Spyware, Viruses, & Security forum

Alert

NEWS - May 02, 2011

by Carol~ Moderator / May 1, 2011 9:36 PM PDT
Blackhat SEO and Osama Bin Laden's death

Google's top-trending Anglophone search term right now is, understandably, "osama bin laden dead".

Google officially describes its hotness (you couldn't make this stuff up) as volcanic.

The short version, according to the LA Times, is that bin Laden was tracked to a "comfortable mansion surrounded by a high wall in a small town near Islamabad, Pakistan's capital."

For bin Laden, it seems, the comfort is no more. "On Sunday, a 'small team' of Americans raided the compound. After a firefight, [President Obama], they killed Bin Laden." Apparently, DNA tests have confirmed Bin Laden's identity.

And there you have it.

Now you know the basics - but watch out for the links you're likely to come across in email or on social networking sites offering you additional coverage of this newsworthy event.

Many of the links you see will be perfectly legitimate links. But at least some are almost certain to be dodgy links, deliberately distributed to trick you into hostile internet territory.

Continued : http://nakedsecurity.sophos.com/2011/05/02/osama-bin-laden-dead-so-watch-for-the-spams-and-scams/

Additional Warnings:
Bin Laden Death Related Malware
Blackhat SEO and Osama Bin Laden's death
Bin Laden confirmed dead ... Start your clocks for SEO
Discussion is locked
You are posting a reply to: NEWS - May 02, 2011
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - May 02, 2011
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Sony will reactivate its suspended online services soon
by Carol~ Moderator / May 2, 2011 2:23 AM PDT
In reply to: NEWS - May 02, 2011

Playstation vendor Sony, recently shaken by a data leak involving millions of users' personal data, plans to reactivate some of its hacked online services in the near future. The same applies for the company's Qriocity music and movie services, according to a posting on the PlayStation blog on Sunday (1 May). Sony Computer Entertainment CEO Kazuo Hirai apologised for the incident at a press event in Tokyo.

"We're very sorry for causing troubles and worries to our customers," Hirai said at the press conference, making a long and deep bow - a deeply apologetic gesture in Japan. He promised that complimentary games will be made available to compensate all PSN users and premium PSN users and Qriocity subscribers would also receive thirty days of free service as part of the company's "Welcome Back" campaign. Hirai also asked all users to be prepared to change their password as part of the process of bringing the network back online.

Continued : http://www.h-online.com/security/news/item/Sony-will-reactivate-its-suspended-online-services-soon-1235763.html

Also: Sony Announces PlayStation Network Restoration Plan, Freebies

Related:
PlayStation Apology Too Late? One in Five Would Defect to Xbox 360
Sony: 'PSN attacker exploited known vulnerability'

Collapse -
Crimekit for MacOSX launched
by Carol~ Moderator / May 2, 2011 3:55 AM PDT
In reply to: NEWS - May 02, 2011

The first advanced DIY (Do-It-Yourself) crimeware kit aimed at the Mac OS X platform has just been announced on a few closed underground forums. Detailed information about this crimeware kit is not being leaked publicly and the authors of the kit are obviously trying to stay below the radar allowing only vetted users of the forums to see most of the content.

The Danish IT-security company CSIS Security Group has just yesterday observed a new advanced Form grabber designed for the Mac OS X operating system being advertised on several closed underground forums. In the same way as several other DIY crimeware kits designed for PCs, this tool consists of a builder, an admin panel and supports encryption.

The kit is being sold under the name Weyland-Yutani BOT and it is the first of its kind to hit the Mac OS platform. Apparently, a dedicated iPad and Linux release are under preparation as well.

The Weyland-Yutani BOT supports web injects and form grabbing in Firefox; however both Chrome and Safari will soon follow. The webinjects templates are identical to the ones used in Zeus and Spyeye.

Continued : http://www.csis.dk/en/csis/blog/3195/3195/

Collapse -
Anonymous directs its efforts toward Iran
by Carol~ Moderator / May 2, 2011 3:55 AM PDT
In reply to: NEWS - May 02, 2011

"Anonymous' new target is the Iranian government, and the hacktivist group wants to fight the censorship-happy Iranian authorities."

This should really convince Sony that Anonymous has bigger fish to fry. The Hacktivist group Anonymous announced this weekend that it has set its sights on Iran. Its DDoS attacks will correspond with international Worker's Day, and "Operation Iran" officially began yesterday at 1 a.m. EST.

"People of Iran - your rights belong to you. You have the right to free speech and free press, the freedom to assemble and to be safe in your person. Your [sic] have the right to live free and without fear. As Labour Day dawns - Anonymous stands with you!" the group announced.

After rising to further infamy in light of its WikiLeaks support, and offensive efforts against corporations turning their backs on the government transparency organization, Anonymous has taken a different route as the Facebook Revolutions and demonstrations have swept across Northern Africa and the Middle East. The group has declared to help the citizens of these oppressive regimes by shutting down government-run sites, including those that censor online material deemed unsafe or offensive. Anonymous has largely relied on DDoS attacks to flood servers and crash websites-a fairly unsophisticated tactic-but there have also been incidents in which the hacktivists have been able to manipulate code and break into a site's database, giving them access to confidential data (such as in the case of HB Gary, when Anonymous published private company correspondence).

Continued : http://www.digitaltrends.com/computing/anonymous-directs-its-efforts-toward-iran/

Also: Anonymous to target Iran with DoS attack

Collapse -
Osama Bin Laden's Death Key Topic on Internet
by Carol~ Moderator / May 2, 2011 5:29 AM PDT
In reply to: NEWS - May 02, 2011

The announcement late Sunday of the death of al-Qaeda leader Osama bin Laden has set the Internet abuzz, as users searched for information and shared their thoughts on the killing of one of the world's most wanted men.

In a late-night appearance at the White House, U.S. President Barack Obama said that bin Laden had been killed in a U.S. operation in Pakistan on Sunday.

An IT consultant in Abottabad, the town where bin Laden was killed, inadvertently "live blogged" an early sign of the military operation on Twitter, without realizing its importance until much later.

Sohaib Athar, who uses the id @ReallyVirtual on Twitter, wrote "Helicopter hovering above Abbottabad at 1AM (is a rare event)," followed shortly after by "A huge window shaking bang here in Abbottabad Cantt. I hope its not the start of something nasty :-S."

He now has over 14,000 followers on the microblogging site. He moved to Abottabad from Lahore for some "peace and quiet," he said.

The events will provide an opportunity for malicious websites to infect computers by tricking users into visiting their sites for more information, warned security experts.

Cybercrooks can trick the search-ranking algorithms of popular search engines by feeding them fake pages to make their sites seem legitimate, increasing the chances that Internet users searching for news land on a site dispensing malware, warned Paul Ducklin, head of technology at IT security firm Sophos, in a post on the company's web site.

Athar himself seemed aware of the risks, joking in another Twitter message: "It is a good thing my blog server is infected with malware today, I guess :-/"

Continued : http://www.pcworld.com/businesscenter/article/226813/osama_bin_ladens_death_key_topic_on_internet.html

Collapse -
Starbucks Customers Targeted by Laptop Thieves
by Carol~ Moderator / May 2, 2011 5:36 AM PDT
In reply to: NEWS - May 02, 2011

Starbucks isn't just an inviting place for sipping lattes and getting free unlimited Wi-Fi on your laptop, it's also a favorite spot for thieves. The New York Times is reporting a trend in thefts at the popular coffeehouse, as thieves snatch laptops, handbags, iPads, and whatever else customers carelessly leave unsecured while they order their drinks or go use the restroom.

It may sound like common sense to most of us: leaving your gear unattended -- especially in a big city like New York -- makes you vulnerable to theft. One police officer commented to the Times that "people who left laptops behind to use the restroom should not be surprised to return to an empty table."

But apparently theft of laptops and other personal items at Starbucks is a common phenomenon. One police task force arrested 200 grand larceny suspects preying on Starbucks customers last year.

People just seem to be overly comfortable at the coffeehouse, letting their guard down. (To be fair, this is a problem not just with the Starbucks chain, but all similar environments.) In her guide for using Starbucks as your office, my PC World colleague Liane Cassavoy reports that none of the mobile pros interviewed for the story were terribly concerned about their gear.

Continued : http://www.pcworld.com/article/226824/starbucks_customers_targeted_by_laptop_thieves.html

Collapse -
Osama Bin Laden Spam/Ads on Facebook
by Carol~ Moderator / May 2, 2011 5:37 AM PDT
In reply to: NEWS - May 02, 2011

I guess the news about the death of Osama Bin Laden is starting to reach everyone around the world. We have noticed that every time something big as this happens, people get curious and start searching on the Internet. This is something that my colleague Fabio also noticed. During his research he found that cybercriminals are spreading Rogueware via Blackhat SEO and Google Images. You can read more about his finding here: http://www.securelist.com/en/blog/6202/Blackhat_SEO_and_Osama_Bin_Laden_s_death

This triggered me to do a quick search on Facebook and see what was happening over there. I directly saw that Facebook ads are already spreading using videos of the death of Osama Bin Laden as a trigger. On one Page we can see multiple users posting the same URL, with the following message:"Sweet! FREE Subway To Celebrate Osamas Death - 56 Left HURRY!" or "2 Southwest Plane Tickets for Free - 56 Left Hurry" and then a link to a short URL service (http: //tiny.cc/). [Screenshot]

When you click the link, you will be redirected to a page, where it says that you need to post a message to get more instruction on how you can win. [Screenshot]

Continued : http://www.securelist.com/en/blog/6206/Osama_Bin_Laden_Spam_Ads_on_Facebook

Related : LiveBlogging the Bin Ladin Assassination

Collapse -
Bogus MacDefender malware campaign targets Mac users using..
by Carol~ Moderator / May 2, 2011 8:51 AM PDT
In reply to: NEWS - May 02, 2011
.. Google Images

Apple computer owners are being subjected to a number of specialised malware attacks that insists Mac users download a malware version of the popular MacDefender antivirus application, infecting their computers as a result.

News of the malware campaign surfaced as scores of Mac computer owners flooded the Apple Discussion Forums, asking members for advice on how to delete the MacDefender application from their systems.

One member writes:

" Hi I am new to this, but something called Mac Defender has downloaded itself and now I cannot get it off my computer. Can someone shed some light on this bizarre program that I did not ask for?"

Early reports show that users have been targeted as they search Google Images, one user stating that the bogus MacDefender application was automatically downloaded as he browsed images of Piranhas. Further searching through the Apple Discussion boards suggests that the malware campaign is targeting users of Apple's Safari browser, displaying warnings that the user's computer has been infected with viruses that only the unofficial MacDefender application can remove.

Continued : http://thenextweb.com/apple/2011/05/02/bogus-macdefender-malware-campaign-targets-mac-users-using-google-images/

Also:
Intego Security Memo - MAC Defender Fake Antivirus Program Targets Mac Users
Fake Anti-Malware App Targets Macs
Collapse -
Music with a Bit of Bredolab, Please!
by Carol~ Moderator / May 2, 2011 10:11 AM PDT
In reply to: NEWS - May 02, 2011

From BitDefender's Malware City Blog:

"You ordered music, but you got a Trojan. What kind of business is this?"

Malware bundled with spam is usually scarce compared to the "regular junk mail" we're processing here at BitDefender, but things go a little bit different around holidays. Last week I reported on the Facebook password reset stunt- today's campaign uses a pinch of social engineering to trick you into popping open an infected attachment.

So, here it comes:

In your inbox there's a little new message waiting for you. If you have ever purchased anything via the web, then you're probably familiar with its content - so familiar that the sudden urge of curiosity might hook you up and lure to double-click the attachment. Yes, it starts as a simple spam scam, but it doesn't stop there.

The message reads that you've just received "your" order confirmation. "What order?" you might think, and you would be right to ask yourself that, since you don't remember having placed any orders in the last couple of days.

What you don't know at this point is that the "successful order" message is phony, as in not attributed to any real order. It is just a scam that carries a deadly load instead of a receipt. Always busy and constantly multitasking justifies the absentmindedness with which you take this as genuine. [Screenshot]

Not recognizing the order, the date, the company, the sum of money are hints that ought to determine you not to open the attachment; because this e-mail has nothing to do with you.

Should you, however, click the link, than you are opening the second door towards malware: the payload a.k.a. the Gen:Variant.Bredo.21, a variant of the well-known Bredolab clan, a piece of malicious code I've been talking about in my previous blog posts.

Continued : http://www.malwarecity.com/blog/music-with-a-bit-of-bredolab-please-1063.html

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?