SECOND ROGUE FACEBOOK APP BEWILDERS USERS

Poisoned mushrooms and spam

Scoundrels have created another rogue Facebook application, the second to hit the social networking site in less than a week.

In the second attack, Facebook users receive notices that they have supposedly being reported for violation of the social networking site’s terms of service by someone in their friends list. A link on the notification leads to an application called “f a c e b o o k – - closing down!!!” which, post installation, spams all the affected user’s friends with the same message.

Keep reading “Second rogue Facebook app bewilders users” »

Popularity: 2% [?]

Excel Trojan targets unpatched flaws

Another day, another zero-day threat

Virus authors have reportedly created a Trojan that exploits an unpatched vulnerability in a range of versions of Excel.

Virus authors have reportedly created a Trojan that exploits an unpatched vulnerability in a range of versions of Excel.

The malware comes in the form of a maliciously constructed spreadsheet file with a malicious payload identified by McAfee, for example, as the BackDoor-DUE trojan. Many versions of Excel are vulnerable, including 2000, 2002, 2003, 2007, 2004/2008 for Mac, Excel Viewer/Excel Viewer 2003.

Keep reading “Excel Trojan targets unpatched flaws” »

Popularity: 2% [?]

GMAIL PHISHING ATTACK HITS ON HEELS OF OUTAGE

Oh the humanity

Gmail users, still swooning from the extended outage on Tuesday, were hit with a widespread phishing attack hours after the blackout.

The malicious message spread via the Google Talk instant messaging chat system, urging users to a video by clicking on a link connected via the TinyURL service. The link points to a website called ViddyHo, which invited users to submit their Gmail usernames and passwords.

Keep reading “Gmail phishing attack hits on heels of outage” »

Popularity: 2% [?]

WHAT ARE THE SECURITY THREATS?

Sophisticated Malware or just People?

“Security”, as the first article in this series points out, can always be found near the top of the list of concerns of every IT manager and IT director. Unfortunately the same subject can also manage to not quite make it onto the more important list of things to do something about now.

Over the years, a diverse array of solutions has come to market, each of which claims to enhance different aspects of an organisation’s IT security. Many can, indeed, enhance the capabilities in one or more areas. But security technology is only effective when deployed appropriately and, more importantly, when used correctly – by everyone in the business. And of course, security is not a one-shot operation – it cannot be assumed that the measures put in place a couple of years ago will still be appropriate today.

Keep reading “What are the security threats?” »

Popularity: 2% [?]

Google’s DoubleClick spreads malicious ads (again)

Lingering threat still not contained

Google’s DoubleClick ad network has once again been caught distributing malicious banner displays, this time on the home page of eWeek.

Unsuspecting end users who browse the Ziff Davis Enterprise Holdings-owned site were presented with malvertisements with invisible iframes that redirect them to attack websites, according to researchers at Websense. The redirects use one of two methods to infect users with malware, including rogue anti-virus software.

Keep reading “Google’s DoubleClick spreads malicious ads (again)” »

Popularity: 2% [?]

ROGUE FACEBOOK APP CREATES MALIGN BUZZ

Sting in the tail

A Facebook application using misleading messages spread quickly over the weekend. The application itself did no harm beyond making a mess but may be part of an indirect attempt to attract surfers towards sites promoting scareware packages.

The application, Error Check System, posed as notification of errors in a Facebook user’s profile. Attempting to view these supposed errors allowed the application to activate. This, in turn, allowed the application to access to the affected user’s friends, who were then spammed with notifications, further spreading the social networking chain-letter.

Keep reading “Rogue Facebook app creates malign buzz” »

Popularity: 2% [?]

POP-UP DOWNLOADS – THEY GET YOU COMING AND GOING

The following is an article from Bill Mullins’ Weblog – Tech Thoughts

Being unaware can cause havoc on your computer.

Your Firewall and Security Applications provide the ultimate in protection while you’re surfing the web, right? Well in a sense, they do.

Paradoxically, it’s because current anti-malware solutions are much more effective than they have ever been in detecting worms and viruses, that we’re now faced with another insidious form of attack.

Drive-by downloads are not new; they’ve been lurking around for years it seems, but they’ve become much more common and more crafty recently. The latest twist on this is the so called “pop-up download”.

Keep reading “IPop-up Downloads – They Get You Coming and Going”.

Popularity: 1% [?]

INVENTIVE FACEBOOK SCAMMERS TRICK YOU OUT OF MONEY WITH TROJANS

The following is an article from Bill Mullins’ Weblog – Tech Thoughts

Do you take the same pains to protect your FaceBook details online, that you do your banking info?

A recent case involving a Microsoft employee from Seattle, Bryan Gutberg, highlighted the need to protect your FaceBook details in the same way, and be as wary surfing around FaceBook as you are the rest of the net.

This story was first reported by Bob Sullivan, respected cyber-scam reported for MSNBC. In the tale, hackers somehow gained access to Gutberg’s login and password – most likely through a keylogger, or a Trojan such as Zlob or Vundo.

Keep reading “Inventive FaceBook Scammers Trick You Out of Money with Trojans”.

Popularity: 2% [?]

CONFICKER VARIANT DISPENSES WITH NEED TO PHONE HOME

Stealth variant Sidesteps MS-led takedown effort

Virus authors have released a new variant of the infamous Conficker (Downadup) worm with enhanced auto-update features.

The changes in the new strain of the malware, dubbed Conficker B++, make it possible for malware authors to push out new code without publishing it on pre-programmed sites, as with earlier variants. The earlier approach has been frustrated by the recent formation of an alliance led by Microsoft geared up to block and take down sites associated with the worm.

Keep reading “Conficker variant dispenses with need to phone home” »

Popularity: 2% [?]

MAKING IT SECURITY MATTER

Not just an end in itself

Tech Panel  Last year, Freeform Dynamics surveyed the attitudes of tech professionals into IT security.

We found that IT security’s most important raison d’etre was to assure day-to-day operations – that is, keeping the business running.

Keep reading “Making IT security matter” »

Popularity: 1% [?]

Next Page »