A Facebook malware attack is on the loose this weekend, enticing users to click a “Distracting Beach Babes” video on their Facebook Walls. The Wall message reads: “this is hilarious! lol 😛 😛 😛 Distracting Beach Babes [HQ] Length: 5:32″. If you see this video on Facebook today, do not click the link: Doing so, and downloading a linked file, will result in malware being installed on your computer. ...
There’s a new Facebook worm out there. However, it doesn’t seem to be doing anything else than posting a message to people’s Facebook walls. The message that the worm posts is “try not to laugh xD http://www.fbhole. com/omg/allow.php?s=a&r=[random number]“ If you follow the link, you end up to a page looking like this: The page shows a fake error message. If you click anywhere on the page, you will trigger a script that will try to post the same message to your Facebook wall. This is done with an invisible iframe that follows your mouse around – causing you to click on an invisible “publish” button. In addition of the wall message post, nothing else happens. ...
Russian-based PROXIEZ-NET, which was known to allegedly host 13 Zbot command-and-control servers has been shut down by its upstream provider DIGERNET, according to the site The New New Internet (News story on Web Host Review here: “Alleged Russian Malware Host Cut Off By Upstream Provider”) Legitimate web sites hosted by PROXIEZ-NET many have been caught in the takedown, the Review said. Brick House Security said the Zbot-related servers on PROXIEZ-NET were used to collect PayPal, EBay and online banking passwords stolen by key logging malware. ...
You might avoid looking for photos of Miss USA Rima Fakih for a while. There is a controversy about a certain pole-dancing incident in her past that is stirring up the talk show circuits and the adolescent inside every male on the planet. It also has stirred up a massive number of SEO poisoned links to photos. In 2007, Fakih won a “Stripper 101” contest sponsored by a Detroit radio show “Mojo in the Morning.” And, of course, she was no sooner crowned Miss USA than somebody resurrected the “Stripper 101” video. And, of course, everybody is searching for “Rima Fakih pole dancing.” ...
Hey Admins…. It’s that time again. The second Tuesday is upon us and May so far hasn’t been demanding as far as patching goes. So far …. this month Microsoft has only issued two security announcements. MS10-030 and MS10-031. Microsoft has rated both as critical – and both could result in remote code being executed. MS10-030 resolves an integer overflow in POP3 & IMAP mail responses to Outlook Express and Windows Mail…. MS10-031 addresses a stack memory corruption related to the way that “Visual Basic for Applications” searches for ActiveX components, when host applications provide specially crafted files to the Visual Basic runtime. ...
A variety of sources are reporting that blog hosting sites with WordPress-created sites and php-based management systems such as Zen Care eCommerce are being infected with malicious scripts. Websites hosted by ISP DreamHost, GoDaddy, Bluehost and Media Temple have been found with the malcode, according to H-Online.com. The malicious scripts download malcode and block Google’s Safe Browsing API from alerting users. Story here: “Large-scale attack on WordPress” The Sucuri Security blog has offered clean-up instructions for those with infected pages here.
Late last week, the wires were buzzing over news that the official site of PHP-Nuke “Professional Content Management System“ was serving malware. I am frankly amazed to see the site still infected 4 days later. We see hacked sites everyday and the majority are running PHP-driven applications such as Content Management Systems (CMS). The PHP-Nuke site is currently running PHP v. 5.2.9. Server: Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.9 ...
I had a look at my twitter page early this morning and read “Twitter is a rich source of insanity”, and thought “Wow, the twitter marketroids are really bold, but it’s a good line.” Upon re-reading, however, I realized that what it really said was “Twitter is a rich source of instantly updated information.” It might, however, have been a Freudian slip, because twitter got hacked yesterday, and bunches of celebs found they had been forced to follow the hacker. Even worse, as it struggled to right the ship, twitter temporarily removed their followers, and celebs found themselves in the traumatic position of being unpopular, at least for a while. ...
When consumer electronics shopping site Retrevo prepared for Mother’s Day by conducting a survey of parents’ social media practices, it found that nearly half (48%) of parents add their children as friends on Facebook. Parents admitted that “it can be awkward at times” when they follow their kids’ Facebook updates, but think that it’s probably worth it to keep tabs on them. Of course, savvy teens could easily exclude their parents from seeing potentially incriminating updates using Facebook’s advanced privacy features. ...
PayPal users are at risk of getting their credentials stolen if they follow instructions given in a scam email. “We have reason to believe that your account was accessed by a third party…. PayPal will verify it with your bank records for your own protection. If you provide a wrong PIN your account will be suspended or limited for unauthorized account access.” ” Please visit the Resolution Center and complete the steps to remove limitations.” ...