13 total posts
(Updated) Hackers compromise official PHP website,
.. infect visitors with malware
"Php.net goes on lockdown after malicious code is found hosted on site servers."
Maintainers of the open-source PHP programming language have locked down the php.net website after discovering two of its servers were hacked to host malicious code designed to surreptitiously install malware on visitors' computers.
Eventually, the site was moved to a new set of servers, PHP officials wrote in an earlier statement. There's no evidence that any of the code they maintain has been altered, they added. Encrypted HTTPS access to php.net websites is temporarily unavailable until a new secure sockets layer certificate is issued and installed. The old certificate was revoked out of concern the intruders may have accessed the private encryption key. User passwords will be reset in the coming days. At time of writing, there was no indication of any further compromise.
Continued : http://arstechnica.com/security/2013/10/hackers-compromise-official-php-website-infect-visitors-with-malware/
PHP.net compromised and used to attack visitors
Official PHP website hacked, spreads malware infection
Php.net compromised to serve malware
Senator Demands More Info From Experian
In the wake of revelations that credit bureau Experian sold consumer data to the proprietors of an underground identity theft service, a powerful U.S. senator is calling on the company to divulge more information on the extent of the potential damage to consumers.
West Virginia Senator Jay Rockefeller, a Democrat who chairs the Senate Committee on Commerce, Science and Transportation, on Wednesday sent a letter (PDF) to Experian demanding additional details about the security breach. Specifically, Rockefeller asked for responses to questions about Experian's vetting process for its customers and current practices for sharing consumer data. The senator also urged Experian to fully respond to his related previous inquiries regarding Experian's customers, its oversight of its disclosure to third parties, and Experian's data sources.
Related: Experian Sold Consumer Data to ID Theft Service
Is your smartphone broadcasting your movements when you shop
Next time you're in a public place, have a good look around you and see if you're being followed.
You (probably) won't see anyone actually tailing you, but if you have your smartphone with you it's possible that your movements are being keenly observed.
A couple of months ago we reported on the sinister and faintly Dr Whoish tale of London's spying rubbish bins. These uncannily observant, space-age trash cans were part of a trial by advertisers that monitored peoples' movements by tracking the unique IDs of their mobile phones.
All WiFi-capable devices broadcast a unique ID, a Media Access Control (MAC) address, when they're looking for networks (and so long as WiFi is enabled they are always looking for networks).
Skype Smileys, Browser Extensions and You
ThreatTrack Security Labs Blog:
An emoticons program for Skype recently caught our eye located at skypemoticonsb(dot)asia. [Screenshot]
Interestingly, they have a standalone uninstaller because the main executable has no such functionality. Programs missing a built-in uninstaller aren't that common these days, and causes all sorts of potential issues and messing around to remove from a system. What if the website / server goes down hosting the uninstaller? Why should I be dependent on a chain of downloads to remove one program?
It isn't the most reassuring thing in the World to see the uninstall download page telling me that "If the uninstaller in the first link didn't work for you, please try the below" [Screenshot]
Why wouldn't it work? Why do I already have three programs to juggle before I've even installed something? Is one of the uninstallers more reliable than the other?
The first screen of the installer gives us functional T&C pages, so that's good. [Screenshot]
Fake Social Empires Cheat Exposes over 135K Facebook Users..
.. to Fraud
More than 135,000 Facebook users were exposed to fraud and identity theft, after they clicked the 'like' button on a fake Social Empires cheat website. The application is one of the most popular strategy games on Facebook, with more than 6 million monthly active users who are now vulnerable to the scam. [Screenshot]
Fake Social Empires Cheat Exposes over 135,000 Facebook Users to FraudThe page recently created on a Blogspot domain spreads massively on the social network from one user to another. Passionate gamers have already `liked' the web site, also exposing their friends and other users to the scam. The mechanism of the fake cheat is simple and similar to that of other scams, where users become unwilling promoters. After being asked to `like' the page, Social Empires players are told to copy and post the message on five different fan pages focused on hacking and cheating techniques. Screenshot]
"Awesome! Social Empires Cheat GOT 9999999 GOLD,FOOD,WOOD,STONE and 10000 Cash 100% Working try now! here http:/// (y) (y) (y)," the scam message reads.
Continued : http://www.hotforsecurity.com/blog/fake-social-empires-cheat-exposes-over-135000-facebook-users-to-fraud-7224.html
Security Spotlight: Dangerous Social Networking
'As you may already know, October is National Cyber Security Awareness Month. And although we're already on the second half of the month, the Stop. Think. Connect campaign of the National Cyber Security Alliance (NCSA) and Department of Homeland Security (DHS) is very much in effect.
In support of this campaign, we at ThreatTrack Labs will be putting out a series of posts that discuss certain types of threats and/or security concerns are Internet users—at home, in their small office/home office (SOHO), in a corporate environment, at school or even on the go—are reminded of potential dangers they might encounter while online and how they can better protect their devices from getting infected or their personal information from getting swiped.
In the UK, it's Get Safe Online Week, a campaign spearheaded by a non-profit organization in partnership with the UK government and other private sectors, that aims to educate the public regarding online safety. This usually happens every 22nd to the 26th of October. For this year's campaign, they published an Online Code of Conduct that you may want to check out.'
In "How to Have a Healthy (and Secure) Online Social Life", we highlighted how our interconnectivity online, although good, can also bring about unwanted attention and bad things to Internet users—if they're not careful enough, first and foremost. In several cases, however, no matter how much care and effort we put on securing our devices and information online, we still fall short.
Dear AV provider: Do you enable NSA spying? Yours, EFF
The Electronic Frontier Foundation, security expert Bruce Schneier, and 23 others have called on antivirus providers around the world to protect their users against malware spawned by the National Security Agency and other groups that carry out government surveillance.
The move comes amid revelations that the NSA has a wide-ranging menu of software exploits at its disposal that have been used to identify users of the Tor anonymity service, track iPhone users, and monitor the communications of surveillance targets. Schneier has said that the NSA only relies on these methods when analysts have a high degree of confidence that the malware won't be noticed. That means detection by AV programs could make the difference between such attacks succeeding, failing, or being used at all.
"As a manufacturer of antivirus software, your company has a vital position in providing security and maintaining the trust of internet users as they engage in sensitive activities such as electronic banking," the 25 signatories wrote in an open letter sent on Thursday to AV companies. "Consequently, there should be no doubt that your company's software provides the security needed to maintain this trust."
Continued : http://arstechnica.com/security/2013/10/dear-av-provider-do-you-enable-nsa-spying-yours-eff/
Chrome's Solution to the Unsavvy Poses A Potential Risk
From "Malwarebytes Unpacked" Blog:
Don't get me wrong, I love Chrome, I think it's a fantastic browser and has a great track record of protecting users from exploits and malicious sites. However, their attempts at making it "easier" for users to find where they want to go, makes me think that their security purview isn't focused enough on the internal threats.
So, if you use Chrome, you might have noticed that anytime you open up a window or a new tab, you get something like this: [Screenshot]
A nice search bar, which I have no problem with, and then a listing of your most visited sites. Now, to the casual observer I am sure there is nothing wrong here. Users visit certain sites more frequently and therefore it should be easy for them to get there quickly, Chrome makes this possible.
Continued : http://blog.malwarebytes.org/privacy-2/2013/10/chromes-solution-to-the-unsavvy-poses-a-potential-risk/#
reCAPTCHAs are finally readable by normal humans
Google today announced that reCAPTCHAs served up to humans are finally readable without the need to squint your eyes or bang your keyboard in frustration after typing the wrong sequence of letters five times in a row. Who can even read those things, amirite?
Google has figured out how to tell if you're a human or a bot, and if you're human you get an easy CAPTCHA. We've asked Google why a CAPTCHA would be necessary at all if the company already knows you're human, but we haven't received an answer yet. Anyway, Google reCAPTCHA Product Manager Vinay Shet writes in a blog post:
The updated system uses advanced risk analysis techniques, actively considering the user's entire engagement with the CAPTCHA—before, during and after they interact with it. That means that today the distorted letters serve less as a test of humanity and more as a medium of engagement to elicit a broad range of cues that characterize humans and bots.
As part of this, we've recently released an update that creates different classes of CAPTCHAs for different kinds of users. This multi-faceted approach allows us to determine whether a potential user is actually a human or not, and serve our legitimate users CAPTCHAs that most of them will find easy to solve. Bots, on the other hand, will see CAPTCHAs that are considerably more difficult and designed to stop them from getting through.
Continued : http://arstechnica.com/information-technology/2013/10/recaptchas-are-finally-readable-by-normal-humans/
Trojan looks to "Wrob" Android users
Android bank Trojans having been making their way around file sharing sites and alternative markets in the last few months. [Screenshot]
Targeting Korean users, these Trojans look to replace legitimate banking apps and capture user data.
This particular one disguises itself as the Google Play Store app and will run as a service in the background to monitor events. This enables it to capture incoming SMS, monitor installed apps and communicate with a remote server. [Screenshot]
The Trojan does a look up of installed apps against a list of targeted apps (BK_ARRAY_LIST in screenshots), if found it will remove and download a malicious version to replace.
The malicious version will contain the exact Package Name and look very similar to the legitimate app, but contains malicious code with no banking functionality.
This second Trojan will also capture the infected users banking information and other useful data that will generate revenue for them.