Bonum Certa Men Certa

Eye on Microsoft: Ransomware, Botnets, Critical Flaws, and Insecure Microsoft File Types

Binary code



Smut page ransomware Trojan ransacks browsers

Russian cybercrooks have come up with a variant of ransomware scams, which works by displaying an invasive advert for online smut in users' browsers that victims are extorted to pay to remove.


The Business of Botnets

Kaspersky Lab released some interesting statistics recently in a technical whitepaper. As part of its research into the cyber-underground, the company took a look at how botmasters are pricing the networks under their control.


Microsoft to fix critical hole in IE

In a rare move, Microsoft on Friday said it would be releasing security updates on Tuesday--outside of its monthly patch cycle--for a critical vulnerability in Internet Explorer and a moderate vulnerability in Visual Studio.


Microsoft to Issue Emergency Patches Next Week

The advance notification advisory that Microsoft released about these upcoming patches doesn't say so explicitly, but a spokesperson for the company confirmed that the updates will address a critical security flaw in collection of code that Microsoft uses in a number of places in Windows. Having a vulnerability in this so-called "code library" is especially dangerous because Microsoft also provides this library to third-party software makers to help them build programs that can leverage certain built-in features of Windows.


Insecure by design: MS Office formats

You see, when you're opening an Office document today, you're not just opening static words, images, or numbers. You're actually starting a program that uses Microsoft Office as its interpreter. And, no matter whether you're using Word 2,0 formats or the 2008's 7,000+ pages mis-mash of 'standard' ECMA-376 Office Open XML file formats, there is no built-in network security layer. Instead, there is a mis-mash of fixes for one problem or the other.


Also see: Emergency, Botnets, and No Remedy

Recent Techrights' Posts

Hiring for Tech Roles Based on Perceived Loyalty is No Better Than Hiring to Meet Diversity Quotas
What we're seeing right now is a national security disaster and it is almost purely about technology
S.E.O. SPAM by Serial Sloppers With L.L.M. Garbage is Hurting Linux
We continue to run Slopwatch
IBM Says That Half of Its "Assets" is Basically Pure Fiction ("Goodwill")
It times get tough, IBM can sell "Goodwill" at the local pawn shop and pay back the lenders, right?
 
Links 01/02/2025: Chinese and American Censorship, Cloud-[sic]Native Targeted by Software Patents
Links for the day
Links 01/02/2025: Belated Happy New Year 2025 and Gabbro 0.1.2
Links for the day
Links 01/02/2025: Administrative Chaos and Aviation Disasters Persist
Links for the day
Arrested: Albanian Outreachy whistleblowers, Sonny Piers GNOME & Debian connections
Reprinted with permission from Daniel Pocock
Links 1/2/2025: LLM Hype Revisited, Linuxwashing by Oumi
Links for the day
Growing Evidence That the Patent Industry Has Become a Major Scam
Seeing that the patent "industry" has turned to serious crimes (sometimes to cover up corruption) and seeing that the net negative is clearer for all to see, people who argue for abolition of all patents will have a field day
Planet Ubuntu Overrun by LLM Slop? Faizul "Piju" 9M2PJU Seems to be Publishing Fake Articles About "Linux"...
Maybe it is "assisted" by LLM slop, but slop is slop and it introduces many problems
Gemini Links 01/02/2025: LLMs, Analog Computer, and BorgBackup
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, January 31, 2025
IRC logs for Friday, January 31, 2025
Links 31/01/2025: Mass Layoffs at Amazon and Microsoft, Sweden Again Fails to Protect Critics of Violence
Links for the day
Slopwatch: Fake Articles About "Linux" and More (Latest Roundup Featuring BetaNews, Janus Atienza, and Brittany Day From Guardian Digital, Inc)
LLM slop season
Microsoft Staff Explains How Microsoft Swindled Employees and Avoided Paying Out Severance Pay (Microsoft Hasn't Much Money Left in the Bank)
This is a classic way to avoid paying workers
"Not one of us" by Dr. Andy Farnell
Elon Musk has brought embarrassment to nerds and technologists
Gemini Links 31/01/2025: "Bulletin Buble" and "Why Blog?"
Links for the day
Static Site Generators (SSGs) Pay Off: Vastly Faster Sites, Much Smaller Hosting Bills
success story for SSGs
Of Note: Linux Foundation Has Already Let Linux.com Rot for About 4 Months (No Activity)
there's no campaign aside from marketing spam there
Techrights Should be Even Faster Now
We're now better off
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, January 30, 2025
IRC logs for Thursday, January 30, 2025
Richard Stallman (RMS) Gave 3 Talks in India in Less Than a Week
In India this month we've not seen a single negative comment about RMS
Indian Data Biases statCounter For or Against "Linux"
In statCounter, the GNU/Linux increases and decreases are deeply tied to what it does with data collected in India
The Corporate Media Pretends That Facebook ("Meta") Has Performed Well, But Its Debt Doubles Every 2 Years Despite Mass Layoffs
That same media also helps parrot misleading financial claims
Microsoft's Debt Surged by More Than 6,000,000,000 Dollars in Just 3 Months
numbers released hours ago
The Sheer Irony of Microsoft Proxy Accusing Others of 'Stealing'
Wherever DeepSick's data came from, Microsoft (or its proxy) is in no position to issue criticism.
The Difference a Decade (and GAFAM Money) Makes
Credibility cannot be purchased
[Meme] The Free Software Foundation (FSF) Has Critics Because Its Message is Effective
Applying to others the same standards one is willing to violate?
The Free Software Foundation (FSF) Raised $422,000 (Another $22k in the Two Weeks After Campaign Ended), Proving That Truth and Justice Tend to Find a Way
10,000+ dollars a week even without campaigning for more funds
Faking Revenue Increase by Buying Your Own Products and Services (Through Scams and Scammers Like Scam Altman)
Is this what society deserves? Media that instead of exposing corruption has chosen to participate in it and profit from it?
Microsoft Mass Layoffs Without Severance Pay Reported Hours After Microsoft Reported Weak Numbers and Microsoft Stock Fell
Microsoft has a bloodbath this month
Links 30/01/2025: Fentanylware (TikTok) Causes Deaths, FBI Seizes Domains
Links for the day
Gemini Links 30/01/2025: Action vs Inaction, Gopherholes, and More
Links for the day
Another Slew of Fake Articles About 'Linux' and 'Security' From Brittany Day at linuxsecurity.com (Spamfarm/Slopfarm)
linuxsecurity.com is basically a pariah and parasite. It lessens the incentive to write real articles about "Linux" by generating fake ones to outrank the originals.
Links 30/01/2025: Microsoft Wants Convicted Felon to Give Fentanylware (TikTok) to It (After Making a Phonecall Asking for That in 2019), "Moving Away From Google's Ecosystem"
Links for the day
Jack M. Germain (LinuxInsider) Seems to Have Turned to LLM Slop, Graphics Slop, and B2B SPAM
LinuxInsider is barely active anymore
Links 30/01/2025: Amazon Layoffs and DeepSeek Panic
Links for the day
Gemini Links 30/01/2025: Chaos Reigns, E-mail, Searching
Links for the day
IBM: Many Thousands of Layoffs in 2025
If 2025 is expected to be the same, then perhaps about 20,000 IBM workers will no longer be there
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, January 29, 2025
IRC logs for Wednesday, January 29, 2025