Now that a new month is upon us, I wanted to highlight several posts I wrote on this security blog in January 2011: Resisting the Gentle Pull of Mediocrity – A Reminder When Bots Chat With Social Network Participants Metrics for Measuring Enterprise Malware Defenses The Worrisome State of the Information Security Industry Teens on [...]
10 February 2011
Windows Risk Eliminator is a rogue security product that pretends to find system and registry errors on a victim’s machine in order to frighten him or her into purchasing this useless application. It’s a clone of the PrivacyCenter rogue. (Click on graphic to enlarge) (Click on graphic to enlarge) How to remove WindowsRiskEliminator: If Windows [...]
10 February 2011
No, I am definitely not going to answer that question or even provide any guess-timates. But there are lots of users in Portugal who actually wanted to vote online on one local portal – and ended up on a malicious site that infected their systems! Very simple page with a voting button was originally not [...]
10 February 2011
Passed to the Internet Storm Center from Jim. Linksys wireless access point(WAP610N) hasan unauthenticated root console issue Taken from the actual advisory *** SUMMARY *** Linksys WAP610N is a SOHO wireless access point supporting 802.11n draft. Unauthenticated remote textual administration console has been found that allow an attacker to run system command as root user. [...]
10 February 2011
A few days ago I stumbled upon a post by a certain user in a public forum wherein the user advertised a little application developed to check the credit score and the criminal record for citizens from Brazil. Looking into the application, I found out that it basically makes HTTP requests to public sites to [...]
10 February 2011
A few days ago I stumbled upon a post by a certain user in a public forum wherein the user advertised a little application developed to check the credit score and the criminal record for citizens from Brazil. Looking into the application, I found out that it basically makes HTTP requests to public sites to [...]
10 February 2011
Antivirus.Net is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application. It’s a member of the FakeSpyPro family of rogues. Antivirus.Net graphic interface (Click on graphic to enlarge)Antivirus.Net scan window (Click on graphic to enlarge) PDF Exploit that [...]
10 February 2011
AVG has just launched its latest version of its security software AVG Internet Security 2011. I’ve recorded this podcast that looks into the new product in some detail. I have tried to highlight and discuss the main improvements to AVG 2011 including; faster speed and lighter product, smart scanning technology; improved detection rates by combining behavioural [...]
10 February 2011
I described how anti-malware firms are experimenting with tools that protect users’ interactions on social networking websites in an earlier post. There, I outlined key features of Norton Safe Web and BitDefender safego. I’d like to take a look at another product in this category: Websense Defensio. Defensio in Action After installing the Defensio Facebook app, [...]
10 February 2011
This latest Facebook scam seems to have been rattling around for a few weeks now, directing you to malware from hacked websites hosting the rogue files. There also appear to be various Facebook application pages offering up the same dubious content. Typically, the scam involves sending messages to Facebook users from compromised accounts similar to [...]
10 February 2011
I was always wondering if, after so much has been told on the topic of Nigerian scammers, they could still be in the business and making money. Apparently, they can. On my recent trip to Atlanta, USA a colleague of mine showed me an article from the local Atlanta Journal-Constitution from December 3. According to [...]
10 February 2011
Research Center of Islamic Republic of Iran Broadcasting operating in RBN IP space The Iranian government has launched a “Global Crackdown” against their opposition in actions consequent to their monitoring of Facebook and other social media. Note the Slashdot post referring to The Wall Street Journal article: Slashdot post: Iranian Crackdown Goes Globalhttp://politics.slashdot.org/story/09/12/05/2044243/Iranian-Crackdown-Goes-Global Wall Street [...]
10 February 2011
With Valentine’s Day approaching on February 14th, scammers on Facebook are ramping up their efforts to take advantage of the traditional day of love to make a quick buck out of unsuspecting users. Facebook users are being tricked into clicking on messages that they believe their online friends have posted, how to put a heart [...]
10 February 2011
The scarcity principle, popularized in Robert Cialdini’s book Influence: Science and Practice, dictates that people assign more value to opportunities that are less available. Scammers take advantage of this psychological tendency when social engineering victims on-line. Time Limitation A classic illustration of the scarcity principle used for persuasion is the situation where the offer has [...]
10 February 2011
Just to add to the list of patches released: (thanks Frank, Ric, Jack): APSB11-01Security update available for Shockwave Player APSB11-02Security update available for Adobe Flash Player APSB11-03Security updates available for Adobe Reader and Acrobat APSB11-04Security update: Hotfix available for ColdFusion Make sure you update these products as well please. Mark (c) SANS Internet Storm Center. [...]
10 February 2011
Windows Universal Tool is a rogue security product that pretends to find system and registry errors on a victim’s machine in order to frighten him or her into purchasing this useless application. Windows Universal Tool graphic interface (Click on graphic to enlarge) How to remove Windows Universal Tool: If Windows Universal Tool has infected your [...]
10 February 2011
To a big part of Earth’s population, 2011 will be the year of a rabbit (Chinese new year starts on February 3rd). To Apple fans, the 2011 will most likely be the year of Lion. And to our friends from DroidSecurity, now part of the AVG family, the 2011 will definitely be the year of mobile [...]
10 February 2011
For those who haven’t read or just don’t remember, read this first. (more…) View full post on MW-Blog
10 February 2011
Facebook comes up a lot in this blog. Recently I wrote about the Hidden Face of Facebook Security and mentioned a new security feature that will encrypt your session so that you don’t fall victim to attacks such as Firesheep. Initially the new feature was not available to everyone. It took a while before it [...]
10 February 2011
Oracle release a security bulletin yesterday relating to the binary floating point issue when converting2.2250738585072012e-308 to a binary floating-point number. (http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html) The problem affects both JRE and JDK 6 update 23 and earlier. 4.0 Update 27 and earlier, as well as, yes people still use it, SDK JRE 1.4.2_29. Applications utilising these versions will be [...]
10 February 2011
Oracle release a security bulletin yesterday relating to the binary floating point issue when converting2.2250738585072012e-308 to a binary floating-point number. (http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html) The problem affects both JRE and JDK 6 update 23 and earlier. 4.0 Update 27 and earlier, as well as, yes people still use it, SDK JRE 1.4.2_29. Applications utilising these versions will be [...]
10 February 2011
It appears we have “a bit of thing”. FIFA Ultimate Team is a free to download football strategy game that involves using in-game money to purchase the best players then conquer the known universe (or at least a couple of other football teams). From the looks of it, scammers are jumping on the popularity bandwagon [...]
10 February 2011
This month we add another bot to the MSRT family list – Win32/Cycbot. Cycbot was discovered in August 2010 and has quickly become prevalent. It seems that Cycbot’s creators called it “Gbot”, as it used this name as an identifier in the reports it would send back to its controllers. Recent variants of the malware [...]
10 February 2011
December 3, 2010 In November cyber-criminals demonstrated even greater creativity than before. As a result, anti-virus vendors and users were confronted with new fraud techniques involving bootkit technologies. New modifications of encoder Trojans targeted European users. Criminals seeking the biggest gains attacked online banking systems. Windows boot blocker As soon as Trojan.MBRlock.1 appeared in the [...]
10 February 2011
