united states of america usa  linkedinfacebookgoogle
Kaspersky Antivirus will no longer be sold at Best Buy

antivirus logoBest Buy announced that they will stop selling Kaspersky Antivirus and IT security tools, out of fears that the vendor works closely with the Russian intelligence.

The suspension of sales comes after a growing suspicion about the company's relationship with the Russian intelligence service, which is not a big surprise: a report from Bloomberg in 2012 had discussed founder Eugene Kaspersky’s ties to the Russian FSB and his background in the state-sponsored cryptography research. It also mentions that the firm has let go of a number of high-level employees in 2012, replacing them with individuals with close ties to Russian intelligence.

Read more.

Should I upgrade to Windows 10?

windows 10We've been getting questions from users regarding whether or not they should upgrade to Windows 10. Our answer is usually the same for everyone: ask yourself if you need it.

For the business environment, Windows (any version) is a tool to get work done. If you get a tool that breaks your work environment and requires you re-learn the basic functionality, then the answer is of course "no".

You should upgrade if

  • There's a functionality in Windows 10 that is not available in the current version that you are using.
  • You are tired of the old look and feel of your current Windows
  • You are feeling adventurous and would like to learn the new Windows.

Continue Reading

Attacks with New Microsoft Office Vulnerability

Microsoft Support and ConsultingThere's a zero-day Microsoft office vulnerability out in the wild, which infects fully patched computers. It does so by exploiting a vulnerability in most or all versions of Microsoft Word. Using Protected View in word prevents the execution of the malicious code:

FireEye recently detected malicious Microsoft Office RTF documents that leverage a previously undisclosed vulnerability. This vulnerability allows a malicious actor to execute a Visual Basic script when the user opens a document containing an embedded exploit. FireEye has observed several Office documents exploiting the vulnerability that download and execute malware payloads from different well-known malware families.

Continue Reading

Microsoft is shutting down CodePlex

Microsoft corporate vice president Brian Harry announced that they are shutting down CodePlex, its service for hosting repositories of open source software. CodePlex is Microsoft's free open source project hosting site. You can create projects to share with the world, collaborate with others on their projects, and download open source software. "As of this post, we've disabled the ability to create new CodePlex projects," Harry wrote. "In October, we'll set CodePlex to read-only, before shutting it down completely on December 15th, 2017." Microsoft claims that most open source projects have moved to GitHub and so should you.

Continue Reading

Firefox for Linux is now Netflix compatible

linux-icon-19In the past, Netflix was not available for traditional Linux-based operating systems. This was mainly due to the use of Silverlight. Netflix has adopted HTML5, which made both Chrome and Chromium for Linux capable of playing the videos. Firefox -- the open source browser choice for many Linux users -- was not yet compatible.

Continue Reading

DoubleAgent: can take control over your antivirus

double-agent

Cybellum security has discovered a zero-day vulnerability, which can turn any antivirus into a malicious application. Called DoubleAgent (DoubleAgent, since antivirus is treated as a trusted application, but through that exploit can take full control over Windows) exploits a 15 year old vulnerability which works on all versions of Microsoft Windows, starting from Windows XP right up to the latest release of Windows 10.

Continue Reading

Shellshock bug testing for vulnerability

There's a new bug that has been discovered recently, requiring affecting most linux systems running bash. You can read more about it here, but the question most often asked is: how to check if you are vulnerable? Here's a simple way to find out. Login to your Linux box and run the following:

env x='() { :;}; echo vulnerable' bash -c "echo this is a test"

The output will be, if you are not vulnerable:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test

If you are vulnerable:

vulnerable
this is a test

Update (Oct 2): Here's a newer version of the test script. It incorporates tests for all of the other bugs related to shellshock

Download link

Test results are self explanatory:

If not vulnerable (will appear in a healthy-green colour):

Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Variable function parser inactive, likely safe from unknown parser bugs

If vulnerable:

Variable function parser active, maybe vulnerable to unknown parser bugs
Vulnerable to CVE-2014-6271 (original shellshock)
Vulnerable to CVE-2014-7169 (taviso bug)
Vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Vulnerable to CVE-2014-6277 (lcamtuf bug #1)

 

More Articles...

Tel: (786) 646-6461   |   Toll-Free: (877) 454-0758
18350 NW 2nd Ave, Suite 406E, Miami, FL, 33169, USA
Privacy Policy