11 total posts
Half of All 'Rogue' Pharmacies at Two Registrars
Half of all "rogue" online pharmacies — sites that sell prescription drugs without requiring a prescription — got their Web site names from just two domain name registrars, a study released today found. The findings illustrate the challenges facing Internet policymakers in an industry that is largely self-regulated and rewards companies who market their services as safe havens for shadowy businesses.
There are about 450 accredited domain name registrars worldwide, but at least one-third of all active rogue pharmacy sites are registered at Internet.bs, a relatively small registrar that purports to operate out of the Bahamas and aggressively markets itself as an "offshore" registrar. That's according to LegitScript, a verification and monitoring service for online pharmacies. [Screenshot]
LegitScript President John Horton said the company began to suspect that Internet.bs was courting the rogue pharmacy business when it became clear that the registrar has only two-tenths of one percent of the market share for new Web site name registrations. In a report (PDF) being released today, LegitScript said that a separate analysis of more than 9,000 "not recommended" pharmacies compiled by the National Association of Boards of Pharmacy suggested that Internet.bs is sponsoring nearly 44 percent of the Internet's dodgy pill shops.
Continued : http://krebsonsecurity.com/2012/03/half-of-all-rogue-pharmacies-at-two-registrars/#more-14073
Porn site hacked by new group
Well, we hope you've all been good boys and girls lately: porn site Digital Playground has been hacked by a new hacktivist group, which says it's stolen the financial and personal details of tens of thousands of customers.
Digital Playground's website is managed and run by Canadian firm Manwin, which took it down for several hours as a result.
The new group, The Consortium, describes the company's security as 'a joke'. It claims it's accessed the credit card numbers, names, CCV numbers, and expiration dates for 40,000 users of the site, as well as the e-mail addresses, usernames, and passwords of 72,000 users.
The card numbers, card expiration date, cvv and all customer billing address and contact info were in plain text, they say.
"We did not set out to destroy them but they made it too enticing to resist," it says in a statement. "So now our humble crew leave lulz and mayhem in our path."
Porn site Digital Playground hacked, hackers say "too enticing to resist"
Digital Playground porn passwords exposed by hackers
Porn site breached in hack attack
Facebook scam uses fake CAPTCHA to spread
In order for a Facebook survey scam to be successful, it has to make users do two things: propagate the scam further by "endorsing" it and complete at least one survey.
Even though there are always users who fall for the most basic scams, most of them learn fast and scammers have to constantly think of new lures and new ways of making the victims inadvertently spread the offending links.
In a survey scam recently spotted by BitDefender, the scammers have decided to trick the victims into promoting it by using a bogus CAPTCHA test.
The lure is a common one: "PHOTO! Girl accidentally sends dad SMS about her FIRST time! (This is the funniest thing ever!)"
In order to see what it's all about, the victims are asked to verify their identity by solving a CAPTCHA: [Screenshot]
Continued : http://www.net-security.org/secworld.php?id=12575
Lost Smartphone? Finders Peek At Data
Lost your phone recently? Chances are you aren't getting it back, Symantec researchers found in a recent smartphone study. What's even worse, whoever finds it will likely snoop around looking at photos, emails and other private information, Symantec said.
People were likely to access sensitive personal and business data stored on them, such as password files, private photos and email messages, Symantec researchers found in its first-ever "Honey Stick" study, released March 9. Even though 50 percent of the finders tried to return the devices to the owners listed in the contact file, they still succumbed to the temptation to snoop around beforehand, Symantec said.
Around 89 percent of the finders viewed personal data and 83 percent accessed business-related data stored on lost smartphones, Symantec found.
Symantec researchers intentionally lost 50 smartphones in New York City, Washington, D.C., Los Angeles, the San Francisco Bay Area, and Ottawa, Canada in public places such as elevators, park benches and mall food courts. The lost devices contained corporate and personal data such as passwords, HR files, and email...
Continued : http://securitywatch.pcmag.com/mobile-security/295216-lost-smartphone-finders-peek-at-data
Lost phone? There's an 89% chance somebody tried to access data
Finders of lost smartphones tend to snoop
Symantec's lost cell phone study confirms the worst in people
From Symantec: Introducing the Symantec Smartphone Honey Stick Project
Caller ID Spoofing
"Is the president really calling you at home? Probably not."
Most people have faith that the information that they see on their Caller ID is real.
If the Caller ID reads "MICROSOFT SUPPORT - 1-800-555-1212" or something similar, then most people would tend to believe that the person on the other end of the line is really from Microsoft. A lot of people don't realize that scammers are using Voice Over IP technology and other tricks to fake or "spoof" Caller ID information.
Scammers use Caller ID spoofing to help make their scams seem more believable.
How do scammers spoof their Caller ID information?
There are several ways in which scammers spoof Caller ID information. One of the most popular ways that scammers spoof their Caller ID is through the use of special internet-based caller ID spoofing service providers. These spoofing services can be purchased cheaply and are often sold as a re-loadable calling card.
The typical Caller ID spoof works like this:
Continued : http://netsecurity.about.com/od/securityadvisorie1/a/Caller-Id-Spoofing.htm
Carrier IQ hopes to allay users' privacy concerns
Carrier IQ executives said they hope that customers are once again recognizing the value of the data that their company's software collects, after some operators disabled the software following a privacy uproar late last year.
The company's software sends information about a phone's performance to network operators, which use the data to learn more about performance issues.
"Some of our customers have been using this data for five years. It's deeply embedded in how they operate," said Andrew Coward, vice president of marketing and product management at Carrier IQ.
Coward claimed the company didn't lose any customers following last year's release of a research report that showed that its software was logging keystrokes, unbeknownst to end users.
He maintained that Carrier IQ's software isn't to blame. Rather, some implementations of the software "led to information being written into these files that never should have been," he said.
Continued : http://www.computerworld.com/s/article/9225035/Carrier_IQ_Hopes_to_Allay_Users_Privacy_Concerns
Attempts to Spread Mobile Malware in Tweets
From the Symantec Security Response Blog:
It takes time and dedication for cybercriminals to be able to place their mobile malware somewhere on the Internet that will result in a high number of downloads. Target locations for cybercriminals include the official apps market, third-party markets, and even fake app markets. Other locations may include websites that are designed to specifically host a particular malware or serve a variety of malware masquerading as authentic apps.
However, the cybercriminals also need to carry out some advertising in order to direct traffic to wherever the malware resides. Some use forums to add comments with malicious links, while others use search engine optimization (SEO) to list malicious sites at the top of search results. Tweets are also used to lure mobile users to the malicious sites. In fact, we have noticed that tweeting is proving a popular method used to direct users to the infamous Android.Opfake malware.
Users can potentially end up infecting their mobile devices with Android.Opfake by searching for tweets on subjects such as software, mobile devices, pornography, or even dieting topics to name a few. Android.Opfake is not hosted on the Android Market (Play Store) and these tweets lead to malicious websites developed for the Opfake application. These tweets typically contain short URLs and the message is mainly in Russian with some English terms included. Once the user visits the site, they are prompted to install the malicious application. ..
Continued : http://www.symantec.com/connect/blogs/attempts-spread-mobile-malware-tweets
Apple Released Safari 5.1.4
From SANS ISC:
Apple released Safari 5.1.4 for Windows as well as for OS X.
This update addresses a large number of bugs in Safari itself and in WebKit. Some of the issues fixed:
• Safari for Windows: An International Domain Name (IDN) issue with look alike characters. (I just patched Safari for OS X, and oddly, Safari still appears to render .com domains using international characters vs. punny-code. Firefox and Chrome do not show international characters for .com )
• All versions of Safari: While private browsing was active, sites were still recorded in the browsing history.
• 5 different cross site scripting vulnerabilities in WebKit
• a cookie disclosure vulnerability (WebKit)
• a cross origin issue in Webkit.
• 40 or more webkit issues that could lead to arbitrary code execution.
The update should be listed eventually at the standard Apple security URL: http://support.apple.com/kb/HT1222
Continued : http://isc.sans.edu/diary.html?storyid=12766
Scam: Facebook Bans Customers Who Send Unanswered Friend
Another scam is causing panic among Facebook customers. This time the false message claims that if a user clicks No when he's asked if he knows the person that sent a friend request, the latter will be banned from performing basic operations for up to 30 days and maybe even permanently.
The scam message provided by Hoax-Slayer reads:
VERY IMPORTANT: PLEASE READ: Nice people are getting banned from facebook and it could happen to you, too - the reason is because when you get a friend request, if you click the "not now" button, you will automatically recieve a request from Facebook saying, "Do you know this person?"
if you click no, that person will automatically be suspended from group chats, blocked from sending friend requests, and other nasty things for 7-30 days, and if it happens enough - permanently.
So please.. if you get an unwanted friend request, just ignore it. If you accidentally click the "not now" button, then ignore the request from facebook asking if you know them - do not respond to it. Please pass this around so we can protect our friends (and ourselves!).'
In reality, if a Facebook customer sends too many friends request to unknown people and many of them deny knowing him/her, the social media site will ban the spammer from sending friends requests and messages for a short while.
Continued : http://news.softpedia.com/news/Scam-Facebook-Bans-Customers-Who-Send-Unanswered-Friend-Requests-257996.shtml