Analyzing and graphing weather data with wview
Scott Reeves shows how to extract climatological data from the open source weather program, wview. This data can be further analyzed or filtered using awk or Perl, and allows for the customization…
Ubuntu on smartphones: What you need to know
Canonical announced that Ubuntu for smartphones is now a reality. Jack Wallen gives you a heads up on what you should know at this point and what he expects for the future of this platform.
Happy New Year and Unhappy New IE Zero-Day! (CVE-2012-4792)
First, welcome to 2013 and we trust that you had a happy holiday period. As is to be expected, holidays or not, there is no rest for the wicked (be that attacker or defender) and therefore we kick off our 2013 blog with details of CVE-2012-4792, an Internet Explorer zero-day vulnerability.
The Websense® ThreatSeeker® Network has already detected instances of this vulnerability being exploited in the wild, unsurprising given that the exploit is publicly available as a Metasploit module, and therefore it is likely that attacks will continue to gain traction.
Websense customers are protected from this threat by Websense ACE (Advanced Classification Engine).
The vulnerability, as recently announced in Microsoft Security Advisory 2794220, affects users of Microsoft Internet Explorer versions 6, 7, and 8 and could allow attackers to remotely execute code on vulnerable machines by simply having the victim visit a malicious website.
As seen countless times in the past, typical tactics for enticing victims to visit these malicious sites often include tricking them into clicking links in fake emails, or simply compromising legitimate websites to serve malicious payloads to their unsuspecting visitors.
This particular vulnerability is caused by how Internet Explorer accesses an object in memory that has been deleted or improperly allocated. Exploitation can then result in memory corruption, which in turn could allow an attacker’s own code to be executed within the context of the current user, or as if it was being run by that user.
At this time, Microsoft has not released a patch in order to address this vulnerability. However it has provided an easy one-click ‘Fix It’ solution. Internet Explorer versions 9 and 10 are listed as not being vulnerable.
Websense Security Labs™ are continuing to monitor this situation and, as a member of the Microsoft Active Protection Program (MAPP), are working with Microsoft in order to provide the best protection to our customers.
Update:
Microsoft has issued an Out Of Band update for CVE-2012-4792, which you can read about here.
How to find out which of your bookmarks are still valid
Marco Fioretti provides the script needed to automatically check your collected bookmarks for working links.
Get Spotify on your Linux desktop (and why you should)
Jack Wallen not only shows you how to install Spotify on your Ubuntu desktop, but reminds us how important it is to install, use, and even purchase these titles!
Scrapbook: A Firefox extension for personal Web archives and more
Marco Fioretti goes over the uses of Firefox’s Scrapbook extension and gives you some tips and tricks for how to use it.
An open source holiday card to share
Here is a fun, interactive open source holiday card that you can modify and share with friends, courtesy of Protecode.