TechBlog

Scam for FC Barcelona Fans

Published: March 13, 2012 Reading Time: 2 min

Symantec Connect: Phishers often choose baits with the motive of targeting a large audience. Using popular celebrities as bait is a good example. Phishers understand that choosing celebrities with a large fan base would target the largest audience and supply more duped users. This month phishers are using the same strategy but, instead of targeting a popular celebrity, they associated their phishing site with the popular FC Barcelona football club. FC Barcelona is the world’s second richest football club and has a large fan following. The phishing site, hosted on a free web hosting site, has since been removed and is no longer active. However, though phishing sites are frequently short-lived, internet users should be aware that other phishing sites using this or a similar template could easily be encountered in future. ...

Continue Reading

Critical vulnerabilities in XnView fixed

Published: March 13, 2012 Reading Time: 1 min

The H-Online: Version 1.98.8 of the popular XnView image viewer and converter has been released to close security holes in the software. According to an advisory from security service provider Secunia, the update addresses three “highly critical” vulnerabilities that could be exploited by an attacker to execute arbitrary code and compromise a victim’s system. These include a stack-based buffer overflow caused by a boundary error when parsing a directory name while browsing folders such as those from an extracted archive file, and, a heap-based buffer overflow when processing image content using the FlashPix plugin (Xfpx.dll). A second heap-based buffer overflow caused when processing image data in Personal Computer eXchange (PCX) files has also been fixed. For an attack to be successful, a user must first open a specially crafted file. ...

Continue Reading

Safari update closes security holes

Published: March 13, 2012 Reading Time: 2 min

Apple has released version 5.1.4 of its Safari web browser for Windows and Mac OS X. According to the company, the maintenance and security update addresses more than 80 vulnerabilities. The update also includes includes various stability and performance improvements as well as fixes for other non-security related bugs. A majority of the security holes closed in 5.1.4 were found in the WebKit browser engine used by Safari. These include several cross-site scripting (XSS), cross-origin and HTTP authentication problems, as well as numerous memory corruption bugs that could be exploited by an attacker, for example, to cause unexpected application termination or arbitrary code execution. ...

Continue Reading

Firefox 11 release postponed due to security issues [Updated]

Published: March 13, 2012 Reading Time: 2 min

H-Online: The Firefox team has announced that they are postponing the release of Firefox 11, originally planned for today, because of a security report which the team wants to evaluate to make sure the issue will not impact on their code. Jonathan Nightingale, Mozilla’s Senior Director of Firefox Engineering, also Microsoft’s monthly Patch Tuesday security update, also scheduled for today, as a reason to hold back on releasing the new Firefox version. ...

Continue Reading

Phishers Dislike Facebook Timeline

Published: March 10, 2012 Reading Time: 2 min

Symantec Connect: Phishers regularly introduce new types of fake applications with the motive of improving their chance to harvest user credentials. In February 2012, Symantec observed a phishing site recommending a fake application that allegedly removes “Timeline” profile for Facebook users. The phishing site was hosted on a free web hosting site. The phishing site embedded the Facebook Timeline promotion video from YouTube, with the claim “Remove Timeline Now”. According to this phishing site, users will have their “Timeline” removed from their Facebook profile and get back their old profile page—only after they enter their login credentials. To make the fake application look more authentic, phishers added that it was protected by an antivirus product with the logo of the antivirus brand placed below the login form. After user credentials are entered, the phishing page redirects to a page which displays a screenshot from the Facebook Timeline promotion video. If users fell victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes. ...

Continue Reading

Microsoft's Patch Tuesday will close a critical Windows vulnerability

Published: March 10, 2012 Reading Time: 1 min

The H-Security: Next week’s Patch Tuesday sees Microsoft planning to publish a total of six bulletins, including one that addresses a critical vulnerability in all versions of Windows from Windows XP service pack 3 to Windows 7 service pack 1 and Windows Server 2008 R2. The rating means that the hole enables attackers to infect a system via the internet and inject malicious code. Other bulletins will address a privilege elevation flaw which affects the same span of Windows versions. ...

Continue Reading

Facebook Scam: OMG – I just hate RIHANNA after watching this video

Published: March 9, 2012 Reading Time: 2 min

SophosLabs: Messages are spreading between Facebook users, claiming that members of the social network have lost all respect for popular songstress Rihanna after watching a video. However, if you’re careless enough to click on the link you will find yourself lured into a survey scam that attempts to earn affiliate cash for fraudsters. A typical message trying to tempt users into falling for the scam looks like this: ...

Continue Reading

This time, the bad guys want your tax accountant

Published: March 9, 2012 Reading Time: 2 min

avast: While taxpayers are the regular target of springtime malware schemes, this year the bad guys are aiming for the accountants. A series of imposter emails are threatening recipients with the removal of their professional accreditation if they fail to respond promptly. The tax-phish appear to be from organizations such as the American Institute of Certified Public Accountants(AICPA), Better Business Bureau(BBB), and Intuit tax services. After clicking on the email, users are redirected through a hacked legitimate site to the final malware distribution center where their computer can download fake antivirus or another malware package selected by the bad guys. ...

Continue Reading

Google is globally switching its search to HTTPS by default

Published: March 9, 2012 Reading Time: 1 min

The H-Online: Google has announced on its Inside Search blog that it is enabling SSL encryption by default on its global search pages. The US site Google.com has been switching users to the secured HTTPS protocol since last year and now, to improve security and privacy for all its users, the company is rolling the behavior out to its international properties such as google.co.uk. As is the case on the US site, this only affects users who are signed into their Google account when visiting the site. The company expects to roll out this feature to the different local Google search pages “over the next few weeks”. Google hopes that this move will encourage other companies to adopt SSL more broadly across their web sites as well.

Continue Reading

Dropbox Abused by Spammers

Published: March 8, 2012 Reading Time: 2 min

Symantec Connect: Recently we noticed spammers abusing Dropbox, a popular cloud-based, file-hosting and synchronization tool, to spread spam. Dropbox accounts have a public folder where files can be placed and made publicly available. This function is useful to spammers, as it effectively turns Dropbox into a free hosting site. Spammers have abused URL shortening and free hosting sites for some time. Dropbox also provides a URL shortening service, which spammers have also abused. ...

Continue Reading