Spyware, Viruses, & Security forum


NEWS - February 05, 2013

by Carol~ Forum moderator / February 5, 2013 4:18 AM PST
Kaspersky antivirus update cripples Internet for thousands of Windows XP machines

Russian security firm Kaspersky Lab is having a very poor start to the week. Thousands of Windows XP machines were cut off from the Internet late last night after an antivirus update crippled Internet access for home and business users.

The update (version killed off HTTP traffic on Windows platforms. Customers of the software took to Twitter and reported the issue on the company's forum. A user by the name of "bradb21" described the problem as follows:

'I have ~12,000 machines running KES8 and my help desk started getting calls about an hour ago saying users were having problems accessing various web sites. I did all my typical troubleshooting and was not able to find a problem and I was not having the problem on my Linux machine that I use on a daily basis. So I went over to some of my lab Windows XP machines and I was having the same problem....'

Continued : http://thenextweb.com/apps/2013/02/05/kaspersky-antivirus-update-cripples-internet-for-thousands-of-windows-xp-machines/
Post a reply
Discussion is locked
You are posting a reply to: NEWS - February 05, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - February 05, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
NetSeer gets a quick all clear from Google
by Carol~ Forum moderator / February 5, 2013 5:13 AM PST

On Monday, Google's Chrome web browser was warning people using popular web sites such as the New York Times, Los Angeles Times, Washington Post and Huffington Post that those sites were afflicted with lurking malware. The sites all used online advertising service NetSeer, which had been hacked.

In a statement, NetSeer CEO John Mracek admitted that the company's third-party hosted web site had been hacked and infected with malware, but that the company's advertising infrastructure was unaffected by the attack. Both services use the netseer.com domain and it was that domain which was added to Google's Safe Browsing lists. This meant in turn that NetSeer's own site and the sites of companies which used its advertising network were added. This in turn makes browsers that use the list raise the alarm.

The malware infection was discovered at 5:30am, California time, on Monday morning and NetSeer immediately set about cleaning the infection out. Working with Google, the company also obtained an expedited review of its site and by 9:30am it had its domain removed from the Google malware lists. NetSeer says it is doing an analysis on the third party host to identify the cause of the problem.


Related to: NetSeer suffers hack, triggers Google anti-malware warnings

NetSeer Hack Triggered Google Blacklisting of Major Sites
Google Blocks High Profile Sites After Advertising Provider NetSeer is Hacked
Ad network site hack results in popular sites flagged as malicious

Collapse -
Brazilian Masquerade
by Carol~ Forum moderator / February 5, 2013 5:13 AM PST

From the Kaspersky Lab Weblog:

What do you see here? ... [Screenshot]

A free AV product protecting a Windows XP machine, right?

No, actually it's malware - a Brazilian Trojan banker coming via email and then using a masquerade to stay in the system. The malware is 386Kb only, written in Delphi, and comes via an email together with a bunch of many other malicious and non-malicious files.

If the victim clicks on the system tray icon, he will get this message: [Screenshot]

In some combinations it also shows messages like this one: [Screenshot]

Why do cybercriminals use such a method "to hide" their malware in the system? Google trends shows that Avast is the most popular AV in Brazil. And my experience of life in Latin America shows that people still don't want to pay when there is something free.

Continued : http://www.securelist.com/en/blog/208194106/Brazilian_Masquerade

Collapse -
Top 10 tips to keep your kids and teens safe online
by Carol~ Forum moderator / February 5, 2013 5:13 AM PST

Today is Safer Internet Day. And according to a report (pdf) released to coincide with the day, 86% of 7-11 year olds and 96% of 11-19 year olds are communicating online.

So here are 10 tips for you to share with your youngsters, to help make sure they're clued up about internet safety.

1. Lock down your Facebook page. Make sure your profile is only shown to your friends - not their friends too and certainly not the whole world! It's good to check your privacy settings regularly, too, because Facebook often updates them.

2. If you don't know someone on Facebook, don't be tempted to accept their Friend request.

3. Don't post anything anywhere on the internet if you don't want the world to see it. Once you've uploaded something, you cannot be sure that it will stay with just the person you've sent it to. So if it's private, don't share it!

Continued : http://nakedsecurity.sophos.com/2013/02/05/top-10-tips-kids-safe-online/

Collapse -
Digital certificates and malware: a dangerous mix
by Carol~ Forum moderator / February 5, 2013 5:13 AM PST

In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If anything, that should remind us of how vulnerable our data and privacy are. The fact of the matter is that there are so many angles one can get exploited that at the end of the day it can leave us wondering what or who to trust.

Take, for example, digital certificates which have been in the spotlight after Stuxnet used some or after Adobe's servers were breached to sign malware. The purpose of a digital signature is to guarantee the authenticity of a file from a particular vendor and is provided by one of a few certificate authorities.

We spotted a new malware sample (Brazilian banking/password stealer) which happens to be signed with a real and valid digital certificate issued by DigiCert: [Screenshot] [Screenshot]

This certificate is issued to a company called "Buster Paper Comercial Ltda", a Brazilian company that actually does not exist and was registered with bogus data.

The file - disguised as a PDF document (an invoice) - actually opens up as such to really fool the victim: [Screenshot]

Continued : http://www.net-security.org/malware_news.php?id=2400

Collapse -
Users Fiddle While Java Burns
by Carol~ Forum moderator / February 5, 2013 7:44 AM PST

Despite Oracle Java being ranked among the highest risk vulnerabilities, a startling 72% of Java users are not bothering to update their software to the latest and safest versions.

The result of a new study from Kaspersky Lab (pdf), which surveyed 11 million Windows users during the 2012 calendar year, lays out dusturbing statistics: 806 unique vulnerabilities were discovered in the survey period. But the "good" news is that only 37 of those security gaps were considered to be truly widespread and dangerous.

Don't get too optimistic, though: those 37 vulnerabilities accounted for over 70% of all detected vulnerable software last year.

Singling Out Java

The Kaspersky study gets a little arbitrary at one point, singling out eight of the 37 vulnerabilities as those "that are actively used by cybercriminals in widespread exploit packs." Not exactly a scientific classification, which should be taken into account when walking through the next set of results.

Continued : http://readwrite.com/2013/02/05/users-fiddle-while-java-burns

Collapse -
Twitter Apps Can Still Tweet Despite Password Reset
by Carol~ Forum moderator / February 5, 2013 7:44 AM PST

Twitter moved quickly to lock user accounts and revoke session tokens after last week's breach, but it appears some tokens were left active, allowing third-party applications to continue accessing Twitter using old credentials.

If you are one of the 250,000 Twitter users who received the password reset email on Friday, hopefully you have already changed your password. If you use third-party apps to post on Twitter, it's possible those apps are still using your old credentials. Uninstall and re-install the apps to be on the safe side.

As we reported on SecurityWatch over the weekend, attackers stole usernames, email addresses, session tokens, and salted-and-hashed passwords. Session tokens are special type of cryptographic cookies informing the micro-blogging site that the user is already logged in. As long as the session token is still valid (not expired, revoked, or deleted), users can go back to Twitter without logging back in each time.

Continued : http://securitywatch.pcmag.com/none/307747-twitter-apps-can-still-tweet-despite-password-reset

Related: Twitter detects and shuts down password data hack in progress

Also see: Twitter looks to add two-factor authentication to stop password hacks

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions

Coming soon

Get behind the wheel with Roadshow

Love cars? Climb into the driver's seat for the latest videos, reviews, shopping advice and picks by our editors delivered to your inbox every week.