Image taken from DavidAirey
What would you do if someone hacked into your Gmail account and stole valueble information like your user name and passwords?
This happened to David Airey a logo designer from http://www.davidairey.com which is now forced back to it’s secondary URL http://www.davidairey.co.uk. His site was getting about 2000 hits a day. His business cards need to be updated and clients need to be informed.
The attacker managed to leverage a security exploit in Gmail which allowed him to inject a mail filter into Gmail which forwards all mails with attachments to the attacker. The attacker managed to obtain David’s domain account credentials.
During David’s recent holiday to India with his girlfriend, the attacker transfered “www.davidairey.com” to himself and is now holding it ransom till David decides to pay up the ransom fee of USD250 which initially was USD600.
Read the full story here.
My Advice: Google has since fixed this issue but still, make sure to check your Gmail filters. It could just save you your business and loads of time.
What would you do if this happened to you? How can we prevent this?
A new update for Firefox was released just 4 days after the 2.0.0.10 update was made available to the public. The latest update 2.0.0.11 fixes a few compatibulity issues that showed up after upgrading to 20.0.0.10. Nothing serious, just minor extension issues and website compatibility issues.
Make sure you have the latest version. This will happen automatically but if it does not then get the latest version here.
Source: Mozilla
Firefox 2.0.0.10 has been released. This is a security update which fixes the issues listed below.
MFSA 2007-39 Referer-spoofing via window.location race condition
MFSA 2007-38 Memory corruption vulnerabilities (rv:1.8.1.10)
MFSA 2007-37 jar: URI scheme XSS hazard
Firefox will automatically update itself to the latest version but if it does not you can download the latest version from the Firefox homepage. My Firefox is up2date, is yours?
Source: Mozilla Developer News
Firefox 2.0.0.9 was released today. 2.0.0.9 is a stability release to attention some bugs that surfaced after the recent security update 2.0.0.8. Fixes for this release as quoted from Mozilla below,
- Bug 400406 - Firefox will ignore the “clear� CSS property when used beneath a box that is using the “float� property. There is a temporary workaround JS/CSS code available for web developers with affected layouts.
- Bug 400467 - Windows Vista users will get “Java not found� or “Java not working� errors when trying to load Java applets after updating. To fix this, users can right-click the Firefox icon and “Run as administrator�, then browse to a page with a Java applet — doing this once will fix the problem and permanently restore Java functionality.
- Bug 396695 - Add-ons are disabled after updating. Users can fix this problem by opening their profile folder and removing three files (extensions.rdf, extensions.ini and extensions.cache)
- Bug 400421 - Removing a single area element from an image map will cause the entire map to disappear. There is no workaround available at this time.
- Bug 400735 - Some Windows users may experience crashes at startup. There is no workaround available at this time.
Firefox will automatically run the update tool and bring your Firefox up to the current version but if for some reason that does not work for you then get the latest release here.
Source : Mozilla Developer News
Firefox 2.0.0.8 has been released. 2.0.0.8 is a security patch so make sure your firefox browser is up2date.
Below are the list of fixes in this release taken from the Mozilla Foundation Security Advisories page.
MFSA 2007-36 URIs with invalid %-encoding mishandled by Windows
MFSA 2007-35 XPCNativeWrapper pollution using Script object
MFSA 2007-34 Possible file stealing through sftp protocol
MFSA 2007-33 XUL pages can hide the window titlebar
MFSA 2007-32 File input focus stealing vulnerability
MFSA 2007-31 Browser digest authentication request splitting
MFSA 2007-30 onUnload Tailgating
MFSA 2007-29 Crashes with evidence of memory corruption (rv:1.8.1.8)
