Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - October 27, 2014

Oct 27, 2014 1:23AM PDT
Facebook and Yahoo team up to block account hijackings via recycled accounts

Remember the Very Bad Idea of giving away dormant account user names that Yahoo came up with last year?

We didn't like it. Nor did other security-minded people, who pointed out that attackers could request a password reset email from popular websites - say, Google or Facebook - in order to hijack the accounts belonging to the original Yahoo account owner.

It came as no surprise when in short order the new holders of the old accounts reported that they were still receiving mail meant for the accounts' previous owners.

Continued: http://nakedsecurity.sophos.com/2014/10/27/facebook-and-yahoo-team-up-to-block-account-hijackings-via-recycled-accounts/

Related:
Facebook, Yahoo Curb Identity Theft with New Email Ownership Header
How Facebook prevents account hijacking when old email addresses are recycled

Discussion is locked

- Collapse -
Verizon's 'Perma-Cookie' Is a Privacy-Killing Machine
Oct 27, 2014 1:37AM PDT

Verizon Wireless has been subtly altering the web traffic of its wireless customers for the past two years, inserting a string of about 50 letters, numbers, and characters into data flowing between these customers and the websites they visit.

The company—one the country's largest wireless carriers, providing cell phone service for about 123 million subscribers—calls this a Unique Identifier Header, or UIDH. It's a kind of short-term serial number that advertisers can use to identify you on the web, and it's the lynchpin of the company's internet advertising program. But critics say that it's also a reckless misuse of Verizon's power as an internet service provider—something that could be used as a trump card to obviate established privacy tools such as private browsing sessions or "do not track" features.

Continued: http://www.wired.com/2014/10/verizons-perma-cookie/

Related: Verizon Wireless injects identifiers that link its users to Web requests

- Collapse -
Court pulls plug on multimillion $ fake Microsoft operation
Oct 27, 2014 1:37AM PDT
Court pulls plug on multimillion dollar fake Microsoft support operation

A US federal district court has ordered the shut down of a tech support operation said to have deceptively earned $2.5m from consumers.

A New York federal court on Friday ordered the shutdown of telemarketing firm incorporated in the state, accused by the Federal Trade Commission (FTC) of selling bogus software and support under false claims that consumers' PCs were loaded with viruses, spyware, and system errors.

The injunction was granted in the absence of the accused company and its chief operators ahead of a trial to be decided by a court at a later date. The court on Friday also ordered a freeze on the defendants' assets to ensure restitution funds are available in the event the FTC wins its case.

Continued : http://www.zdnet.com/court-pulls-plug-on-multimillion-dollar-fake-microsoft-support-operation-7000035075/
- Collapse -
Google Temporarily Flags Bit .ly Links as Malicious
Oct 27, 2014 1:38AM PDT

Over the weekend, numerous users noticed that Google was blocking them from accessing websites behind Bit .ly shortened links because they presumably contained malware.

The situation has now been addressed, but it's uncertain why Google's Safe Browsing, the service that protects Internet users against phishing and malware attacks, flagged the links as being malicious in the first place.

"Of the 91854 pages we tested on the site over the past 90 days, 735 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-10-26, and the last time suspicious content was found on this site was on 2014-10-26," a report on the Google Safe Browsing website shows. "Malicious software includes 199 trojan(s), 188 exploit(s), 152 scripting exploit(s). Successful infection resulted in an average of 3 new process(es) on the target machine."

Continued : http://www.securityweek.com/google-temporarily-flags-bitly-links-malicious

Related: Google blocking all bit .ly links as malicious [now fixed]

- Collapse -
'Replay' Attacks Spoof Chip Card Charges
Oct 27, 2014 1:38AM PDT

An odd new pattern of credit card fraud emanating from Brazil and targeting U.S. financial institutions could spell costly trouble for banks that are just beginning to issue customers more secure chip-based credit and debit cards.

Over the past week, at least three U.S. financial institutions reported receiving tens of thousands of dollars in fraudulent credit and debit card transactions coming from Brazil and hitting card accounts stolen in recent retail heists, principally cards compromised as part of the breach at Home Depot.

The most puzzling aspect of these unauthorized charges? They were all submitted through Visa and MasterCard's networks as chip-enabled transactions, even though the banks that issued the cards in question haven't even yet begun sending customers chip-enabled cards.

Continued : http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/

Related : Bugs lead banks to approve fake EMV transactions

- Collapse -
Researcher Finds Tor Exit Node Adding Malware to Binaries
Oct 27, 2014 1:38AM PDT

A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services.

Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. Downloading any kind of file from the Internet is a dodgy proposition these days, and many users know that if they're downloading files from some random torrent site in Syria or The Marshall Islands, they are rolling the dice. Malware runs rampant on these kinds of sites.

Continued : http://threatpost.com/researcher-finds-tor-exit-node-adding-malware-to-binaries/109008

Related : Rogue Tor node wraps executables with malware

- Collapse -
New Online Ebola Alert Tool is Anything But
Oct 27, 2014 1:59AM PDT

"Malwarebytes Unpacked" Blog:

Craig Spencer, a doctor from New York City, is the fourth and latest person diagnosed with Ebola in the U.S after arriving from Guinea.

More news of infection outside Africa such as this could further fuel the ever-increasing fear and anxiety for one's own life and well-being, especially in terms of how one interacts with the outside world. People are trying to be more careful in their dealings than usual, always wanting to be on the know about the latest happenings. This is why Web threats banking on perennial hot topics like Ebola could be effective lures against users, especially in the long run.

Not so long ago, spam posing as an email from the World Health Organization (WHO), discovered by our friends at Trustwave, to carry a document containing information on how one can be safe from the deadly disease, which turns out to be a DarkComet RAT malware.

Recently, we found ebolawarnings(dot)com, a domain claiming to offer an early warning system tool that can alert the user of any Ebola outbreaks near their area. [Screenshot]

Continued : http://blog.malwarebytes.org/online-security/2014/10/new-online-ebola-alert-tool-is-anything-but/