Spyware, Viruses, & Security forum


NEWS - February 19, 2013

by Carol~ Moderator / February 18, 2013 8:51 PM PST
Burger King's Twitter Account Hacked, Rebranded to McDonald's

Burger King's official Twitter handle suffered a cyber attack on Monday. Hackers switched the branding to that of rival McDonald's and claimed the restaurant chain "just got sold ... because the whopper flopped."

The verified account had roughly 85,000 followers before the attack, but that number surged to more than 100,000 as it took the spotlight on an otherwise quiet day. The account was eventually suspended by Twitter.

The attack began around noon New York time with a tweet claiming the fast-food burger joint was sold to rival McDonald's. The hackers sent more than 25 tweets and re-tweets on the handle, several poking fun at Burger King, insinuating unethical behavior about its employees and using intentionally offensive language and racial slurs.

Continued : http://www.foxbusiness.com/technology/2013/02/18/burger-king-twitter-account-hacked-rebranded-to-mcdonald/

Burger King's Twitter profile hacked by McDonald's fan
Hackers Turn Burger King's Tweet Stream Into A Whopper Of A Mess
Hacker takes over Burger King's Twitter feed, says chain sold to rival McDonald's over drug-addled employees
Here's Burger King's Lame Apology For The Twitter Hacking
Discussion is locked
You are posting a reply to: NEWS - February 19, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - February 19, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Access restriction in iOS 6 partially useless
by Carol~ Moderator / February 18, 2013 8:58 PM PST

Just a few days after publication of a method for bypassing the passcode on iPhones, another security vulnerability in iOS has been revealed. Users can change the iTunes and App Store accounts even where the system settings have been configured to block such changes.

The update to iOS 6 introduced several new options for restricting the mobile operating system, including the ability to block changes to the accounts enrolled on the device. Designed with institutional users of iPhones and iPads in mind, if this feature is activated, device users can neither set up new accounts nor modify or delete existing accounts. As well as the accounts for Apple's online stores, this also affects accounts such as email and Facebook accounts. Or at least it does if you want to use the system settings to make these changes.

In securing the system, however, Apple appears to have overlooked something - the iTunes and App Store apps pre-installed on every iPhone. Open one of these two apps and scroll down to the bottom of the overview page and the relevant account can simply be changed here. This is a problem in particular for businesses and parents wishing to use the block to prevent installation of unauthorised software. [Screenshot]

Continued : http://www.h-online.com/security/news/item/Access-restriction-in-iOS-6-partially-useless-1805842.html

Collapse -
Trust but verify: when CAs fall short
by Carol~ Moderator / February 18, 2013 8:59 PM PST

From the Kaspersky Labs Weblog:

We've recently experienced yet another case of a root certificate authority (CA from now on) losing control of its own certificates. And yet again, we have been waiting for either the CA or the browser to do something about it. This whole mess stems, once again, from both a governance and a technical problem. First, only the very same CA that issued a certificate can later revoke it. Second, although web browsers implement several techniques to check the certificate's revocation status, errors in the procedure are rarely considered hard failures. [Screenshot]

Of these, the first (and oldest) technique involves the CA creating a Certificate Revocation List (CRL). This requires the user to poll the CRL at regular intervals, download the whole list (a revision of the RFC allowed for delta updates), and use the list to verify the certificate revocation status. Since, by default policy, downloaded CRLs can be up to seven days old, it is clear that an adversary still has the possibility to use a compromised certificate. To make the situation worse, CAs normally disseminate CRLs by means of the HTTP protocol, hence replay attacks are possible. Further, even if the standard dictates otherwise, web browsers often consider failure to download the updated CRL a mere soft error, meaning that the connection will not be terminated (which makes the whole verification process useful as a seat-belt that snaps when you crash). [Screenshot]

Continued : http://www.securelist.com/en/blog/208194124/Trust_but_verify_when_CAs_fall_short

Collapse -
Privacy Puzzles at Google Play
by Carol~ Moderator / February 18, 2013 8:59 PM PST

From Ben Edelman:

Last week app developer Dan Nolan noticed that Google transaction records were giving him the name, geographic region, and email address of every user who bought an Android app he sold via Google Play. Dan's bottom line was simple: "Under no circumstances should [a developer] be able to get the information of the people who are buying [his] apps unless [the customers] opt into it and it's made crystal clear to them that [app developers are] getting this information." Dan called on Google to cease these data leaks immediately, but Google instead tried to downplay the problem.

In this post, I examine "Google's relevant privacy commitments" and argue that Google has promised not to reveal users' data to developers. I then "critique Google's response" and suggest appropriate "next steps".

Google's Android Privacy Promise

Continued : http://www.benedelman.org/news/021913-1.html

Collapse -
Chinese military linked to 'overwhelming' number of ..
by Carol~ Moderator / February 18, 2013 10:03 PM PST
... cyberattacks

A U.S.-based security research firm says that a building associated with the Chinese military is the source of an "overwhelming" percentage of cyberattacks.

Hired by the New York Times, security firm Mandiant has released a 60-page report which alleges members of sophisticated hacking groups known as "Comment Crew" and "Shanghai Group" have been traced back to a 12-story building associated with the People's Liberation Army General Staff's 3rd Department, otherwise known as Unit 61398 in Shanghai.

The Virginia-based firm says within its latest report that although it cannot be determined if the hackers are present within the building, forensic investigations have managed to lead the security team to the unit's door. Either way, it seems likely, as founder of Mandiant Kevin Mandia told the publication:

Continued : http://www.zdnet.com/chinese-military-linked-to-overwhelming-number-of-cyberattacks-7000011484/

Chinese 'PLA 61398' army unit hacking US firms, Mandiant alleges
Unit In China's PLA Behind Massive Cyber Espionage Operation: Report
Mandiant Investigates Chinese Government-Sponsored Hackers - Video
Collapse -
OpLastResort: Anonymous Hacks US Department of State,
by Carol~ Moderator / February 18, 2013 10:04 PM PST
... Investment Firm

Anonymous hackers have announced round five of Operation Last Resort, the anti-US government campaign initiated shortly after the suicide of Aaron Swartz. For this round, the hacktivists have breached the websites of the US Department of State (state.gov) and the one of investment firm George K. Baum and Company.

From state.gov, the hackers have leaked hundreds of names, email addresses, and other details.

"Our reasons for this attack are very simple. You've imprisoned or either censored our people. We will not tolerate things as such. You don't see us going around censoring everything that is inappropriate or we do not like," Anonymous wrote next to the leaked data.

"Basically, you tried to put an end to us and you got owned, there's nothing more you can say or do. You took away Topiary, Avunit, Neuron, Pwnsauce, lolspoon, Aaron Swartz shall we go on?" they added.

Continued : http://news.softpedia.com/news/OpLastResort-Anonymous-Hacks-US-Department-of-State-Investment-Firm-330640.shtml

Also: Anonymous OpLastResort hacks investment firm, cites Stratfor ties
Collapse -
TrustGo and Lookout Top Android Mobile Security Test
by Carol~ Moderator / February 18, 2013 10:04 PM PST

Today, the independent testing lab AV-Test released their findings from a comprehensive review of 22 Android security apps, looking at how these portable protectors performed on handled Android devices. The competition was tight, but TrustGo and Lookout took the top slots.

The good news is that most apps faired very well in the test, with only GFI Mobile Security failing to receive AV-Test certification. Despite GFI's abysmal 71 percent detection rate for malicious software, the average detection rate across the apps was 94 percent with a median rate of 97 percent. In general, there were very few false-positive results generated during the test.

The Whole App
Of course, security companies no longer rely on mere malware identification to define their product. Many companies provide anti-theft, secure browsing, parental controls, and data encryption with their mobile apps. What's more, mobile security apps need to be unobtrusive and easy on battery life in order to actually be helpful. If it sucks up too much power, or disrupts the normal operation of the device, users will likely uninstall the app.

Continued : http://securitywatch.pcmag.com/none/308184-trustgo-and-lookout-top-android-mobile-security-test

Collapse -
DDoS Attack on Bank Hid $900,000 Cyberheist
by Carol~ Moderator / February 18, 2013 10:46 PM PST

A Christmas Eve cyberattack against the Web site of a regional California financial institution helped to distract bank officials from an online account takeover against one of its clients, netting thieves more than $900,000.

At approximately midday on December 24, 2012, organized cyber crooks began moving money out of corporate accounts belonging to Ascent Builders, a construction firm based in Sacramento, Calif. In short order, the company's financial institution - San Francisco-based Bank of the West — came under a large distributed denial of service (DDoS) attack, a digital assault which disables a targeted site using a flood of junk traffic from compromised PCs.

KrebsOnSecurity contacted Ascent Builders on the morning of Dec. 26 to inform them of the theft, after interviewing one of the money mules used in the scam. Money mules are individuals who are willingly or unwittingly recruited to help the fraudsters launder stolen money and transfer the funds abroad. The mule in this case had been hired through a work-at-home job offer after posting her resume to a job search site, and said she suspected that she'd been conned into helping fraudsters.

Continued : http://krebsonsecurity.com/2013/02/ddos-attack-on-bank-hid-900000-cyberheist/

Collapse -
The sophistication of risky apps, mobile misbehavior and ..
by Carol~ Moderator / February 19, 2013 2:47 AM PST
... spyware

McAfee released the results of a new report, documenting sophisticated and complex risky apps containing multi-faceted scams, black market crimes, drive-by downloads and near-field communication threats. They identified a new wave of techniques hackers use to steal digital identities, commit financial fraud, and invade users' privacy on mobile devices. [Screenshot]

Mobile platforms have become increasingly attractive to cybercriminals as consumers live more of their digital lives on smartphones and tablets. According to IDC, mobile devices are surpassing PCs as the preferred way to access the Internet and the number of people using PCs to go online will shrink by 15 million over the next four years, while the number of mobile users will increase by 91 million.

With the mobile space becoming a more enticing platform for online mischief, the complexity and volume of threats targeting consumers will continue to increase. Using its extensive global threat intelligence network (GTI), McAfee Labs analysed mobile security data from the last three quarters.

Continued : http://www.net-security.org/secworld.php?id=14441
Collapse -
Apple HQ also targeted by hackers, will release tool ..
by Carol~ Moderator / February 19, 2013 3:22 AM PST
.. to protect customers

Apple says a "small number" of computers on its Cupertino campus were attacked by hackers, according to a series of tweets from Reuters. The hack appears to exploit the same Java vulnerability that recently compromised computers at Facebook. "There is no evidence that any data left Apple," the company reportedly said.

According to the Reuters exclusive, Apple is currently working with law enforcement to identify the hackers. The company also said it planned to release software on Tuesday that would help Mac users keep their own machines safe. But assuming the exploit is indeed the same one used at Facebook, the attackers may not be able to get to many Mac users in the first place. Following last year's Flashback malware scare, many Mac users disabled or uninstalled Java on their machines. Apple has also removed the Java plugin from all Mac-compatible Web browsers and blacklisted Java browser plugins on OS X twice this year already in order to prevent critical exploits.

Continued : http://arstechnica.com/apple/2013/02/apple-hq-also-targeted-by-hackers-will-release-tool-to-protect-customers/
Collapse -
Google Says Gmail Security Measures Have Reduced Account..
by Carol~ Moderator / February 19, 2013 7:18 AM PST
... Hijacks By 99 Percent

Gmail accounts are high-priority targets for attackers of all stripes, particularly spam crews and state-sponsored attackers who use them to monitor the activities of activists and journalists. Hijacking those accounts can be quite useful for spammers and malware gangs as well, but Google said that it has put security measures in place that have greatly reduced the number of successful hijack attempts.

In the last few years, the company has added a number of security systems to Gmail and its other services to help protect users' accounts. The most well-known and visible of those is the Gmail two-factor authentication option that requires users to enter a code that's either generated by an app on their mobile phones or sent via SMS, in addition to entering a password. That system helps prevent account compromises through the use of stolen passwords because even with the password, the attacker would still need the code in order to access the account. That system isn't enabled by default, however.

Continued : https://threatpost.com/en_us/blogs/google-says-gmail-security-measures-have-reduced-account-hijacks-99-percent-021913
Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.