Users hammered by fake AV resurgence
by
Carol~
Moderator
/
March 8, 2012 11:44 PM PST
GFI Software released its VIPRE Report for February 2012, a collection of the 10 most prevalent threat detections encountered during the month.
Most notably, GFI Labs has been documenting a new wave of fake antivirus applications (or rogue AV) on its Malware Protection Centre blog. Growing since the start of the year, last month brought a significant spike in new variations of rogue AV.
"While the velocity at which rogues were successfully propagating may have slowed toward the end of last year, they are certainly back now, and they remain a popular tactic among cybercriminals," said Christopher Boyd, senior threat researcher at GFI Software.
"Users should not let their guard down. As always - no matter how convincing they look - always take the time to evaluate any piece of software that claims your PC is infected, prompts you for a credit card number or asks you to share any sensitive data, especially if it's software that you or your employer did not install."
Continued : http://www.net-security.org/malware_news.php?id=2030
Phishers Dislike Facebook Timeline
by
Carol~
Moderator
/
March 8, 2012 11:44 PM PST
From the Symantec Security Response Blog:
Phishers regularly introduce new types of fake applications with the motive of improving their chance to harvest user credentials. In February 2012, Symantec observed a phishing site recommending a fake application that allegedly removes "Timeline" profile for Facebook users. The phishing site was hosted on a free web hosting site. [Screenshot]
The phishing site embedded the Facebook Timeline promotion video from YouTube, with the claim "Remove Timeline Now". According to this phishing site, users will have their "Timeline" removed from their Facebook profile and get back their old profile page—only after they enter their login credentials. To make the fake application look more authentic, phishers added that it was protected by an antivirus product with the logo of the antivirus brand placed below the login form. After user credentials are entered, the phishing page redirects to a page which displays a screenshot from the Facebook Timeline promotion video. If users fell victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes.
Continued : http://www.symantec.com/connect/blogs/phishers-dislike-facebook-timeline
FBI says it is concerned over cyber terror??
by
Carol~
Moderator
/
March 9, 2012 2:25 AM PST
A former senior intelligence official has warned that a full-scale cyber-attack against the United States by a terrorist organization is "a certitude."
??The official also told Fox News that cyber-terrorists operating in the digital realm routinely steal and launder money in an effort to finance their operations.??
Meanwhile, FBI director Robert Mueller told the House Appropriations Committee he was concerned over the possibility of a "cyber one-two punch," in which intellectual property is stolen and used to interfere, jam or disrupt operations on the battlefield.
"Certainly long term threat is by nation states who are finding new and ingenious ways to exfiltrate information," Mueller explained in a briefing on Wednesday.?
"On the one hand developing new technology for any future conflict, or on the other hand enabling them to disable our technology during in a time of war."?
Mueller also noted that terrorists may perceive cyber-attacks as an effective means of circumventing post-9/11 security, which is focused on halting physical attacks, rather than digital infiltrations.?
Continued : http://www.tgdaily.com/security-features/61983-fbi-says-it-is-concerned-over-cyber-terror
Also:
FBI warns Congress of terrorist hacking
FBI chief warns of terrorist cyber attacks
HTTPS and Tor: Working to Protect Your Security Online
by
Carol~
Moderator
/
March 9, 2012 2:26 AM PST
EFF released a new version its HTTPS Everywhere extension for the Firefox browser and debuted a beta version of the extension for Chrome.
EFF frequently recommends that Internet users who are concerned about protecting their anonymity and security online use HTTPS Everywhere, which encrypts your communications with many websites, in conjunction with Tor, which helps to protect your anonymity online.
But the best security comes from being an informed user who understands how these tools work together to protect your privacy against potential eavesdroppers.
Whenever you read your email, or update your Facebook page, or check your bank statement, there are dozens of points at which potential adversaries can intercept your Internet traffic. By using Tor to anonymize your traffic and HTTPS to encrypt it, you gain considerable protection, most notably against eavesdroppers on your wifi network and eavesdroppers on the network between you and the site you are accessing.
But these tools have important limitations: your ISP and the website you are visiting still see some identifying information about you, which could be made available to a lawyer with a subpoena or a policeman with a warrant.
Continued : http://www.infosecisland.com/blogview/20558-HTTPS-and-Tor-Working-to-Protect-Your-Security-Online.html
Smartphone apps are sending your data to China
by
Carol~
Moderator
/
March 9, 2012 2:26 AM PST
Smartphone apps can access some pretty personal and intimate information. This ranges from phone numbers and email addresses to GPS coordinates, to name a few.
It would be reasonable to assume that data collected is limited to assisting an app with its functionality. However, this doesn't always seem to be the case.
A report in the UK's The Sunday Times, "In a flash your details are on a server in Israel", sheds some light on data transfer practices in 70 basic smartphone apps.
These run-of-the mill applications were chosen because the Sunday Times felt they sought more information than was functionally necessary.
Using "MiddleMan" software, they were able to monitor app data transfers and made some rather disconcerting discoveries.
The results showed that of the 70 apps, "twenty-one transmitted the phone number, six sent out email addresses, six shared the exact co-ordinates of the phone and more than half passed on the handset's ID number."
Continued : http://nakedsecurity.sophos.com/2012/03/09/smartphone-apps-sending-your-data-to-china/
StopTheHacker automatically removes malicious code from
by
Carol~
Moderator
/
March 9, 2012 2:26 AM PST
.. web pages
"Security startup's latest features may be good for small businesses who want hands-off web page security management"
StopTheHacker has added a feature to the security startup's subscription service that automatically removes malicious code placed on web pages by hackers.
Peter Jensen, CEO of StopTheHacker, which officially opened for business in San Francisco last month, said that many businesses, such as law firms, have small IT staffs and few resources with which to run their websites.
That makes it difficult for them to know if their site has been hacked and quickly fix it before more of their users are victimised. The problem of hacked websites has grown worse over the last few years: Google estimates it blocks 6,000 new websites a day that have been rigged to deliver malicious code to users.
If a website has, for example, a database vulnerability, hackers can gain access to the site, and plant code that attacks visiting computers. The style of attack is known as a drive-by download and usually occurs unnoticed by the victim.
Continued : http://news.techworld.com/security/3343337/stopthehacker-automatically-removes-malicious-code-from-web-pages/
Symantec Norton Antivirus 2006 Code Leaked by Anonymous
by
Carol~
Moderator
/
March 9, 2012 4:53 AM PST
The saga that illustrates the cyber-battle between world renowned security solutions provider Symantec and Anonymous hacktivists continues. The hackers published the alleged source code of Norton Antivirus 2006, which they obtained during a breach that took place in 2006.
Not long ago, the hackers claimed they possessed the source code of Symantec's pcAnywhere, an incident that forced the security company to advise its customers to stop using the application.
Now, the hackers posted the 1.4 gigabyte source code on The Pirate Bay, the 26,742 files being accompanied by a protest message against the recent arrests made by law enforcement agencies.
"All conflict comes from social inequality and those who use this to their advantage. Our civilization is facing a radical, imminent mass change," the hackers wrote.
"The alternative to the hierarchical power structure is based on mutual aid and group consensus. As hackers we can learn these systems, manipulate these systems, and shut down these systems if we need to."
The AntiSec hackers also demand the release of Jeremy Hammond, also known as sup_g, Kayla, Palladium, Topiary, Pwnsauce, and others that have been apprehended recently.
Continued : http://news.softpedia.com/news/Symantec-Norton-Antivirus-2006-Code-Leaked-by-Anonymous-257636.shtml
Also: Anonymous continues defacing websites, releases Norton AV code
This time, the bad guys want your tax accountant
by
Carol~
Moderator
/
March 9, 2012 4:53 AM PST
From the avast! Blog:
While taxpayers are the regular target of springtime malware schemes, this year the bad guys are aiming for the accountants.
A series of imposter emails are threatening recipients with the removal of their professional accreditation if they fail to respond promptly. The tax-phish appear to be from organizations such as the American Institute of Certified Public Accountants (AICPA) , Better Business Bureau(BBB) , and Intuit tax services. [Screenshot]
After clicking on the email, users are redirected through a hacked legitimate site to the final malware distribution center where their computer can download fake antivirus or another malware package selected by the bad guys.
This spam campaign started in the last week of February. A tax-themed attack is a traditional feature of March and April as Americans prepare their income tax returns.
The tax-time malware is the latest example of the BlackHole Exploits Kit at work - and shows that the bad guys' graphic and language skills are improving.
Continued : https://blog.avast.com/2012/03/09/this-time-the-bad-guys-want-your-tax-accountant/#more-7197
SKYPE: (S)ecurely (K)eep (Y)our (P)ersonal (E)-communication
by
Carol~
Moderator
/
March 9, 2012 4:54 AM PST
From the ESET Threat Blog:
From time to time people get new computer equipment and need to (re-)install all their favorite programs. Often a painful and time-consuming job, but afterwards it should ease the way of working with the new equipment. Even security gurus have to undergo this procedure at regular intervals. In November 2011 I started to use Skype for the very first time after many people asked me if I had a Skype ID. I quickly installed it and started to use it. Indeed it proved a convenient (and cheap) way of communicating. But when I got a new laptop to travel with and installed Skype and started to use it, even I was surprised!
After logging in into Skype with my Skype ID, all Instant Message Communications I had with other people suddenly appeared. I am no stranger to saved Histories, like in Live Messenger, but these are always stored on your local machine and the option is disabled by default. Skype stores this locally too, but also "In the Cloud".
Before people start to think that this blog is a rant against Skype, forget it! Yes, Skype could improve on a few points, I will even point them out, but this blog is purely for educational purposes, a reason why people should read the End User License Agreement (EULA), the Privacy Policy and the Terms of Use.
Continued : http://blog.eset.com/2012/03/08/skype-securely-keep-your-personal-e-communications
NYT Profiles LulzSec's Sabu As Talented Hacker With ..
by
Carol~
Moderator
/
March 9, 2012 6:49 AM PST
NYT Profiles LulzSec's Sabu As Talented Hacker With Star-Crossed Life
Hector Xavier Monsegur or "Sabu," de facto ringleader of the notorious Anonymous Internet Collective, was not merely a talented hacker. He was also something of a Robin Hood of the East Side projects and a hard-partying nuisance to his neighbors, a report by the New Yok Times claims.
A report finds that Monsegur's neighbors complained (fruitlessly) to the housing project community board and the police alike about the 28 year-old's constant partying and noise-making. The smell of Marijuana often wafted from his apartment where he reportedly dappled in drug-dealing to make ends meet. Among his regular visitors were his half-sister, several brothers, and a white pit-bull named China.
But the now-famous hacker, LulzSec member and FBI witness was also described as a dedicated guardian to his two cousins, whose mother was incarcerated. At least one neighbor described him as gracious. Another reported losing his wallet and having it returned by Monsegur, who found it and tracked the man down.
Continued : http://threatpost.com/en_us/blogs/nyt-profiles-lulzsecs-sabu-talented-hacker-star-crossed-life-030912
About Hacker Jeremy Hammond: Alleged Stratfor hacker Jeremy Hammond a 'genius with no brain'
It's not Illegal if You Consent: Malware's Dirty Little..
by
Carol~
Moderator
/
March 9, 2012 6:50 AM PST
.. Tricks
In a conversation with Chris Hadnagy recently, which will be released as a podcast shortly (and trust me you're not going to want to miss this episode!) we tripped over this little trick that malware authors use which just makes my blood boil.
Since the bad guys often rely on the end-user's lack of awareness and knowledge, you half-expect some of the dirty tricks, like creating a brilliant-looking and convincing web page that looks just like your antivirus software... or something equally dastardly, but there's another trick Chris brought up that made me crazy.
Here's the deal - how many of you reading this right now have read the entire EULA (end user license agreement) on the last piece of software you installed?
It's OK, no one's looking if you admit to yourself that much like me, you probably skimmed it or skipped it altogether opting instead for the 10 minutes of time-savings just to get your software installed.
The bad guys count on this, and in their sketchy software they put in things that make their criminal activity legal. And it's all because you clicked "I accept".
This is how the scene plays itself out...
Continued : http://www.infosecisland.com/blogview/20593-Its-not-Illegal-if-You-Consent-Malwares-Dirty-Little-Tricks.html
Global Malware Rates: Is Your Country Among The Safest Or..
by
Carol~
Moderator
/
March 9, 2012 6:50 AM PST
Global Malware Rates - Is Your Country Among The Safest Or Most Infected?
From the Norman Blog:
Did you know that - according to our malware statistics - you're less likely to have malware on your computer if you come from a European country? And - just like in most worldwide polls - it's a Scandinavian nation that comes out on top.
Data from our Malware Cleaner shows that Finland has the lowest rate of infection in the world, with 24.31% of scanned computers containing a malware, such as a virus, spyware or trojan. To me, that's shocking! Even in the best-protected country, a quarter of computers are infected?!
Norway, Sweden, Denmark - and rather strangely - Puerto Rico make up the rest of the Top 5, with rates between 25 - 28%. A further six European countries sit in the top 15, making it the safest continent in the world with 10 of the 15 lowest infection rates (those countries are Netherlands, Switzerland, Austria, the UK, Liechtenstein and Iceland).
From outside the EU, along with Puerto Rico, Myanmar is another surprise entry, with Singapore, Sudan and Lebanon all in the top-ten at around 30% of systems infected. Scary.
Top Ten Lowest Infection Rates
Continued : http://blogs.norman.com/2012/for-consumption/global-malware-rates-is-your-country-among-the-safest-or-infected