Mindblown: a blog about philosophy.

Details released of overflow issue reported and patched. BitDefender and several security-watching sites have unveiled details of a serious overflow vulnerability in the parsing of packed PE files, first reported to the company in August and patched within a week. The flaw, which could have been exploited by a maliciously crafted file to gain remote…

Government report shows massive rise in scams. A report presented to the UK government by the Financial Services Authority (FSA), the UK’s financial watchdog organisation, indicates that phishing incidents have increased by an enormous 8000% in the last two years. The figures reveal a total of over £23 million raked in by scammers in the…

Direct marketeers’ association adopts code of good behaviour. The Federation of European Direct and Interactive Marketing (FEDMA), a common-interest and self-regulatory body for junk mailers, cold callers and senders of unsolicited bulk email, has issued an anti-spyware code warning its members off using intrusive or deceptive technology. FEDMA represents the direct marketing industry, covering email,…

Customer email campaign in breach of CAN-SPAM regulations. The US Postal Service (USPS) has come under fire from anti-spam activists after a mass email campaign promoting a new web-based post and shipping service was judged to contravene the US CAN-SPAM laws. The emails, promoting a new feature of the USPS ‘Click-n-Ship’ service, was sent to…

Possible third vulnerability in popular software exploited. Reports are coming in of a new exploit for Microsoft ‘s Word word processing software, amid speculation that the attack takes advantage of yet another vulnerability. With the first two, one several weeks old and the other appearing last week, not covered by the recent Patch Tuesday release,…

Email-forwarding system lets users set a fee to let spam through. Email-forwarding system Boxbe has come up with a new way around the spam problem – by letting its users set a fee for anyone wanting to send them emails. Users signing up to the free service get an email address which they can safely…

Accounts held hostage by data-stealing extortionists. Following the wave of ‘ransomware’ attacks first spotted in the summer of 2005, online extortionists have picked another target – webmail accounts. According to an alert from Websense , reports are coming in of web-based email accounts broken into by crooks and held to ransom. The webmail (in most…

Old and new zero-day vulnerabilities to remain unpatched. Microsoft ‘s monthly Patch Tuesday update release sees seven security patches for Windows operating systems and products, three of which are marked as critical. These include fixes for Visual Studio , Internet Explorer and Windows Media Player , the last of which, a fix for the .ASX…

Market analysts foresee boom in mobile threats and security market. UK-based telecoms analyst Juniper Research has released a report predicting a steady rise in attacks on smartphones over the next five years, with an accompanying increase in the size of the market for mobile security software. The study into likely future trends in the mobile…

Simple encoding dodges slip malware past gateways. A security researcher released a report last week claiming that some simple manipulation allowed him to get mails containing the EICAR test virus string past a variety of mail scanning products. Software from BitDefender , ClamAV , F-Prot and Kaspersky was reported to be vulnerable to the trick.…