10 total posts
Gmail misidentifies Adobe password reset message as spam
On Thursday, Adobe announced that hackers had broken into its systems, stealing some of its source code and stealing information on some 2.9 million customers.
Adobe's security team said that it was contacting customers via email to tell them how they can change their passwords, as well as sending letters to those who had credit card information exposed.
It's somewhat disappointing then to discover that Gmail, one of the world's most popular webmail providers, is mistakenly blocking Adobe's warning as spam.
Here's how the message, sent by Adobe Customer Care with the subject line "Important Password Reset Information", appears in Gmail's spam folder. [Screenshot]
Google has added the (incorrect) warning that users should be cautious of the email:
Be careful with this message. Similar messages have been used to steal people's personal information. Unless you trust the sender, don't click on links or reply with personal information.
LA students get iPads, crack firewall, play games
Education officials in the nation's second-largest school district are working to reboot a $1 billion plan to put an iPad in the hands of each of their 650,000 students after an embarrassing glitch emerged when the first round of tablets went out.
Instead of solving math problems or doing English homework, as administrators envisioned, more than 300 Los Angeles Unified School District students promptly cracked the security settings and started tweeting, posting to Facebook and playing video games.
"'Temple Run.' 'Subway Surfing.' Oh, and some car racing game I can't remember the name of," said freshman Stephany Romero, laughing as she described the games she saw fellow Roosevelt High School students playing in class last week.
That incident, and related problems, had both critics and supporters questioning this week whether LAUSD officials were being hasty or overreaching in their attempt to distribute an iPad to every student and teacher at the district's more than 1,000 campuses by next year.
"It doesn't seem like there was much planning that went into this strategy," said Renee Hobbs, director of the Harrington School of Communication and Media at the University of Rhode Island. "That's where the debacle began."
Kuluoz Voicemail Spam Drops Signed Certificate Winwebsec
From the ThreatTrack Security Labs:
Kuluoz Malware has been causing problems this past week, with fake WhatsApp email messages leading to various forms of mobile infection. Over the last day or so, our Labs have noticed a shift into other realms - namely, Fake AV.
Whenever we see Kuluoz, it is typically using compromised boxes to host payloads - and those payloads are usually Winwebsec and Medfos. Fake emails are the name of the game, and as you can see the run the full range of wedding invites, airline spam, DHL / Fedex notifications and more besides.
In this case, we begin with the now familiar WhatsApp spam email messages: [Screenshot]
Instead of links taking end-users to malicious mobile downloads, they'll be taken to a .biz.ua URL offering up a Kuluoz.B executable file which will download WinWebSec onto the target PC. Winwebsec has been signed by a valid cert, which is increasingly becoming a problem where Malware is concerned. The Winwebsec variant is fairly recent, dating from mid to late August.
Card not present scams soar despite clampdown on bank fraud
Better fraud detection and swifter action on phishing sites contributed to online banking losses falling by a fifth during the first half of 2013, according to figures from banking sector body Financial Fraud Action UK.
Online fraud cost against UK institutions cost the industry £17.1 million ($27 million, a 21 percent drop compared to the same period in 2012, almost matching a 22 percent drop in telephone banking fraud to £5.2 million over the same period.
"This is due to enhanced processes for intelligence-sharing across the banks, as well as better online security tools and greater awareness amongst consumers," said the FFA. Under police direction, service providers had also improved their efficiency at taking down the phishing sites used to steal bank credentials, which had fallen by 87 percent compared to 2012 the organisation said.
But despite this, overall UK 'plastic fraud' rose to £216.1 million, a fairly sharp year-on-year 17 percent rise; so what are the new trouble spots?
Continued : http://news.techworld.com/security/3472289/card-not-present-scams-soar-despite-clampdown-on-online-bank-fraud/
Vulnerable and aggressive adware threatening millions
FireEye discovered a new mobile threat from a popular ad library that no other antivirus or security vendor has reported publicly before. Mobile ad libraries are third-party software included by host apps in order to display ads. Because this library's functionality and vulnerabilities can be used to conduct large-scale attacks on millions of users, we refer to it anonymously by the code name "Vulna" rather than revealing its identity.
We have analyzed all Android apps with over one million downloads on Google Play, and we found that over 1.8% of these apps used Vulna. These affected apps have been downloaded more than 200 million times in total.
Though it is widely known that ad libraries present privacy risks such as collecting device identifiers (IMEI, IMSI, etc.) and location information, Vulna presents far more severe security issues. First, Vulna is aggressive - if instructed by its server, it will collect sensitive information such as text messages, phone call history, and contacts. It also performs dangerous operations such as executing dynamically downloaded code. Second, Vulna contains a number of diverse vulnerabilities.
Continued : http://www.net-security.org/malware_news.php?id=2606
Adobe Flash Player replacement "Shumway" lands in Firefox 27
Death knell for Adobe Flash Player?
Mozilla has taken one giant step closer to making Adobe's Flash Player a thing of the past with the inclusion of their own HTML5 Flash Player called "Shumway".
Shumway landed in Firefox 27 nightly, which has yet to make the Aurora branch, and according to our own tests, even though Shumway can be loaded (it's disabled by default) it's in a "pretty much unusable state" right now.
Adobe Flash Player has a long history of being plagued with bugs, and many users opt not to install it at all; so being able to play Flash without the normal player is a big step forward for security, as well as on mobile devices which don't support Flash natively.
Shumway is a HTML5 technology experiment that explores building a faithful and efficient renderer for the SWF file format without native code assistance. Shumway is community-driven and supported by Mozilla. Their goal is to create a general-purpose, web standards-based platform for parsing and rendering SWFs. Full integration with Firefox is a possibility if the experiment proves successful.
Related: Shumway, Mozilla's HTML5-Based Flash Player Replacement, Lands In Firefox Nightly
Router Flaw Could Disclose Sensitive Configuration,
.. Password Information
Taiwanese electronics company Asus has released an update for one of its routers that corrects an authentication bypass vulnerability discovered in the devices over the summer.
The vulnerability is in Asus' RT-N10E brand of routers, sold primarily throughout Europe, China and South America.
According to a note on Carnegie Mellon's CERT Vulnerability Notes Database late Friday, the problem is that once an attacker gains access to the device, they can make their way to a certain website and learn the device configuration without entering log-in credentials.
The site, http: //RouterIPAddress/qis/QIS_finish[.]htm, bills itself as the most comprehensive Router Database and is commonly used by end users to research router information and settings worldwide.
The vulnerability (CVE-2013-3610) allows attackers to view information - including the device's administrator password - that should only be viewable to authenticated users, by being on the local area network.
See Vulnerabilities / Fixes : ASUS RT-N10E Wireless Router "QIS_finish.htm" Information
PureVPN WAS Hacked, But is NOT Closing
Ever since the extent of government surveillance of the internet became known through the Snowden leaks, public and commercial interest in virtual private networks (VPNs) to both bypass internet blockades and provide user privacy has escalated.
One VPN that has experienced 'phenomenal growth' in recent months is Hong Kong-based PureVPN. Over the weekend, however, some customers received an email purporting to come from the founder, Uzair Gadit: "I'm sorry to inform you that due to an incident we had to close your account permanently. We are no longer able to run an anonymization service due to legal issues we are facing."
It was a bit reminiscent of Ladar Levison's announcement that he was closing down Lavabit - but this message went further, warning that PureVPN had handed over full user details (presumably to the law enforcement agency causing the incident), and that it could not refund any money because its bank account had been frozen.
Related: VPN provider hacked, fake emails scare customers