Douglas Schweitzer

The Security Sector

Tool-kit targets Image Uploader

TAGS:Facebook, MySpace, toolkit
IT TOPICS:Security

Once again, Facebook and MySpace users are being reminded to beware when they use plug-ins. Symantec is encouraging members to update their Image Uploader ActiveX control to version 4.5.57.1 because hackers are actively exploiting it with a multi-attack kit. If you're using Aurigma Inc.'s Image Uploader to upload photos to your profiles - it's just one of five in a new hacker toolkit being used by several attack sites.

I find it strange that two of the bugs were already patched over eight months ago - but the Uploader and Yahool weaknesses were only just revealed to the public in recent weeks. Unfortunately, it looks like hackers won't be easing up on these attacks in the foreseeable future. We'll just have to stay a step ahead.

A Computerworld article by Gregg Keizer (read it here) notes that "after the Uploader and Yahoo Music Jukebox vulnerabilities were disclosed, the U. S. Computer Emergency Readiness Team (US-CERT), which is part of the U.S. Department of Homeland Security, recommended IE users disable ActiveX."

What is Tech Briefcase?

TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more

Bookmark content

Speed up your research efforts with content across the web.

Search and Store

Find the white papers you need. Create folders for any topic.

View Anywhere

Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.

Don't have an account yet?

Network sites offer more than meets the eye

What MySpace will tell the police about you -- leaked documents

Leaked intelligence documents: Here's what Facebook and Comcast will tell the police about you

Leaked Microsoft intelligence document: Here's what Microsoft will reveal to police about you

Today's Top Stories

Essential browser tools for Web developers

Hands on: The new iPad

Microsoft cuts the prices of some Office 365 plans

Google works to overhaul its search

Mozilla will start Firefox silent updates in June

Preston Gralla: Big backlash is building against Windows 8. Will Microsoft listen?

Hot Posts

Facebook Camera for iPhone: 5 reactions

Posted by IT Blogwatch |

Sony reneges on an Ice Cream Sandwich promise

Posted by JR Raphael |

Apple iPhone 5 -- fresh reports claim 4-inch display

Posted by Jonny Evans |

Free Insider Guide

Excel 2010 Cheat Sheet: Register for this Computerworld Insider Cheat Sheet and gain access to hundreds of premium content articles, guides, product reviews and more.

Security White Papers

2011 FFIEC Authentication Guidance: A New Standard For Online Banking Security: This whitepaper provides an overview of the updated Guidance and the threat landscape which helped define it, examines why previous security measures are...
Backup & Recovery for VMware Environments with Avamar 6.0: This paper highlights several new features within EMC Avamar 6.0 that specifically target and advance the capabilities and performance of VMware data protection.
Driving Security in a Hybrid Cloud Environment: This paper examines recent IDG research among IT leaders, who share their concerns and strategies in addressing security in cloud computing environments.

Security Webcasts

Operational Decision Management for Improving Governance, Risk and Compliance: How to rapidly adapt automated decisions to ever changing market and regulatory environments: Date: Monday, September 26, 2011, 11:00 AM EDT

In this webcast you'll learn how your organization can become more responsive to financial market challenges...
Kill the Laptop! Its Corporate Days Are Numbered: "Kill the Laptop" - The evolution of chips, computing power, connection speed, and the cloud is leading to the fall of laptops and...
The Top Ten Secrets to Avoiding SAN Performance Problems: Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...

IT Newsletters

Get the latest technology news and analysis on critical issues in the enterprise.

Tool-kit targets Image Uploader

Related Posts

Today's Top Stories

Hot Posts

Douglas Schweitzer's Archive

IT Topics