Via Washington Post:

In an alert posted Friday evening, security software vendor Symantec said it is seeing malicious Web sites popping up trying to exploit vulnerabilities in a set of ActiveX controls produced by Aurigma, a technology company whose image transfer browser plug-in is licensed and distributed by a number of major Web sites to help IE users upload pictures. Currently, Facebook.com and MySpace.com are among the biggest distributors of this ActiveX plug-in, but they are hardly the only ones.

It is hardly surprising to see this type of attack. The computer based criminal industry is flourishing. Most of the money as of late seems to be from exploiting computers to use for botnets. So any avenue that may be used to accomplish the take over of users computers is a big target. Internet Explorer has long had security issues. ActiveX, only used in IE, and the integration with the OS are the main reasons to blame.

Back in the day, this was the main reason I originally made the switch to Firefox (Mozilla at the time). I never looked back with the features too… Yet none the less, this is a large concern for all of us. Since over 50% of users on the web still use IE, this exposes a large population. Granted, not all of them use MySpace or Facebook. Yet millions do. And more computers getting added to the botnet networks means more spam, and more issues for the rest of us.

So, if you are running IE, please take care of the issue. Or take the opportunity to try out Firefox or Opera. And if you know others who also use IE, mention this to them. They may not know!

Lastly, phishing scams can be confusing to the best of us. Yet the best advice I could give is: When you are logging into ANY service that requires a username and password, NEVER follow a link to the site. Type in the site directly into your address bar. This is why. (That is the image of the site phishing for MySpace info. Not only does it look like the real site, it “resembles” it in the address bar.)

Our move from the old domain, first-source, is almost complete. SEKO has been live for a few weeks now, but I have been busy with projects. And unfortunetly the result is that our own site always gets neglected and finished last.

More content should be up soon, and some elements of the site may change over the coming days and weeks.