Spyware, Viruses, & Security forum


NEWS - May 08, 2014

by Carol~ Forum moderator / May 7, 2014 11:45 PM PDT
Your Android phone viewed illegal porn. To unlock it, pay a $300 fine

"To stoke maximum fear, ransomware geolocates users, targets them by country."

Researchers have uncovered Android-based malware that disables infected handsets until end users pay a hefty cash payment to settle trumped-up criminal charges involving the viewing of illegal pornography.

To stoke maximum fear, Android-Trojan.Koler.A uses geolocation functions to tailor the warnings to whatever country a victim happens to reside in. The screenshot to the right invoking the FBI, for instance, is the notice that's displayed on infected phones connecting from a US-based IP address. People in Romania and other countries will see slightly different warnings. The malware prevents users from accessing the home screen of their phones, making it impossible to use most other apps installed on the phone. The normal phone functions in some cases can be restored only when the user pays a "fine" of about $300, using untraceable payment mechanisms such as Paysafecard or uKash.

Continued : http://arstechnica.com/security/2014/05/your-android-phone-viewed-illegal-porn-to-unlock-it-pay-a-300-fine/

CryptoLocker-Like Ransomware Moves to Android
Koler Android malware demands $300 ransom from its victims
Post a reply
Discussion is locked
You are posting a reply to: NEWS - May 08, 2014
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - May 08, 2014
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Chrome Canary Bug Hides URLs A Little Too Well
by Carol~ Forum moderator / May 8, 2014 12:11 AM PDT
In reply to: NEWS - May 08, 2014

Borrowing a tactic from the mobile Safari browser in iOS, Google may soon abandon displaying complete URLs in Chrome.

The Canary version of the browser, an unstable version designed for developers and early adopters, is toying with the idea of no longer displaying full URLs in its Omnibox—what other browsers call an address bar—instead moving the top-level domain to a prominent spot left of the Omnibox known as the Origin Chip.

The idea is that this will make it much easier for users to flag phishing sites. But web security firm PhishMe has reported on a bug where URLs that exceed 100 characters will not display a top level domain or URL of any kind, but instead display just an empty search bar.

Continued : http://threatpost.com/chrome-canary-bug-hides-urls-a-little-too-well/105939

Related: Address bar tweak in early Chrome beta puts even savvy users at risk

Collapse -
Orange hacked again. 1.3 million have personal data stolen
by Carol~ Forum moderator / May 8, 2014 12:59 AM PDT
In reply to: NEWS - May 08, 2014

French telephone company Orange must have something of a red face right now, as it has found itself in the embarrassing position of admitting that hackers have made away with customer information for the second time this year.

In the latest security breach, hackers managed to seize the names, email addresses, phone numbers, dates of birth and other information related to a jaw-dropping 1.3 million current and potential customers.

Orange says that it detected the hack against a platform used by the company to send promotional emails and text messages on April 18th, but has kept quiet until this week as it wanted to ensure that the security holes used by the attackers to breach the phone company's systems had been patched.

Continued : http://grahamcluley.com/2014/05/orange-hacked-again/

Orange hacked again, 1.3M users affected
Orange France hacked AGAIN, 1.3 million victims seeing red

Collapse -
More PUPs Sighted, Using Instagram as Lure
by Carol~ Forum moderator / May 8, 2014 1:50 AM PDT
In reply to: NEWS - May 08, 2014

With news of Instagram finally beating Twitter in terms of overall usage, it's high time that we stop, look back, and remind ourselves of the potential dangers lurking on the net specifically crafted to target Instagram users and lurkers alike.

In late March, the digital marketing research and analysis company eMarketers published data pointing out that Instagram surpassed Twitter in terms of active mobile users in the US by 2.7 million.

They expect numbers to steadily grow until at least 2016. For details on how eMarketers came up with and put together their data, we suggest you read their article entitled "Instagram Usage in the US Surges 35% in 2013, Rivals Twitter for Smartphone Audience".

Continued : http://blog.malwarebytes.org/security-threat/2014/05/more-pups-sighted-using-instagram-as-lure/

Collapse -
New App Recognizes Twitter Bots, Researchers Say
by Carol~ Forum moderator / May 8, 2014 1:50 AM PDT
In reply to: NEWS - May 08, 2014

Bitdefender's "HOT for Security" Blog:

Indiana University researchers have developed a new app that identifies Twitter accounts controlled by automated software designed to flood online conversations with spam and misleading information, the researchers say.

The BotOrNot app examines about 1,000 account features including the user's network, content and posting frequency to determine the extent to which an account resembles a social bot.

"We have applied a statistical learning framework to analyze Twitter data, but the 'secret sauce' is in the set of more than one thousand predictive features able to discriminate between human users and social bots, based on content and timing of their tweets, and the structure of their networks," said Alessandro Flammini, associate professor of informatics and principal investigator on the project.

Continued : http://www.hotforsecurity.com/blog/new-app-recognizes-twitter-bots-researchers-say-8547.html

Collapse -
Email-borne exploits: the not-so innocuous killers ...
by Carol~ Forum moderator / May 8, 2014 1:51 AM PDT
In reply to: NEWS - May 08, 2014
... targeting small business

"Malwarebytes Unpacked" Blog:

Email remains a widely used infection vector that mostly relies on social engineering a victim to click on a link or execute an attachment.

As far as malicious attachments go, the majority are zipped executables that often use the double extension trick (i.e. Invoice.doc.exe) and will directly infect a user's PC as soon as they are ran.

But there's another type of malicious attachments, one that we seldom hear about, that may deceive a lot of people and sneak by your antivirus: regular documents that have been exploited.

Just a couple of days ago, we spotted a new wave of spam emails spewing malicious PDF files. The decoy, which purports to be an invoice, is directly attached to an email targeting small businesses: [Screenshot]

Continued : http://blog.malwarebytes.org/exploits-2/2014/05/email-borne-exploits-the-not-so-innocuous-killers-targeting-small-business/

Related: Small businesses targeted with email-borne exploits
Collapse -
Flash and Java still as vulnerable as ever, says Microsoft
by Carol~ Forum moderator / May 8, 2014 2:21 AM PDT
In reply to: NEWS - May 08, 2014

"Microsoft's latest Security Intelligence Report for the second half of 2013 sees Java and Flash as the top attack vectors, with Java being nearly the default"

Java and Flash are still gigantic targets for attackers, and Java has become the biggest security problem for Windows users, according to Microsoft's most recent Security Intelligence Report (pdf). Volume 16 covers trends in worldwide IT security across the second half of 2013.

The report, assembled mainly from intelligence from Microsoft's Trustworthy Computing division, looks at the way the most common threats faced in computing today -- vulnerabilities, malware, exploits, and so on -- evolved during 2013. What's most dismaying is that so many of the same kinds of exploits, attacks, and attack vectors remain a problem.

Continued : http://www.infoworld.com/t/malware/flash-and-java-still-vulnerable-ever-says-microsoft-242130

* * * * * * * * * * * * * * * *

Also related to the Microsoft Security Intelligence Report:

Malware peddlers prefer deceptive tactics to exploits

Cyber crooks are losing interested in exploits as an attack vector, and are concentrating on deceptive downloads and ransomware as a means of earning/stealing money.

The trend is very obvious to Microsoft. In its newest Security Intelligence Report (SIRv16), the data gathered via the company's Malicious Software Removal Tool and real-time protection products reveal that worldwide infection rates and encounter rates in the second half of 2013 have risen considerably.

Continued : http://www.net-security.org/malware_news.php?id=2763

Report-related: Malware infections tripled in late 2013, Microsoft finds

Collapse -
Apple admits flaw in email attachment encryption on iPhones
by Carol~ Forum moderator / May 8, 2014 4:49 AM PDT
In reply to: NEWS - May 08, 2014
.. and iPads

Apple is under pressure to patch a security flaw in iOS 7, after researcher Andreas Kurtz published his discovery that email attachments are unencrypted on iPhones and iPads, and can be accessed by an attacker using "well-known techniques."

Apple usually doesn't talk about any security bugs until it has issued a patch, although in this case the company confirmed the vulnerability and said it is working on a fix.

This probably isn't a show-stopping hole - it seems that an attacker can't use the bug to read your email attachments remotely - but it was serious enough to get Apple's reaction.

Continued : http://nakedsecurity.sophos.com/2014/05/07/apple-admits-flaw-in-email-attachment-encryption-on-iphones-and-ipads/
Collapse -
Antivirus is Dead: Long Live Antivirus!
by Carol~ Forum moderator / May 8, 2014 4:49 AM PDT
In reply to: NEWS - May 08, 2014

An article in The Wall Street Journal this week quoted executives from antivirus pioneer Symantec uttering words that would have been industry heresy a few years ago, declaring antivirus software "dead" and stating that the company is focusing on developing technologies that attack online threats from a different angle.

This hardly comes as news for anyone in the security industry who's been paying attention over the past few years, but I'm writing about it because this is a great example of how the cybercrime underground responds to — and in some cases surpasses — innovations put in place by the good guys.

About 15 years ago, when the antivirus industry was quite young, there were far fewer competitors in the anti-malware space. Most antivirus firms at the time had a couple of guys in the lab whose job it was to dissect, poke and prod at the new crimeware specimens. After that, they'd typically write reports about the new threats, and then ship "detection signatures" that would ostensibly protect customers that hadn't already been compromised by the new nasties.

Continued : http://krebsonsecurity.com/2014/05/antivirus-is-dead-long-live-antivirus/

Various posts and opinions:
The death of Antivirus has been greatly exaggerated
So what is the fuss about the 'Death of AV'?
Symantec calls antivirus 'doomed' as security giants fight for survival
Symantec Says Antivirus Is Dead, World Rolls Eyes

Also see thread created by member "itsdigger" titled "Symantec(Norton) declares AV "dead" and "doomed to failure"

Collapse -
New iPhone lock screen flaw gives hackers full access to ..
by Carol~ Forum moderator / May 8, 2014 5:17 AM PDT
In reply to: NEWS - May 08, 2014
.. contact list data

" iPhone users are vulnerable to a lock-screen flaw that allows a hands-on hacker to gain full access to a user's contacts list."

According to the Egyptian part-time hacker who discovered the flaw and recorded the steps on YouTube, Sherif Hashim, the vulnerability only exists when running iOS 7.1.1, the latest version of the mobile platform, and when Siri is available from the lock-screen.

The flaw exists when Siri is triggered on the lock-screen, and a user says, "Contacts." Although Siri will refuse to dish out any details, not before bringing up the password screen, a user is able to access the contacts list by pulling up on the screen, editing the request, and asking for a duplicated name. If you have more than one "John," for instance, you have the option to view all contacts from the "Other..." menu.

However, the hacker attempting to gain access to the device must be in its physical presence in order to perform the trick.

Continued: http://www.zdnet.com/new-iphone-lock-screen-flaw-gives-hacker-full-access-to-contact-list-data-7000029242/
Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


CNET bought a house!

Take a look inside the house where we will be testing connected locks, thermostats and other smart home products so we can tell a complete story.