Author Archives: Matt Brown

Chrome Extension Hijacked

Over 1 million Chrome users have been exposed to a hijacked extension called Web Developer allowing cyber criminals the ability to directly inject malicious JavaScript code to serve up advertisements to anyone using the extension. The plugin has access to sensitive information, such as passwords and pretty much anything used by the browser itself. Anyone using he affected 0.4.9 version of the extension is urged to upgrade to 0.5 as soon as possible. It is also advised to change any passwords of accounts which may of been compromised due to using the affected extension.

XP you have been retired, well almost

XPI felt it only fitting seeing as everyone else in the ether is talking about the demise of Windows XP to chime in on the subject. As I am sure you are aware after the 8th April 2014 Microsoft XP is officially end of life and will no longer be updated with new security updates or support. However the ageing operating system will be granted one last reprieve in terms of anti-malware updates to both it signatures and engine.

Microsoft are attempting to encourage as many as possible to leave the ageing operating system and move to its latest and greatest flagship products to avoid the risk of infection and security woes. It would appear XP has been down this road a few times, but it really does look like this is the final encore – come April 2015  big brother wants you off your XP addiction for good !.

Read the official Microsoft statement here.

WhatsUp or is that WhatsApp ?

whatsappBeware, WhatsApp looks to be the target of yet another cyber scam this time pertaining to be the popular mobile messaging application WhatsApp.

For those who do not know what WhatsApp is, it is an application which first came to users pre-dating iMessage, and offered a simple effective cross platform messaging service but without the cost of sending text messages between devices.

This time the cyber scammers are looking not to give you a non-existent copy of the messaging application for PC but a lovely banking Trojan instead.

Read the full article here over at The Hacker News

Change is good, especially when its Fibre Broadband

COMS Plc-01

So approximately 9 months ago I got Fibre Broadband from ADSL24 and very pleased with the service I must say. I opted for the Fibre 30 Ultra package as this provided up to 80MB down and 20MB up. Speed has always been good and reliable and on the two occasions I have needed to contact them the service has been excellent and a quick resolution to the issue.

So a few months back I received a letter to advise the service was being transferred to Coms plc. I was a bit concerned at first as the service I had received to date had been excellent and I didn’t want that to change. So today I have received another letter advising my migration is taking place during the next two weeks. I was a little disappointed to find my IP address would need to change, but I also learned I was getting an unexpected upgrade.

Upgrade ? Well currently we have a peak cap of 30GB during the hours of 8am to 8pm and unlimited off-peak usage outside these hours and weekends. So with effect of my migration this is changing to a new package – Coms 500. This new package will increase the monthly cap from 30GB to 500GB, however there was no mention of the off-peak and whether this would remain. A quick call to customer services who reassured me this would remain as is – happy days!

Well hopefully a smooth migration will ensue, I’ll keep you posted on how it goes.

Reptyr

So I was working on some stuff in a terminal window and needed to close the SSH connection I was attached to. I hate to just kill off a process only to have to restart all over again so I started to wonder if there was a way to move this process to a screen terminal instead, reptyr to the rescue!

reptyr is a way to reparent a running program to a new terminal. So I opened a new screen session typed in the command reptyr and the process ID. Voila I now have the old process running as a new process in the screen session.

In order to install reptyr in Ubuntu simply do apt-get install reptyr.

Enjoy 🙂

Java, turn me off !

Well at least disable for now.

A zero day vulnerability has raised its head above the security parapet for Java.

Millions of devices worldwide use Java (as we are reminded when installing or updating) something that Oracle should be very proud of – but currently something it should be very uncomfortable about !!

It could be a little while before the patch cycle catches up to fix this problem, so the advice is to disable Java until an official update is released to close this hole.

For more on this, head on over to the Register for more.

A video demonstrating an easy PoC (Proof of concept) is available via YouTube