Security

SophosLabs: It’s Valentine’s Day tomorrow and the spammers are out in force to make the most of unwitting shoppers on the international day of love. Looking to buy a present for someone this Valentine’s Day? Ooh look what popped into my inbox, an email inviting me to buy my Valentine an *ahem* “romantic” gift. Valentine’s Day, the 14th February, is the day we celebrate our feelings of affection for our boyfriends, girlfriends, husbands and wives. It is traditional to do this with a special romantic gift. Looking for a Valentine’s Day Gift for him or the perfect token of love for her? Look no further than here! ...

Sorin Mustaca wrote at Avira TechBlog: In case you’ve seen this on Facebook, try to not click on it even if you understand French (it appears to be only in Franch) because it will take you on a road where you don’t want to be. But, we like to live dangerous, so we analyzed this for you. Continue Reading at Avira TechBlog: http://techblog.avira.com/2012/02/13/new-captcha-method-or-just-another-likejacking-scam/en/

SophosLabs: ComputerWorld today reports that the UK’s Metropolitan Police has warned Windows users of a malware attack that poses as a message from the computer crime-fighting cops themselves. The ransomware attack attempts to lock the computer, and posing as an unofficial notice from a law enforcement agency, claims that the victim’s PC has been determined to have visited illegal websites. Only payment for a fine, claims the message, will restore the computer’s functionality. ...

The H-Online: Mozilla has released Firefox 10.0.1, Firefox ESR 10.0.1, Thunderbird 10.0.1, Thunderbird ESR 10.0.1 and SeaMonkey 2.7.1 to fix a single critical security hole in the browsers and mail clients which appeared in version 10. The security advisory says that versions previous to Firefox 10, Thunderbird 10 and SeaMonkey 2.7 are unaffected by the use after free problem. The problem was discovered by Mozilla developers and causes a “potentially exploitable” crash in nsXBLDocumentInfo::ReadPrototypeBindings. Updates are available through Firefox, Thunderbird and SeaMonkey’s automatic update system and can be made to install by bringing up the “About” dialogue for the relevant application and selecting the “Apply Upgrade” button when it appears. Firefox and Thunderbird 10 were released at the end of January. ...

The Hacker News: Hackers from Team r00tw0rm again hit NASA. According to Latest tweet by Hackers, They claim to hack the one of the Sudomain of Nasa (Link is not exposed by hackers and claimed to be reported for Fix). Hackers claim to hack GB’s of database and they Leaked sample of database include Users names, emails and Passwords , Contact as shown: ...

The Hacker News: Today, Hackers from group EvilShadow successfully hack and deface the website of Microsoft Store India (http://www.microsoftstore.co.in) . But Hacker upload his deface page at location http://www.microsoftstore.co.in/evil.html . Hacker revealed that user passwords were saved in plain text as shown below:

The Inquirer: A Hacker using the pseudonyms ‘Weedgrower’ or ‘X-pOSed’ claims that he has compromised Intel and obtained sensitive data. The solo hacker claims to have found a flaw in the subscriber segment of Intel’s web site, according to The Hacker News. He said that he has access to sensitive data that includes credit card numbers, email addresses and passwords. Weedgrower said, “I’ve got to give some applause to all these pseudo-security technicians out there. I cut Intel a break, I have access to a database and another vulnerability which enables the right to read user data. I’ll be gracious here and NOT spill the data, but I will provide screenshots to prove that I have access to Credit Card data and such.” ...

SophosLabs: The CIA’s website was brought down for some hours last night by what appears to have been an internet distributed denial-of-service (DDoS) attack. A post made from an Anonymous-affiliated Twitter account announced that the site was doing using the phrase “CIA Tango Down”, although a later tweet left ambiguity as to whether the hacktivists were claiming responsibility for the attack. Of course, this is one of the challenges when trying to get a sense of what actions can be attributed to Anonymous or not. ...

SophosLabs: One of the largest ISPs in The Netherlands has shut down its email services after hackers posted usernames, passwords, phone numbers, addresses and more of more than 500 customers on the internet. KPN discovered the attackers on its network January 27th, but decided not to disclose the information immediately after consulting with the Dutch government and law enforcement agencies. Presumably this was intended to allow them to monitor the attacker and gather evidence that might be used to apprehend and prosecute them. ...

Symantec Connect: Recently there have been several reports about the re-emergence of a botnet variant (Kelihos), which Symantec detects as W32.Waledac.C. The Waledac family is a threat that has been monitored by Symantec for many years and was featured in numerous blogs as well as a white paper. In the past, Waledac gained its infamy as a spamming botnet that utilized compromised systems to send out spam. The purpose of these spamming campaigns had usually been for self-propagation of the threat through spam emails containing a link, often (but not always) pointing to a Waledac binary file hosted on a malicious website. The variant W32.Waledac.C is also sending out spam emails, but with a twist. ...