I was reading an article on PCWorld’s website about the upcoming Google Chrome OS: So far so good. Except that I inadvertently clicked on one of their sponsored links: which ironically states “Here is all about spyware removal and even more.” After a few redirects, my browser is hijacked by one of those FakeAV scanners: Here is the HTTP traffic capture screenshot and log: ...
Personal information scanned into certain digital photocopier hard drives can be easily tapped, according to a CBC News investigation probing the second-life of older machines that are re-sold or leased. CBC purchased a used Canon Image Runner Color 3200 from a UPS franchise on Kijiji, an online classifieds website. The copier’s two hard drives were removed and plugged into a laptop, which revealed the units had not been wiped clean before being sold and shipped. ...
Media report about a new privacy leak on Facebook which has been found just recently. It is possible to find out with which persons someone is in contact with – therefore one just has to create a fake account using a known email address of the person to spy upon. Facebook doesn’t verify whether the address is real so the new account can already be used. Up to 20 contacts are visible according to the reports. ...
You might be wondering why the frontpage of Twitter has a big “Edit” line running through it in the screenshot below: The answer, of course, is that this is not the real Twitter page at all. It’s part of an increasingly popular kit used for shenanigans: The scammer downloads the zip, edits the links in the .htm file and places something likely to catch the attention of an end-user underneath the “Edit” line. The fact that the fake content is sitting directly underneath the “New Twitter” promotional text is not a coincidence. ...
Currently a new likejacking-attack is running on Facebook. If a user clicks on the link of a friend which is reads “I Will NEVER TEXT Again After Seeing THIS!! on CLICK HERE TO SEE.”, she or he will automatically “like” that link too due to some clever scripting on the attacking website. A second like-link says “This American GUY must be Stoned to Death for doing this to a GIRL (NO SURVEYS)! … on CLICK HERE TO SEE.”. This is another variant of the same likejacking-attack. ...
Posted by Diana Phan, Gmail Support Team October is National Cyber Security Awareness month and a good time for a reminder about why hijackers do what they do and how you can protect your account. Check out the Online Security blog to learn about common hijacking techniques and security practices that will help you stay one step ahead of the bad guys. To help ensure your Gmail account is safe, take a minute to visit the Gmail help center and complete their new security checklist. ...
W32.Stuxnet has been a subject of much discussion amongst security researchers and media, and we posted a series of blogs on the subject. As you may already be aware, Stuxnet is hot topic as the threat targets industrial control systems in order to take control of industrial facilities and systems, such as manufacturing assembly lines and even power plants. Because Stuxnet is such major news, the miscreants who like to spread malware are not wasting much time taking advantage of this for their malicious activities. In our investigations we have discovered that various forums are discussing a free Stuxnet removal tool but unfortunately the tool is actually a piece of malware. We successfully obtained a sample of this tool and our analysis supported our sense of danger: Bottom line is, do NOT run the tool. ...
Adobe just released Reader and Acrobat version 9.4. The new release fixes some critical vulnerabilities which allow attackers to infect PCs – for example, just by browsing the net. Overall the update lists 23(!) entries in the CVE database as being solved with version 9.4. The new version is available for Windows, Mac OS X and Unix systems. For those who still use the version 8, Reader and Acrobat 8.2.5 for Windows and Mac fix the security vulnerabilities. Windows and Mac users can download the updated version at Adobes download center, while Unix users need to download the new release from Adobe’s ftp server. ...
The New York Times is reporting a rising number of law suits against some major players because of their use of persistent web tracking: — Fox Entertainment Group — NBC Universal — Specific Media — Quantcast The Times said the suits are claiming that the companies used Flash cookies to collect data on browsing activities in spite of the fact that users had privacy settings on to block them. Those Local Shared Objects (LSOs) are persistent cookies that are stored in several ways and in some cases will restore themselves when deleted. One is available, with a detailed description here. ...
On Twitter a new security flaw gets currently exploited. Hackers found a way to inject malicious JavaScript code into tweets with the onMouseOver event. This can lead to pop-ups appearing, redirecting to websites, re-tweeting spam, or even worse things like cookie stealing (compromising the user accounts). The problem is that Twitter doesn’t properly filter out some tags in tweets. Users should be very cautious when seeing colored text blocks (background and text colors are the same, called “rainbow tweets”) – these are currently mostly used to exploit the security vulnerability. Hopefully, Twitter closes the security hole soon! Until then, using the NoScript web browser extension or disabling JavaScript on Twitter helps against the attack. Also, using twitter applications which rely upon the Twitter API aren’t affected. ...