Spyware, Viruses, & Security forum


NEWS - November 13, 2012

by Carol~ Moderator / November 13, 2012 5:02 AM PST
OpenDNS Extends Company Security to Mobile Devices

OpenDNS is best known for its free secure DNS (Domain Name System) service. Consumers using OpenDNS can feel confident they won't be diverted to dangerous sites by a DNS poisoning exploit or similar attack, and parents can prevent access to inappropriate sites by any device on the home network. With the release of the new Umbrella service, OpenDNS offers a fast, secure connection option for businesses.

OpenDNS CEO David Ulevitch explained that while modern workers are fully mobile, IT has failed to adapt. "They put firewalls around the castle," said Ulevitch, "but people are not in the castle... Leaving protection to security software at the endpoint is not good for the enterprise. When employees go on the road, network security doesn't follow them."

Continued : http://securitywatch.pcmag.com/none/304938-opendns-extends-company-security-to-mobile-devices

Also: OpenDNS introduces VPN and content filtering for mobile devices
Discussion is locked
You are posting a reply to: NEWS - November 13, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - November 13, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
McAfee Security founder wanted for murder in Belize
by Carol~ Moderator / November 13, 2012 5:06 AM PST

"John McAfee left firm 20 years ago, moved to Belize to evade US lawsuit."

John McAfee, the man who originally founded McAfee Security, is now wanted for murder in Belize. He has been named as the prime suspect in the death of another American expat, Gregory Faull, who was shot and killed in his home Saturday evening in San Pedro Town, off the Belizean mainland.

Ars e-mailed and called the American embassy in Belmopan, the Belizean capital, to find out if McAfee had requested or received consular assistance, but embassy officials have not yet replied.

As Gizmodo and others have been reporting on for years, the murder suspect has been something of an eccentric adventurer and entrepreneur. He was effectively forced from the company he founded in the early 1990s, but he managed to take in around $100 million in the process. Since then, among other things, he pioneered something called "aerotrekking," a short-lived thrill "sport" of sorts that involves high-speed low-altitude flying over the desert with hang gliders outfitted with engines.

In 2006, McAfee was charged with a wrongful death lawsuit in an aerotrekking accident that left a man named Robert Gilson dead.

Continued : http://arstechnica.com/tech-policy/2012/11/mcafee-security-founder-wanted-for-murder-in-belize/

Murder Suspect John McAfee: I'm Innocent
Antivirus founder John McAfee sought after neighbour murdered
Audio: McAfee, Still in Hiding, Predicts 'They Will Track Me Down'

Collapse -
Malware Spy Network Targeted Israelis, Palestinians
by Carol~ Moderator / November 13, 2012 5:07 AM PST

Researchers in Norway have uncovered evidence of a vast Middle Eastern espionage network that for the past year has deployed malicious software to spy on Israeli and Palestinian targets.

The discovery, by Oslo-based antivirus and security firm Norman ASA, is the latest in a series of revelations involving digital surveillance activity of unknown origin that appears designed to gather intelligence from specific targets in the Middle East.

Norman's experts say the true extent of the spy network came into focus after news of a cyber attack in late October 2012 that caused Israeli authorities to shut down Internet access for its police force. According to press reports, that incursion was spearheaded by a booby-trapped email that was made to look as if it was sent by Benny Gantz, the chief of general staff of the Israel Defense Forces.

Security vendor Trend Micro suggested that the initial target of that attack were systems within the Israeli Customs agency, and said the malware deployed was a version of Xtreme RAT, a Remote Access Trojan that can be used to steal information and receive commands from a remote attacker. According to Trend, the latest iterations of Xtreme Rat have Windows 8 compatibility, improved Chrome and Firefox password grabbing, and improved audio and desktop capture capabilities features.

Continued : http://krebsonsecurity.com/2012/11/malware-spy-network-targeted-israelis-palestinians/

Collapse -
Monday review: the hot 20 stories of the week
by Carol~ Moderator / November 13, 2012 5:07 AM PST

From the Sophos Naked Security Blog:

It's weekly roundup time - here's everything we published in the last seven days.

Hacking and scams

A million dollars, the Internet Crime Complaint Center and Naked Security - the ingredients for a scam

"Free $100 McDonald's Gift Card" is a Facebook scam

Law and order

How to report a computer crime: malware by email

US cop awarded $1 million over randy officers' illegal use of license database as a private Facebook

Malware and exploits

Trojan horse designed to steal your photos

Adobe Reader zero-day exploit thwarts sandboxing

HR departments at risk of malware infection after unemployment benefits email spammed out

Mobile devices

Losing a phone or device REALLY sucks [INFOGRAPHIC]

Mobile phone theft on the rise - here's how to protect your data for free

Android Jellybean to scan apps for malware, and warn of expensive SMS scams

OS and software

Critical Flash updates delivered early, be sure to update now

Did you buy a Microsoft Surface? Here come the first critical security patches

Google updates Chrome, finally adds Do Not Track feature

Privacy and online safety

Credit card fraud - want to join the party?

Does Snapchat offer safe sexting from smartphones, or a false sense of security?

Email: the forgotten security problem

Social networks

US Election voting booth hoax spreads on Facebook

Tipsy Twitter apologises for password reset frenzy, but a real hack sparked it

General interest

Wall of Fame for the #sophospuzzle - see who solved it and how fast

Sophos products and Tavis Ormandy


Collapse -
Fake AmEx alert leads to hard-to-detect malware
by Carol~ Moderator / November 13, 2012 5:41 AM PST

American Express customers are often targeted with malware-laden or phishing emails, mostly because when it comes to money and the potential loss of it, people automatically become anxious and are more likely to overlook otherwise obvious signs that the emails are faked.

The latest bogus AmEx email to hit inboxes is a warning about an aborted transaction / terminated incoming transfer: [Screenshot]

Unfortunately, all of the links included in the email will take the worried user to one of many compromised websites hosting the Blackhole exploit kit.

The kit then exploits an Adobe Reader and Acrobat vulnerability to drop an information-stealing Trojan onto the victim's machine.

According to Webroot, when this malicious campaign was first spotted and analyzed more than a week ago, the malware in question was detected only by two of the 43 AV solutions used by VirusTotal. Since then that number has reached 15, but that is still a very poor detection rate.

Continued : http://www.net-security.org/malware_news.php?id=2315

Collapse -
Twitter unintentionally resets thousands of passwords
by Carol~ Moderator / November 13, 2012 5:41 AM PST

On Thursday, numerous Twitter users received an email saying that their Twitter accounts may have been compromised and that their passwords had been reset as a precautionary measure to prevent unauthorised access. These users found that the email was genuine, as their passwords were not accepted the next time they attempted to log into the micro-blogging service. However, many of the password resets weren't actually triggered by a hacker attack; they were, say Twitter, "unintentionally" done.

The company said that it did suspect that several accounts had been compromised, but that during the execution of their routine security processes "a larger number of accounts, beyond those that we believed to have been compromised" were also reset. Twitter has not disclosed how many passwords were reset in total, however, according to the BBC News web site, the blunder affected thousands of users; usually, the company's response is justified. Even while the unintentional password reset mails were being sent out, intruders hacked the Twitter account belonging to the TechCrunch news site to send spam links out to the account's almost 2.5 million followers.


Also: Twitter Resets More Passwords Than Accounts Hacked

Collapse -
Ransomware: How to Earn $33,000 Daily
by Carol~ Moderator / November 13, 2012 5:41 AM PST

From the Symantec Security Response Blog:

Ransomware is a type of malicious software that disables the functionality of a computer in some way and demands a ransom in order to restore the computer to its original state. Recent variants use law enforcement imagery to add legitimacy to the warning messages. The malware uses geo-location services to determine the location of the computer it is running on and then, after locking the computer displays a message appropriate to that country. The message usually claims that the user has broken the law by browsing some illegal material. Figure 1 is an example of a ransomware variant that displays a message claiming to be from the FBI. [Screenshot]

The message states that in order to unlock the computer, "a fine" must be paid using one of several prepaid electronic money schemes. The fines can range from €50 to €100 in Europe, and up to $200 in the US.

Ransomware has been in existence since 2009 and initially targeted users in Russia and Eastern Europe. It has since become a global problem, spreading first throughout Europe and, in more recent months, has begun targeting users in North America. At least 16 different versions of ransomware have been identified over the past year and a half. Each version is not an 'upgrade' from a previous version, but rather a unique variant, associated with a separate gang. These gangs have independently developed, or bought, their own different version of ransomware. The gangs are not new to cybercrime; they have been associated with other threats and scams in the past such as banking Trojans and rogue antivirus programs. Ransomware has now become a more lucrative enterprise for them.

Continued : http://www.symantec.com/connect/blogs/ransomware-how-earn-33000-daily

Related: Mushrooming ransomware now extorts $5 million a year

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!