Security

The H-Online: Version 2.10.2 of the open source Pidgin instant messaging program has been released. According to its developers, the maintenance and security update brings a number of changes and addresses two denial-of-service (DoS) vulnerabilities that could be exploited by an attacker to cause the application to be terminated. These remote crashes are caused when the MSN server sends messages that are not UTF-8 encoded and also when some types of nickname changes occur in chat rooms using the XMPP protocol. Versions up to and including 2.10.1 are affected. Pidgin 2.10.2 fixes these issues and all users are advised to upgrade. ...

SophosLabs: A group of hackers are claiming to have stolen the details of more than 70,000 users of the Digital Playground porn website. The group, calling itself “The Consortium”, appears to have scooped up some 40,000 financial details (including credit card numbers, names, CCV numbers, and expiration dates) as well as the email addresses and passwords of 72,000 users. According to the hackers, who appear to be affiliated with the Anonymous movement, the sensitive information was not encrypted. ...

SophosLabs: Heather Morris, famous for playing cheerleader Brittany in the popular “Glee” TV show, is said to be the latest celebrity to have had nude photos leak onto the web. The naked pictures are alleged to have been stolen by hackers from the 25-year-old actress’s mobile phone. Of course, Heather Morris isn’t the first celebrity to have fallen victim to a nude photo hacker. Nude photos and videos of Vanessa Hudgens, the star of “High School Musical”, surfaced on the net in 2011, after it was claimed the actress’s Gmail account was hacked. ...

Symantec Connect: Phishers often choose baits with the motive of targeting a large audience. Using popular celebrities as bait is a good example. Phishers understand that choosing celebrities with a large fan base would target the largest audience and supply more duped users. This month phishers are using the same strategy but, instead of targeting a popular celebrity, they associated their phishing site with the popular FC Barcelona football club. FC Barcelona is the world’s second richest football club and has a large fan following. The phishing site, hosted on a free web hosting site, has since been removed and is no longer active. However, though phishing sites are frequently short-lived, internet users should be aware that other phishing sites using this or a similar template could easily be encountered in future. ...

H-Online: The Firefox team has announced that they are postponing the release of Firefox 11, originally planned for today, because of a security report which the team wants to evaluate to make sure the issue will not impact on their code. Jonathan Nightingale, Mozilla’s Senior Director of Firefox Engineering, also Microsoft’s monthly Patch Tuesday security update, also scheduled for today, as a reason to hold back on releasing the new Firefox version. ...

Symantec Connect: Phishers regularly introduce new types of fake applications with the motive of improving their chance to harvest user credentials. In February 2012, Symantec observed a phishing site recommending a fake application that allegedly removes “Timeline” profile for Facebook users. The phishing site was hosted on a free web hosting site. The phishing site embedded the Facebook Timeline promotion video from YouTube, with the claim “Remove Timeline Now”. According to this phishing site, users will have their “Timeline” removed from their Facebook profile and get back their old profile page—only after they enter their login credentials. To make the fake application look more authentic, phishers added that it was protected by an antivirus product with the logo of the antivirus brand placed below the login form. After user credentials are entered, the phishing page redirects to a page which displays a screenshot from the Facebook Timeline promotion video. If users fell victim to the phishing site by entering their login credentials, phishers would have successfully stolen their information for identity theft purposes. ...

The H-Security: Next week’s Patch Tuesday sees Microsoft planning to publish a total of six bulletins, including one that addresses a critical vulnerability in all versions of Windows from Windows XP service pack 3 to Windows 7 service pack 1 and Windows Server 2008 R2. The rating means that the hole enables attackers to infect a system via the internet and inject malicious code. Other bulletins will address a privilege elevation flaw which affects the same span of Windows versions. ...

SophosLabs: Messages are spreading between Facebook users, claiming that members of the social network have lost all respect for popular songstress Rihanna after watching a video. However, if you’re careless enough to click on the link you will find yourself lured into a survey scam that attempts to earn affiliate cash for fraudsters. A typical message trying to tempt users into falling for the scam looks like this: ...

avast: While taxpayers are the regular target of springtime malware schemes, this year the bad guys are aiming for the accountants. A series of imposter emails are threatening recipients with the removal of their professional accreditation if they fail to respond promptly. The tax-phish appear to be from organizations such as the American Institute of Certified Public Accountants(AICPA), Better Business Bureau(BBB), and Intuit tax services. After clicking on the email, users are redirected through a hacked legitimate site to the final malware distribution center where their computer can download fake antivirus or another malware package selected by the bad guys. ...

Symantec Connect: Recently we noticed spammers abusing Dropbox, a popular cloud-based, file-hosting and synchronization tool, to spread spam. Dropbox accounts have a public folder where files can be placed and made publicly available. This function is useful to spammers, as it effectively turns Dropbox into a free hosting site. Spammers have abused URL shortening and free hosting sites for some time. Dropbox also provides a URL shortening service, which spammers have also abused. ...