TechBlog

The H-Security: In a blog posting, the MyBB development team has confirmed that the download package for version 1.6.4 of MyBB had been modified to include malicious code. Unknown attackers were able to exploit a vulnerability in the MyBB web site’s CMS (content management system) to inject and execute PHP code. The attackers placed a contaminated version of MyBB, containing a backdoor, on the server. It is unclear exactly when the hack took place, meaning that all downloads of 1.6.4 prior to 6 October could be affected. Users with MyBB systems are advised to check their installations and apply a patch. For rapid disinfection, the developers are advising users to replace the /index.php file with a clean version and to delete the /install/ directory. ...

SophosLabs: Have you noticed the profile pics of some of your Facebook friends have acquired a pink tinge? Rumours have hit the social networking site that the Facebook app that turns your profile picture pink carries “keylogger malware” that can spy on your keypresses, and steal your passwords – not just from Facebook, but from online banks you may log into as well. One warning reads as follows: ...

GFI Labs Blog: We’ve noted this before, but Microsoft needs to get a handle on ad placements on Bing. Ok, so Bing isn’t the most widely used search engine, but remember that Yahoo plays a part here as well. In this case, we’re talking Sirefef (ZeroAccess aka Max++), probably the nastiest piece of malware circulating on the ‘net right now. Sirefef kills any attempt to remove it, and is nearly impossible to clean (short of booting onto a rescue disk and performing cleanup actions, or reformatting). ...

Schneier on Security: A newly discovered piece of malware, Duqu, seems to be a precursor to the next Stuxnet-like worm and uses some of the same techniques as the original. Link to Source Symantec: W32.Duqu: The Precursor to the Next Stuxnet Duqu is essentially the precursor to a future Stuxnet-like attack. The threat was written by the same authors (or those that have access to the Stuxnet source code) and appears to have been created since the last Stuxnet file was recovered. Duqu’s purpose is to gather intelligence data and assets from entities, such as industrial control system manufacturers, in order to more easily conduct a future attack against another third party. The attackers are looking for information such as design documents that could help them mount a future attack on an industrial control facility. Read Full Article ...

Mashable: As reports of former Libyan leader Muammar Gaddafi’s death circulate on the Internet, so is a gruesome cellphone photo of what appears to be his severely wounded body and another that appears to be his dead body. Both are likely opportunities for spammers with bad intentions. The first photo was distributed by the news agency AFP after commanders for Libya’s transitional military, the National Transitional Council (NTC), said they had captured Gaddafi after invading his hometown of Sirte. On Thursday, an NTC spokesperson told the New York Times Gaddafi had been killed, but the U.S. State Department had still not confirmed his death as of 10:00 a.m. ET. ...

Symantec: The sad news making the rounds these days is the death of Steve Jobs, Apple Co-founder and former CEO. His death has been a terrible loss to both Apple and Apple fans everywhere. Spammers are capitalizing on this incident by sending malicious links related to the news of Steve Jobs’ death. Below is a screenshot of one such spam email containing a malicious link: More malicious links found relating to death spam are: ...

Jobs and Schmidt connect at the introduction of the iPhone, 2007 businessweek.com: The Google executive chairman admired Jobs’s passion, courage, and smarts When he went to Apple, he was basically down to 1 percent market share. Apple was near bankruptcy, the company had been for sale, there were a series of management changes. I talked to him about it. He said, “The thing that I have that no one else has is very loyal customers.” He had these fanatical people who would line up all night for a product that wasn’t any good. He figured correctly that by upgrading and investing in and broadening the portfolio, he could do it. At some level he foresaw the next 10 years. ...

“In memory of Steve, a company is giving out 50 ipads tonight…” is another Facebook scam you want to avoid. More similar scam links is expected, so take care what you click on, These kind of free offers will end up in phishing or malware attacks. Don’t forget you should join the Omid’s Blog Facebook page, where I not only debunk hoaxes and chain letters or scams, but I also keep you up-to-date on the latest rogue applications, scams and malware attacks threatening Facebook users. Credit to Norman Security.

SophosLabs: A hoax claiming that Facebook is planning to start charging users continues to spread across the social network, and has now been adapted by mischief-makers into a claim that the service will be free if users forward a message before midnight. Duped users are sharing the message with their online friends, believing it will help them avoid charges of between $3.99 and $9.99 per month. ...

SophosLabs: A fascinating new example of Mac malware has been discovered, that appears to be adopting an old Windows-style disguise to fool users into running it. Despite the numerous times that cybercriminals have created boobytrapped PDF files that exploit vulnerabilities to infect unsuspecting users, many people still think that PDF files are somehow magically safer to open than conventional programs. The OSX/Revir-B Trojan plays on this by posing as a PDF file. ...