The Energizer DUO, a USB-powered battery recharger, was confirmed on Friday by Energizer Holdings to contain malicious code. According to this Energizer Press Release, they were notified by the CERT Coordination Center that the Windows software that ships with their DUO Charger "contains a vulnerability". ...Energizer has discontinued sale of this product and has removed the site to download the software. In addition, the company is directing consumers that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer. This will eliminate the vulnerability. In addition CERT and Energizer recommend that users remove a file that may remain after the software has been removed. The file name is Arucer.dll, which can be found in the Window system32 directory. ... Additional technical information can be found at http://www.kb.cert.org/vuls/id/154421.
Read more ...
Source: CyberCrime & Doing Time
Citadel Information Group
Information Security Management for Business and the Not-for-Profit Community
www.citadel-information.com
Delivering Information Peace of Mind ®
www.citadel-information.com
Delivering Information Peace of Mind ®
Posts
Search This Blog
Index of Topics
- Business at risk (115)
- Citadel in the news (7)
- Citadel Information Security Guides (8)
- Citadel: Guide to Blog (1)
- Citadel: Thinking about Security (10)
- Cloud Security (2)
- Consumers at risk (13)
- Credit card fraud (14)
- Culture Change (1)
- Financial systems security (67)
- Healthcare (7)
- Identity theft (30)
- Insurance (1)
- Internet badlands (113)
- ISSA-LA (2)
- Law Firms (2)
- Legal (23)
- Miscellany (6)
- national security (46)
- Not-for-Profit (5)
- Privacy (27)
- Ray of Sunshine (15)
- School security (3)
- Security Alert: Vulnerability Management (74)
- Security management (24)
- Security Research (5)
- Security Surveys (13)
- Social Engineering (1)
- Social networks (13)
Blog Archive
-
►
2011
(2)
- ► January 2011 (2)
-
▼
2010
(237)
- ► December 2010 (6)
- ► November 2010 (9)
- ► October 2010 (7)
- ► September 2010 (8)
- ► August 2010 (13)
- ► April 2010 (39)
-
▼
March 2010
(65)
- Spam Site Registrations Flee China for Russia
- More C-Level Involvement Needed in Cybersecurity, ...
- Separating April Fools’ From Fraud on the Web
- Online Thieves Take $205,000 Bite Out of Missouri ...
- Technology Coalition Seeks Stronger Privacy Laws
- FBI: Business Can Help Fight Cybercrime by Reporti...
- Apple Fixes More Than 90 Security Vulnerabilities ...
- E-Mails of Activists, Academics and Journalists Ha...
- Microsoft Releases Emergency IE Fix
- Facebook Proposes Changes in Privacy Policy to Sha...
- New Inexpensive "Sniffer" Captures Keystrokes From...
- Would You Have Spotted this ATM Fraud?
- Cybercrime Law Update from Washington
- Cybercriminals Make $$$$$ Peddling Rogue Anti-Viru...
- Riskiest Online Cities: The Emperor Has No Clothes
- More Online Bank Theft Victims
- Banking laws leave business customers vulnerable t...
- How Privacy Vanishes Online
- Paper in China Sets Off Alarms in U.S.
- In Bid to Sway Sales, Cameras Track Shoppers
- Bad BitDefender Antivirus Update Hobbles Windows PCs
- Google patches Chrome days before hacking contest
- Mozilla confirms critical Firefox bug
- Naming and Shaming ‘Bad’ ISPs
- After weeklong fight, rogue ISP Troyak struggles f...
- Measure would force White House, private sector to...
- Closing Down ISPs that Allow Malicious Activity
- Revised Cybersecurity Bill Introduced in Senate
- FCC Broadband Plan Calls For Enhanced Cyber Defenses
- Google Attacks Highlight Growing Problem of Cyber ...
- Texan accused of disabling 100 cars over Internet
- Researchers Map Multi-Network Cybercrime Infrastru...
- The Snitch in Your Pocket
- MSE Users: Check for Updates, Piracy
- eBanking Victim? Take a Number.
- Stopgap IE Fix, Safari Update Available
- Identity theft may be prelude to more serious crime
- FBI: Online Fraud Costs Skyrocketed in 2009
- Apple plugs 16 holes in Safari as Pwn2Own looms
- ZeuS botnet code keeps getting better… for criminals
- Massachusetts Data Security Rules to Have National...
- Zeus botnet temporarily disrupted, but back in ful...
- Crooks Crank Up Volume of E-Banking Attacks
- Dozens of ZeuS Botnets Knocked Offline
- Law Firms slow to awaken to cybersecurity threat
- Security gaps exploited in grade scandal remain, m...
- Verisign: Security Solutions Overwhelming to Consu...
- Monoprice.com Shuttered After Fraud Complaints
- Microsoft Patch Tuesday: Two Bug Fixes, IE Warning
- Cyber Crooks Leave Traditional Bank Robbers in the...
- LifeLock Will Pay $12 Million to Settle Charges by...
- Energizer DUO: Trojan yourself for only $19.99
- Victim Asks Capital One, ‘Who’s in Your Wallet?’
- Fiserv to Banks: Stay on Outdated Adobe Reader
- New Massachusetts Data Privacy Law
- FBI to Private Sector: Cybersecurity Joint Effort
- Yep, There’s a Patch for That
- Regulators Revisit E-Banking Security Guidelines
- Homeland Security Chief Details Cyber Threats
- Criminal investigation opened in grade-changing sc...
- New BlackEnergy Trojan Targeting Russian, Ukrainia...
- RSA panel: No easy solution for Zeus Trojan, banki...
- White House: Comprehensive National Cybersecurity ...
- Information on U.S. website for medical data theft...
- Wyndham computers hacked into again for credit car...
- ► February 2010 (38)
- ► January 2010 (27)
-
►
2009
(83)
- ► December 2009 (17)
- ► November 2009 (7)
- ► October 2009 (9)
- ► September 2009 (22)
- ► August 2009 (17)
- ► February 2009 (1)
Information Security Links
- Citadel Information Group
- Google Online Security Blog
- Information Systems Security Association
- Information Systems Security Association - LA Chapter
- InfraGard - Los Angeles
- Krebs on Security
- Microsoft Malware Protection Center
- MITRE CVE
- NIST Computer Security Resource Center
- Open Web Application Security Project (OWASP)
- Privacy Rights Clearinghouse
- SANS Internet Strom Center
- US CERT
Disclaimer
Citadel provides this blog as a public service to the community. We make no claim or representation that items posted on this blog are correct. We post "Security Alerts" primarily to assist readers manage security vulnerabilities on their personal home computers; these alerts are NOT comprehensive and are not to be relied upon as such.
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com
(c) Copyright 2009-2010. Citadel Information Group. All Rights Reserved.
Permission is given to re-post and re-print blog postings provided that attribution is given to Citadel Information Group, the above copyright is included and the following link to our website is provided: www.citadel-information.com