advice

The H-Online: A list with several million passwords belonging to users of the music community site Last.fm has been posted on the internet. The site owners have posted a statement saying that the company is investigating the leak and that all users of the service should change their passwords immediately. This is the third major compromise of a popular web site’s passwords in as many days. The H’s associates at heise Security are in possession of a list containing approximately 2....

H-Online: Internet forums are currently circulating a list containing over six million password hashes which allegedly originate from LinkedIn. The passwords are being cracked collaboratively with about 300,000 passwords already published as plaintext. The list contains pure SHA1 hashes with no name or email addresses. If decrypted, the passwords will not easily give access to an appropriate account. However, it is probable that the person who captured the hashes also has the corresponding email addresses....

H-Online Says: A faulty update for Avira‘s paid-for anti-virus software blocks harmless processes and may in some cases stop computers from booting. The update results in the ProActiv behavioral monitoring component becoming oversensitive in its treatment of executable files. According to user reports, ProActiv blocks trusted system processes such as cmd.exe, rundll32.exe, taskeng.exe, wuauclt.exe, dllhost.exe, iexplore.exe, notepad.exe and regedit.exe. In some cases this results in Windows failing to boot properly. It also appears to be blocking non-OS applications such as Microsoft Office, the Opera web browser and Google’s Updater program....

Symantec Connect: Symantec is intercepting a resurgence of spam attacks on popular brands. Spam messages that are replicas of the Wikipedia email address confirmation alert are the new vector for the present. The said spam messages pretend to be originating from Wikipedia, and are selling meds, with the following subject line: “Subject: Wikipedia e-mail address confirmation”. The spoofed Wikipedia page is a ploy to give legitimacy to the sale of meds online....

The H-Online: Online forums have, for some time, apparently been the target of hackers who inject additional code. However, the attackers aren’t interested in publishing cool slogans or political messages, they’re looking for money. They steal Google traffic from the forums and exploit this traffic via ads. Their main targets appear to be forums that are based on the vBulletin software. Unlike the “Look how cool I am” crackers, these attackers have very discreet working methods....

Symantec Connect: Phishers are constantly developing new strategies in an effort to trick end users. In April 2012, phishers created sites spoofing the Apple brand with fake offers for Apple discount cards. In this phishing attack, customers were targeted by region: namely, the UK and Australia. The phishing sites mimicked the webpage of Apple and prompted customers for their Apple ID. The phishing page stated the customer’s long-term loyalty toward the brand gave them eligibility for an Apple discount card as a reward....

Cross posted from GFI, Sunbelt Blog: There’s not a day when we don’t see a new scam or hoax—yes, even the old ones—being proliferated on Facebook. I’ve seen both today. Let’s take a quick look at each one, shall we? First off, the scam: The screenshot above is a post generated by the “Sexappeal Meter” app that have spread within the social network. Clicking the “How much Sexappeal you have” link, or sometimes a bit....

Symantec Connect: In recent years, scammers have flocked towards social networking sites as they have grown and made it easier to access a large number of potential eyeballs to convert into dollars. Brands have found value in leveraging social media to know what their customers are talking about, so, naturally, scammers are doing the exact same thing. Free iPads and iPhones Every time Apple unveils a new iPad or iPhone, you can bet there are scammers out there trying to leverage the announcement for financial gain....

Sunbelt: Be wary of emails claiming to be from AICPA – as per their alert here, these are not real and any mention of “unlawful tax return fraud” is just a bait to convince the end-user to open up a malicious attachment (in this case, a .doc file although there are rogue PDF files in circulation too). As with many of the malicious spam campaigns doing the rounds at the moment, this one will use the Blackhole exploit kit to serve up zbot from multiple compromised domains....

SophosLabs: Have you seen the news? Maybe your friends have shared it with you. Apparently, Facebook is going to shut down on March 15th, 2012. Mark Zuckerberg has reportedly found running the site just too stressful. Here’s the link that many Facebook users have been sharing with each other. Some worried Facebook users have even been sharing this photograph of a news report about the claimed closure of the world’s most popular social network:...