TechBlog

Symantec Connect: Customers of popular email service providers have been a common target for phishers for identity theft purposes. Phishers are constantly devising new phishing bait strategies in the hope of stealing user email addresses and passwords. In April 2012, Symantec observed phishing pages that mimicked popular email services in an attempt to dupe users with attractive storage plans. Customers were flooded with fake offers of free additional storage space for services such as email, online photo albums, and documents. In the first example, the phishing site was titled “Welcome to New [BRAND NAME] Quota Verification Page”. According to the bogus offer, the additional storage plan ranged from 20 GB to 1 TB per year, at no extra cost. The phishing page boasted that the free additional storage plan will help customers prevent loss of data and the inability to send and receive emails due to exhausted storage space. It also stated that the plan will auto-renew each year and the customer can choose to cancel at any time by returning to the same page: ...

Cross-posted from SophosLabs: A popular Firefox add-on appears to have started leaking private information about every website that users visit to a third-party server, including sensitive data which could identify individuals or reduce their security. Naked Security reader Rob Sanders alerted us to the activities of the recently updated ShowIP add-on for the Firefox browser. According to the description on the Mozilla add-ons website, ShowIP is designed to “show the IP address(es) of the current page in the status bar. It also allows querying custom information services by IP (right click) and hostname (left click), like whois, netcraft, etc. Additionally you can copy the IP address to the clipboard.” ...

The H-Online: Google has released a new update to the stable 18.x branch of its Chrome web browser to close a number of security holes found in the application. The update, labelled 18.0.1025.168, addresses a total of five vulnerabilities, three of which are rated as “high severity” by the company. These include use-after-free problems in floating point handling and the XML parser; all of these bugs were detected using the AddressSanitizer. As part of its Chromium Security Vulnerability Rewards program, Google paid a security researcher by the name of “miaubiz”, who is number three in the company’s Security Hall of Fame, $1,000 for discovering and reporting one of the float handling problems. Two medium risk problems related to IPC validation and a race condition in sandbox IPC have also been corrected. ...

The H-Online: According to a blog post, a modified version of the Skype VoIP software can be used to easily find out the IP address of any valid Skype user. No contact has to be made with the user in order to get the information. This IP could then be used to find out other personal details about the user, such as their location or even their employer. With a certain registry key, the manipulated version of Skype will create a log file with information including other users’ external and internal IP addresses. These IPs can be retrieved simply by opening up a user’s profile with the Skype client. In a test conducted by The H’s associates at heise Security, the log file always showed the correct IPs – and when a user was logged in with multiple clients, the IP addresses for all the clients were visible. ...

H-Online: Soon, users running Firefox 3.6.x will start being automatically upgraded to the current version 12.0 release of the open source web browser. The plan to auto-update these users has been being discussed since the end of March, when Mozilla Release Manager Alex Keybl proposed the move on a Mozilla planning discussion thread. According to Keybl, Firefox 3.6.x users with updates enabled should start being upgraded in early May – the specific date has yet to be confirmed. The 3.6.x branch of Firefox, the first release of which arrived in January 2010, reached its end of life last week on 24 April; the last update to the 3.6 series was version 3.6.28 from early March. ...

Corss-posted from ZDNet: Summary: Cyber criminals have created a fake Biophilla app for Android that is really just malware in disguise. Your first red flag should be that Biophilla is officially available on iOS, but not on Android. During April alone, we’ve already seen malicious versions of Angry Birds Space and Instagram in the wild. Both are Android apps that are really just malware designed to generate money from unsuspecting users by sending expensive international text messages. Now the same is happening with the popular Biophilla app. ...

gHacks: Dropbox has just released a stable update that brings all desktop clients of the file synchronization and hosting service to 1.4. Feature-wise, it is not really a big change to previous versions, especially not so if you have been running experimental versions of the client before. When you look at the new feature set, you will notice that photo import from cameras, phones and SD cards is on top of that list. This is followed by a new batch upload and download option for files, and smaller cosmetic changes, like a fix for the missing camera upload icon on Mac OS X, or new tour screens for first time users. ...

The H-Online: The PHP developers have released the first update for PHP 5.4, the latest version of their popular scripting language, and an update to PHP 5.3, the older stable branch of the language. The developers say “All users of PHP are strongly encouraged to upgrade” to the new releases. PHP 5.4.1 has more than 20 bug fixes, including some related to security. One security bug concerned insufficient validating of the an upload name, which then led to corrupted $_FILES indices. Another notable change was open_basedir checks being added to readline_write_history and readline_read_history. ...

The H-Online: The whitec0de.com blog reports that, for $20, a member of a hacker forum offered to crack any Hotmail account within a minute – and that he kept his word. Apparently, the hacker found out about a critical vulnerability in Microsoft’s email service on a security forum, and the hole allowed him to change the passwords of arbitrary Hotmail users. The blog says that various users were affected as a result, for example because they used their Hotmail accounts to access services such as PayPal. Allegedly, the vulnerability was also exploited to change the ownership of particularly attractive, short account names such as [email protected] and [email protected]. ...

Cross-posted from BetaNews: Following on from the release of Firefox 12 FINAL, Mozilla has updated its developmental branches to versions 13 (Beta), 14 (Aurora) and 15 (Nightly/UX), respectively. Those looking for major changes in version 12 will may be disappointed, but future builds promise a number of radical new features, including redesigned Home and New Tab pages, plus panel downloads manager and inline preferences screen. Get a head’s up on what’s coming and discover which build is best for your personal needs with our essential guide to what’s coming up in the near future for Mozilla’s open-source, cross-platform browser. ...