Spyware, Viruses, & Security forum


NEWS - January 30, 2013

by Carol~ Forum moderator / January 30, 2013 7:12 AM PST
Firefox Continues to Curb Out-of-Date, Flawed Third-Party Plug-ins

After pushing its "click-to-play" blacklisting function live last fall, Mozilla has announced plans to further implement the security feature in its Firefox browser.

The company is planning to make it so only the most recent version of Flash is automatically run on web pages while users will have to verify if they want to view content on pages that uses plug-ins such as Silverlight, Java and Acrobat Reader.

Specifically, to protect its users, Mozilla plans to block versions of Flash older than 10.2 and the most recent versions of Silverlight, Java and Reader. Users will have to "click-to-play" to allow these plugins to work in their browser and from there, decide if they want them to run regularly.

Click-to-play operates as a blacklist of sorts for Firefox plugins. If a plug-in such as Java is either vulnerable or out of date, Firefox will disable it and require the user to verify whether they'd like to run it. When it comes to certain plug-ins, users can elect to always run them, run them on a page-by-page basis or never run them.

According to a post by Mozilla's Director of Security Assurance Michael Coates on the company's Security Blog yesterday, the change - which has no official timeline - is being done to get users more conscious exactly what's running on their machines.

Continued : https://threatpost.com/en_us/blogs/firefox-continues-curb-out-date-flawed-third-party-plug-ins-013013

Mozilla pulling plug on auto-running nearly all plugins
Firefox will block by default nearly all plugins
Mozilla to Require 'Click to Play' on Firefox Plugins
Post a reply
Discussion is locked
You are posting a reply to: NEWS - January 30, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 30, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Serious security holes fixed in Opera - but Mac App Store..
by Carol~ Forum moderator / January 30, 2013 8:17 AM PST
... users left at risk again

Opera has released a new version of its web browser - version 12.13 - and recommended that users update their installations to benefit from a series of security fixes as well as the usual "stability enhancements".

Version 12.13 of Opera for Windows, Mac and Linux is available for download from the Opera website, and you can read about the fixed security issues (including a high severity vulnerability that could be exploited to cause the web browser to crash, and in some cases execute arbitrary code such as malware, and another about how Opera handles boobytrapped SVG files) in their changelog.

It should go without saying that if you use Opera, you should update to version 12.13 as soon as possible.

But... what if you didn't get your copy of Opera from the official website?

What if, instead, you acquired your version of Opera for Mac from Apple's Mac App Store?

Continued : http://nakedsecurity.sophos.com/2013/01/30/opera-security-mac-app-store/

Additional information:

Updates : Opera 12.13 Released
Vulnerabilities & Fixes: Opera Multiple Vulnerabilities
Collapse -
Latest VLC version has dangerous hole
by Carol~ Forum moderator / January 30, 2013 8:18 AM PST

The developers of the VLC video player have warned of a crashing bug in the latest 2.0.5 version of the application, which might be exploited to execute arbitrary code. The issue is a problem in the ASF demuxer (libasf_plugin.*), which can be tricked into overflowing a buffer with a specially crafted ASF movie. The developers note that users would have to open that specially crafted file to be vulnerable and advise users to not open files from untrusted third parties or untrusted sites.

Another workaround is to delete the demuxer plugin - found in \VLC\plugins\demux\libasf_plugin.dll on Windows - to disable the vulnerable function. A patch has been developed which replaces the vulnerable macro with static inline code and better bounds checking, and that has been applied to the forthcoming version 2.0.6 release of VLC. Already patched versions of VLC for Windows and Mac OS X are available from the VLC nightlies site, but may have other bugs as they are ongoing development versions.


Collapse -
New Ransomware Encrypts Victim Data
by Carol~ Forum moderator / January 30, 2013 8:18 AM PST

An unusual new strain of ransomware makes good on its threat, doing what the majority of other varieties only claim to do. The Trojan actually encrypts data on infected machines, effectively rendering certain files inaccessible to users on compromised computers in order to block removal.

This veracious new version of the otherwise well-known police ransomware Trojan is unique but only in the sincerity of its promise. According to a report by Hynek Blinka on the AVG News and Threats blog, most ransomeware campaigns deploy a familiar warning, asserting that some crime has been committed by the user and that the user's machine will remain locked down or encrypted until that user pays the fine associated with their transgression.

In most cases, the malware can be found and subsequently removed without paying the fine (which may or may not resolve the problem anyway). In this case however, Blinka has witnessed the Trojan encrypting images, documents and executables in an attempt to hinder any removal attempts. Whomever is responsible for the malware is not in the business of completely crippling machines, so Windows system files are not included in the forced encryption. Infected computers will still function for the most part, but data will be lost and many third-party programs will not work.

Continued : https://threatpost.com/en_us/blogs/new-ransomware-encrypts-victim-data-013013

Collapse -
BKA malware shocks victims with child pornography
by Carol~ Forum moderator / January 30, 2013 8:18 AM PST

Ransomware has taken a disturbing step forward by including illegal content in its demands. The German Federal Criminal Police (BKA) are warningGerman language link of a new piece of malware that accuses victims of distributing child pornography and demands payment of a fine. As is typical, the accusation is lent a spurious whiff of officialdom by displaying the logos of the German Federal Office for Information Security (BSI) and the German Society for the Prosecution of Copyright Infringement (GVU) and instructs victims to pay a €100 (approximately £85) fine to unlock their computers.

The new twist is that the malware also displays an child pornography image alongside the typical allegations that the infected computer has been used to distribute child pornography or for terrorist purposes, that it infringes copyright or has been utilised for other criminal acts. The BKA, which is roughly equivalent to the CID in the UK, and the BSI have also pointed out that saving or distributing the image would constitute illegal possession of child pornography.

Continued : http://www.h-online.com/security/news/item/BKA-malware-shocks-victims-with-child-pornography-1793910.html

Collapse -
Browsers Beat Security Software in Phishing Protection Test
by Carol~ Forum moderator / January 30, 2013 8:40 AM PST

You'd feel bad if a burglar broke into your house and stole your new tablet computer, for sure. But you'd probably feel worse if a slick door-to-door scammer convinced you to hand it over for a "factory recall."

You're smart; you wouldn't fall for that kind of snake oil. However, online scams that create convincing fraudulent websites can trick even smart people. That's why browsers and security suites alike now build in detection to help you avoid fraudulent "phishing" websites. A report released today by Austin-based NSS Labs reveals a surprising result: your browser alone is most likely better at phishing protection than your security suite.

A Short, Nasty Life

Phishing attacks are short-lived. To start, the scammers create a new Web page that perfectly resembles PayPal, or eBay, or your bank's website. Some even scam login pages for Facebook or online gaming. When the page is ready they use spam emails, Facebook scams, and other techniques to put it in front of as many users as possible. Within hours the new phishing URL will be blacklisted, but the scammers can fleece quite a few victims in the meantime.

Continued : http://securitywatch.pcmag.com/none/307527-browsers-beat-security-software-in-phishing-protection-test

Also: Web Browsers Beat Endpoint Products in Blocking Phishing Attacks: Report

Collapse -
Malware controls 620,000 phones, sends costly messages
by Carol~ Forum moderator / January 30, 2013 8:41 AM PST

A new discovered malware is potentially one of the most costly viruses yet discovered. Uncovered by NQ Mobile, the "Bill Shocker" (a.expense.Extension.a) virus has already impacted 620,000 users in China and poses a threat to unprotected Android devices worldwide.

The Bill Shocker is an SDK designed by malware developers that infects several of the most popular apps in China, including Tencent QQ Messenger and Sohu News. The infected versions of these apps are further distributed by third-party online app stores and retail installation channels.

Bill Shocker downloads in the background, without arousing the mobile device owner's suspicion. The infection can then take remote control of the device, including the contact list, Internet connections and dialing and texting functions. Once the malware has turned the phone into a "zombie," the infection uses the device to send text message to the profit of advertisers. In many cases, the threat will overrun the user's bundling quota, which subjects the user to additional charges.

Continued : http://www.net-security.org/malware_news.php?id=2391

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions

CNET Holiday Gift Guide

Looking for great gifts under $100?

Trendy tech gifts don't require a hefty price tag. Choose from these CNET-recommended useful and high-quality gadgets.