17 total posts
Can Gordon Brown's smile infect your computer with a virus?
Emails which claim that pictures of Gordon Brown smiling can infect your PC with a virus have been widely distributed via email.
Members of the public are unwittingly forwarding the hoax warning, believing it to be true, warning that the dangerous emails refer to "Gordon Brown smiling or even 'looking happy'", and that all computer users should be on their guard.
The warning, however, is bogus. It's just the latest in a series of email virus hoaxes that we have seen over the last 20 years or so - taking advantage of users' desire to help their friends, family and colleagues by passing on a warning without properly checking their facts.
Microsoft Plans Massive Patch Tuesday Security Update
Microsoft is planning to fix 26 vulnerabilities for February's Patch Tuesday. Most of the vulnerabilities are related to Windows.
Microsoft is planning to release 13 security bulletins Feb. 9 as part of this month's Patch Tuesday.
Five of the 13 bulletins are rated critical, seven are rated important and one is rated moderate. All but two of the bulletins address security issues in Windows, with the other two dealing with issues in Microsoft Office. All told, the updates address 26 vulnerabilities.
Exact details for most of the bugs were not made public. However, Microsoft said it plans to patch an escalation-of-privilege issue in the Windows kernel that it warned users about in January. Among the vulnerabilities not being addressed this month are an Internet Explorer bug the company issued an advisory about on Feb. 3 and a vulnerability in the SMB (Server Message Block) protocol Microsoft is still working to address.
Four of the bulletins were given the highest deployment priority rating of one.
Also see: Microsoft Security Advanced Notifications, February 2010
Maga No Need Pay: Nigeria Gets Creative to Fight Cyber...
This week, a new pop song hits the airwaves in West Africa with a highly unusual message: Don't be seduced by cybercrime.
Cybercrime is a global issue, but perhaps no form of cybercrime has been more associated with a region than the advance fee fraud collectively known as "Nigeria" or "419" scams (419 is the section of the Nigerian Criminal Code dealing with fraud). Through schemes such as fake lotteries, bogus inheritances, romantic relationships, investment opportunities or - infamously - requests for assistance from "officials," scammers promise an elusive fortune in exchange for advance payments.
West Africa is by no means the only source of these scams, but the region is stepping up to address their impact in a variety of creative ways.
419 scams have taken root in Nigeria's popular culture. Scammers enjoy a rebellious, "cool" mystique, even producing songs and music videos that celebrate their own audacity. At the same time, 419 scam victims around the world are often stigmatized as na
Social networks are a danger zone
It seems that everybody is on some kind of social network these days. Checking out what our friends are doing has become part of daily routine. In today's world, they are the ideal tool for keeping in touch, but they also represent one of the biggest sources of danger.
A new IBM X-Force report shows there are some very interesting insights about the cybercriminal's use of social networks as a springboard into you computer and various accounts.[...]
The author of the article in the report regarding social networks has concluded with a great piece of advice that everybody should take to heart: Trust, but verify.[...]
To get more in-depth information about the various schemes that take advantage of social networks, download the report here.
New Facebook Home Page, Important New Privacy Setting
Facebook started rolling out a new home page and navigation menus earlier today.
And whenever Facebook adds new features, in this case the Applications and Games dashboards, there's usually a new privacy setting as well.
All Facebook has raised some privacy concerns regarding the dashboard's output.
Do you really want all of your "friends" to know what applications you've been running?
Then you'll want to take a look at the new control provided by Facebook.
Using Google Images to Investigate Fraud
From F-Secure Weblog:
Sami, one of our test engineers, was recently seeking a Play Station 3.
He found this offer at Huuto.net, a Finnish auction site.
Sami wanted to confirm that the seller was legit, so he requested a picture, and received this.
When he examined the image properties, he discovered that the picture was taken in 2008. Next, he performed a Google Image search using the size option. Smart.
He managed to find the image online, located within a Finnish forum thread from 2008.
That seemed kind of suspicious, so he suggested that the seller provide another picture, with the PS3 alongside a current newspaper.
The deal fell through, of course, when the seller refused. Not such a clever fraudster, eh?
Complete details with screenshots in http://www.f-secure.com/weblog/archives/00001873.html
An In-Depth Exploit Analysis on Multilayer Obfuscations
Websense Security Labs ThreatSeeker Network discovered a kind of obfuscated injection code within the homepage of a Web site with an Alexa ranking within the top 10,000. The malicious code is appended to the end of the source code with deep obfuscated functions. The complexity of this attack is assessed.
Upon de-obfuscating the homepage of this popular Web site, we found a hidden iframe link[...]
There was a random number generated in part of this link. There was also an IP checker on the server side permitting only one-time access by an IP address via each dynamic link.
More details in http://securitylabs.websense.com/content/Blogs/3545.aspx
Websense Security Labs Report - State of Internet Security,
The second half of 2009 saw malware authors focus their efforts to ensure they drove victims straight to them. In contrast to the first half of the year where mass injection attacks like Gumblar, Beladen and Nine Ball promoted a sharp rise in the number of malicious Web sites, Websense Security Labs observed a slight (3.3 percent) decline in the growth of the number of Web sites compromised. Instead, attackers replaced their traditional scattergun approach with focused efforts on Web 2.0 properties with higher traffic and multiple pages.
Over the six month period, Search Engine Optimization (SEO) poisoning attacks featured heavily, and Websense Security Labs research identified that 13.7 percent of searches for trending news/buzz words lead to malware. In addition, attackers continued to capitalize on Web site reputation and exploiting user trust, with 71 percent of Web sites with malicious code revealed to be legitimate sites that had been compromised.
Web security intelligence remains a critical component of any email and data security strategy as illustrated by the continued popularity of blended threats (spam emails with embedded URLs). During the second half of 2009 Websense Security Labs discovered:
- 13.7 percent of searches for trending news/buzz words (as defined by Yahoo Buzz & Google Trends) lead to malware
- 95 percent of user-generated comments to blogs, chat rooms and message boards are spam or malicious
- 35 percent of malicious Web attacks included data-stealing code
- 58 percent of data-stealing attacks are conducted over the Web
- 85.8 percent of all emails were spam
- an average growth of 225 percent in malicious Web sites
The full report is available here.
Mozilla ends Firefox support for Mac OS Tiger
Calls Mac OS X 10.4 'hindrance' to development; Apple's already dumped Tiger
Baring any last-minute change of mind, Mozilla will permanently drop support for Mac OS X 10.4 from future editions of Firefox.
Mozilla stopped supporting Mac OS X 10.4, aka Tiger, in September 2009, but left a large amount of Tiger bits in the development code. Now, said Josh Aas, a platform engineer for Mozilla who works on Mac OS X integration, it's time to either restore support for the five-year-old operating system or remove the code from the development tree.
"We would like to take advantage of more modern technologies on Mac OS X and 10.4 support has been a hindrance," said Aas in a message yesterday on the mozilla.dev.planning forum. "Where we can work around supporting 10.4, doing so consumes valuable time and effort. Neither Chrome nor Safari has to deal with this."
According to Mozilla's metrics, 24% of those running the Mac version of Firefox 3.5 rely on Tiger, while 12% of those running the just-released Firefox 3.6 do. Half of all users run Firefox 3.5 on Mac OS X 10.5, aka Leopard, while 59% run Firefox 3.6 on OS X 10.6, or Snow Leopard.
Aas noted that Tiger users can continue to run Firefox 3.6, which supports the older operating system, until that version is retired from support.
More in http://www.computerworld.com/s/article/9152920/Mozilla_ends_Firefox_support_for_Mac_OS_Tiger?taxonomyId=89
ISPs Look To Bundled Music Services To Keep You Around
According to Billboard Magazine, the average broadband ISP loses about 1.4% of their customers per month (aka churn), 14.5% annually, or over 2.1 million customers each year. Comcast for example, with their average customer paying $43 per month, stands to lose $1.1 billion lost from churn every year. How do you keep those customers around?
Cisco's handholds hackers to backdoor
An internet security expert at IBM reported to the Black Hat conference that he discovered Cisco routers are vulnerable to a potential surveillance backdoor.
According to Arstechnica, Tom Cross, security systems researcher at IBM, gave a presentation exposing the backdoor to demonstrate how the 'lawful intercept' function in Cisco's system can be targeted by hackers to gain access to data flowing through the routers.
Hackers aren't blocked after failed attempts to access a Cisco router and notification alerts aren't sent to the administrator. Making matters even worse, ISPs can't detect and track who the culprits might be because their employees aren't allowed to detect and intercept.
It is not entirely Cisco's fault.
Continue reading in http://www.theinquirer.net/inquirer/news/1590674/cisco-handholds-hackers-backdoor
Fake Microsoft Outlook Update Installs Trojan
A malicious spam campaign caught by Panda Labs is using a fake Microsoft Update notice to trick victims into installing a Trojan. While well crafted, the attack still provides dead giveaways.
The e-mail, which Panda posts with a screen shot, is spoofed to look as if it comes from Microsoft Support. With a realistic-looking subject and e-mail body that attempts to piggy-back on the constant (and correct) advice to keep your computer up-to-date with patches, it's a great example of a social engineering attack.
ZeuS tracker shrinks takedowns from days to minutes
A site dedicated to tracking the infamous ZeuS botnet is celebrating its first birthday.
In the twelve months since the ZeuS Tracker was born, on 2 February 2009, the site has tracked more then 2,800 malicious botnet command and control servers associated with ZeuS. The site has logged around 360MB ZeuS config files and 330MB in binaries.
Thanks to the work of the volunteers and security consultancies, such as Team Cymru, that have contributed to the project, a ZeuS control hub can sometimes be taken down in minutes. Local CERTs, registrars and ISPs subscribe to the list compiled by ZeuS tracker to identify and take-down suspect domains.
More recently, ZeuS Tracker data has been integrated into the suspect blocklist of commercial products, as explained in a post celebrating the anniversary of the ZeuS tracker on abuse.ch here.
Microsoft banner ads vanish from Facebook
Search only for social network sugardaddy
Microsoft will no longer handle display ads on Facebook, as the companies rejiggered the advertising pact they announced in 2007 when Redmond stuffed $240m into the social-networking site.
"We made the mutual decision that Facebook would take over responsibility for selling display advertisements on its own site," reads a blog post from Microsoft Bing general manager Jon Tinter.
"Given the kinds of advertisements that make sense within a product as unique as Facebook, it just made more sense for them to take the lead on this part of their advertising strategy."
Continued here: http://www.theregister.co.uk/2010/02/05/microsoft_no_longer_doing_display_ads_on_facebook/
The blog post from Bing: Enhanced Cooperation with Facebook on Search
Facebook has been a close and valued partner of Microsoft for a number of years. We have worked together on several fronts all designed to create great experiences and services for our users. As we begin 2010, we are stepping up that collaboration yet again.
Here is a sense for what we are up to:
First, we have deepened our joint work together on web search to provide even more compelling experiences to Facebook users with Bing. As part of this expanded cooperation in search, our two companies will soon provide Facebook users with a more complete search experience by providing full access to great Bing features beyond a set of links, including richer answers combined with tools that help customers make faster, smarter decisions.
Second, we are extending our cooperation outside the US, bringing the Bing-Facebook search integration to the more than 400 million people using Facebook around the world.
You?d think a company pursuing an IPO in this economy ...
You?d think a company pursuing an IPO in this economy would clean up its act
From the Sunbelt Blog:
You?d think that a company trying to raise several hundred million with an initial public offering of stock would tell their affiliates to be on their best behavior for a while.
For example, maybe they?d discourage them from hacking government web sites to attract search engine hits on the word ?bestiality,? then redirect browsers to the company?s site.
The sites: [...]
The code: [...]
Remember Adult Friend Finder? Penthouse Media Group (which also owns Penthouse magazine) purchased the online adult? ah? dating service in 2007 for $500 million. Well now they?re called FriendFinder Networks, Inc. In December, 2008 they filed with the U.S. Security and Exchange Commission for permission to make an initial public offering $460 million of stock.
Continued here: http://sunbeltblog.blogspot.com/2010/02/youd-think-company-pursuing-ipo-in-this.html
Major U.S. crackdown on work-at-home fraud coming?
From the Sunbelt Blog:
The U.S. Federal Trade Commission today announced that next Tuesday they will hold a news conference to make public details of ?a law enforcement sweep cracking down on job and work-at-home fraud fueled by the economic downturn.?
The media advisory said that the news conference would feature the director of the FTC?s bureau of Consumer Protection David C. Vladeck, an assistant attorney general and the Ohio Attorney General. The advisory listed as ?also attending? representatives of the U.S. Postal Inspection Service, Monster.com and Microsoft.
People who sign on as work-at-home employees from Internet ads (also called ?money mules?) often are used as conduits for stolen funds that are transferred from the bank accounts of victim individuals or companies who have been scammed by phishing or spear-phishing. The money mules set up bank accounts into which stolen funds are transferred. They are instructed to keep a portion of the funds and wire the remainder to the scammers, who are generally outside the U.S.
Continued here: http://sunbeltblog.blogspot.com/2010/02/major-us-crackdown-on-work-at-home.html