|
Information Security News PLEASE NOTE: We have made another change that we hope will provide you with more accessiblity and features by moving our newsletter to a Web 2.0 Blogging environment. You can get to our new version of the newsletter from our home page, or go directly there by following this link: DoIT Tech Talk All of our earlier postings are still available in our archives.
For more definitions check out our Glossary Bulletins posted 06/17/2010 Police bust massive global credit card fraud ring Police in 12 countries have arrested 178 individuals linked to an international credit card fraud ring. According to a statement from the Spanish Interior Ministry, the arrests were the result of a two-year investigation that included 84 raids carried out in France, Italy, Germany, Ireland, Romania, Australia, Sweden, Greece, Finland, Hungary and the United States. Angela Moscaritolo, SC Magazine Eastern European banks under attack by next-gen crime app Banks in Russia and Ukraine are under continued siege by criminal gangs wielding a sophisticated, next-generation exploitation kit that hacks the financial institutions' authentication system and then hits it with a denial-of-service attack. Feds block sale of crooks favourite messaging client AOL's sale of ICQ messaging software to Russian firm Digital Sky Technologies might yet be blocked by US authorities, which fear losing access to transcripts from the criminal fraternity's favoured messaging product. Bulletins posted 06/14/2010 Linux Trojan Raises Malware Concerns I've got good news and bad news for those of the misguided perception that Linux is somehow impervious to attack or compromise. Security Alert for Windows XP Users Microsoft is warning Windows XP and Server 2003 users that exploit code has been posted online showing attackers how to break into these operating systems remotely via a newly-discovered security flaw. Red Condor Detects Sophisticated One-Two Punch Malware Campaign Scammers using spoofed brands, social engineering, and phishing tactics to distribute malware on PCs via drive-by download. Bulletins posted 06/11/2010 Brute force script snatched iPad e-mail addresses The harvesting of over 100,000 iPad 3G owners' e-mail addresses was not a hack or a classic data breach, but a brute force attack of a minor feature AT&T offered to Apple customers, experts said Wednesday. Adobe Flash Update Plugs 32 Security Holes As promised, Adobe has released a new version of its Flash Player software to fix a critical security flaw that hackers have been exploiting to break into vulnerable systems. The update also corrects at least 31 other security vulnerabilities in the widely used media player software. Bulletins posted 06/09/2010 Apple launches Safari 5, patches record 48 bugs. Apple on Monday shipped the latest version of its Safari browser, patching a record 48 vulnerabilities, including one that a pair of hackers exploited in March to win a $15,000 prize. ZeuS Trojan Attack Spoofs IRS, Twitter, Youtube Criminals have launched an major e-mail campaign to deploy the infamous ZeuS Trojan, blasting out spam messages variously disguised as fraud alerts from the Internal Revenue Service, Twitter account hijack warnings, and salacious Youtube.com videos. Bulletins posted 06/04/2010 Tens of thousands of bots are cracking CAPTCHAs and joining websites in order to steal information, extort money Botnets increasingly are creating phony online accounts on legitimate websites and online communities in order to steal information from enterprises. This alternative form of targeted attack by botnets has become popular as botnet tools have made bots easier to purchase and exploit. Merrick Furst, botnet expert and distinguished professor of computer science at Georgia Tech, says bots are showing up "en masse" to customer-facing websites -- posing as people. Kelly Jackson Higgins, DarkReading
For more information on what a CAPTCHA is, visit: http://www.captcha.net/ Attempts to Infect Computers Increases Attempts to infect computers has increased more than 25 percent according to Kaspersky Lab. In the first three months of 2010, more than 327 million attempts were made to infect user computers in a variety of countries around the globe. From the previous quarter, this is an increase of 26.8 percent. Michael Cheek, thenewnewinternet ATM Skimmers: Separating Cruft from Craft ATM skimmers –or fraud devices that criminals attach to cash machines in a bid to steal and ultimately clone customer bank card data — are marketed on a surprisingly large number of open forums and Web sites. For example, ATMbrakers operates a forum that claims to sell or even rent ATM skimmers. Tradekey.com, a place where you can find truly anything for sale, also markets these devices on the cheap. Microsoft plans gigantic Patch Tuesday Microsoft today said it will deliver 10 security updates next week to patch a record-tying 34 vulnerabilities in Windows, Internet Explorer, Office and SharePoint. Bulletins posted 06/02/2010 What you don't know about your online reputation can hurt you Social networking, and the broader concept of online privacy, have been under some rather intense scrutiny over the past couple of weeks. The issues at Google--voracious indexer of all things Internet, and Facebook--the largest social network and number one most visited site (according to Google) have made many users more acutely aware of what information is available about them on the Internet. However, your online reputation is being used in ways you may not be aware of, and could cost you.
A reminder to be mindful of your activities on any social network. Security firm discovers spyware in MAC software Intego, makers of security and privacy apps for the Mac, warned on Tuesday that some Mac software include a new piece of invasive spyware. Macworld has obtained a preliminary list of the applications with the spyware. China chases US in latest supercomputer ranking China has finally achieved its ambition of becoming a calculating superpower with news that one of the country's supercomputers is now the second most powerful number-cruncher on earth. Bulletins posted 05/26/2010 Researcher finds new type of phishing attack A researcher has found a new method for carrying out phishing attacks "that takes advantage of the way that browsers handle tabbed browsing and enables an attacker to use a script running in one tab to completely change the content in another tab," according to ThreatPost. Michael Cheek, Thenewnewinternet.com Four-year-old rootkit tops the charts of PC threats With nearly 2 million infected systems cleaned, the nefarious Alureon rootkit comes out on top. Since it first appeared in 2006, Alureon (known in various incarnations as TDSS, Zlob, or DNSChanger) has morphed into a mean money-making marvel: a varied collection of Trojans most famous for their ability to invisibly take control of a PC's interactions with the outside world. Bulletins posted 05/24/2010 Security woes for Windows, McAfee, and Firefox The bugs keep marching in, with Microsoft, McAfee, and Mozilla all having to deal with serious security-related software problems in the past month. Embedded malware represents a new twist that makes PDF dangers even worse Attacks employing poisoned PDF files have leaped to the top of the threat list, according to statistics from major security companies. Symantec reports that suspicious PDF files skyrocketed in 2009 to represent 49 percent of Web-based attacks that the company detected, up from only 11 percent in 2008. The next-most-common attack, involving a good old Internet Explorer flaw, was far behind at 18 percent. New Threat For Wireless Networks: Typhoid Adware There's a potential threat lurking in your Internet cafe, say University of Calgary computer science researchers: Typhoid adware. Bugnets could spy on you via Mobile Devices Imagine sitting in a cafe and discussing the details of a business proposal with a potential client. Neither you nor the client has a laptop; you're just two people having a conversation. But unbeknownst to you, someone half a world away is listening to every word you say. Later, as you leave, you receive a text message referring to the proposal and demanding money in exchange for silence. Bulletins posted 05/21/2010 IBM red-faced after handing out infected USB drives You might get more than you bargained for if you attend a security conference. IBM shocked delegates at the Australian AusCERT conference in Queensland by handing out USB sticks infected with malware. The company was forced to write to delegates apologising for its error. "At the AusCERT conference this week, you may have collected a complimentary USB key from the IBM booth. Unfortunately we have discovered that some of these USB keys contained malware and we suspect that all USB keys may be affected." New Twitter Worm Abuses iPhone App Twitter's new iPhone app is being used as a lure for a new worm attack that ultimately steals a victim's financial credentials. The attack abuses Twitter trending topics -- a popular source of abuse -- but with a twist: Rather than installing fake antivirus software like most similar attacks, it installs a new banking Trojan that steals online banking accounts, credit card PIN numbers, and online payment system passwords, according to Kaspersky Lab. Kelly Jackson Higgins DarkReading Apple Ships Java Security Update Apple has pushed out an update that fixes at least 30 security vulnerabilities in its version of Java for Mac OS X systems. Brian Krebs - Krebs on Security Skimming device found on ATM at New Port Richey bank Detectives with the Pasco County Sheriff's Office are searching for a pair who placed a skimming device and a pin-hole camera on a New Port Richey, Florida bank's ATM machine Saturday, May 15 in an attempt to steal ATM card account numbers and pin codes.
A simple way to help ensure your PIN can't be seen by a camera is to cover the keypad with the opposite hand while entering the number. Use this process at any device which requires the PIN input (grocery, gas station, bank, etc.). Oracle to acquire database security firm Secerno Oracle will acquire Secerno, which makes firewall products for databases that protect against hackers and data breaches, the companies said Thursday. Bulletins posted 05/19/2010 USB worm named biggest PC threat A worm that is spreading via USB flash drives has been named the biggest security threat to PC users by McAfee. By Carrie-ann Skinner, PC Advisor UK
Always scan USB devices when plugging them into your computer. NOTE: City users - McAfee does this on our machines. Microsoft warns of bug in 64-bit Windows 7 Microsoft today warned users of a vulnerability in the 64-bit versions of Wndows 7 and Windows Server 2008 R2 that could be used to hijack systems. Symantec to buy Verisign security unit Security vendor Symantec Corp. is reported to be close to buying Internet infrastructure services vendor VeriSign Inc.'s security business for $1.3 billion. Bulletins posted 05/17/2010 Facebook IDs hacker who tried to sell 1.5M accounts Facebook has identified the hacker named Kirllos who tried to sell 1.5 million Facebook accounts recently in underground hacking forums. According to investigators at the social networking site, the hacker is guilty of both hacking and hyperbole. Kirllos was first spotted by researchers at VeriSign's iDefense group a few weeks after he claimed to have an unusually large number of Facebook accounts for sale at rock-bottom prices. According to VeriSign, Kirllos wanted between $25 and $45 per 1,000 accounts, depending on the quality of the Facebook user's connections. Kirllos appeared to have sold close to 700,000 accounts, although nobody knew for sure if his claims were legitimate, according to VeriSign's Director of Cyber Intelligence. By Robert McMillan - Network World Tool lets Twitter be used to control botnet Researchers have discovered a simple-to-use program that can be used to send botnet commands from Twitter. The builder tool, dubbed Trojan.Twebot by Symantec, allows the creator to construct a copy of the trojan and specify a particular Twitter account to be associated with it.
A reminder to be mindful of your activities on any social network. IE6 past its expiration date Microsoft is urging users to dump the aged Internet Explorer 6 (IE6) with a campaign that claims the browser is past its expiration date. Bulletins posted 05/12/2010 Windows 7 'compatibility checker' is a Trojan Scammers are infecting computers with a Trojan horse program disguised as software that determines whether PCs are compatible with Windows 7. The attack was first spotted by BitDefender May 9 and is not yet widespread; the antivirus vendor is receiving reports of about three installs per hour from its users in the U.S. But because the scam is novel, it could end up infecting a lot of people due to the interest in Windows 7. By Robert McMillan, IDG News Service - Network World Microsoft, Adobe Push Critical Security Updates Microsoft Corp. and Adobe Systems each released security updates on Tuesday. Microsoft issued two “critical” patches that address one security flaw apiece, while Adobe’s patches fix a whole mess of serious vulnerabilities in its software. One of the critical updates pushed by Microsoft fixes a flaw in Outlook Express, Windows Mail and Windows Live Mail. On older versions of Windows (Windows XP for example) Outlook Express is installed by default, while Windows Mail and Windows Live Mail generally require users to affirmatively download and install the program.
We recommend applying patches as soon as possible if you use these products. Brian Krebs - Krebs on Security Phishing scheme targets Apple gift cards Hackers have constructed a bogus Web site designed to steal the account numbers and PINs of gift card holders. This latest consumer phishing scam uses a typosquatted Web site disguised as an official Apple site to trick users into entering their card numbers and PINs in order check the available balance on gift cards for Apple products. The scam is just the latest in a line of sophisticate phishing attacks that has security software companies and law-enforcement agencies urging consumers to take their time and pay close attention to where they are actually conducting transactions to avoid being ripped off. Bulletins posted 05/10/2010 Microsoft plans two patches, no SharePoint fix Microsoft is planning a light patch load for next week, the software giant announced Thursday. Due to timing, the company was unable to produce a fix for a recently disclosed SharePoint vulnerability. We recommend applying patches as soon as possible if you use these products.
Critical zero-day flaw found in Apple's Safari browser A “highly critical” zero-day vulnerability has been discovered in Apple's Safari web browser, according to Danish vulnerability tracking firm Secunia. Angela Moscaritolo - SC Magazine Microsoft plans two patches, no SharePoint fix Microsoft is planning a light patch load for next week, the software giant announced Thursday. Due to timing, the company was unable to produce a fix for a recently disclosed SharePoint vulnerability. We recommend applying patches as soon as possible if you use these products.
Bulletins posted 05/10/2010 Critical zero-day flaw found in Apple's Safari browser A “highly critical” zero-day vulnerability has been discovered in Apple's Safari web browser, according to Danish vulnerability tracking firm Secunia. Angela Moscaritolo - SC Magazine Microsoft plans two patches, no SharePoint fix Microsoft is planning a light patch load for next week, the software giant announced Thursday. Due to timing, the company was unable to produce a fix for a recently disclosed SharePoint vulnerability. We recommend applying patches as soon as possible if you use these products.
FTC warns against credit-card, interest-rate reduction scams U.S. consumers are being inundated with prerecorded "robocalls" from companies claiming they can negotiate lower credit-card interest rates - for a fee. The Federal Trade Commission urges extreme skepticism about these offers, because many of them are fraudulent. In a new consumer alert, Credit Card Interest Rate Reduction Scams, the FTC said consumers have just as much clout with their credit card issuers as these companies do. It urges consumers to avoid paying middlemen, and negotiate directly with the credit-card companies. We have received these calls even within City offices, so they are becoming ubiquitous. Please be very wary of these scams and warn your vulnerable friends and relatives.
Backdoor malware targets Apple iPad Apple iPad users are being warned of an email-borne threat which could give hackers unauthorized access to the device. The technology writer for anti-virus firm BitDefender, wrote in a blog post Monday that the threat arrives via an unsolicited e-mail urging the recipient to download the latest version of iTunes as a prelude to updating their iPad software. "A direct link to the download location is conveniently provided. As a proof of cyber-crime finesse, the Web page the users are directed to is a perfect imitation of the one they would use for legitimate iTunes software downloads," the writer said. "Unfortunately for these users, following the malicious link means opening up a direct line to their sensitive data, as instead of the promised iTunes update they get malware on their systems." The Backdoor.Bifrose.AADY malware opens up a back door which could let the perpetrator gain unauthorized access to the device, warned the technology writer. It also tries to read the keys and serial numbers of the software installed on the device, and logs the passwords to any Webmail, IM or protected storage accounts.
iPads and other new technologies will soon be the new attack vector du jour. If you bought one of these fun new toys, make sure it is protected with good antivirus and be wary of these types of scams. Latest phishing scam hides behind BetterBusiness Bureau (BBB) name Scammers are taking the Better Business Bureau's name in vain, in yet anther version of the phishing scam, according to the agency's Pacific Northwest office. The scammers are sending out fake complaint notices to businesses that purport to be from the BBB. The e-mails use the return address of seatac@bbb.org and the subject line refers to a "BBB Complaint Case" followed by a nine-digit number. The e-mails claim that the company receiving the "notice" has not responded to a complaint, the real BBB says. The e-mails ask companies to "click and download" the complaint. If someone at the company does this, their computer is infected with a virus, according to the BBB. "We believe this virus hacked into each computer, stealing personal information like passwords, access to personal e-mail accounts, etc.," said the vice president of marketing for the regional BBB. The BBB for Oregon, western Washington and Alaska says that these notices have been sent to both businesses that are accredited by the BBB and those that are not.
We have seen similar scams from the IRS, DHS, etc. It is very unlikely that any of these organizations would ever contackt someone via email. You should NEVER click on a link or open an attachment unless you are absolutely sure it is legitimate. The Register Guard - Ilene Aleshire Twitter issues alert about phishing scam Twitter issued a warning April 23 about phishing e-mails that tell users they have unread messages on the micro-blogging site. The e-mails, coming from a support@twitter.com e-mail address, tell members they have unread, delayed, or undelivered messages, and ask them to click a link in the e-mail to view the mystery messages. Twitter denied sending out the e-mails. The e-mail itself does not appear to contain malware, Twitter said. The link in the e-mail actually takes users to a pharmaceutical site, though to get to that site, users are re-routed through several other sites, which could contain malware. "We're actively pursuing measures to get these sites shut down; in the meantime, we recommend that you not click on the link and instead just delete any such e-mails you receive," Twitter said.
OK - In case you haven't heard this enough - DON'T CLICK ON LINKS IN EMAIL! Watch out for these types of scams coming from popular sites like Twitter and Facebook, etc. Website Contact: Bryant Bradbury
|
