USPS
hacked. Personal data of 500,000 full time and 178,000 part time
employees stolen including SSN numbers! Plus names, addresses,
telephone numbers, email addresses and other information of people
dialing in to one of the USPS’ call centers between Jan 1st.
and Aug. 16th of this year. Credit card information was
not compromised.
Microsoft's
own language says it:
"Remote code execution if an attacker sends specially crafted
packets"
"remote code execution if a user views a
specially crafted web page using Internet Explorer"
Original
quotes from MS bulletins for November's Patch Tuesday.
I preach
for many years: Don't use IE.
New
flaw in VERY IMPORTANT and ubiquitous security software got quietly
patched. In this context a prominent MS security researcher said:
"It is of critical importance that all versions of Windows
are updated ...”
Sad
that we still need to be reminded – and sadder yet that some still
don't do it.
Warning:
New
CryptoWall
ransomware variant; spread through advertising networks.
When you
see advertisements your computer already
needs to be cleaned!
Microsoft's
newest “...
Security Intelligence Report” makes it clear:
Not up-to-date or expired security software does NOT protect in
any way!And I thought that
was a no brainer; Silly me.
Poodle:
An understandable explanation and instructions on what to do are
here.
Windows
8 will have to
upgraded to 8.1 by
Jan. 12, 2016 (See MS
blog here).
Win
10 Technical Preview
updated to build 9879.
Still
more malicious PowerPoint files. Be
careful;
no patch yet.
Adobe's
Digital Editions 4 desktop ebook reader secretly
sends encrypted data
back to headquarters – data that details a user's reading habits.
Hot off the press this morning: TheWeather Channel web site open to simple, primitive attacks if you click on any link in that web site!
