NEWS - April 25, 2014

Viber, a mobile messenger app that allows users to make phone calls and send text messages and images for free, also gives up plenty of free user data to anyone who wants to listen.

According to researchers from the University of New Haven (UNH) in Connecticut, US, Viber's app sends user messages in unencrypted form - including photos, videos, doodles, and location images.

All of that rich data from users is also stored unencrypted on Viber's servers, rather than being deleted immediately, and is accessible without credentials, just a link, the UNH researchers said.

It's the second cryptographic blunder exposed by UNH researchers in as many weeks - the UNH Cyber Forensics Research & Education Group disclosed on 13 April 2014 that the WhatsApp messenger app also gives away user location data in unencrypted form.

Continued : http://nakedsecurity.sophos.com/2014/04/24/here-we-go-again-viber-mobile-messenger-app-leaves-user-data-unencrypted/

TrendLabs Security Intelligence Blog:

Two weeks ago, we talked about how many sites in the top 1 million domains (as judged by Alexa) were vulnerable to the Heartbleed SSL vulnerability. How do things stand today? [Screenshot: Sites vulnerable as of April 22]

Globally, the percentage of sites that is vulnerable to Heartbleed has fallen by two-thirds, to just under 10 percent. Only three TLDs we looked at have percentages above the global number: Brazil (.BR), China (.CN), and Russia (.RU).

The only TLD with a 100% cleanup record was the .gov domain, reserved for the use of US government sites.The Australian (.AU), British (.UK), German (.DE), and Indian (.IN) TLDs also had rates that were significantly lower than the global average.

Continued : http://blog.trendmicro.com/trendlabs-security-intelligence/number-of-sites-vulnerable-to-heartbleed-plunges-by-two-thirds/

Weight loss spam is once again being massively spewed out from compromised Twitter accounts, but the question on everyone's mind is how the accounts got commandeered by the spammers in the first place.

Apparently it was first noticed a few days ago, when a reporter of the Sydney Morning Herald spotted that the Twitter account of his friend sported the following message: "I lost so much weight with this secret trick! ".

Knowing that the friend in question is both tech-savvy and paranoid, the two went through possible compromise scenarios together. Having rejected the possibility of her having been phished and her password having been brute-forced, and taking into account the scale of the spam attack, they concluded that a third-party service that had access her Twitter account was likely compromised.

Continued : http://www.net-security.org/secworld.php?id=16736

Related: Mystery attack drops avalanche of malicious messages on Twitter

The emergence of mobile platforms such as iOS and Android have presented a number of challenges in terms of security. Not much can be done about some of these, like users leaving their phones in bars. But engineers at Google have been working on one of the thornier ones of late-how to provide solid encryption on mobile platforms without crushing performance-and have implemented a pair of new cipher suites in Chrome to help address it.

Performance always has been a concern on mobile devices, but has become less of an issue in recent years as mobile processors have improved and bandwidth has expanded. However, when encryption operations come into the picture, performance is again a concern. Encryption takes processing resources on the device and also can eat up bandwidth with large outputs. To help alleviate both of these issues, and improve the security of the sessions on Chrome on Android, Google has implemented ChaCha20 and Poly1305 in the mobile browser.

Continued : http://threatpost.com/google-changes-ciphers-in-chrome-on-android/105694

Related: Google speeds up encrypted Web communications in Chrome on Android

"Spammers keep coming up with new ways to evade spam filters. Recently, they've started replacing regular characters with similar-looking symbols in hopes that their scammy emails make it to inboxes."

According to experts from Kaspersky Lab, the subject and the body of these spam emails might appear to be normal at first sight. However, a closer look reveals that many Latin characters have been replaced with symbols that look similar from other alphabets.

This trend appears to be popular among cybercriminals targeting users in Italy. Experts have spotted various types of spam messages in which this technique is utilized. The spammers use Cyrillic, Greek and even IPA symbols to replace Latin characters.

This is possible because of the UTF-8 coding system, which enables users to combine multiple types of characters in the same message.

This simple trick could be enough to bypass classic spam filters. On the other hand, Kaspersky says its own anti-spam solutions are not so easy to trick. They can detect spam even if non-Latin characters are utilized.

Continued : http://news.softpedia.com/news/Spammers-Use-Non-Latin-Characters-to-Evade-Spam-Filters-439215.shtml

"Malwarebytes Unpacked" Blog:

When you update software on your PC, I bet you'd be hard pressed to think of an occasion where it notified you via web browser.

Programs tend to keep themselves to themselves and everything of a notification nature "in-house"...especially where updates are concerned.

More often than not, when you see a notification in your web browser that something needs to be fixed, updated or tweaked it's usually a sign that somebody wants to make a little money out of you by making some additions to the system (or fill in some surveys).

Over the last few months we've covered fake Flash updates, browser updates, Java and YouTube. Here's a site which focuses more on the various programs on your PC potentially needing updating as a whole as opposed focusing on just one product, located at

updatenowpro(dot)com

with the following landing page splash:

Continued : http://blog.malwarebytes.org/online-security/2014/04/browsering-for-updates/