BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Identifying Hoaxes and Urban Legends

Chain letters are familiar to anyone with an email account, whether they are sent by strangers or well-intentioned friends or family members. Try to verify the information before following any instructions or passing the message along.
Why are chain letters a problem?
The most serious problem is from chain letters that mask viruses or other [...]

Read More About - Identifying Hoaxes and Urban Legends »

ComputerTraining.com Hit With Consumer Protection Lawsuit

HARRISBURG – A Maryland-based computer training school that suddenly closed in mid-December, after taking nearly $2 million dollars in tuition payments from Pennsylvania students, is the subject of a lawsuit filed by the Attorney General’s Bureau of Consumer Protection.
Attorney General Tom Corbett said the suit was filed against ComputerTraining.com, Inc., (ComputerTraining) which offered computer training [...]

Read More About - ComputerTraining.com Hit With Consumer Protection Lawsuit »

Fraudulent Web Sites

We are aware of public reports indicating that attackers are using legitimate web pages to run malicious code on victims’ machines.
Reports, including a posting by Sophos, indicate that these messages
* Include keywords and names related to a current event (such as, the 9/11/2001 terrorist attack)
* Prompt users [...]

Read More About - Fraudulent Web Sites »

Avoiding Social Engineering and Phishing Attacks

What is a social engineering attack?
To launch a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that [...]

Read More About - Avoiding Social Engineering and Phishing Attacks »

Update for Microsoft Outlook Phishing Scams

A massive phishing scam similar to the recent bank fraud scams is being sent in emails that look like the following:
From: “Microsoft Customer Support”
Subject: Update for Microsoft Outlook
Critical Update
Update for Microsoft Outlook / Outlook Express (KB910721)
Brief Description
Microsoft has released an update for Microsoft Outlook / Outlook Express. This update is critical and provides [...]

Read More About - Update for Microsoft Outlook Phishing Scams »

Phishing Scams: Chase, Bank of America, Sun Trust

Alert — There is a massive new bank fraud phishing scam being conducted via email. The website address that appears in the body of the email looks valid; however, if you view the source, you will see a bogus domain name. Clicking on the link will take you to an unauthorized website. [...]

Read More About - Phishing Scams: Chase, Bank of America, Sun Trust »

Economic Stimulus Email and Website Scams

US-CERT is aware of reports of economic stimulus scams circulating. These scams are being conducted through both email and malicious websites.
Some of the email scam messages request personal information, which can then be used for identity theft. Other email scam messages offer to deposit the stimulus funds directly into users’ bank accounts. If users provide [...]

Read More About - Economic Stimulus Email and Website Scams »

IRS Stimulus Package Phishing Scam

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide [...]

Read More About - IRS Stimulus Package Phishing Scam »

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector  in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]