Advice

The H-Online: The Debian developers have pointed out, in an announcement on the debian-announce mailing list, that – three years after it was released –Debian GNU/Linux 5.0 (Lenny) has reached its “End of Life”. Debian GNU/Linux 5.0 was originally released in February 2009 and on 6 February 2012, the developers stopped providing security updates for that version of the distribution. Users have now had a year to update their systems to Lenny’s successor, Squeeze, which was released on 6 February 2011. The Debian developers recommend that any installations that are still using Debian 5.0 should be updated to version 6 of the distribution immediately. The Debian community recently released version 6.0.4 of Debian Squeeze which includes all the updates that have been released for Squeeze since its release. ...

Mashable: Lonely hearts seeking love this Valentine’s Day, be wary. Online dating fraud rose by 150% percent in 2011 as scammers and hucksters turned up the false charm and predatory trolling. That’s according to data shared with Mashable by fraud protection agency Iovation, which works with several major Internet dating services. Iovation reached that number by employing patented technology that analyzes hardware and software, rather than mine for personal information, says Molly O’Hearn, vice president of operations. ...

The H-Online: The German Federal Office of Information Security (BSI (German), BSI English) has compiled security recommendations for Windows PCs that will probably sound familiar to regular readers of The H: Anti-virus software – including free solutions –, backups, security updates, an alternative browser such as Google Chrome and “a healthy level of mistrust” are the main components of its proposal for a secure Windows PC. As the UK lacks a governmental organization that makes such recommendations, as usually such organizations recommend policy for public projects, it is worth seeing what Germany’s BSI suggests. ...

SophosLabs: Beware of malware lurking on news websites claiming to containing breaking news stories. I’ve seen a worrying number of Facebook users posting the same status messages today, claiming that the United States has attacked Iran and Saudi Arabia in a move heralding the beginning of World War 3. Well, that would certainly get your attention, wouldn’t it? A typical status message looks like the following: U.S. Attacks Iran and Saudia Arabia. F**k 🙁 [LINK] The Begin of World War 3? ...

SophosLabs: Facebook’s IPO is the most hyped initial public offering in years, with much speculation about just how many billions of dollars the social networking phenomenon will be valued at. There’s no doubt that 27-year-old Mark Zuckerberg, the founder of Facebook, is going to become a very rich man – and will be able to buy an even larger wardrobe of hoodies. So, congratulations to Zuck and his management team. Although we have often had our concerns about Facebook when it comes to their stand on privacy and security, there’s no doubt that they’ve done something extraordinary in commercial terms. ...

Have you seen this in your or your friends wall? or maybe in a page you “Like”? That’s another spam link spreading over Facebook, as I already showed you many more in older posts. Usually these links end up either in a phishing attack that theft your private information or infecting your computer. If your friend or even a stranger is posting these, don’t click on that and also report the post, here is how to do: ...

GFI: You’re probably aware that Megaupload has wandered into what can only be described as a bit of a pickle, assuming said pickle is roughly the size of a Vogon Constructor Fleet. Given that lots of people probably want to take a peek at the FBI Anti-Warning currently pasted across the front of Megaupload.com (or maybe even just see if the site is back online), it’s a fair bet that Ye Olde Typo Fairy will be called into action and some of them will end up going to Megaupload(dot)cm. ...

Microsoft Malware Protection Center: Facebook malware attacks are not new. Scams spreading via status updates have been around for a long time, but in recent weeks one threat has been getting creative in terms of social engineering. Backdoor:Win32/Caphaw.A can intercept URL requests in both Firefox and Internet Explorer and it has been observed to post very personable updates on friends’ walls in Facebook, gaining access if the user is logged in. ...

SophosLabs: Scammers have put a new spin on an old Facebook scam, claiming that a girl killed herself on Halloween after her father posted a message on her wall. Facebook users are sharing messages with their friends, claiming to link to the salacious content. Girl-Killed-Herself-on-Halloween-After-Dad-Posted-This-on-Her-Wall [LINK] This is unbelievable.. shocking.. The messages are currently spreading very quickly on Facebook, as – at the moment at least – Facebook’s built-in security systems are not blocking them. ...

The H-Security: In a blog posting, the MyBB development team has confirmed that the download package for version 1.6.4 of MyBB had been modified to include malicious code. Unknown attackers were able to exploit a vulnerability in the MyBB web site’s CMS (content management system) to inject and execute PHP code. The attackers placed a contaminated version of MyBB, containing a backdoor, on the server. It is unclear exactly when the hack took place, meaning that all downloads of 1.6.4 prior to 6 October could be affected. Users with MyBB systems are advised to check their installations and apply a patch. For rapid disinfection, the developers are advising users to replace the /index.php file with a clean version and to delete the /install/ directory. ...