PDF Malware Using New Attack Technique | threatpost

Even PDF attachments aren’t safe. If you receive an email from an unknown sender with a PDF attachment, be aware that trying to open it might launch an executable that can inject malware into your system.

The attack produces a warning dialogue box, but users are accustomed to seeing, and ignoring, those in many situations. In this particular new malware campaign, the attackers have used that tactic, along with adding some extra white space to the dialogue box to make it look less suspicious.

Read more at PDF Malware Using New Attack Technique | threatpost.

Posted in opinion, security, tech. Tags: , , , . No Comments »

Facebook – How To Opt Out Of Instant Personalization

Facebook is getting bigger and sharing more info. It’s time to revisit your privacy settings and make sure you’re not opting into anything automatically.

First stop is “Instant Personalization“, which basically allows FB partner sites to gather your info. Opt out by going to your Account –> Privacy Settings, then click on the Edit Settings under Instant Personalization:

Instant Personalization

Once there, you need to uncheck the setting that allows partners to personalize their site based on your public info:

Uncheck Instant Personalization

Secondly, you’ll need to block each application (partner website) individually. This was harder to find.  Currently, there are only three partner sites. I was able to block them by doing the following:

Click on the following FB FAQ:

http://www.facebook.com/help/?page=1068#!/help/?faq=17105

This will open up the How Do I Opt-Out of Instant Personalization faq. From there, click on the partner links individually, and select “Block Application” from the left column. Remember, you have to do this for each partner:

Block Applications

Once done, you can confirm these sites are blocked by visiting the Blocked Applications section of the Privacy Settings –> Applications and Websites:

Blocked Applications

Finally, block what info your friends can share about you to partner websites by editing the settings in the What your friends can share about you page under Privacy Settings –> Applications and Websites:

Here you can edit what can be shared and what cannot. I unchecked everything so that nothing can be shared about me.

Call me paranoid, but in an age when identity theft is rampant, you shouldn’t be automatically opted into sharing your personal info.

Facebook’s New Features and Your Privacy: Everything You Need To Know – PCWorld

This is getting SCARY. So basically, unless you opt out, when you’re logged into FB, and visit a partner site (Currently Yelp, Docs.com, Pandora – but I’m sure the list will grow), the partner site will know you’re a FB user and will ask you if you want to “personalize” the site. By that they mean, they will custom tailor the site based on your “Likes” and “Recommendations” listed in FB. So they will have access to your FB “Public” data. If that’s not creepy enough, how about knowing that they will not have to delete the info they gather about you, from their servers, ever! Also, they will have access to your friend’s data, unless you’re friends specifically block the partner site.

Read more…Facebook’s New Features and Your Privacy: Everything You Need To Know – PCWorld.

Neowin.net – Microsoft and Facebook announce Docs.com a “social” Office

This could give Google Docs a run for their money. Microsoft and Facebook joing forced to do battle against Google.

Neowin.net – Microsoft and Facebook announce Docs.com a “social” Office.

Google Sees Fake AV Threat — InformationWeek

Something I’ve been seeing alot of lately, Fake AVs

Fake anti-virus software is on the rise and currently accounts for about 15% of all malware detected, according to a forthcoming report from Google.Fake anti-virus software purports to be software than can find and remove malware. But in fact it’s malware, the very thing it’s supposed to eliminate.

Fake AV software typically pretends to scan the victim’s computer and to find some form of malware, at which point it seeks payment from the victim to remove the non-existent malware.

Whether or not there’s a payment, the fake AV software may install more malware.

Google Sees Fake AV Threat — InformationWeek.