Security Alerts

Fake Amazon Drivers Stealing Replacement Credit Cards

I am not sure if this has been happening in other parts of the country our just in the Phoenix Metro area: PHOENIX (3TV/CBS 5) — Amazon and Capital One are investigating after Arizona’s Family uncovered a possible fraud scheme last week. The criminal acts seem too similar to be a coincidence. Different men wearing Amazon driver clothes act like they’re dropping off a package but steal a replacement credit card right after FedEx drops it off at Valley homes. This story takes me back to a somewhat similar experience I had happen to me about 4-years ago with credit card…

Read More

LastPass Hacked (again)

Password manager service LastPass has notified users their (LastPass) system has been hacked (again). Since 2015 LastPass has its host of security issues, but then again who hasn’t? While LastPass has not ‘advise their users to change their master password (which it is very odd as that precaution is usually what most companies tell their users to do when there has been a ‘security breach’) it still a good idea for users to do this even if it is just out of an abundance of caution. In the announcement sent via email and posted to its blog, the company describes the…

Read More

The ‘Tech Support’ and ‘Refund’ Scams

Today I am going to cover something a little different, yet still tech related. This from the ‘dark or evil’ side of tech, the ‘Tech Support’ and ‘Refund’ or ‘Gift Card’ Scams.  Both of these while having a different ‘hook’ end the same, hours later the victim is handing over large sums of money (sometimes their entire savings) to the scammer and the scammer has complete access to their computer and/or phone. You may have heard about these and even wondered how they work and for that matter why do people fall for them. At the end of this post…

Read More

Understanding Extension Permission Requests

Those who have used Google Chrome are already familiar with permission requests when a browser extension is installed. However, this is a relatively new feature in Firefox, which was added with Firefox 57 released in Mid-November 2017. The Mozilla Add-ons Blog gives a very thorough explanation about extension permissions and even address the ‘scary’  Access your data for all websites permission.

Read More

Google to Ban WoSign and StartCom Certificates

Following in the footsteps of Mozilla and Apple, Google is going to be removing all trust for WoSign and StartCom Certificates with Chrome 61 (current  version is 59) as well as Android browser. Mozilla has been very aggressive in enforcing their Mozilla’s CA Certificate Policy as was the case in April 2015 with the Firefox 37.0.1 release which Mozilla banned China Internet Network Information Center (CNNIC) issued Certificates. Once again another China based CA has ‘misbehaved’: About a year ago, Mozilla uncovered that a Chinese Certificate Authority (CA) called WoSign had a number of technical and management failures, which included…

Read More

We’ve Broke Windows 7, So Why Not Get Windows 10?

I am not making this up. Microsoft MSFT 246,79 -2,41 -0,97% almost as if in an attempt to get users of Windows 7 to go out and buy a new Windows 10 machine has intentionally broke Windows 7 for users with Asus ASUUY 51,13 0,00 0,00% system boards. Windows update KB3133977 which use to be an “Optional” but recently became a ‘Recommended’ update. This update enables secure boot on Windows 7 (a feature that was previously disabled). Older PC’s with Asus boards don’t support secure boot, which will cause users to get the below red screen upon first bootup after…

Read More

Time to remove QuickTime for Windows

Apple APL 0,05 +0,00 +4,55% has ended support for QuickTime for Windows earlier this year. QuickTime 7 was only supported for Windows 7 and older. These users may want to make sure QuickTime is not still installed, especially if they are/were an iTunes user as it was part of the bloat that was installed with iTunes. There are at least two ‘possible’ exploits with the QuickTime 7 for Windows. via grand stream dreams

Read More

Oracle to Deprecate Java Plugin

Earlier this year Oracle ORCL 65,30 -1,34 -2,01% announced starting with JDK 9 (eta September 2016), they will remove the plugin support. They are encouraging developers to move towards the plugin free Java Web Start technology. Oracle’s reasoning for this move has to do with more and more browsers removing support the 20+ year old Netscape Plugin Application Programming Interface (NPAPI) plugin technology. GoogleGOOG 102,24 +0,02 +0,02% Chrome no longer supports NPAPI plugins such as Java and Silverlight. Google has partnered with Adobe ADBE 298,41 +1,03 +0,35% to include an integrated version of Flash within Chrome. The Windows 64-Bit version of Firefox also does not…

Read More

32-Bit Windows Firefox Still Supports NPAPI plugins

Seems like every couple months people start crying ‘the sky is falling’ with Firefox and Netscape Plugin Application Programming Interface (NPAPI) plugins. Earlier this week there was a flurry of activity with Bug 1165981. Again people seem to think that Firefox is not going support NPAPI plugins anymore on Windows since the 64-Bit (Win64) versions does not (except for Flash). As a reminder the removal of NPAPI support only applies to the Win64 version of Firefox. The 32-bit Windows version still supports all the NPAPI plugins including Java and Silverlight. However, Mozilla does plan on discontinuing support in the future with the Firefox 32-bit…

Read More

Firefox 41.0.2 Released

On Thursday, October 15th, Mozilla released an update for the Firefox 41.0 branch with Firefox 41.0.2. This update addressed the following issues: Mozilla Foundation Security Advisory 2015-115: 2015-115 Cross-origin restriction bypass using Fetch The next planned release will be Firefox 42 on November 3rd.  

Read More