dimland.blogspot.com The recently discovered zero-day attacks targeting critical vulnerabilities in Adobe’s ubiquitous Reader application are able to bypass recently added security defenses unless end users manually make changes to default settings, company officials said. According to an advisory Adobe published Wednesday night , the “protected view” feature prevents the current attacks from working—but only if it’s manually enabled. To turn it on, access Preferences > Security (Enhanced) and then check the “Files from potentially unsafe locations,” or even the “All files” option. Then click OK. There’s also a way for administrators to enable protected view on Windows machines across their organization. The revelation is significant because it means users aren’t protected when using the default version of the widely used document reader. The limitation came to light following the discovery of in-the-wild attacks against current versions of Reader, which are being exploited to surreptitiously install malware on end-user computers. The exploit is also noteworthy because its intricate code base bypasses several additional protections added just four months ago with the goal thwarting malware attacks. Read 6 remaining paragraphs | Comments
pigrabbitbear writes “Things aren’t looking awesome for Pirate Bay founder Gottfrid Svartholm, who’s currently under lock and key in a newly built jail about 15 minutes north of Stockholm. Svartholm’s mother Kristina says that her 28-year-old son is being held in solitary confinement for 23 hours a day without any human contact other than his interactions with the guards. It’s been nearly two months since Svartholm was arrested in Cambodia, where he’d been living for years, and extradited back to Sweden, where he’s due to spend a year behind bars and pay a $1.1 million fine for copyright offenses related to his role at the Pirate Bay. But that’s not why Sweden’s being so tough on him in prison. Authorities believe he may have played a role in the hacking of Logica, a Swedish technology company with ties to the country’s tax authorities. They haven’t charged him with any crimes yet in that case, however.” Read more of this story at Slashdot.
A few months back at the Black Hat Security conference Cody Brocious demonstrated how you can easiy open an Onity hotel room lock, the standard system used in many hotel chains, with an Arduino but it was bulky setup and comletely obvious if anyone saw him pull out a lot of electronics. Here’s how you can fit that system in a dry erase marker. More »