Scam of the day – November 22, 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security include updates for Windows 10, Microsoft Edge, Norton, Symantec and Mozilla Firefox as well as the what seems like a monthly security update to patch newly discovered vulnerabilities in Adobe Flash.

TIPS

Here are the links to  lists of all of the recent security updates as posted by the Department of Homeland Security:

https://www.us-cert.gov/ncas/bulletins/SB16-319

https://www.us-cert.gov/ncas/bulletins/SB16-326

https://www.us-cert.gov/ncas/current-activity/2016/11/18/Symantec-Releases-Security-Updates

https://www.us-cert.gov/ncas/current-activity/2016/11/15/Mozilla-Releases-Security-Updates

Scam of the day – July 6, 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  These new updates from the Department of Homeland Security include critical new updates to Adobe Flash. I have been warning you for years about flaws in Adobe Flash that have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  It appears that just as companies retire certain programs when it is just too difficult to patch them, this may well be the time for Adobe to retire Flash and if it doesn’t, you should consider retiring it yourself and replacing it with another plugin that performs the same function, but is safer.

TIPS

Here are the links to  lists of all of the recent security updates as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB16-172 and https://www.us-cert.gov/ncas/bulletins/SB16-186

Some alternative plugins you may wish to consider to replace Adobe Flash include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: https://www.microsoft.com/silverlight/ while GNU Gnash can be downloaded free at this link: http://www.gnu.org/software/gnash/

Scam of the day – June 19. 2016 – Latest security updates from the Department of Homeland Security

Constant updating of the software we all use with the latest security patches and updates is a critical part of avoiding scams and identity theft threats.  Whenever new security updates and patches are issued, we provide access to these so that you can update your software to provide better security on your computers, smartphones, laptops and other electronic devices.  Updating your software with the latest security patches and updates as soon as possible is important because identity thieves and scammers are always finding and exploiting vulnerabilities in the software that we all use.  Delay in updating your software could lead to disastrous results.  However, it is also important to be sure that you are downloading legitimate patches and updates rather than being tricked by an identity thief or scammer into downloading malware under the guise of downloading a security patch or update.  Today’s updates include critical updates for Google Chrome and Adobe Flash.

TIPS

Here is the link to a list of all of the recent security updates as posted by the Department of Homeland Security: https://www.us-cert.gov/ncas/bulletins/SB16-165

https://www.us-cert.gov/ncas/current-activity/2016/06/17/Google-Releases-Security-Update-Chrome

https://www.us-cert.gov/ncas/current-activity/2016/06/16/Adobe-Releases-Security-Updates

Scam of the day – May 14, 2016 – Yet another Adobe Flash critical update

For the third consecutive month, Adobe is issuing a security patch for its popular Adobe Flash software to protect you from the threat of a recently discovered zero day security flaw.  A zero day security flaw is a software vulnerability that had previously not been known and is used by cybercriminals to take advantage of the fact that there are no security software programs or patches that will prevent this flaw from being exploited by the cybercriminals.   I have been warning you for years about flaws in Adobe Flash that have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  It appears that just as companies retire certain programs when it is just too difficult to patch them, this may well be the time for Adobe to retire Flash and if it doesn’t, you should consider retiring it yourself and replacing it with another plugin that performs the same function, but is safer.

If you use Google Chrome, Microsoft Edge or Microsoft Internet Explorer 11, you do not need to download the newly issued security patch because these browsers automatically download the necessary Adobe Flash security patch on to your computer.  However, other browsers such as the popular Mozilla Firefox and Internet Explorer 9 do not automatically install these security patches.  In any event, Adobe Flash has already been proven to be so vulnerable to successful attacks by hackers that installing new security patches as quickly as they are issued is little more than putting a Band-aid on the Titanic if I can mix my metaphors.

TIPS

Here is the link to the latest Adobe Flash update as issued by the Department of Homeland Security which I urge you to download as soon as possible. https://www.us-cert.gov/ncas/current-activity/2016/05/12/Adobe-Releases-Security-Updates-Flash-Player

Some alternative plugins you may wish to consider to replace Adobe Flash include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: https://www.microsoft.com/silverlight/ while GNU Gnash can be downloaded free at this link: http://www.gnu.org/software/gnash/

Scam of the day – March 13, 2016 – Adobe Flash software update

I have been writing about the security flaws in Adobe Flash for years and finally in July of 2015 I advised everyone to disable Adobe Flash and use other video software.   Unfortunately, some popular websites including HBO and Spotify still require the use of Adobe Flash.  In 2015, Mozilla, the maker of the popular Firefox browser  blocked Adobe Flash from use on Firefox as a security protection to Firefox users.  That came just a day after Facebook’s head of security went on record saying that Adobe should stop making Flash because it is too flawed.  Flaws in Adobe Flash have been exploited by hackers and identity thieves against individuals, companies and government agencies including the U.S. State Department and the White House.  Problems with Adobe Flash are nothing new.  In 2010 Steve Jobs vociferously complained about its security and it has routinely been cited as being extremely vulnerable.  Despite security patch after security patch, new problems keep coming up.  It appears that just as companies retire certain programs when it is just too difficult to patch them, this may well be the time for Adobe to retire Flash and if it doesn’t, you should consider retiring it yourself and replacing it with another plugin that performs the same function, but is safer.

TIPS

Some alternative plugins you may wish to consider include  GNU Gnash, and Silverlight.  Silverlight can be downloaded free directly from the Microsoft at this link: https://www.microsoft.com/silverlight/ while GNU Gnash can be downloaded free at this link: http://www.gnu.org/software/gnash/

Meanwhile, for those of you who still wish to use Adobe Flash, you should make sure that you update your Adobe Flash software whenever new security patches are issued, which Adobe has just done.  Here is a link to the new security update as indicated by the Department of Homeland Security: https://www.us-cert.gov/ncas/current-activity/2016/03/10/Adobe-Releases-Security-Updates-Flash-Player

Scam of the day – July 16, 2015 – Adobe Flash update issued, but is it too late?

This is the third day in a row that the Scam of the day has involved Adobe Flash, but this is such an important topic and the new developments have been happening so rapidly, it warrants the coverage.  Adobe Flash is a hugely popular plug-in used for watching videos on your computer or smartphone.  Over the years it has also proven to be fertile grounds for hackers who have numerous times exploited vulnerabilities in it to hack into and take over the computers and smartphones of individuals, businesses and government agencies.  Shortly after Adobe released a new security patch following the discovery of yet another vulnerability by security company FireEye which reported its discovery to Adobe to give them the opportunity to develop a patch, we learned about two more Adobe Flash vulnerabilities by way of the information  made public when the spyware company The Hacking Team became a victim of a very public hacking.  The Hacking Team had been exploiting the Adobe Flash vulnerabilities for its own end.  Now, Adobe has come up with a patch for the latest Adobe Flash vulnerabilities to become known, but for many of us, this is too little and too late.  As I urged you yesterday, I think you should uninstall Adobe Flash and switch to a different video viewing plug-in.  There is little reason to believe that future vulnerabilities will not be discovered in  Adobe Flash and exploited by hackers and other criminals.  Exploit kits, which are packets of computer code that exploit these vulnerabilities are being sold by criminals to other criminals to enable them to hack the computers and smartphones of unsuspecting victims.  A sad commentary on the effectiveness of these Exploit kits is that many of them are still being used against vulnerabilities in Adobe Flash for which patches have already been developed and made available, but people, companies and government agencies have been lax in installing the patches to protect themselves.

TIPS

If you are still interested in using Adobe Flash, here is a link to the latest security patch to remedy the most recently discovered vulnerabilities.  https://helpx.adobe.com/security/products/flash-player/apsb15-18.html

However, my advice still is to uninstall Adobe Flash and install a different plug-in for video viewing.

Another important lesson is to make sure that you update all of your software as soon as security patches and updates become available.  Delaying in doing so puts you at much greater risk of being hacked and identity theft.  Here at Scamicide, we will continue to provide you with the latest security patches and updates as they become available.

Scam of the day – July 14, 2015 – More Adobe Flash problems and other security patches

As I wrote about previously, the recent hacking of the spyware company Hacking Team has exposed two new serious Adobe Flash vulnerabilities  that are already being exploited by hackers and identity thieves.  Anyone who uses Adobe Flash is in danger.  With its history of its vulnerabilities having been exploited by hackers for years, now may be a good time for people to consider disabling Adobe Flash and using other video software programs.  Some alternatives include LightSpark, Unity Web Player, GNU Gnash, and Silverlight.  Silverlight can be downloaded directly from the Microsoft website.

Below I will provide you with the latest security advisory from Adobe Flash although it should be emphasized that as I write today’s Scam of the Day there are no security patches yet available for the latest two discovered vulnerabilities in Adobe Flash.  However, there are security patches available for other problems with Adobe Flash that you should install if you are still using this program.  Also below you will find a link to the latest security update from the Department of Homeland Security with many critical security patches.

TIPS

Here is the link to the latest security advisory from Adobe:  https://www.us-cert.gov/ncas/current-activity/2015/07/11/Adobe-Flash-ActionScript-3-opaqueBackground-Use-After-Free

Here is the link to the latest security update alert from the Department of Homeland Security:  https://www.us-cert.gov/ncas/bulletins/SB15-194

 

Scam of the day – April 30, 2014 – Internet Explorer flaw update

Yesterday I warned you about a potentially devastating flaw discovered in Internet Explorer that could enable a hacker to not only take control of your computer, but also gain access to all of the information contained in your computer and use it to access your bank accounts, use your credit cards and make you a victim of identity theft.  The malware required to exploit the vulnerability in Internet Explorer must be downloaded by you either by clicking on a link in an otherwise unobtrusive email that contains the malware or even by going to a website that uses a compromised Adobe Flash file.  Microsoft is not expected to have a security patch developed for a couple of weeks and even that is merely an estimate, but there are some steps that everyone should consider doing to protect themselves from this threat.

TIPS

First and most obvious, you should consider using an alternative web browser such as Mozilla Firefox which does not have the same vulnerability.  You also may wish to download a just released security patch for Adobe Flash.  Here is a link to the security update for Adobe Flash: https://www.us-cert.gov/ncas/current-activity/2014/04/28/Adobe-Releases-Security-Updates-Flash-Player

While you are at it,  you should also install the latest security update for Mozilla Firefox which has just been released by the Department of Homeland Security.  Here is a link to that security update: https://www.us-cert.gov/ncas/current-activity/2014/04/29/Mozilla-Releases-Security-Updates-Firefox-Thunderbird-and-Seamonkey

As always, it is also important to protect yourself from malware by not clicking on links or downloading attachments unless you are absolutely sure that they are legitimate because often malware is imbedded in these links and attachments.