Mindblown: a blog about philosophy.

More document software security worries. PDF software giant Adobe has released details of its second vulnerability in little over a week. The first, which was discovered in the company’s PDF reader itself, was soon discovered to be less serious than initially believed; the second, a buffer overflow problem in the Adobe Download Manager , is…

CDT and StopBadware unite in call for action against spyware pushers. The Center for Democracy and Technology (CDT) and StopBadware.org have issued a joint complaint to the Federal Trade Commission (FTC) hoping to put a stop to a rogue site, which is pushing spyware posing as a music search tool. The Argentina-based, English-language site FastMP3Search.com.ar…

Multilingual SMS spams reported. Mobile security researchers at F-Secure have received numerous reports of SMS spams from across Europe, in a variety of languages. Links in the spams are customised so that only the phone receiving the spam can access them, but all lead to the same WAP web domain, which appears to be a…

Consumer phone-snooping tool dropped by Symbian malware. A new variant of the MultiDropper trojan targeting Symbian smartphones has included amongst its payload a ‘legitimate’ commercial phone spying application, according to researchers at McAfee . The discovery is seen as a sign of a worrying new trend, as smartphones begin carrying increasingly sensitive personal data and…

Leakage review puts Comodo, Jetico way ahead of field. An in-depth study subjecting 23 different personal firewall products to a range of leak tests has granted two free products, Comodo Personal Firewall and Jetico Personal Firewall , the only ‘excellent’ ratings in the field. Behind them are the popular ZoneAlarm PRO and Trend Micro ‘s…

Microsoft warns of attacks using vulnerability. Microsoft has issued a security bulletin warning of a serious vulnerability discovered in several versions of Microsoft Word and related products, including Mac editions and the Word 2003 Viewer . The vulnerability is believed to be in use by at least one exploit in the wild. Further details of…

Security firm in consortium researching phishing prevention. Symantec announced yesterday an award of funding from the European Commission to pay for research into securing email infrastructures from spam and phishing. Along with several other major corporations and research institutions, Symantec forms part of the EU’s AntiPhish consortium. Symantec ‘s UK and Ireland divisions are working…

Exploit in QuickTime file infecting social site profile pages. A malicious QuickTime movie file is spreading across social networking site MySpace , embedding itself in the user profile pages of infected victims and changing links to point to phishing sites. The worm, variously dubbed JS/Quickspace or JS/Qspace, uses JavaScript capabilities built into Apple ‘s QuickTime…

Heavy fines and fees hit fake ‘Spyware Cleaner’ pushers. A Seattle court has announced a $1 million settlement in a case brought against a spyware firm, marking the first successful prosecution under Washington state’s anti-spyware laws. The company, New York-based ‘ Secure Computer ‘, pushed products with names such as Spyware Cleaner and Popup Padlock…

Spam watchers see major jump in scam spam sent from China Analysts at email and web security firm Marshal have reported a major spike in the numbers of phishing email originating from machines in China over the last week. According to their figures, China leapt from tenth place to top of their list of phish-sending…