (which is used by the likes of facebook & MySpace).
The New Yorker has a very interesting podcast on their website right now about an upcoming feature in their magazine entitled “Spy Master.” In it, Matt Dellinger interviews the person who worked on the upcoming feature – Larry Wright. Larry Wright talks about his interactions with current Director of National Security, Mike McConnell. And what the director, Mike McConnell, will be proposing soon may shock you.