Spyware, Viruses, & Security forum


NEWS - May 24, 2013

by Carol~ Forum moderator / May 24, 2013 2:43 AM PDT
Google to upgrade its SSL certificates to 2048-bit keys by end of 2013, will start the process on August 1

Google on Thursday announced plans to beef up the encryption of the connections made to its services. The company is aiming to upgrade all of its SSL certificates to 2048-bit keys by the end of 2013.

Google will also be changing the root certificate that signs all of its SSL certificates, since it also still uses a less-secure 1024-bit key. The company says it will begin switching to the new 2048-bit certificates on August 1, giving itself a solid five months to "ensure adequate time for a careful rollout before the end of the year."

That's still over three months away, but Google is announcing its plan now because it knows some configurations will require extra steps to avoid complications. The company specifically mentions client software embedded in devices such as some phones, printers, set-top boxes, gaming consoles, and cameras.

As a result, client software that makes SSL connections to Google (usually in the form of HTTPS) must adhere to the following requirements:

Continued : http://thenextweb.com/google/2013/05/23/google-to-upgrade-its-ssl-certificates-to-2048-bit-keys-by-end-of-2013-will-start-the-process-on-august-1/

Google Upgrades Encryption In Its SSL Certificates
Google upgrading all SSL certificates to 2048-bit keys by end of 2013
Google to replace SSL certificates
Post a reply
Discussion is locked
You are posting a reply to: NEWS - May 24, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - May 24, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Facebook phishers target Fan Pages owners
by Carol~ Forum moderator / May 24, 2013 3:04 AM PDT
In reply to: NEWS - May 24, 2013

Phishing emails claiming to come from "Facebook Security" are once again hitting users' inboxes, and this time they are aiming for the big fish: pages that are likely to have more followers than a random private user.

According to Hoax-Slayer, the scammy email purports to notify creators of Fan Pages of an "original solution" for keeping their pages safe, but is unfortunately meant to do quite the opposite.

Users who are tricked into initiating this "Fan Page Verification Program" are taken to a bogus Facebook page that asks users to share the URL of their Fan Page, the login credentials and makes them choose a 10-digit number that will purportedly become their "Transferring Code". [Screenshot]

Continued : http://www.net-security.org/secworld.php?id=14955

Collapse -
New Android malware intercepts incoming text messages..
by Carol~ Forum moderator / May 24, 2013 3:05 AM PDT
In reply to: NEWS - May 24, 2013
... silently forwards them on to criminals

A new piece of Android malware has been discovered that can intercept your incoming text messages and forward them on to criminals. Once installed, the trojan can be used to steal sensitive messages for blackmailing purposes or more directly, codes which are used to confirm online banking transactions.

The malware in question, detected as "Android.Pincer.2.origin" by Russian security firm Doctor Web, is the second iteration of the Android.Pincer family according to the company. Both threats spread as security certificates, meaning they must be deliberately installed onto an Android device by a careless user.

Upon launching Android.Pincer.2.origin, the user will see a fake notification about the certificate's successful installation but after that, the trojan will not perform any noticeable activities for a while. Here are a few screenshots: [Screenshot]

Continued : http://thenextweb.com/insider/2013/05/23/new-android-malware-intercepts-incoming-text-messages-silently-forwards-them-on-to-criminals/
Collapse -
Mac Spyware: OSX/KitM (Kumar in the Mac)
by Carol~ Forum moderator / May 24, 2013 3:05 AM PDT
In reply to: NEWS - May 24, 2013

From the F-Secure Antivirus Research Weblog:

There's another case of Backdoor:OSX/KitM.A in the wild.

A German-based investigator reached out to us yesterday regarding OSX/KitM. (We wrote about it last week.) KitM stands for "Kumar in the Mac", which is our designation for spyware — related to OSX/Filesteal a.k.a. OSX/HackBack — that is signed using an Apple Developer ID in the name of Rajinder Kumar. The Developer ID has since been revoked by Apple.

This latest version of OSX/KitM used a Romanian C&C server called liveapple.eu during the period of attack, December 2012 to early February 2013. The spear phishing used an attachment called Christmas_Card.app.zip. (Remember, the attack started in December.)

So, that brings us to this bit of advice for those of you who might be targets.

This is the default "Gatekeeper" security setting: [Screenshot]

This is the setting that you want, unless you're actively installing software: [Screenshot]

Continued : http://www.f-secure.com/weblog/archives/00002558.html

Related from F-Secure: Big Hangover

Related: Researchers find more versions of digitally signed Mac OS X spyware

Collapse -
Mac Spyware Bait: Lebenslauf fur Praktitkum
by Carol~ Forum moderator / May 24, 2013 3:11 AM PDT

Related from F-Secure:

As a follow up to yesterday's Kumar in the Mac post... have you received e-mail attachments such as this? [Sccreenshot]


• Christmas_Card.app.zip
• Content_for_Article.app.zip
• Content_of_article_for_[NAME REMOVED].app.zip
• Interview_Venue_and_Questions.zip
• Lebenslauf_fur_Praktitkum.zip

If so, you may be the target of a spear phishing campaign designed to install a spyware on your Mac.

Here's a list of binaries signed by Apple Developer "Rajinder Kumar".

Continued : http://www.f-secure.com/weblog/archives/00002559.html

Collapse -
Malware-splosion: 2013 Will be Malware's Biggest Year Ever
by Carol~ Forum moderator / May 24, 2013 3:05 AM PDT
In reply to: NEWS - May 24, 2013

[Screenshot: New unique samples added to AV-TEST's repository]

According to the German security company AV-Test, malware has exploded in the past five years to unprecedented levels. More troublingly, they anticipate seeing over 60 million new pieces of malicious software by the end of the year.

Andreas Marx, CEO of AV-Test, told SecurityWatch that his company has been compiling malware samples since 1984. Their database had humble beginnings: just 12 samples of malicious software. By 2003 there were over a million and nearly ten million by 2008. But by the beginning of this year, the number had jumped to 104,437,337 unique samples.

"The AV-TEST database used to record current malware is now working flat out," said Marx. He went on to say that the system has already recorded, "over 20 million samples of new malware between January and the beginning of May."

Continued : http://securitywatch.pcmag.com/security/311804-malware-splosion-2013-will-be-malware-s-biggest-year-ever

Collapse -
Thousands of DHS Personnel Notified of Data Breach
by Carol~ Forum moderator / May 24, 2013 4:01 AM PDT
In reply to: NEWS - May 24, 2013

The Department of Homeland Security this week began notifying up to tens of thousands of employees, contractors and others with a DHS security clearance that their personal data may be at risk.

The notifications began on Monday, according to an online statement, after officials learned of a vulnerability in software used by a vendor to process personnel background investigations. The security vulnerability apparently has existed since July 2009 and the exposed data includes names, Social Security numbers and dates of birth. The security hole was sealed immediately.

"While there is no evidence that any unauthorized user accessed any personally identifiable information, [but] out of abundance of caution, DHS is alerting employees and individuals who received a DHS clearance of the potential vulnerability and outlining ways that they can protect themselves, including requesting fraud alerts and a credit report," the agency said.

Continued : http://threatpost.com/thousands-of-dhs-personnel-notified-of-data-breach/

Also: DHS Says Software Vulnerability Put Sensitive Employee Information At Risk

Collapse -
Zeus Malware Back With A Vengeance To Cause Carnage In May
by Carol~ Forum moderator / May 24, 2013 4:01 AM PDT
In reply to: NEWS - May 24, 2013

The Zeus malware family continues to plague the Internet, reemerging with a vengeance over the past few months, security researchers have warned.

Zeus is one of the best known malware in the security community and is designed to steal victims' bank details. It can do all kinds of nasty things, including web injects to trick users into entering details into portions of websites they think are genuine.

Also known as ZBOT, Zeus surged into activity in February, having been relatively quiet in the month before, as seen in the chart from Trend Micro below: [Screenshot]

How Zeus works

The malware connects to a remote site to download its encrypted configuration file, which tells Zeus what websites to monitor and the site where it will send the pilfered data.

Continued : http://www.techweekeurope.co.uk/news/zeus-malware-spike-trend-117264

Related: Zeus variants are back with a vengeance

Collapse -
New Report on Teens, Social Media, and Privacy
by Carol~ Forum moderator / May 24, 2013 4:35 AM PDT
In reply to: NEWS - May 24, 2013

From Bruce Schneier @ his Schneier on Security Blog:

Interesting report from the From the Pew Internet and American Life Project:

Teens are sharing more information about themselves on their social media profiles than they did when we last surveyed in 2006:

• 91% post a photo of themselves, up from 79% in 2006.
• 71% post their school name, up from 49%.
• 71% post the city or town where they live, up from 61%.
• 53% post their email address, up from 29%.
• 20% post their cell phone number, up from 2%.

60% of teen Facebook users set their Facebook profiles to private (friends only), and most report high levels of confidence in their ability to manage their settings.

danah boyd points out something interesting in the data:

Continued : http://www.schneier.com/blog/archives/2013/05/new_report_on_t_1.html

Collapse -
Malware, Adware in This Week's Dangerous Android Apps
by Carol~ Forum moderator / May 24, 2013 5:46 AM PDT
In reply to: NEWS - May 24, 2013

Bad Android apps can take many forms. Whether they are out to steal data, sign you up for premium rate SMS services, or pushing dodgy and malicious links via advertiser networks, users need to beware. SecurityWatch is partnering with a handful of security companies who monitor apps on Google Play and third-party marketplaces to identify malicious apps you should avoid.

If you happen to already have it, immediately remove the apps from your Android device and check your bill for unexplained charges.

Theoretically, malware can target any mobile platform. There are Zeus-in-the-mobile variants targeting BlackBerry devices, Java exploits targeting Symbian phones, and the occasional proof-of-concept going after iOS devices. But for the most part, when anyone talks about dangerous mobile apps, they mean Android apps.

For this week's list (Memorial Day edition) we have three apps Appthority found on third-party Websites and a bonus app BitDefender flagged on Google Play for using aggressive ad networks.

[1] Fake Google Play Installer

Continued : http://securitywatch.pcmag.com/mobile-apps/311878-malware-adware-in-this-week-s-dangerous-android-apps

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions

CNET Holiday Gift Guide

Looking for great gifts under $100?

Trendy tech gifts don't require a hefty price tag. Choose from these CNET-recommended useful and high-quality gadgets.