Spyware, Viruses, & Security forum


NEWS - December 07. 2012

by Carol~ Forum moderator / December 6, 2012 10:16 PM PST
Barring a miracle, you're going to lose your ability to vote on Facebook privacy changes on Monday

You, and a billion other Facebook users, only have a few days left to take part in an important vote about how your personal data is used by Facebook.

After 12:00pm PST on Monday December 10th, 2012, it will be too late to cast your vote in the "Facebook Site Governance Vote". [Screenshot]

Facebook users are being asked to vote as to whether Facebook should stick with its current SRR (Statement of Rights and Responsibilities) and Data Use Policy, or roll-out a new version proposed by Facebook's management.

If you vote for Facebook's proposed new versions of these documents, then this is what you're agreeing to:

Continued : http://nakedsecurity.sophos.com/2012/12/05/facebook-privacy-vote/
Post a reply
Discussion is locked
You are posting a reply to: NEWS - December 07. 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - December 07. 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Nationwide, Allied Insurance Breach Hits 1.1 Million Users
by Carol~ Forum moderator / December 6, 2012 11:57 PM PST

An estimated 1.1 million consumers are at risk of identity theft after thieves broke into servers belonging to Nationwide and Allied insurance companies. Victims include current policyholders and those who sought insurance quotes.

The breach took place Oct. 3 and was discovered the same day. Nationwide immediately contacted authorities, but it waited to inform consumers directly. Earlier news accounts offered some hints at the scope of the breach, including some 30,000 victims in Florida and Ohio and 90,000 in Iowa.

"Although we are not aware of any misuse of consumers' information at this time, we have sent letters to notify those individuals whose personal information we believe was compromised, as well as certain additional individuals whose information was or may have been involved, but whom we do not believe had information compromised in the attack," the company said in a statement released Wednesday.

That personally identifiable information includes names and Social Security numbers, driver's license numbers and/or dates of birth. It also may include marital status, gender, occupations and the name and address of an employer. The company said there isn't any indication other sensitive data - such as medical information or credit card numbers -- was stolen.

Continued : https://threatpost.com/en_us/blogs/nationwide-allied-insurance-breach-hits-11-million-users-120512

1.1 million US consumers affected as insurance companies breached
Nationwide/Allied security breach highlights litigation fears
Nationwide Mutual hack affected '1.1 million Americans'

Collapse -
Student convicted for PayPal DDoS attacks
by Carol~ Forum moderator / December 6, 2012 11:58 PM PST

Christopher Weatherhead, a 22-year-old student from Northampton, has been convicted in a London court on one count of conspiracy to impair the operation of computers under the 1977 Criminal Law Act. Weatherhead was arrested in January 2011 in connection with "Operation Payback", a series of prolonged Distributed Denial of Service (DDoS) attacks that targeted PayPal and other web sites after they refused to process payments to Wikileaks. PayPal told the court that the attacks had cost it £3.5 million in damage repair and installation of defensive systems for future attacks.

Weatherhead is said to have coordinated the DDoS attacks through IRC chat rooms as the "communications manager" for a group of hackers belonging to the Anonymous collective, according to a report in The Guardian. Using the pseudonym "Nerdo", the court heard that he had organised the group and was apparently involved in picking targets for the attacks, but his defence maintained that he never took part in any DDoS actions himself. During the trial, he was portrayed as an idealist dreamer who joined Anonymous to protest against censorship on the internet. He told the court he had, at one time, dreamed of working for Amazon or Google.

Continued : http://www.h-online.com/security/news/item/Student-convicted-for-PayPal-DDoS-attacks-1764262.html

British Student Convicted Over Anonymous PayPal Hacking
Anonymous Hacker Convicted in the UK for DDOS Attacks on PayPal
U.K. hacker convicted for taking part in Anonymous attacks

Collapse -
Mobile Web Browsers Overlooking Security Requirements,
by Carol~ Forum moderator / December 6, 2012 11:58 PM PST
.. Researchers Say

Even security experts have trouble detecting a potentially dangerous Website on a mobile browser, according to a recent study at Georgia Tech.

Users on mobile browsers are vulnerable to certain types of attacks because the browsers are not implementing all the recommended security indicators in the interest of conserving screen real estate, Patrick Traynor, assistant professor in Georgia Institute of Technology's School of Computer Science, told SecurityWeek. Since the users don't have the visual cues to alert them to attacks, it is more difficult to avoid becoming victims, he said.

Mobile Web Browsers were missing certain security elements and indicators that are common in desktop Web browsers, or things weren't implemented consistently. The researchers figured that if they, as experts, had trouble figuring out what was going on in the browser, then it made sense that average users were at higher risk. The study was designed to find out whether the browsers provided enough information for even an information security expert to determine the site's safety.

"With all 10 of the leading browsers on the market today, the answer was no," Traynor said.

Continued : http://www.securityweek.com/mobile-web-browsers-overlooking-security-requirements-researchers-say
Collapse -
Beware of bogus Facebook account cancellation requests
by Carol~ Forum moderator / December 6, 2012 11:58 PM PST

Bogus "Facebook Account Cancellation Request" emails are back, and this time the malicious senders didn't opt for making users infect themselves. [Screenshot]

The "click here" link will secretly redirect victims through a number of sites and finally land them on one serving exploits for two Java Runtime Environment and a Adobe Reader and Acrobat flaw, warns Webroot.

If any of the exploits are successful, the user will be saddled with a Trojan that is currently detected by only 3 out of the 46 AV solutions used by VirusTotal.

If you receive an email like this one and are not sure whether it's legitimate or not, contact Facebook and ask them whether they have sent it before even thinking of clicking on the offered link.


Collapse -
PayPal phishing scams ramp up for holidays
by Carol~ Forum moderator / December 7, 2012 1:44 AM PST

"Internet users should not assume that because they're somewhat savvy that they are invulnerable, warns one security expert"

Tis the season to be careful. That should be no surprise. Given that the online holiday shopping season is peaking, cybercriminals would be expected to ramp up their efforts as well.

But it might be a bit surprising -- not to mention depressing for security evangelists -- that one of the oldest and typical scams aimed at online buyers is still successful: PayPal email phishing.

Paul Ducklin wrote this week on Naked Security that Australian PayPal users are being targeted. But there is also word of the same thing happening in Ontario, Canada.

It won't stop there. Chester Wisniewski, a senior security adviser at Sophos, noted that PayPal is used worldwide."It is a global phenomenon. These guys are equal opportunity exploiters," he said.

Even though the scam is common, Wisniewski said it remains successful. He said nobody but the criminals know just how successful they are, however. "Scams that aren't working die quickly, so we can assume that these must work quite well considering the frequency that we see them," he said.

Continued : http://www.csoonline.com/article/723379/paypal-phishing-scams-ramp-up-for-holidays

Related: Fake PayPal Emails: Windows 8 and Vintage Photo Collections

Collapse -
ZeuS Hackers Spoof Top US Banks to Infect New Victims
by Carol~ Forum moderator / December 7, 2012 1:44 AM PST

Dell SecureWorks' Counter Threat Unit (CTU) has discovered that the hackers behind the Gameover ZeuS banking Trojan (the largest botnet targeting financial institutions) is in the midst of launching several malicious spam campaigns using the Cutwail botnet (the largest spam botnet currently on the underground market ) to lure new computer victims in order to steal their banking credentials and credit card numbers.

Forgoing any holiday related scams, the ZeuS gang is sending out millions of bogus messages made to look like they are coming from many of the top US banks and read: "You have received a new encrypted message or a secure message from [XYZ] Bank". The message states that the bank is concerned about your privacy and has come up with a system so their customers can securely exchange emails containing personal information. They ask the recipient to download the attachment and register if you are a first time user. [Screenshot]

In actuality, when the attachment is clicked on, the user is executing the Pony downloader, which in turn installs the infamous Gameover ZeuS banking Trojan. Previous work I did has shown that the Cutwail botnet only needs to employ approximately 10,000 bots per spam campaign to send out hundreds of millions of malicious spam messages to computer users all over the world (https://iseclab.org/papers/cutwail-LEET11.pdf).

Continued : http://www.secureworks.com/cyber-threat-intelligence/blog/trojans/zeus-hackers-spoof-top-us-banks-infect-victims/

Collapse -
Unexpected reboot: Necurs
by Carol~ Forum moderator / December 7, 2012 1:45 AM PST

From Microsoft's Malware Protection Center:

Necurs is a prevalent threat in the wild at the moment - variants of Necurs were reported on 83,427 unique machines during the month of November 2012.

Necurs is mostly distributed by drive-by download. This means that you might be silently infected by Necurs when you visit websites that have been compromised by exploit kits such as Blackhole.

So what does Necurs actually do? At a high level, it enables further compromise by providing the functionality to:

• Download additional malware
• Hide its components
• Stop security applications from functioning

In addition Necurs contains backdoor functionality, allowing remote access and control of the infected computer. Necurs also monitors and filters network activity and has been observed to send spam and install rogue security software. Nefariousness aplenty. See our Trojan:Win32/Necurs family write-up for the full details.

Continued : http://blogs.technet.com/b/mmpc/archive/2012/12/06/unexpected-reboot-necurs.aspx

Collapse -
New Accounting System Hack Could Cause 'Mayhem'
by Carol~ Forum moderator / December 7, 2012 1:47 AM PST

Attacks against massive and proprietary enterprise accounting systems, in particular financial software such as SAP and Oracle, have been few and far between. That changed at this week's Black Hat Abu Dhabi conference where a pair of researchers presented proof-of-concept code that could change the dynamic of the financially motivated attack landscape.

The attack, dubbed Project Mayhem, could enable an attacker to divert funds from a company's accounting and financial systems without immediate detection. In addition to code, the attacker would be relying on the fact that midsized companies in particular, do not have complete control or visibility into financial processes or individual transactions, and are likely to miss fraud at first glance.

"Getting caught depends on the skills and resources available and whether an audit is performed or not," wrote Tom Eston and Brett Kimmel of SecureState in a white paper explaining Project Mayhem in detail.

Eston and Kimmel's presentation at Black Hat focused on Microsoft Dynamics Great Plains software, in particular targeting Dynamics' SQL database, SQL server, or hijacking an account via a process injection attack. Microsoft Dynamics is used primarily in midsized companies. The duo said their motivation in developing this attack was to help penetration testers efforts in examining the defenses of these systems. SecureState is a consultancy provide security services such as pen-testing.

Continued : https://threatpost.com/en_us/blogs/new-accounting-system-hack-could-cause-mayhem-120712

Collapse -
How to report a computer crime: Fake anti-virus
by Carol~ Forum moderator / December 7, 2012 1:57 AM PST

Do you know how to report a computer crime? Or even who you would report it to?

So far, we have looked at phishing and SQL injection attacks, trolling, unauthorised email account access and malware in our series of articles on how to report a computer crime. In this article, we'll look at fake anti-virus.

We'll look at what offences are committed in different countries when a crime like this happens, how you should report the crime, and what evidence you can preserve that might help in the subsequent investigation.

Take this scenario:

'Peter is browsing the internet at home using his PC and lands on an adult content web portal. He sees a hyperlink offering to download an X-rated movie. Peter downloads the file.

Peter has the option "Hide extensions for known file types" selected in the folder option of his user account settings, so he is not aware of the fact that the file he has downloaded is in fact an executable file and not the AVI file it is masquerading as.

Peter runs the file and nothing appears to happen. He attempts to access Windows Task Manager but he finds he is unable to. After about two minutes, the icons on Peter's desktop disappear and he is presented with a scrolling window that appears to be scanning the contents of his hard drive. Once the scan has finished, Peter is told that his computer is infected with over twenty pieces of malware. ........

Continued : http://nakedsecurity.sophos.com/2012/12/07/how-to-report-fake-anti-virus/

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


$16,000 used SUVs

Whether you like your SUVs cute or capable, or some blend of the two, we've got a wide variety of choices in Roadshow's first collection of Editors' Used Picks.