A popular and long-standing software download site, SourceForge, is injecting malware in to its software installers. If you go to Google and search for ‘free whatever software’, chances are you’ll stumble upon SourceForge.
For example, if you attempt to download a popular FTP program, FileZilla, you will not be receiving an installer for just FileZilla. Instead, you’ll find an installer loaded up with adware and malware.
If you’re utilizing ESET Nod32 Antivirus, it detects the installer’s injected payload:
So it looks like SourceForge has gone the same route as CNET. I have personally avoided both sites for years and if you’re looking for installers for common programs, Ninite is a legitimate solution.
HP has posted a vulnerability alert that could allow a hacker access to your WiFi network via your wirelessly-connected HP LaserJet Pro printer.
A printer on the vulnerability list is the HP LaserJet Pro P1102w, one of the more common HP printers utilized by businesses.
We are frequently asked to configure WiFi printers, but we are strong opponents to such configurations both for reliability purposes, as well as security issues such as this. We recommend not utilizing WiFi unless absolutely necessary and having a printer connected via WiFi, simply isn’t worth the reliability and vulnerability issues.
The PCI DSS also recommends not implementing WiFi unless absolutely necessary…