Report

H-Online: Internet forums are currently circulating a list containing over six million password hashes which allegedly originate from LinkedIn. The passwords are being cracked collaboratively with about 300,000 passwords already published as plaintext. The list contains pure SHA1 hashes with no name or email addresses. If decrypted, the passwords will not easily give access to an appropriate account. However, it is probable that the person who captured the hashes also has the corresponding email addresses....

H-Online: UK regulator PhonepayPlus (fomerly known ICSTIS) has imposed a fine of £50,000 on a payment provider used for an Android malware-based fraud and forced it to reimburse customers’ losses. Last December, unknown perpetrators posted fake versions of popular applications on Google’s Play store (formerly the Android Market) which sent out expensive premium rate text messages. According to Android virus experts Lookout, the applications in question were based on the RuFraud malware and were customized to disguise themselves as 30-plus titles such as Angry Birds, Assassins Creed and Cut the Rope....

Naked Security wrote: The Iranian Computer Emergency Response Team (MAHER) claims to have discovered a new targeted malware attack attacking the country, which has been dubbed Flame (also known as Flamer or Skywiper). In a statement, researchers say that they believe the malware is “a close relation” to Stuxnet, and claim that Flame is not detected by any of 43 anti-virus products it tested against, but that detection was issued to select Iranian organizations and companies at the beginning of May....

Microsoft Malware Protection Center wrote: Recently, we’ve seen a few attacks in the wild targeting a patched Adobe Flash Player vulnerability. The vulnerability related to this malware was addressed with a recent patch released by Adobe on May 4th. On the Windows platform, Flash Player 11.2.202.233 and earlier is vulnerable. If you’re using vulnerable version, you need to update your Flash Player now to be protected against these attacks. We had a chance to analyze how the malware (sha1: e32d0545f85ef13ca0d8e24b76a447558614716c) works and here are the interesting details we found during the investigation....

H-Online: Yahoo! introduced a new “browser”, Axis, last night, both as a standalone application for iPhone and iPad and as a browser extension on Chrome, Firefox, Internet Explorer and Safari. Axis is meant to offer faster, smarter searching using Yahoo’s services. Within hours of the launch, hacker and blogger Nik Cubrilovic posted on his blog that the Chrome extension came with a worrying extra, a Yahoo private certificate file which was used to sign the extension package and prove the package’s authenticity to the Google browser....

H-Online: Users of Windows XP are reporting more problems with recent automatic updates. Three security updates for .NET Framework 2.0 and 3.5 are at the center of the problem, labeled as patches KB2518664, KB2572073 and KB2633880 in Windows XP’s automatic update feature. On affected systems, the installation of these patches proceeds without error but after a short time, the update service says it would like to install them again and will keep reinstalling the patches if allowed....

GFI Wrote: In September, our friends at Sophos wrote about a fake BBC website offering up the “chance” to work from home for predictably large sums of money. No more than a day later, we were covering fake BBC video posts targeting Facebook users. Today we’re looking at a fake BBC URL which drops the end-user onto a “work from home and earn $10,000+ a month” fake news site, but not before it’s attempted to load up the PC with malware via a rather nasty collection of exploits....

theregister.co.uk wrote: A Brit who distributed a Trojan horse that posed as a patch for popular shoot-em-up game_Call of Duty_ has been jailed for 18 months. Lewys Martin, 20, of Deal in Kent, used the malware to harvest bank login credentials, credit card details and internet passwords from the compromised Windows PCs of his victims. Martin then apparently laundered the credentials via underground cybercrime forums, earning $5 or less for every credential, directing proceeds of his criminal activity towards an offshore account in Costa Rica, funds which remain beyond the reach of UK police....

H-Online Says: A faulty update for Avira‘s paid-for anti-virus software blocks harmless processes and may in some cases stop computers from booting. The update results in the ProActiv behavioral monitoring component becoming oversensitive in its treatment of executable files. According to user reports, ProActiv blocks trusted system processes such as cmd.exe, rundll32.exe, taskeng.exe, wuauclt.exe, dllhost.exe, iexplore.exe, notepad.exe and regedit.exe. In some cases this results in Windows failing to boot properly. It also appears to be blocking non-OS applications such as Microsoft Office, the Opera web browser and Google’s Updater program....

TheHackerNews: Google got Pwned ? NO Few Algerian Script Kiddies try to spread fake rumors that they Hack and Deface the Giant Search engine “Google Iranian” domain http://www.google.co.ir/ . As the screenshot shown a Algerian flag on it and Page Titles : **“**H4Ck3D By vaga-hacker dz and DR.KIM”. As mentioned by hacker, the team include hackers named : “V4Ga-Dz,Dz0ne,DR-KIM King-Dz,BroX0 aghilass elite jrojan password kha&mix wasim -dz” . It is not confirmed that, either these are member from some Anonymous Hackers but they try to use Anonymous Hackers Tag line : We Dont Forget , We Dont Forgive, Expect Us!...