Alert

Avira TechBlog: Thanksgiving and according holidays are very close – a time in which many people have the time to do (online) shopping. The cyber criminals are eager for their share, so it’s time to remember some safety measures. We are expecting to see spam and phishing campaigns luring the recipients to visit malicious web sites. These web sites usually look quite legal and official. As precaution, don’t follow links from emails to online stores and online payment systems, but use bookmarks or type in the addresses directly into the browser’s address bar. And of course just visit shops which you already know. Some scams can be identified by very low prices – if they look too good to be true, they usually are! ...

**Mac: Hi PC, I’m not feeling so hot today… ** PC: Oh, I know ALL about that. I think you have a virus! Security experts by and large agree that security via obscurity is not a wise model for protecting customers over the long term. That’s exactly the model Apple has employed successfully for some time now. However, its luck finally appears to be running short. ...

Currently cyber criminals try to make fast money by spamming out emails in masses in Germany which allegedly stem from an Advocate specialized in copyright. According to the spam mails, the user was downloading copyrighted material. An IP address is in the email to proof that. To not call the attorney to action, the recipient of the mail is offered to send 100 Euros via a payment system called Ukash. Don’t fall for that social engineering, don’t pay! ...

Last mail I got from 12Seconds.com: Dear 12ers, Tonight at 8:15PM PST we will shut down 12seconds.tv. No videos can be recorded after 5PM PST. If you have not yet downloaded your videos, go to 12seconds.tv and use the awesome 12seconds video export tool and save your memories. The tool will be available until 5:15 PM PST, so be sure to export your videos before then. Is this the last time you will hear from us? ...

This is a pretty neat attack from the malware pushes leveraging on the ignorance of the average user – which in all honestly is a safe bet most of the time! You could consider it a Social Engineering attack as it’s taking something that’s familiar and changing it to deliver malware. I’m sure all the Firefox users reading have at some point or another been faced with the warning screen that tells you a site is not safe to visit, the red page which states in big white letters “Reported Attack Page!”. ...

You might be wondering why the frontpage of Twitter has a big “Edit” line running through it in the screenshot below: The answer, of course, is that this is not the real Twitter page at all. It’s part of an increasingly popular kit used for shenanigans: The scammer downloads the zip, edits the links in the .htm file and places something likely to catch the attention of an end-user underneath the “Edit” line. The fact that the fake content is sitting directly underneath the “New Twitter” promotional text is not a coincidence. ...

Currently a new likejacking-attack is running on Facebook. If a user clicks on the link of a friend which is reads “I Will NEVER TEXT Again After Seeing THIS!! on CLICK HERE TO SEE.”, she or he will automatically “like” that link too due to some clever scripting on the attacking website. A second like-link says “This American GUY must be Stoned to Death for doing this to a GIRL (NO SURVEYS)! … on CLICK HERE TO SEE.”. This is another variant of the same likejacking-attack. ...

The information being transmitted is one of Facebook’s basic building blocks: the unique “Facebook ID” number assigned to every user on the site. Since a Facebook user ID is a public part of any Facebook profile, anyone can use an ID number to look up a person’s name, using a standard Web browser, even if that person has set all of his or her Facebook information to be private. For other users, the Facebook ID reveals information they have set to share with “everyone,” including age, residence, occupation and photos. ...

NEW YORK — The Wall Street Journal is reporting that 10 popular Facebook applications have been transmitting users’ personal identifying information to dozens of advertising and Internet tracking companies. The newspaper said Monday that the breach also includes users who set all their information to be completely private. And in some cases, it says, the apps provided access to friends’ names. A Facebook spokesman told the Journal on Sunday that the company would introduce new technology to contain the breach. It’s not clear how long the breach went on. ...

W32.Stuxnet has been a subject of much discussion amongst security researchers and media, and we posted a series of blogs on the subject. As you may already be aware, Stuxnet is hot topic as the threat targets industrial control systems in order to take control of industrial facilities and systems, such as manufacturing assembly lines and even power plants. Because Stuxnet is such major news, the miscreants who like to spread malware are not wasting much time taking advantage of this for their malicious activities. In our investigations we have discovered that various forums are discussing a free Stuxnet removal tool but unfortunately the tool is actually a piece of malware. We successfully obtained a sample of this tool and our analysis supported our sense of danger: Bottom line is, do NOT run the tool. ...