Alert

NEWS - June 16, 2011

From the Microsoft Safety & Security Center:

Avoid tech support phone scams

Cybercriminals don't just send fraudulent email messages and set up fake websites. They might also call you on the telephone and claim to be from Microsoft. They might offer to help solve your computer problems or sell you a software license. Once they have access to your computer, they can do the following:

• Trick you into installing malicious software that could capture sensitive data, such as online banking user names and passwords. They might also then charge you to remove this software.

• Take control of your computer remotely and adjust settings to leave your computer vulnerable.

• Request credit card information so they can bill you for phony services.

• Direct you to fraudulent websites and ask you to enter credit card and other personal or financial information there.

Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.

Telephone tech support scams: What you need to know

Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you're using.

Once they've gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable.

Do not trust unsolicited calls. Do not provide any personal information.

Here are some of the organizations that cybercriminals claim to be from:

Continued : http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx

Discussion is locked
Follow
Reply to: NEWS - June 16, 2011
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - June 16, 2011
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
LulzSec claims responsibility for CIA.gov outage

LulzSec, the hacking and prankster collective that has attacked the US Senate, Sony, and the Fox and PBS television networks, has struck again, claiming it was behind an assault that took down the website for the Central Intelligence Agency.

Attempts to access cia.gov on Wednesday afternoon were met with only limited success. LulzSec claimed responsibility for the brief and only partial outage, writing in a Twitter post: "Tango down - cia.gov - for the lulz."

The website contains no classified material, but bringing down the public portal of one of the world's most powerful government agencies would nonetheless be LulzSec's most brazen prank to date. There was no way to independently verify the group's claim of responsibility.

A CIA spokeswoman told the Associated Press that officials are investigating the reports. Such outages are often the result of DDoS, or distributed denial of service, attacks. The assaults generally require little skill to carry out.

http://www.theregister.co.uk/2011/06/16/cia_website_outage/

Also:
CIA website brought down by DDoS attack, LulzSec hackers claim responsibility
LulzSec Hits CIA Website, Laughs about It

- Collapse -
World Cup DDoS blackmailer sentenced to jail

A court in D

- Collapse -
Anonymous Plans Attack on City of Orlando Website, IRC ..

"Anonymous Plans Attack on City of Orlando Website, IRC Chatter Suggests"

Orlando, Florida's city Website could be the latest target of hackers at noon EST Thursday if Web chatter between hackers online turns out to be true. Plans of the alleged attack are being circulated on Anonymous-related IRC channels. Anonymous is a group of loosely affiliated hackers that work together to coordinate hack attacks.

Orlando is allegedly being targeted in retaliation for the June 6 arrest of members of the group Food Not Bombs, which distributes free food to the homeless in Orlando and other U.S. cities. Food Not Bombs has been distributing food once a month in an Orlando park despite new city laws that limit the group to two permitted "large-scale" public events in a park per a 12-month period. Food Not Bombs challenged the law in court, but recently lost on appeal and police began making arrests for trespassing when the group continued its monthly feedings.

It should be noted that chatter on IRC channels and blogs don't always translate to an actual attack. However, in the past several days similar type of Anonymous IRC discussions were the precursor to attacks. For example, plans for the Malaysian hack attack were spotted on IRC channels just before 51 Malaysian government Websites were attacked (41 actually were knocked offline).

Continued : http://www.pcworld.com/article/230432/anonymous_plans_attack_on_city_of_orlando_website_irc_chatter_suggests.html

- Collapse -
SpyEye Trojan Targets Airline Website that Accepts Bank..

"SpyEye Trojan Targets Airline Website that Accepts Bank Debit Card Payments"

From the Trusteer Blog:

We have uncovered a SpyEye configuration that targets users of two leading European airline travel Web sites: Air Berlin, the second largest airline in Germany (after Lufthansa) and AirPlus, the global provider of business travel services for companies. SpyEye exploits the user's machine, not the websites, to carry out this fraud.

The attack subjects are far from randomly selected, but are, we believe, carefully chosen for their criminal revenue potential. One site accepts debit card payments, while the other caters to business users.

Air Berlin, now Europe's sixth-largest airline, not only accepts debit and credit cards, but for Austrian, Dutch and German citizens, allows travellers to pay by bank direct debit seven days before travelling.

This means that criminals targeting an Air Berlin traveller from these countries stand a good chance of obtaining the personal details of the user - including their date of birth, which is mandatory on the airline's site - as well as their bank account details.

Air Plus, meanwhile, offers a variety of travel services for companies of all sizes via their website, all paid for by business payment cards, which are invariably linked to business bank accounts.

Since corporate accounts tend to carry much higher balances (or credit limits) than consumer accounts, they have much greater cybercriminal revenue potential from a data harvesting perspective.

Continued : http://www.trusteer.com/blog/spyeye-trojan-targets-airline-website-accepts-bank-debit-card-payments

- Collapse -
Free web hosting is a boon to phishers

Sometimes it seems that every legitimate service offered online can be misused by phishers, scammers and cyber criminals in general.

Free mail services are abused to send out spam. The Amazon cloud is used by criminals to host malware and mount attacks. Search engines are used to offer poisoned search results and to drive users to malware or scam sites. Social networks are misused to spread malicious links.

Free hosting services are also a boon for scammers, since they need a place to set up malicious sites as quickly as they get pulled down.

There are many such services on the Web, and among them is PasteHtml.com a free anonymous web hosting. And although the intentions of the people behind the service are honorable, the site has proven very handy for phishers.

"Try searches on the site for terms such as 'site:pastehtml.com facebook login' or 'site:pastehtml.com paypal'," points out a Zscaler's researcher. "Most of the pages are malicious." [Screenshot]

Continued : http://www.net-security.org/secworld.php?id=11180

- Collapse -
App that revealed most common iPhone passcodes booted..
..from App Store

Following the publication of the statistics concerning the most common iPhone passcodes that application developer Daniel Amitay has shared on Tuesday, Apple's unsurprising reaction was to remove the app from its App store.

Even though Amitay did not, in fact, collect the users' passcodes, but the passcodes for his "Big Brother" app, and even though Amitay believed that the iTunes EULA allowed him to do so as long as it is in a form that does not personally identify the users, Apple has decided to shoot first and ask questions later.

I can't say that I blame them, and judging by the Amitay's blog post, neither does he. "ll gladly remove the code in question if it is what Apple has a problem with. That said, I had planned on having these common passcodes built into a next update, so as to prompt users not to choose obvious passcodes," he explained.

Continued : http://www.net-security.org/secworld.php?id=11179

Related: The top 10 passcodes you should never use on your iPhone
- Collapse -
Chinese court sentences three to prison for iPad design leak

A Chinese court sentenced three people to prison for stealing information on Apple's iPad 2 design, which was used to make protective cases for the device months before the hit tablet was even launched.

The Shenzhen Baoan People's Court ruled this month that the three persons had collaborated to steal trade secrets from Apple supplier, Foxconn, which builds the iPad in factories in China.

The scheme was initiated last July when Xiao Chengsong, the head of a Chinese electronics company, contacted Hou Pengna, a former employee at Foxconn about obtaining information on the iPad 2 design.

Hou then funneled 20,000 yuan ($3,090) to Lin Kecheng, a section chief with Foxconn's research and development group. In return, Lin provided documents on the iPad 2's casing design. Xiao's company, MacTop Electronics used the information to manufacture more than 100 iPad 2 outer protective casings, publicizing the products on the Web.

Xiao was sentenced to 18 months in prison and fined for 150,000 yuan. Lin was sentenced to 14 months, and fined 100,000 yuan, while Hou was sentenced to one year, and fined 30,000 yuan.

Continued : http://www.computerworld.com/s/article/9217676/Chinese_court_sentences_three_to_prison_for_iPad_design_leak

- Collapse -
New project scans for WordPress holes

Developer Ryan Dewhurst has launched a new project called WPScan, a WordPress Security Scanner. The initial version can attempt to work out user names, crack weak passwords and identify vulnerabilities based on version. Dewhurst plans to add plugin detection and also identify the plug-in vulnerabilities, as well as add other checks.

The newly created project, developed by Dewhurst after creating a "Brute Force Tool" for WordPress, is designed to help security professionals of WordPress administrators assess their WordPress installations. The alpha quality Ruby code is licensed under the GPLv3 and is being hosted on Google Code.

WordPress has become somewhat known for security issues; many users configure a WordPress blog but fail to keep the blogging software behind it up to date. This failure can often allows attackers to use well known flaws to gain control of the blog.

http://www.h-online.com/security/news/item/New-project-scans-for-WordPress-holes-1261912.html

- Collapse -
Citi Credit Card Hack Bigger Than Originally Disclosed

Citigroup has been forced to reveal that a recent hack of its network exposed the financial data of more than 360,000 customers, a much higher number than the bank originally disclosed.

The company said last week that hackers who breached Citi Account Online on May 10 had acquired the personal information of about one percent of its 21 million North America customers, or about 210,000 credit-card holders. But in a note posted to its web site late Wednesday, the company revealed the new number, and said that it had known the number of customers affected was much higher as early as May 24. The note didn't indicate why the company hadn't disclosed the higher number before, but the New York Times reports that the revelation comes after Connecticut's attorney general and several other state regulators have opened investigations into the breach and begun demanding more information about it.

Citi said the information the hackers viewed included customer names, account numbers and contact information, but that Social Security numbers, birthdates, card expiration dates and security codes (known as CVV) were not accessed by the hackers. The company also said its main card processing system was not breached in the attack.

Continued : http://www.wired.com/threatlevel/2011/06/citibank-hacked/

Also:
Citigroup reveals breach affected over 360,000 cards
Citigroup ups number of accounts breached in attack

Related : Citibank victimized by hackers, insists cardholders are safe

CNET Forums