SophosLabs wrote: Do you want to know the total number of times that your Facebook wall has been viewed? Are you curious as to who may be stalking you on Facebook? If so, youâre a prime candidate for scammers who are exploiting that desire to put money into their own pockets. Here are the latest messages spreading virally between thousands of Facebook users who have fallen for the scam: ...
Cnet: A malicious attacker that appears to be the Iranian government managed to obtain supposedly secure digital certificates that can be used to impersonate Google, Yahoo, Skype, and other major Web sites, the security company affected by the breach said today. Comodo, a Jersey City, N.J.-based firm that issues digital certificates, said the nine certificates were fraudulently obtained, including one for Microsoftâs Live.com, have already been revoked. A fraudulent certificate allows someone to impersonate the secure versions of those Web sitesâthe ones that are used when encrypted connections are enabledâin some circumstances. ...
Symantec: Only a few days ago, Japan experienced one of the worst earthquakes in its history. The earthquake registered 8.9 on the Richter scale and triggered an enormous tsunami. The heart-wrenching images on television have left the world shaken. It was the worst earthquake and tsunami in the past century and at least 50 countries have since received related tsunami warnings. As the death and injury tolls continue to rise, one must not forget those who awake to exploit such delicate situationsâspammers continue to maintain the guise of charitable institutions and governmental organizations! Donât be surprised to suddenly see an email message in your inbox marked as URGENT and pleading with you for âmonitory helpâ [sic] or a phishing mail urging you to donate to the rehabilitation of those affected by the quake and tsunami. Use prudence in finding out the genuine intent of email senders before you reach out or respond. ...
Earlier this year I received a Facebook invite in my Yahoo! Mail account from none other than Angelina Jolie herself. I kid you not. While itâs true that we live in the Digital Age where communicating with anyone is a mere tap of a finger awayâwhether itâs via email, IM, Facebook, Twitter, etc.âthe chances that Ms. Jolie would randomly reach out to a regular Joe, such as myself, is still pretty darn improbable. So, the following questions raced through my mind: ...
Symantec Connect: WikiLeaks.org is in the news after their recent publications linked to leaked government documents. Spammers are now leveraging the current level of interest with social engineering techniques to infect usersâ computers. Symantec is observing a wave of spam spoofing WikiLeaks to lure users into becoming infected with a new threat. The spam email has subject line âIRAN Nuclear BOMB!â and spoofed headers. The âFromâ header purports to originate from WikiLeaks.org, although this is not in fact the case, and the message body contains a URL. This URL downloads and runs WikiLeaks.jar which has a downloader âWikiLeaks.classâ file. The downloader pulls the threat from http://ugo.file[removed].com/226.exe. Symantec detects this threat as W32.Spyrat. ...
Mashable: A large number of messages containing only the link âgoo.gl/R7f68â has appeared on Twitter today, redirecting the users to various malware-laden sites. The messages are mostly coming from disposable accounts, but they also appear on some accounts that appear to be genuine, which indicates that thereâs a worm spreading and sending the messages from infected accounts. Furthermore, all of the messages containing the link are sent from the mobile version of Twitter. ...
You might be seeing something on your Facebook wall today: Sadly, itâs not a fun video. Itâs just a phish. The link goes to apps. facebook.com/ lookatuhah, which then redirects to a phishing site: In other words, if youâre absent-minded enough to enter your credentials again, they will be used to then send more of these stupid fake videos posts to others â or do any of a number of other rather nefarious things. ...
Avira TechBlog: We discovered a new ransomware threat which is downloaded by a Trojan of the Oficla family. This downloaded threat replaces the MBR (master boot record) of the hard disk with its own MBR which asks the user for a password and thus blocks the loading of the operating system. Upon starting the Oficla Trojan and successive execution of the downloaded payload the system will be rebooted and the user will be presented the ransom notice. ...
Now this is not the first time Windows UAC has hit the news for being flawed, back in February 2009 it was discovered that Windows 7 UAC Vulnerable â User Mode Program Can Disable User Access Control and after that in November 2009 it was demonstrated that Windows 7 UAC (User Access Control) Ineffective Against Malware. A zero-day for Windows 7 back in July of this year also bypassed Windows UAC. ...
You might want to steer clear of the following fake security program, being promoted as a âWindows Trojan Removal Kitâ but actually hijacking your PC in the form of the ThinkPoint rogue with a mixed (24/43) detection rate. The file is currently being offered up by your typical âfake security scanâ pages, such as microsoftwindowssecurity152(dot)com. Those familiar with this particular rogue will be aware that it tends to stick with domains similar to the one above. ...