Security

Sophos Labs: Semi-nude pictures of Christina Aguilera leaked onto the internet earlier this week, causing fans of the pint-sized pop diva to feverishly run to their search engines in the hunt for the private snaps. Regular readers should know only too well about the dangers that can be associated with hunting for such material – with nude pictures of Twilight star Ashley Greene and snaps of princess-to-be Kate Middleton recently being used as bait for the unwary. ...

Mashable: Facebook is known for its hackathons — all-night coding sessions designed to help create new products or improve others. Now the company has announced its first Hacker Cup. Facebook says it’s “bring[ing] engineers from around the world together to compete in a multi-round programming competition.” The Hacker Cup is very similar to Google’s popular Google Code Jam. Contestants will be challenged with solving algorithmic-based problem statements. Those who successfully solve the problems in the allotted period of time will advance to the next round. ...

Symantec Connect: WikiLeaks.org is in the news after their recent publications linked to leaked government documents. Spammers are now leveraging the current level of interest with social engineering techniques to infect users’ computers. Symantec is observing a wave of spam spoofing WikiLeaks to lure users into becoming infected with a new threat. The spam email has subject line “IRAN Nuclear BOMB!” and spoofed headers. The “From” header purports to originate from WikiLeaks.org, although this is not in fact the case, and the message body contains a URL. This URL downloads and runs WikiLeaks.jar which has a downloader ‘WikiLeaks.class’ file. The downloader pulls the threat from http://ugo.file[removed].com/226.exe. Symantec detects this threat as W32.Spyrat. ...

Sunbelt Blog: Above, you can see a vaguely optimistic VirusTotal user summary in relation to a file that’s been doing the rounds for about a month or two. Here is the file in question: A “receipt generator”, I hear you ask – what do people want with one of those? The answer, of course, is rather straightforward: This is a particularly interesting scam, as it doesn’t target regular PC users – it targets the people who sell you things, such as the merchants on the Amazon marketplace. This is what the would-be social engineer sees when they fire up the program: ...

Symantec Connect: We have become familiar enough with malware creators poisoning popular search engine terms through SEO techniques in order to deliver their malicious files to a greater pool of unsuspecting users. Other popular services such as Twitter have not escaped the watchful eyes of the miscreants. This attack involves pumping out many of the same tweets with different accounts to push them into the Twitter trending list. That way more people are likely to see them even if the individual user accounts being used to send the tweets don’t have that many followers. Incidentally many of the accounts used in this attack don’t have that many followers and are quite fresh – meaning they are probably fake accounts set up specifically for the purpose of spamming tweets. ...

It’s a normal day to us. We receive a new Bamital virus sample report from a customer, and we provide an analysis. Suddenly, something interesting bursts into my eyes: What’s your thought on this code fragment? At the first glance, this piece of code looks like a non-malicious call to manipulate the Windows Printer SubSystem. But if you’ve analyzed Alureon before, it may look familiar to you. Yes, Alureon also takes advantage of the Windows Print Subsystem to install its payload. ...

Mashable: A large number of messages containing only the link “goo.gl/R7f68” has appeared on Twitter today, redirecting the users to various malware-laden sites. The messages are mostly coming from disposable accounts, but they also appear on some accounts that appear to be genuine, which indicates that there’s a worm spreading and sending the messages from infected accounts. Furthermore, all of the messages containing the link are sent from the mobile version of Twitter. ...

Avira programmers spent a lot of work and drastically overhauled the Avira AntiVir Rescue System which is now available in version 3.7.16. Next to a much better usability due to the redesigned user interface and 11 supported languages the new version offers even improved detection and removal capabilities. Avira AntiVir Rescue System uses Linux as operating system. The new kernel has much better and wider hardware support. The bootable CD can not only be used to analyse the system for malware infections and remove them, but also enables the user to get access to data on the system in case the operating system won’t start anymore so it can be backed up onto a USB drive, for example. ...

Take a look in the Email I got from Google a few minutes ago: Dear Website Optimizer user, We are writing to inform you of a potential security issue with Website Optimizer. By exploiting a vulnerability in the Website Optimizer Control Script, an attacker might be able to execute malicious code on your site using a Cross-Site Scripting (XSS) attack. This attack can only take place if a website or browser has already been compromised by a separate attack. While the immediate probability of this attack is low, we urge you to take action to protect your site. ...

The Register: Windows source code tapped, say WikiLeaked docs The Chinese government may have used its access to Microsoft source code to develop attacks that exploited weaknesses in the Windows operating system, according to a US diplomatic memo recently published by WikiLeaks. The June 29, 2009 diplomatic cable claims that a Chinese security firm with close ties to the People’s Republic of China, got access to the Windows source under a 2003 agreement designed to help companies improve the security of the Microsoft operating system. Topsec allegedly worked with a government organization known as CNITSEC, short for the China Information Technology Security Center, which actively worked with “private sector” hackers to develop exploits. ...