Spyware, Viruses, & Security forum


NEWS - February 24, 2015

by Carol~ Moderator / February 23, 2015 10:38 PM PST

Included in the first post listed (under Related) in yesterday's News Thread:

Superfish spyware not limited to Lenovo laptops

"In the last 24 hours, researchers have also discovered that the Komodia technology which allowed the Superfish application to monitor what were meant to be private conversations online, is being used much more widely and is present on millions of more PCs.

According to security researcher Marc Rogers, Komodia uses the same framework for many products including parental control software made by Qustodio and Komodia's own Keep My Family Secure parental control software which promises to protect children when surfing online."

So what does this actually mean?

It means that the problem is not limited to the Lenovo laptops sold between October and December 2014 which had Superfish pre-installed. "It means that anyone who has come into contact with a Komodia product, or who has had some sort of Parental Control software installed on their computer should probably check to see if they are affected," Rogers said.

If you think you might be affected, there is any easy way to check if your system is vulnerable. Just visit this website and if you see a Yes, then it might be time to consider removing the offending piece of software.

Continued : http://www.ibtimes.co.uk/superfish-spyware-not-limited-lenovo-laptops-1488859

Note Filippo Valsorda's online "Superfish, Komodia, PrivDog Vulnerability Test" included in the last sentence.

Discussion is locked
You are posting a reply to: NEWS - February 24, 2015
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - February 24, 2015
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Give us a week to GUT Superfish, begs Lenovo CTO
by Carol~ Moderator / February 24, 2015 2:38 AM PST

"Don't Panic, says malware-pusher, Superfish never swam on ThinkPads, servers or arrays"

Lenovo's chief technology officer Peter Hortensius has issued another statement on how the company plans to handle Superfish.

The missive explains that Lenovo has worked with anti-virus vendors to get their products flattening Superfish whenever a PC starts up and issued a removal tool.

Hortensius says Lenovo is now "in the midst of developing a concrete plan to address software vulnerabilities and security with defined actions that we will share by the end of the week."

He can't say what those actions will be for now, but says the company is "exploring a wide range of options that include":

Continued : http://www.theregister.co.uk/2015/02/24/give_us_a_week_to_clean_the_superfish_begs_lenovo_cto/

Related: Still smarting from HTTPS-busting Superfish debacle, Lenovo says sorry

Collapse -
Critical Samba flaw allows unauthorized remote code..
by Carol~ Moderator / February 24, 2015 2:38 AM PST
.. execution

Samba, the popular free software that allows file and print sharing between computers running Windows and those running Unix or Linux, has been found sporting a critical flaw that can be exploited by an attacker to run programs as an administrator.

"CVE-2015-0240 is a security flaw in the smbd file server daemon. It can be exploited by a malicious Samba client, by sending specially-crafted packets to the Samba server. No authentication is required to exploit this flaw. It can result in remotely controlled execution of arbitrary code as root," the Red Hat Product Security team explained in a blog post that also offers more technical details about the flaw.

Continued : http://www.net-security.org/secworld.php?id=17997

Related : Samb-AAAHH! Scary remote execution vuln spotted in Windows-Linux interop code
Collapse -
Google looks to scrape away scumware, as only it can
by Carol~ Moderator / February 24, 2015 2:39 AM PST

Google is looking to cut down on the risk of attacks from web pages serving up unwanted downloads.

The company said on Monday that it will add security protections into Chrome, Ads and Google Search in an effort to keep users away from sites believed to be installing adware, browser toolbars and other nuisance programs.

For Chrome, Google will begin giving users warnings when they view sites known to serve up not only exploits but also potentially unwanted software downloads. The site will show an alert to users warning that a site could install adware or browser plug-ins.

Continued : http://www.theregister.co.uk/2015/02/24/google_looks_to_scrape_away_scumwear/

Google ups efforts to protect users against unwanted software
Google Broadens Scope of Unwanted Software Warnings

Collapse -
AT&T Charging Customers to Not Spy on Them
by Carol~ Moderator / February 24, 2015 2:39 AM PST

Bruce Schneirer @ his "Schneier on Security" blog:

AT&T is charging a premium for gigabit Internet service without surveillance:

The tracking and ad targeting associated with the gigabit service cannot be avoided using browser privacy settings: as AT&T explained, the program "works independently of your browser's privacy settings regarding cookies, do-not-track and private browsing." In other words, AT&T is performing deep packet inspection, a controversial practice through which internet service providers, by virtue of their privileged position, monitor all the internet traffic of their subscribers and collect data on the content of those communications.

What if customers do not want to be spied on by their internet service providers? AT&T allows gigabit service subscribers to opt out -- for a $29 fee per month.

Continued : https://www.schneier.com/blog/archives/2015/02/att_charging_cu.html

Collapse -
Avast Launches Free Security Solution for Businesses
by Carol~ Moderator / February 24, 2015 2:39 AM PST

Security firm Avast announced on Monday the availability of a free offering designed to help small and medium businesses (SMBs) protect their networks against malicious attacks.

Avast for Business is a cross-platform solution that includes features such as essential antivirus protection, Web threat scanning and integrated browser protection, and a cloud management console. The solution also provides a robust reporting and alerting engine, Avast said.

Businesses that want more than just these basic features can acquire premium services such as Firewall, Sandbox, Anti-spam, SafeZone, and Datashredder. For servers, organizations can also add Exchange and Sharepoint protection. Customers can protect as many devices as they want, and they can activate or deactivate licenses at any time, the company noted.

Continued : http://www.securityweek.com/avast-launches-free-security-solution-businesses

Related : Has Avast Just Launched The World's First Free Business-Grade IT Security?

Collapse -
Edward Snowden's big regret
by Carol~ Moderator / February 24, 2015 2:43 AM PST

Daniel Ellsberg and Edward Snowden have something in common - although decades separate their whistle-blowing. Both of them say "Don't do what I did".

Hot on the heels of "Citizen Four", the documentary of Edward Snowden, winning a well-deserved Oscar, director Laura Poitras, journalist Glenn Greenwald and Snowden himself participated in an "ask me anything" chat on Reddit.

One question in particular stands out for Snowden's response. The NSA whistleblower, who now lives in Moscow, was asked if he would do anything differently in retrospect. [...]

Continued : http://grahamcluley.com/2015/02/edward-snowden-regret-reddit/

Related : I wish I'd leaked sooner says Edward Snowden in post-Oscar chinwag

Collapse -
Amazon 'Order Details' Email Delivers Malware
by Carol~ Moderator / February 24, 2015 2:43 AM PST

Lately an email from Amazon has been hitting the inbox of unsuspecting users all over the world.

This email has been masqueraded as an order notification message from the famed marketplace Amazon.com.

In this email, recipients are thanked for placing order at Amazon and they are informed that their order details can be viewed by opening the attached file.

No matter how compelled you may become to open this amazing email from Amazon.. never do so. It is a fraudulent email sent by attackers with malicious intentions and not by Amazon.

Continued : https://www.hackread.com/amazon-order-details-email-delivers-malware/

Collapse -
PrivDog Releases Update After Being Compared to Superfish
by Carol~ Moderator / February 24, 2015 4:51 AM PST

The developers of PrivDog released an update for the application on Monday after researchers discovered that it failed to validate SSL certificates.

PrivDog is designed to make surfing the Web safe and private by blocking processes that track users' activities and by replacing ads with ones that have been vetted by AdTrustMedia. It's not uncommon for advertising-related apps to put users at risk, but this shouldn't be the case with PrivDog since the software is backed by Comodo, the renowned security firm and certificate authority. PrivDog is not only promoted by the company, but it's also bundled with Comodo solutions.

The existence of the security issue came to light just days after the world learned that Lenovo had preloaded an insecure browser add-on from Superfish on new laptops. The Superfish app used a local proxy and a self-signed root certificate to intercept traffic and inject ads into webpages.

Continued : http://www.securityweek.com/privdog-releases-update-after-being-compared-superfish

Related :
PrivDog Adware Poses Bigger Risk Than Superfish
Worse than Superfish? Comodo-affiliated PrivDog compromises web security too

Collapse -
Wasn't the fallout more severe for PrivDog? Link follows.
by R. Proffitt Forum moderator / February 24, 2015 5:09 AM PST
Collapse -
H&R Block doesn't verify client e-mail, leaks personal info
by Carol~ Moderator / February 24, 2015 4:51 AM PST
Tax firm H&R Block doesn't verify client's e-mail, leaks personal info

"Failure gives man ability to hijack stranger's pending tax return."

With tax season in full swing, it's time for the yearly reminder that the security practices of many tax-preparation services are lacking. Case in point: H&R Block's reported failure to confirm the e-mail addresses of at least some of its online account holders.

The lapse was reported to Ars by reader Aaron Johnson, who said H&R Block in recent days has e-mailed him the name, address, and security question of a complete stranger. Johnson said he is confident he has everything he needs to access this person's account, steal his most valuable personal data, and hijack any owed tax returns. We created an account at H&R Block and were not asked to authenticate the e-mail address we used.

Continued : http://arstechnica.com/security/2015/02/tax-firm-hr-block-doesnt-verify-clients-e-mail-leaks-personal-info/
Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?