Alert

NEWS - May 31, 2011

Fake Firefox warnings lead to scareware

Purveyors of fake security software don't let much grass grow under their feet and continually make improvements to their social engineering lures.

While most of the talk for the past month has been their move to Mac with fake Finder pop-ups that appear to scan your computer, they haven't stopped innovating on Windows either.

Their latest scam? They detect your user-agent string from your web browser and display a fake Firefox security alert if you are using the Mozilla Firefox web browser. [Screenshot]

Internet Explorer users get the standard "My Computer" dialog that appears to do a system scan inside their browser window.

Taking advantage of detailed information about the person's computer and software allows for a much more specific, believable social engineering attempt.

We are likely to continue to see these criminals targeting each operating system, browser and any other details that can be gleaned from HTTP requests sent from our devices.

If you click the "Start Protection" button you will download the latest, greatest fake anti-virus program which will perform exactly the way you would expect a fake anti-virus program to.

Continued : http://nakedsecurity.sophos.com/2011/05/30/fake-firefox-warnings-lead-to-scareware/
Discussion is locked
Follow
Reply to: NEWS - May 31, 2011
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: NEWS - May 31, 2011
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Democratic Party of Hong Kong Website Compromised and..
Democratic Party of Hong Kong Website Compromised and Serving Spyware

The Democratic Party of Hong Kong's website was compromised and malware uploaded to the web server. Interestingly, the server was distributing malicious flash and spyware nearly identical to the compromised UK Amnesty International servers at the beginning of this month. The server is being cleaned up. [Screenshot]

The english version of the website did not include injected iframe links pointing to the exploit.html page, which in turn delivers three different version-appropriate malicious variants of flash detected by Kaspersky as "Exploit.SWF.CVE-2011-0611". The malicious flash was 0day at the beginning of this month, and will be effective on unpatched systems.

While it's interesting that the security team researching the previous incident thought that the technique for delivering the payload to the hard drive is deserving a new term "drive-by caching", it's also incorrect to think that security products are given a higher bar to hurdle in preventing the attack because of the minor tweak - Kaspersky's detection and prevention for the 0day flash files was released weeks before the Adobe patches. In other words, the attacks are being stopped just the same by Kaspersky products. [Screenshot]

Continued : http://www.securelist.com/en/blog/208188089/Democratic_Party_of_Hong_Kong_Website_Compromised_and_Serving_Spyware
- Collapse -
Aus govt gets cracking on cyber threats

Australians might not have decent security disclosure laws or privacy protection, but the government has finally noticed that its agencies might need guidelines about secure storage of citizens' data.

Launching the government's National Cyber Security Awareness Week , federal attorney-general Robert McClelland said new security measures were being developed and would be rolled out later this year. "The guidelines, which model best practice, require agencies to take steps to ensure that electronic information held is accessed, shared and stored in a secure way," he said.

The A-G added that the onus is not just on government but the private sector to ensure that personal information is protected.

"The Australian Government has made cyber security a top national security priority and has invested significantly in enhancing Australia's cyber security capabilities. Cyber security is a shared responsibility and Awareness Week demonstrates how the public and private sectors can work together towards helping Australians be safe and secure online," he added.

Continued : http://www.theregister.co.uk/2011/05/30/govt_cyberthreat_alert/

Related: What do we need to do to reach "cybersecurity awareness"?

- Collapse -
U.S., U.K. conclude cyberwar a facet of regular war

Statements from the United States and United Kingdom military this week indicate those organizations are more comfortable voicing an idea I find blindingly obvious: cyberwar is war.

First came news yesterday in the Guardian that the U.K. is developing offensive weapons that could be used in attacks on computing systems as "an integral part of the country's armory."

Then, today, the Wall Street Journal reported the U.S. will consider responding with traditional military might to an attack on its computing infrastructure. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," it quoted an unnamed military official as saying.

In context, the views are unsurprising. The Stuxnet virus apparently was aimed at Iranian nuclear operations other countries believe are military in nature, and defense contractor Lockheed Martin confirmed that it was the target of a cyberattack. And the armed forces, beholden to budgetary largesse during a time when governments are tightening the purse strings, can directly benefit from the prospect of new threats.

Continued : http://news.cnet.com/8301-30685_3-20067465-264.html

- Collapse -
Sony PlayStation Network to Be Fully Restored by Weekend

Sony plans to restore all its PlayStation Network services by this weekend in all regions except Japan, South Korea, and Hong Kong, the company said Tuesday.

Sony will also resume its Music Unlimited service on its Qriocity audio and video streaming service for the PlayStation3 (PS3) and PlayStation Portable (PSP) gaming platforms, Vaio laptops and other PCs.

Details for Japan, Hong Kong, and South Korea, as well as for the remaining services on Qriocity, will be announced as they become available.

Sony pulled the plug on the PlayStation Network and Qriocity service on April 20, a day after detecting what it later called a "very sophisticated" intrusion. The cyber attacks exposed personal data of about 77 million users.

The first phase of PlayStation Network and Qriocity restoration began on May 15 in the Americas, Europe, and some other countries, followed last Saturday by Japan and some Asian countries, Sony said. South Korea and Hong Kong were not covered in this first phase of restoration. In the first phase, users were able to access to some of the services such as playing online games, account management, friend lists and chat functionality.

Continued : http://www.pcworld.com/businesscenter/article/228992/sony_playstation_network_to_be_fully_restored_by_weekend.html

CNET Forums