Spyware, Viruses, & Security forum

General discussion

NEWS - June 30, 2010

by Carol~ Forum moderator / June 30, 2010 2:02 AM PDT
Tricked again: Key combination opens Corsair's Padlock 2 flash drive without authorisation

Corsair have pointed out a vulnerability in their USB flash drives with Padlock 2 access protection. The hole allows stored data to be accessed without authorisation. The flash drives have a mini keyboard for users to key in their PIN in order to access the drive. This allows the drives to work independently of drivers and platforms.

However, the password can be deleted via a special key combination, while the stored data remains intact. As a consequence, the data can reportedly be accessed without having to enter a PIN. Corsair have released instructions for solving the problem, but recommend backing up the data beforehand; instructions for securing the drive are available here.

Continued here: http://www.h-online.com/security/news/item/Tricked-again-Key-combination-opens-Corsair-s-Padlock-2-flash-drive-without-authorisation-1030937.html
Discussion is locked
You are posting a reply to: NEWS - June 30, 2010
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - June 30, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
YouTube backs Flash over HTML5
by Carol~ Forum moderator / June 30, 2010 2:03 AM PDT
In reply to: NEWS - June 30, 2010

"YouTube engineers still need Adobe Flash"

In the ongoing debate over whether to use Flash or HTML5, Google has weighed in heavily in favor of using HTML5. The engineers at the Google-owned YouTube, however, still prefer Flash, if a company blog item posted Tuesday from the company is any indication.

"While HTML5's video support enables us to bring most of the content and features of YouTube to computers and other devices that don't support Flash Player, it does not yet meet all of our needs," said YouTube software engineer John Harding in the post. "Today, Adobe Flash provides the best platform for YouTube's video distribution requirements."

In short, HTML5 still lacks many of the features needed for video presentation. And, as it happens, Flash provides all these features. "We need to do more than just point the browser at a video file like the image tag does, there's a lot more to it than just retrieving and displaying a video," he wrote.

Continued here: http://news.techworld.com/applications/3228802/youtube-backs-flash-over-html5/

Collapse -
Regular domains beat smut sites at hosting malware
by Carol~ Forum moderator / June 30, 2010 2:06 AM PDT
In reply to: NEWS - June 30, 2010

"99 to 1, study finds"

New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the web are likely to avoid exposure to malware.

A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult web site. In the UK, Avast found that more infected domains contained the word "London" (such as the blog section of http://kensington-london-hotels.co.uk) than the word "sex". Among the domains labelled as infected by Avast was the smart phones section of the Vodafone UK website. The mobile phone operator's site contained a malicious JavaScript redirect script that attempted to take advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885) to infect the machines of visiting surfers.

HTML files from sub-domain blackberry.vodafone.co.uk still contain malicious code at the time of writing but point to a site containing the attack payload site that has been pulled offline.

Continued here: http://www.theregister.co.uk/2010/06/30/unsafe_surfing/

Collapse -
FBI hackers fail to crack TrueCrypt
by Carol~ Forum moderator / June 30, 2010 2:07 AM PDT
In reply to: NEWS - June 30, 2010

"Open source encryption on Brazilian banker's hard drive baffles police dictionary attack"

The FBI has admitted defeat in attempts to break the open source encryption used to secure hard drives seized by Brazilian police during a 2008 investigation.

The Bureau had been called in by the Brazilian authorities after the country's own National Institute of Criminology (INC) had been unable to crack the passphrases used to secure the drives by suspect banker, Daniel Dantas.

Brazilian reports state that two programs were used to encrypt the drives, one of which was the popular and widely-used free open source program TrueCrypt. Experts in both countries apparently spent months trying to discover the passphrases using a dictionary attack, a technique that involves trying out large numbers of possible character combinations until the correct sequence is found.

Continued here: http://news.techworld.com/security/3228701/fbi-hackers-fail-to-crack-truecrypt/

Collapse -
Destination Hotels card-processing system hacked
by Carol~ Forum moderator / June 30, 2010 2:08 AM PDT
In reply to: NEWS - June 30, 2010

Hackers have broken into the payment processing system of Destination Hotels & Resorts, a high-end chain best known for its resort hotels in destinations such as Vail, Colorado; Lake Tahoe, California; and Maui, Hawaii.

Guests who recently stayed at 21 of the resort's 30 hotels may have been victimized by the scheme, which appears to have compromised point-of-sale systems. The company refused to release many details of the incident -- citing an ongoing investigation by the U.S. Federal Bureau of Investigation -- but in a note posted to its Web site said that it had "uncovered a malicious software program inserted into its credit card processing system from a remote source."

Destination Hotels is in the process of notifying victims but will not say how many people have had their credit card numbers stolen, a company spokeswoman said.

Continued here: http://www.computerworld.com/s/article/9178695/Destination_Hotels_card_processing_system_hacked

Collapse -
Group to examine cloud standards
by Donna Buenaventura / June 30, 2010 2:08 AM PDT
In reply to: NEWS - June 30, 2010

OASIS Identity in the Cloud TC will develop profiles of open standards for identity deployment, provisioning and management

Last week I had the opportunity to participate in the "Cloudchasers" series of podcasts hosted by noted raconteur Mathew T. Grant. This one included Ajay Sharma, the product marketing manager for identity management at Novell, and myself talking about "Identity and the enterprise cloud."

One issue that came up, and which we mostly danced around, was the issue of standards. Now we all know that there are lots of standards in identity (SAML, WS-Federation, OpenID, CardSpace, etc.) but -- so far -- none are perfect for the cloud. Still, work is going on.

The Organization for the Advancement of Structured Information Standards (OASIS) has recently formed a technical committee (TC) to examine this issue, called the "Identity in the Cloud" TC.

Written by: Dave Kearns, Network World

Collapse -
Building a Facebook Killer Won't Be Easy for Google
by Carol~ Forum moderator / June 30, 2010 2:09 AM PDT
In reply to: NEWS - June 30, 2010

Hearsay in recent days that Google is working hard on a project to better compete against Facebook has captured the attention of industry observers, who wonder what shape this initiative might take and what is its likelihood of success.

After all, Google has several social media sites and services out there, including Gmail's Buzz microblogging component, video sharing site YouTube, photo sharing site Picasa and blog publishing service Blogger.

Google also has social-networking site Orkut, the OpenSocial tools and platform for social application development, the Docs office document sharing and collaboration suite, the Wave real-time collaboration application and the social search capabilities of its search engine.

The speculation, while loud and coming separately in online postings from Digg founder Kevin Rose and former Facebook CTO Adam D'Angelo, has yielded few details, and Google is declining to comment.

Continued here: http://www.cio.com/article/598214/Building_a_Facebook_Killer_Won_t_Be_Easy_for_Google

Collapse -
Online Armor sold to Emsisoft
by Donna Buenaventura / June 30, 2010 2:10 AM PDT
In reply to: NEWS - June 30, 2010

From Online Armor Blog:

Mike's final (OA) blog post - a personal note

By the time you read this, the news will be public that Austrian-based Emsisoft, headed up by Christian Mairoll has aquired Online Armor from Tall Emu. There's a been a bit of speculation over the last day or so that "something" was happening. During the past few weeks, we started to prepare to transfer operational control of Online Armor over to Emsisoft and a few things went live 48h or so before they were supposed to. Oops.

The deal is done, there's no going back and no regrets. Indeed, Emsisoft aquiring Online Armor is the best possible thing that could happen to it. Emsisoft has 20 staff focused on security software. Tall Emu had two (OA developers) - and they just went to work for Emsisoft. I can't wait to see what happens over the next 12 months with Online Armor and Emsisoft Anti-malware.

A lot of people probably have a lot of questions, and I've been asked a few times, so I'll try to answer them here.

More in http://onlinearmorpersonalfirewall.blogspot.com/2010/06/online-armor-sold-to-emsisoft.html

Collapse -
Security glitch exposes WellPoint data again
by Donna Buenaventura / June 30, 2010 2:14 AM PDT
In reply to: NEWS - June 30, 2010

WellPoint Inc. has notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in the latest security breach of the health insurer's records.

The Indianapolis company said the problem stemmed from an online program customers can use to track the progress of their application for coverage. It was fixed in March.

Spokeswoman Cynthia Sanders said an outside vendor had upgraded the insurer's application tracker last October and told the insurer all security measures were back in place.

But a California customer discovered that she could call up confidential information of other customers by manipulating Web addresses used in the program. Customers use a Web site and password to track their applications.

WellPoint learned about the problem when the customer filed a lawsuit about it against the company in March.

"Within 12 hours of knowing the problem existed, we fixed it," said Sanders, who declined to identify the outside vendor.


Collapse -
World cup threatens more than just your ears
by Donna Buenaventura / June 30, 2010 2:36 AM PDT
In reply to: NEWS - June 30, 2010

Vuvuzelas and hearing problems are not the only issues that excited football fan can encounter at this year?s Football World Cup in South Africa. One month before the opening match between South Africa and Mexico the bad guys were already busy infecting popular related websites in anticipation of increased traffic. Compared to the same period last year, avast! identified a 200% increase in the number of infected web pages and successfully prevented 200 000 fans from visiting them and getting infected. The attached graph illustrates the dramatic increase in the number of infected websites. So, for the competition?s final stages, make sure you have not only good earplugs, but also good antivirus protection.


Collapse -
Heartland ramps up first end-to-end encryption
by Carol~ Forum moderator / June 30, 2010 7:45 AM PDT
In reply to: NEWS - June 30, 2010

"Heartland resonds to major data breach"

Heartland Payment Systems, the victim last year of a massive data breach of sensitive card data, vowed after that devastating event to develop new security gear based on end-to-end encryption between itself and its merchants to prevent such a breach from occurring again. That's now taking shape, but slowly.

"We have a long way to go," acknowledges Heartland CEO Bob Carr, pointing out the so-called E3 payment terminals, intended for small-to-midsize customers, are but the first step, "with more advanced technologies coming in the summer" intended for use between Heartland's network and much larger merchants that would require more back-end integration into processing systems. "We're not ready to help all of them yet," he acknowledges.

Continued here: http://www.networkworld.com/news/2010/063010-heartland-end-to-end-encryption.html

Collapse -
Half a million Vaio laptops prone to overheating
by Carol~ Forum moderator / June 30, 2010 7:45 AM PDT
In reply to: NEWS - June 30, 2010

First they made our batteries melt down and explode. Now they?re coming directly for our laptops.

According to PCWorld, Sony is announcing that more than half a million Vaio notebook computers are prone to overheating due to a bug in the BIOS software. It?s unclear how severe the overheating could get ? whether damage could occur to the machine or to its surroundings ? but it?s not a warning to take lightly. To date the overheating has not caused any significant property damage beyond the laptop itself, with 39 cases of the problem now on record, PCWorld reports.

The news comes on the heels of a similar revelation by Dell, which became embroiled in a lawsuit over faulty computers that the company said had overheated because they were ?overtaxed? by being made to ?perform difficult math calculations,? the New York Times reports. Later that diagnosis was revised: Millions of computers had been sold in the 2000s ?riddled with faulty electrical components that were leaking chemicals and causing the malfunctions.?

Continued here: http://news.yahoo.com/s/ytech_wguy/20100630/tc_ytech_wguy/ytech_wguy_tc2963

Collapse -
Important Notification for the Sony VAIO
by Carol~ Forum moderator / June 30, 2010 12:15 PM PDT

From Sony's eSupport:

Dear Sony customers,

Sony takes pride in the quality of its products. Recently, we became aware of a potential issue affecting certain units within the VPCF11 and VPCCW2 series of notebook PCs.

In rare instances, these notebook computers may overheat due to a potential malfunction of the internal temperature management system, resulting in deformation of the product's keyboard or external casing, and a potential burn hazard to consumers.

If you have one of the VPCF11 or VPCCW2 series models, Sony recommends that you download and install a firmware update specifically designed to prevent the potential overheating symptom.

* Click here for information on how to locate the model number of your notebook PC.
* Click here to download and install the update.

If you have any questions or need additional assistance with the firmware update installation, call Sony technical support at (866) 496-7669 for assistance.

The satisfaction of our customers is our number one priority, and we will work diligently to ensure that your VAIO notebook is in top working order. We apologize for any inconvenience and appreciate your support in this matter.


Mike Lucas,
Senior Vice President, VAIO
Sony Electronics Inc.


Collapse -
Adobe fix still allows ?Escape from PDF?
by Carol~ Forum moderator / June 30, 2010 7:46 AM PDT
In reply to: NEWS - June 30, 2010

From the Bkis Global Task Force Blog:

On June 29, 2010, Adobe has published its security updates for Adobe Reader and Adobe Acrobat (APSB10-15). Among many vulnerabilities fixed this time, the noticeable one is /Launch vulnerability (CVE-2010-1240), which is said to be found by Didier Stevens. However, it is pity that the patch is not working properly.

/Launch vulnerability was released by Didier on March 29, 2010. Since then, many viruses in the wild have taken advantage of the flaw:

? Virus using /Launch exploit code in MSF
? Virus exploiting the true nature of PDF /Launch vulnerability

It takes Adobe three months to release the patch. I think it is delayed for too long. On the blog entry, Didier confirms that Adobe has completely fixed the flaw. Thus, I decide to check the patch carefully, and the patch turns out to be incomplete.

Firstly, I check the exploited PDF file with the latest version of Adobe Reader.

Before version 9.3.3 [...]

Continued here: http://blog.bkis.com/en/adobe-fix-still-allows-escape-from-pdf/

Collapse -
Facebook Adds New Controls for Third-Party Apps
by Carol~ Forum moderator / June 30, 2010 7:46 AM PDT
In reply to: NEWS - June 30, 2010

Facebook has revamped the way its users share information with third-party applications and Web sites in an effort to make the process easier, the company said Wednesday.

With the changes, a new permissions box will pop up whenever a Facebook user installs a new application or first logs into an external Web site through their Facebook account, wrote Bret Taylor, the social-networking site's CTO, in a blog post.

About 550,000 applications work within Facebook and about 1 million Web sites are integrated with the site, Facebook said.

"In order for these applications and Web sites to provide social and customized experiences, they need to know a little bit about you," Taylor wrote. "We understand, however, that it's important you also have control over what you're sharing."

Continued here: http://www.cio.com/article/598296/Facebook_Adds_New_Controls_for_Third_Party_Apps

Collapse -
New Clothes for ?Canadian Pharmacy? Spam
by Carol~ Forum moderator / June 30, 2010 7:46 AM PDT
In reply to: NEWS - June 30, 2010

From the McAfee Labs Blog:

It has been a little while since we heard something new from the pharmacy spam corner, but right on time at the end of Q2, they are back?and with reinforcements!

Our researchers have found an enormous number of spam URLs, and they are all related to some well-known malicious IPs ranges?194.xx.xx.x2 and 194.xx.xx.x4.

The first IP range alone could give us a repertoire of almost 200 alike-sounding URLs with words such as erect, drugs, med, pharm, or pill. And, of course, they appear in various combinations with several number-letter extensions, for example, hxxp://33a2.xxxxxxxxxxxx71a.xx. or hxxp://drugsxxyyzz.xx.

Although these IPs contain the ?Canadian pharmacy? spam terminology, their TLDs are mostly from Russia and Ukraine.

Continued here: http://www.avertlabs.com/research/blog/index.php/2010/06/30/the-canadian-pharmacy-new-clothes/

Collapse -
Microsoft: 10,000 PCs hit with new Windows XP 0-day attack
by Carol~ Forum moderator / June 30, 2010 12:01 PM PDT
In reply to: NEWS - June 30, 2010

Nearly a month after a Google engineer released details of a new Windows XP flaw, criminals have dramatically ramped up online attacks that leverage the bug.

Microsoft reported Wednesday that it has now logged more than 10,000 attacks. "At first, we only saw legitimate researchers testing innocuous proof-of-concepts. Then, early on June 15th, the first real public exploits emerged," Microsoft said in a blog posting.

"Those initial exploits were targeted and fairly limited. In the past week, however, attacks have picked up."

The attacks, which are being launched from malicious Web pages, are concentrated in the U.S., Russia, Portugal, Germany and Brazil, Microsoft said.

PCs based in Russia and Portugal, in particular, are seeing a very high concentration of these attacks, Microsoft said.

Security vendor Symantec said these attacks peaked late last week. "Symantec has seen increased activity around this vulnerability. The increased activity started around June 21 and peaked around June 26 and 27," a company spokesman said on Wednesday. Attacks have leveled out since then, he added.

Continued here: http://www.computerworld.com/s/article/9178768/Microsoft_10_000_PCs_hit_with_new_Windows_XP_zero_day_attack

From the Microsoft Malware Protection Center: Attacks on the Windows Help and Support Center Vulnerability (CVE-2010-1885)

Collapse -
Fake Resume Spam Leads to Malware Infection
by Carol~ Forum moderator / June 30, 2010 12:01 PM PDT
In reply to: NEWS - June 30, 2010

From the McAfee Labs Blog:

We just noticed a new wave of fake resume spam that redirects users to a malicious site. We see the resume pages were uploaded to innocent sites in top-level domains of various countries, perhaps in an attempt to internationalize the spam campaign. [...]

The pages contain a small piece of obfuscated JavaScript code that translates into a malicious URL when decoded. [...]

This malicious domain is also related to other domains that were used in a fake YouTube malware campaign and a Zeus control server. So keep this in mind next time you click on that $100k job offer or suspicious job application from an anonymous sender. McAfee SiteAdvisor technology can help protect users from these kinds of threats.

Continued here: http://www.avertlabs.com/research/blog/index.php/2010/06/30/fake-resume-spam-leads-to-malware-infection/

Collapse -
Medical diagnoses for 130,000 people vanish into thin air
by Carol~ Forum moderator / June 30, 2010 12:08 PM PDT
In reply to: NEWS - June 30, 2010

'Dear Patient'

New York-based Lincoln Medical and Mental Health Center has become one of the latest medical providers to expose highly sensitive patient data after CDs containing unencrypted data sent by FedEx never made it to their destination.

The breach exposed medical and psychological diagnoses and procedures for 130,495 patients, according to a notification posted Tuesday. The CDs, which remain missing despite an investigation that was launched in early April, also contained names, addresses, social security numbers medical record numbers, dates of birth and other details that are regularly snarfed up by identity thieves.

In a letter sent to affected patients (PDF), hospital officials said they have no knowledge the missing information has been accessed by anyone.

Continued here: http://www.theregister.co.uk/2010/06/30/patient_data_exposed/

Popular Forums
Computer Help 51,912 discussions
Computer Newbies 10,498 discussions
Laptops 20,411 discussions
Security 30,882 discussions
TVs & Home Theaters 21,253 discussions
Windows 10 1,672 discussions
Phones 16,494 discussions
Windows 7 7,855 discussions
Networking & Wireless 15,504 discussions


Meet the drop-resistant Moto Z2 Force

The Moto Z2 Force is really thin, with a fast processor and great battery life. It can survive drops without shattering.