Advice

It’s been ten years already; can you believe it? I’m talking about the U.S. Census. It’s been ten years since the last one. Time to do it again. No, it wasn’t on my calendar either. To remind all of us and to encourage us to participate, the U.S. Census Bureau is spending $340 million to get the word out. There was even a Super Bowl ad. The Census Bureau will not be the only ones trying to get our attention and encouraging us to help them collect data. Cybercriminals will be doing the same thing. But they’ll be trying to fool us into thinking they are the Census Bureau. And the data they’ll be collecting will be a little different. It will be personal information they can use to rip us off. ...

The Australasian Consumer Fraud Taskforce began its 2010 Fraud Week campaign today with release of the first Australian Competition and Consumer Commission (ACCC) scams activity report. Wednesday it will release information to help small businesses protect themselves. The March 1-7 Fraud Week hopes to reduce the incidence and impact of fraud and scams. The annual event tries to co-ordinate the release of information for consumers, timed to coincide with the International Consumer Protection Enforcement Network Global Consumer Fraud Prevention Month. ...

A massive earthquake struck near the Chilean city of Concepcion in the early hours of the morning of February 27th, 2010. The quake measuring 8.8 on the Richter scale was considerably stronger than the one that recently caused widespread destruction on the island of Haiti. Fortunately, despite the size of this latest quake, so far there has been few reported casualties. The quake occurred near the coast and tsumani warnings were issued for many countries bordering on the Pacific ocean. Unfortunately as with any major news event, miscreants are not slow to pounce when such opportunities arise to further their aims. ...

In this post I want to highlight how SEO attacks are working: Pages using server side kits to fool search engine bots into ranking them high in results are uploaded to legitimate web sites. If all goes to plan, when a user searches for a popular term, high up in the search engine results are links to these pages. In the example below, the malicious SEO page was the 2nd item in the search results (highlighted in blue). When the user arrives on such a page (highlighted in green in the example below), the referrer is typically checked to ensure they came from a search engine. If so, there are redirected (302 redirect) to another site (orange below). There are typically additional levels of redirection from this point. In the example shown below, the user is bounced from the .org to the .in site (purple). Finally, the user will be redirected to the fake AV distribution site (red). This is where the user receives the usual visual trickery, in order to fool them into installing the rogue application. ...

Representatives of computer companies and governments meeting at the EastWest Institute security meeting in Brussels said that an industry culture of obscure jargon is preventing the world’s two billion Internet users from putting security measures in place to protect themselves. The group met to figure out how to protect computer users from massive abuse, fraud, online theft, vandalism and espionage. The New York Times story carried the following quotes from those at the meeting: ...

While everyone is searching the web for the unusual gift on Valentine’s Day, Cybercriminals take this opportunity to propagate Rouge Antivirus. I have searched for the keywords “unusual-valentines-day-gifts”, gives the following results: Clicking the highlighted link above will lead to fake message such as “Alert! Your system is exposed to risk of virus attack. It’s highly recommended to check your PC immediately. Press OK to start the scan right now”. ...

In the past, viruses and computer threats were created simply for the sake of it. Sometimes these threats would wipe your hard drive clean—just to let you know you’d been owned. This is not the case anymore; nowadays most of the threats we see are profit-oriented and try to keep a very low profile so that they aren’t easily detectable by security software. Backdoor.Tidserv does a very good job in that sense, especially with the latest version (TDL3), which uses an advanced rootkit technology to hide its presence on a system by infecting one of the low-level kernel drivers and then covering its tracks. While the rootkit is active there is no easy way to detect the infection, and because it goes so deep into the kernel, most users cannot see anything wrong in the system. ...

At the ShmooCon hacker conference in Washington, D.C., last week two security researchers showed the very sensitive information that people inadvertently make available over peer-to-peer networks. In their presentation, “Information disclosure via P2P networks: Why stealing an identity via Gnutella is like clubbing baby seals,” pen testers Larry Pesce and Mick Douglas said they found a lot of music, porn, malcode collections and the following: ...

“YOURLS is a small set of PHP scripts that will allow you to run your own URL shortening service (a la TinyURL). You can make it private or public, you can pick custom keyword URL. It comes with its own API.” http://yourls.org/ It’s installed on your web server (needs PHP 4.3 or better and MYSQL 4.1 with mod_rewrite enabled.) _“Benefits: Not reliant on third party service Sends link juice to your domain, not a service provider Customize your short links Build your brand (showing your URL)” Story here. ...

Security blogger Brian Krebs is reporting that some Windows XP users are reporting blue screen of death on reboot after installing Microsoft’s Tuesday patch KB977165 (MS010–15: “Vulnerabilities in Windows kernel could allow elevation of privilege.”) “Turns out, a non-trivial number of XP users are reporting that their systems suffer from the dreaded Blue Screen of Death (BSoD) and fall into an interminable reboot loop after installing the latest batch of patches from Redmond,” ...