Security

Mashable: Sophos’s NakedSecurity blog outlined the threat on Wednesday. The company’s SophosLabs intercepted a “spammed-out email campaign” which was designed to spread malware. Sophos provided the following example: The blog notes that the email address above misspells “Facebook” as “Faceboook.” The link takes the user to a malicious iFrame script, which exposes the user’s computer to malware. However, within four seconds, the user’s browser is directed to a presumably innocent Facebook page like the one below to act as a smokescreen. ...

H-Online: Spammers are currently sending large volumes of spam to users of cloud storage service provider Dropbox. The H’s associates at heise Security have so far received four different pieces of German-language spam at an email address used solely to register with Dropbox, and some of their readers have reported the same problem; similar reports can also be found on the Dropbox forums. In almost all cases, the spam is for suspicious-looking online casinos. ...

This article is copied from Softpedia: Researchers from Symantec, Kaspersky and Seculert **have all come across Madi (Madhi), a relatively new piece of malware that mainly targets organizations from the Middle East. ** Before we take a look at Madi and compare it to other infamous Trojans such as Stuxnet, Duqu, or Flame, let’s take a quick look at its name. According to Wikipedia, Mahdi is considered to be the redeemer of Islam who will rid the world of tyranny, injustice and wrongdoings. ...

Late last week, NVIDIA confirmed that the database for its forums web site had been broken into by unauthorized third parties, with data from more than 400,000 registered users affected. A hacker group calling itself “Team Apollo” has now claimed responsibility for the breach which caused NVIDIA to take the site down. As proof, they have published email addresses and password hashes for approximately 800 users from the database on Pastebin, with more, apparently, to follow. If the data proves to be genuine, NVIDIA’s statement that the password hashes were salted would be contradicted: the database excerpt includes the hash b018f55f348b0959333be092ba0b1f41 three times in the list, the result of md5('nvidia123'). ...

Malware has been spreading on Android mobile phones that takes control of certain email accounts to create a “botnet” to send out spam, a security researcher says. Microsoft security engineer Terry Zink says the malware has infected phones of users’ Yahoo email accounts to send out spam messages. “We’ve all heard the rumors, but this is the first time I have seen it – a spammer has control of a botnet that lives on Android devices,” Zink said in a blog post on Tuesday. ...

ZDNet Wrote: A new piece of malware is trying to take advantage of Skype’s increasing popularity, especially on mobile devices. Cybercriminals have created a fake version of the Skype for Android app, designed to earn money from unsuspecting users. Trend Micro, which first discovered the malware, is calling this particular threat JAVA_SMSSEND.AB. The Java in the name should not surprise you, given that Android apps are primarily developed in a custom version of the programming language. Thankfully, this is not a very good fake. The app in question only runs on older (pre Software Installation Script) Symbian phones or Android devices that allow execution of Java MIDlet. ...

Google has published a new update to the stable 20.x branch of Chrome to close a number of security holes in the WebKit-based web browser. Version 20.0.1132.57 of Chrome addresses a total of three vulnerabilities, all of which are rated as “high severity” by the company. These include two use-after-free errors in counter handling and in layout height tracking that were discovered by a security researcher by the name of “miaubiz”. As part of its Chromium Security Vulnerability Rewards program, Google paid the researcher, who is number three in the company’s Security Hall of Fame, $1,000 for discovering and reporting each of the holes. A third high-risk problem related to object access with JavaScript in PDFs has also been corrected. As usual, further details about the vulnerabilities are being withheld until “a majority of users are up-to-date with the fix”. Other changes include stability improvements, and updates to the V8 JavaScript engine and the built-in Flash player plug-in. ...

ZDNet: Phandroid’s AndroidForums.com has been hacked. The database that powers the site was compromised and more than 1 million user account details were stolen. If you use the forum, make sure to change your password asap. Read the whole story at ZDNet: http://www.zdnet.com/android-forums-hacked-1-million-user-credentials-stolen-7000000817/

Übergizmo wrote: If you use Yahoo! Voice a lot – Yahoo’s VoIP service via its Yahoo! Messenger instant messaging application, then you will definitely need to hear this report. Earlier today, more than 453,000 user accounts from an unidentified service owned by Yahoo were posted on a hacker site. The hackers reportedly said that they infiltrated the subdomain by using a union-based SQL injection. But the group responsible for the security breach added that the data breach was intended to be a wake-up call for Yahoo. ...

Tomorrow, July 9th, the FBI will shutdown the DNS servers which allow the computers infected with this malware to use the Internet. If you want to make sure you will keep your internet working, act today and check your computer to see if it’s infected by DNS Changer or not, here is a very easy to use tool: Tool available for those affected by the DNS-Changer