The InfoSec Blog

Online Ad Industry Threatened by Security Issues

Posted by Anton Aylward

http://www.databreachtoday.com/online-ad-industry-threatened-by-security-issues-a-9488

Most people use ad blockers because they're irritated with some of the intrusive ways ads are presented. But there are also compelling security arguments behind ad blockers. By blocking ads, consumers are better insulated against security risks from malvertisements.

The social media site Reddit, which can be a rich traffic source for publishers, warns users of links to content that demand people to disable their ad blockers, including publishers such as Forbes and Wired.

"Warning! Disabling your ad blocker may open you up to malware infections, malicious cookies and can expose you to unwanted tracker networks," Reddit's warning says. "Proceed with caution."

I don't know whether to be glad or worried by this.
It may be considered unsocial of me, but I use adblockers.

Another Java bug: Disable the java setting in your browser

Posted by Anton Aylward

http://www.kb.cert.org/vuls/id/625617

Java 7 Update 10 and earlier contain an unspecified vulnerability
that can allow a remote, unauthenticated attacker to execute arbitrary
code on a vulnerable system.
By convincing a user to visit a specially crafted HTML document,
a remote attacker may be able to execute arbitrary code on a vulnerable
system.

Well, yes .... but.

Image representing XMind as depicted in CrunchBase

Are we fighting a loosing battle?
The New York Times is saying out loud what many of us (see Vmyths.com and Rob Rosenberger have known in our hearts for a long time. AV products don't work.