Hack

Kaspersky Lab now admits that people attempting to buy Kaspersky’s security products on Oct. 17 were redirected by hackers to a scareware site with links to fake antivirus software called Security Tool. Hackers have caused serious embarrassment for a major security technology company. Kaspersky Lab’s Website was hacked over the weekend, sending customers looking for security software to an external download page pushing counterfeit software. When users tried to download software from Kaspersky on Oct. 17, they were redirected to a malware site that tricked users into downloading fake antivirus software called Security Tool. Once executed, Security Tool displays pop-ups reporting a number of vulnerabilities and threats “found” to scare users into buying what it says is a full version in order to fix these problems. ...

HAVOC CAUSING hacker activist group Operation Payback has extended its reach and strangled the life out of the UK Intellectual Property Office’s website. Yesterday they apparently took down the MPAA’s website in the US, and today, though already busy, they have widened their focus and laid a smackdown on the UK IPO, knocking its website offline. According to a blog post on the Panda security blog Anonymous is 4Chan, and yesterday a forum on that website published its list of targets and its timeline for attacks. ...

Two regional websites for Chancellor Angela Merkel’s Christian Democrats (CDU) were hacked on Tuesday by unknown perpetrators claiming to be Turkish following controversial comments by her conservatives on immigration. Police and domestic intelligence agencies are now investigating in both the city-state of Hamburg and the northern state of Mecklenburg-Western Pomerania after CDU officials said their party sites were paralysed overnight when hackers replaced their homepages with a black background featuring a Turkish crest and critical comments. ...

The good news is that overseas hackers apparently did not change the grades of more then 100 thousand University of North Florida students when they broke into the computer system in September. The bad news is that personal information like names and social security numbers for those students may now be in the hands of those hackers. The FBI is investigating the attack, which was discovered by the university in a routine check of the server. According to University officials, the hacker had access to the system between September 24th and September 29th, but the University did not say when the breach was discovered. The Florida Times-Union newspaper said the university learned of the attack in September but did not notify potential victims because they were still investigating ...

Some people didn’t like his comments about downloading… Two of Gene Simmons’ official sites were shut down after hacker attacks by a group called Anonymous, associated with the 4chan.org forum. The attacks were in response to comments by Simmons about how the music industry should have been tougher with illegal downloaders. Both SimmonsRecords.com and GeneSimmons.com were taken offline briefly due to the attacks. Simmons had made the comment, “The music industry was asleep at the wheel, and didn’t have the balls to sue every fresh-faced, freckle-faced college kid who downloaded material. And so now we’re left with hundreds of thousands of people without jobs. There’s no industry.” ...

Microsoft discontinued support for Windows XP Service Pack 2 on July 13th, and that means there is no SP2 update for the recent LNK shortcut vulnerability (KB2286198). If you review the comments from this SANS Diary post, you’ll see that there was some initial confusion regarding SP2 support, due to a typo in Microsoft’s Security Bulletin (MS10-046). The bulletin is now corrected. However, even today, the download for Windows XP still includes SP2 in the file properties. ...

You might avoid looking for photos of Miss USA Rima Fakih for a while. There is a controversy about a certain pole-dancing incident in her past that is stirring up the talk show circuits and the adolescent inside every male on the planet. It also has stirred up a massive number of SEO poisoned links to photos. In 2007, Fakih won a “Stripper 101” contest sponsored by a Detroit radio show “Mojo in the Morning.” And, of course, she was no sooner crowned Miss USA than somebody resurrected the “Stripper 101” video. And, of course, everybody is searching for “Rima Fakih pole dancing.” ...

A variety of sources are reporting that blog hosting sites with WordPress-created sites and php-based management systems such as Zen Care eCommerce are being infected with malicious scripts. Websites hosted by ISP DreamHost, GoDaddy, Bluehost and Media Temple have been found with the malcode, according to H-Online.com. The malicious scripts download malcode and block Google’s Safe Browsing API from alerting users. Story here: “Large-scale attack on WordPress” The Sucuri Security blog has offered clean-up instructions for those with infected pages here. ...

Late last week, the wires were buzzing over news that the official site of PHP-Nuke “Professional Content Management System“ was serving malware. I am frankly amazed to see the site still infected 4 days later. We see hacked sites everyday and the majority are running PHP-driven applications such as Content Management Systems (CMS). The PHP-Nuke site is currently running PHP v. 5.2.9. Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9 ...

I had a look at my twitter page early this morning and read “Twitter is a rich source of insanity”, and thought “Wow, the twitter marketroids are really bold, but it’s a good line.” Upon re-reading, however, I realized that what it really said was “Twitter is a rich source of instantly updated information.” It might, however, have been a Freudian slip, because twitter got hacked yesterday, and bunches of celebs found they had been forced to follow the hacker. Even worse, as it struggled to right the ship, twitter temporarily removed their followers, and celebs found themselves in the traumatic position of being unpopular, at least for a while. ...