Spyware, Viruses, & Security forum


NEWS - March 12, 2012

by Carol~ Forum moderator / March 12, 2012 1:42 AM PDT
Google Fixes Second Set of Chrome Bugs Used in Pwnium Contest

Google has pushed out a patch for the second full sandbox escape exploit used in the Pwnium contest at CanSecWest. The Chrome vulnerabilities that the exploit targeted were discovered by an anonymous researcher who used the name PinkiePie and claimed a $60,000 reward from Google.

The attack that the researcher used included three separate vulnerabilities which he was able to string together to compromise Chrome. The researcher did not use his real name, but Google security officials at the conference said that they knew who he was and that he was well-respected in the security community. He had been working on the attack for a while and Google officials were unsure whether he'd be able to complete before the Pwnium contest ended Friday afternoon.

The contest was created as a rival to the Pwn2Own contest at CanSecWest, which as been running for several years. Google officials said they were happy with the results of Pwnium, which attracted two full sandbox escapes in Chrome, and the contest could end up being expanded in future years.

Continued : http://threatpost.com/en_us/blogs/google-fixes-second-set-chrome-bugs-used-pwnium-contest-031212

Pwn2Own ends with three browsers felled - Update
Teen exploits three 0-days to hack Chrome, earns $60K from Google

See Vulnerabilities / Fixes: Google Chrome Three Unspecified Code Execution Vulnerabilities
Post a reply
Discussion is locked
You are posting a reply to: NEWS - March 12, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - March 12, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Half of All 'Rogue' Pharmacies at Two Registrars
by Carol~ Forum moderator / March 12, 2012 2:42 AM PDT
In reply to: NEWS - March 12, 2012

Half of all "rogue" online pharmacies — sites that sell prescription drugs without requiring a prescription — got their Web site names from just two domain name registrars, a study released today found. The findings illustrate the challenges facing Internet policymakers in an industry that is largely self-regulated and rewards companies who market their services as safe havens for shadowy businesses.

There are about 450 accredited domain name registrars worldwide, but at least one-third of all active rogue pharmacy sites are registered at Internet.bs, a relatively small registrar that purports to operate out of the Bahamas and aggressively markets itself as an "offshore" registrar. That's according to LegitScript, a verification and monitoring service for online pharmacies. [Screenshot]

LegitScript President John Horton said the company began to suspect that Internet.bs was courting the rogue pharmacy business when it became clear that the registrar has only two-tenths of one percent of the market share for new Web site name registrations. In a report (PDF) being released today, LegitScript said that a separate analysis of more than 9,000 "not recommended" pharmacies compiled by the National Association of Boards of Pharmacy suggested that Internet.bs is sponsoring nearly 44 percent of the Internet's dodgy pill shops.

Continued : http://krebsonsecurity.com/2012/03/half-of-all-rogue-pharmacies-at-two-registrars/#more-14073

Collapse -
Porn site hacked by new group
by Carol~ Forum moderator / March 12, 2012 2:43 AM PDT
In reply to: NEWS - March 12, 2012

Well, we hope you've all been good boys and girls lately: porn site Digital Playground has been hacked by a new hacktivist group, which says it's stolen the financial and personal details of tens of thousands of customers.

Digital Playground's website is managed and run by Canadian firm Manwin, which took it down for several hours as a result.

The new group, The Consortium, describes the company's security as 'a joke'. It claims it's accessed the credit card numbers, names, CCV numbers, and expiration dates for 40,000 users of the site, as well as the e-mail addresses, usernames, and passwords of 72,000 users.

The card numbers, card expiration date, cvv and all customer billing address and contact info were in plain text, they say.

"We did not set out to destroy them but they made it too enticing to resist," it says in a statement. "So now our humble crew leave lulz and mayhem in our path."

Continued: http://www.tgdaily.com/security-features/62019-porn-site-hacked-by-new-group

Porn site Digital Playground hacked, hackers say "too enticing to resist"
Digital Playground porn passwords exposed by hackers
Porn site breached in hack attack

Collapse -
How spies used Facebook to steal Nato chiefs' details
by Carol~ Forum moderator / March 12, 2012 2:43 AM PDT
In reply to: NEWS - March 12, 2012

NATO'S most senior commander was at the centre of a major security alert when a series of his colleagues fell for a fake Facebook account opened in his name - apparently by Chinese spies.

Senior British military officers and Ministry of Defence officials are understood to have been among those who accepted "friend requests" from the bogus account for American Admiral James Stavridis.

They thought they had become genuine friends of Nato's Supreme Allied Commander - but instead every personal detail on Facebook, including private email addresses, phone numbers and pictures were able to be harvested.

Nato officials are reluctant to say publicly wo was behind the attack. But the Sunday Telegraph has learned that in classified briefings, military officers and diplomats were told the evidence pointed to "state-sponsored individuals in China".

Although they are unlikely to have found any genuine military secrets from the Facebook accounts they accessed , the incident is highly embarrassing.

Continued : http://www.telegraph.co.uk/technology/9136029/How-spies-used-Facebook-to-steal-Nato-chiefs-details.html

Five free tips to take from Nato's top dog fake Facebook account
Cyber snoopers target NATO commander in Facebook attack
Chinese Use Fake Facebook Profile to Collect Data on UK Officials

Collapse -
Facebook scam uses fake CAPTCHA to spread
by Carol~ Forum moderator / March 12, 2012 2:43 AM PDT
In reply to: NEWS - March 12, 2012

In order for a Facebook survey scam to be successful, it has to make users do two things: propagate the scam further by "endorsing" it and complete at least one survey.

Even though there are always users who fall for the most basic scams, most of them learn fast and scammers have to constantly think of new lures and new ways of making the victims inadvertently spread the offending links.

In a survey scam recently spotted by BitDefender, the scammers have decided to trick the victims into promoting it by using a bogus CAPTCHA test.

The lure is a common one: "PHOTO! Girl accidentally sends dad SMS about her FIRST time! (This is the funniest thing ever!)"

In order to see what it's all about, the victims are asked to verify their identity by solving a CAPTCHA: [Screenshot]

Continued : http://www.net-security.org/secworld.php?id=12575

Collapse -
Lost Smartphone? Finders Peek At Data
by Carol~ Forum moderator / March 12, 2012 5:11 AM PDT
In reply to: NEWS - March 12, 2012

Lost your phone recently? Chances are you aren't getting it back, Symantec researchers found in a recent smartphone study. What's even worse, whoever finds it will likely snoop around looking at photos, emails and other private information, Symantec said.

People were likely to access sensitive personal and business data stored on them, such as password files, private photos and email messages, Symantec researchers found in its first-ever "Honey Stick" study, released March 9. Even though 50 percent of the finders tried to return the devices to the owners listed in the contact file, they still succumbed to the temptation to snoop around beforehand, Symantec said.

Around 89 percent of the finders viewed personal data and 83 percent accessed business-related data stored on lost smartphones, Symantec found.

Symantec researchers intentionally lost 50 smartphones in New York City, Washington, D.C., Los Angeles, the San Francisco Bay Area, and Ottawa, Canada in public places such as elevators, park benches and mall food courts. The lost devices contained corporate and personal data such as passwords, HR files, and email...

Continued : http://securitywatch.pcmag.com/mobile-security/295216-lost-smartphone-finders-peek-at-data

Lost phone? There's an 89% chance somebody tried to access data
Finders of lost smartphones tend to snoop
Symantec's lost cell phone study confirms the worst in people

From Symantec: Introducing the Symantec Smartphone Honey Stick Project

Collapse -
Caller ID Spoofing
by Carol~ Forum moderator / March 12, 2012 5:11 AM PDT
In reply to: NEWS - March 12, 2012

"Is the president really calling you at home? Probably not."

Most people have faith that the information that they see on their Caller ID is real.

If the Caller ID reads "MICROSOFT SUPPORT - 1-800-555-1212" or something similar, then most people would tend to believe that the person on the other end of the line is really from Microsoft. A lot of people don't realize that scammers are using Voice Over IP technology and other tricks to fake or "spoof" Caller ID information.

Scammers use Caller ID spoofing to help make their scams seem more believable.

How do scammers spoof their Caller ID information?

There are several ways in which scammers spoof Caller ID information. One of the most popular ways that scammers spoof their Caller ID is through the use of special internet-based caller ID spoofing service providers. These spoofing services can be purchased cheaply and are often sold as a re-loadable calling card.

The typical Caller ID spoof works like this:

Continued : http://netsecurity.about.com/od/securityadvisorie1/a/Caller-Id-Spoofing.htm

Collapse -
Carrier IQ hopes to allay users' privacy concerns
by Carol~ Forum moderator / March 12, 2012 5:11 AM PDT
In reply to: NEWS - March 12, 2012

Carrier IQ executives said they hope that customers are once again recognizing the value of the data that their company's software collects, after some operators disabled the software following a privacy uproar late last year.

The company's software sends information about a phone's performance to network operators, which use the data to learn more about performance issues.

"Some of our customers have been using this data for five years. It's deeply embedded in how they operate," said Andrew Coward, vice president of marketing and product management at Carrier IQ.

Coward claimed the company didn't lose any customers following last year's release of a research report that showed that its software was logging keystrokes, unbeknownst to end users.

He maintained that Carrier IQ's software isn't to blame. Rather, some implementations of the software "led to information being written into these files that never should have been," he said.

Continued : http://www.computerworld.com/s/article/9225035/Carrier_IQ_Hopes_to_Allay_Users_Privacy_Concerns

Collapse -
Attempts to Spread Mobile Malware in Tweets
by Carol~ Forum moderator / March 12, 2012 5:11 AM PDT
In reply to: NEWS - March 12, 2012

From the Symantec Security Response Blog:

It takes time and dedication for cybercriminals to be able to place their mobile malware somewhere on the Internet that will result in a high number of downloads. Target locations for cybercriminals include the official apps market, third-party markets, and even fake app markets. Other locations may include websites that are designed to specifically host a particular malware or serve a variety of malware masquerading as authentic apps.

However, the cybercriminals also need to carry out some advertising in order to direct traffic to wherever the malware resides. Some use forums to add comments with malicious links, while others use search engine optimization (SEO) to list malicious sites at the top of search results. Tweets are also used to lure mobile users to the malicious sites. In fact, we have noticed that tweeting is proving a popular method used to direct users to the infamous Android.Opfake malware.

Users can potentially end up infecting their mobile devices with Android.Opfake by searching for tweets on subjects such as software, mobile devices, pornography, or even dieting topics to name a few. Android.Opfake is not hosted on the Android Market (Play Store) and these tweets lead to malicious websites developed for the Opfake application. These tweets typically contain short URLs and the message is mainly in Russian with some English terms included. Once the user visits the site, they are prompted to install the malicious application. ..

Continued : http://www.symantec.com/connect/blogs/attempts-spread-mobile-malware-tweets

Collapse -
Apple Released Safari 5.1.4
by Carol~ Forum moderator / March 12, 2012 6:12 AM PDT
In reply to: NEWS - March 12, 2012


Apple released Safari 5.1.4 for Windows as well as for OS X.

This update addresses a large number of bugs in Safari itself and in WebKit. Some of the issues fixed:

• Safari for Windows: An International Domain Name (IDN) issue with look alike characters. (I just patched Safari for OS X, and oddly, Safari still appears to render .com domains using international characters vs. punny-code. Firefox and Chrome do not show international characters for .com )
• All versions of Safari: While private browsing was active, sites were still recorded in the browsing history.
• 5 different cross site scripting vulnerabilities in WebKit
• a cookie disclosure vulnerability (WebKit)
• a cross origin issue in Webkit.
• 40 or more webkit issues that could lead to arbitrary code execution.

The update should be listed eventually at the standard Apple security URL: http://support.apple.com/kb/HT1222

Continued : http://isc.sans.edu/diary.html?storyid=12766

Related: Safari 5.1.4 update promises 11% JavaScript performance boost, fixes other bugs

Collapse -
Scam: Facebook Bans Customers Who Send Unanswered Friend
by Carol~ Forum moderator / March 12, 2012 10:06 AM PDT
In reply to: NEWS - March 12, 2012
.. Requests

Another scam is causing panic among Facebook customers. This time the false message claims that if a user clicks No when he's asked if he knows the person that sent a friend request, the latter will be banned from performing basic operations for up to 30 days and maybe even permanently.

The scam message provided by Hoax-Slayer reads:

VERY IMPORTANT: PLEASE READ: Nice people are getting banned from facebook and it could happen to you, too - the reason is because when you get a friend request, if you click the "not now" button, you will automatically recieve a request from Facebook saying, "Do you know this person?"

if you click no, that person will automatically be suspended from group chats, blocked from sending friend requests, and other nasty things for 7-30 days, and if it happens enough - permanently.

So please.. if you get an unwanted friend request, just ignore it. If you accidentally click the "not now" button, then ignore the request from facebook asking if you know them - do not respond to it. Please pass this around so we can protect our friends (and ourselves!)

In reality, if a Facebook customer sends too many friends request to unknown people and many of them deny knowing him/her, the social media site will ban the spammer from sending friends requests and messages for a short while.

Continued : http://news.softpedia.com/news/Scam-Facebook-Bans-Customers-Who-Send-Unanswered-Friend-Requests-257996.shtml
Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


Free trip to the Grand Prix

Don't miss your chance to win a trip to the Formula 1 Grand Prix in Monaco for you and a plus-one.