Security Protection – Harry Waldron MVP Rotating Header Image

November, 2011:

HTML5 Security – The Good, Bad, and Ugly

Trend Micro shares benefits and considerations for this new web standard in a 3 part series that I found to be informative … The final part was issued today

HTML5 Security – The Good, Bad, and Ugly http://blog.trendmicro.com/html5-thegood
http://blog.trendmicro.com/html5-the-bad
http://blog.trendmicro.com/html5-the-ugly

QUOTE: Welcome back to the final part of our miniseries on HTML5 and the security issues surrounding it. Today, we are going to look at what, in my opinion, is the scariest security concern HTML5 introduces by a long margin: BITB (Botnets In The Browser)

HTML5 – Benefits and considerations of new web standard

Trend Micro shares two key links related to HTML version 5 reflecting the latest web based standards

HTML5 – Benefits of this new web standard http://blog.trendmicro.com/html5-thegood/

QUOTE: HTML5 is the fifth revision of the language that makes the web work, and this Wednesday we will be releasing a paper detailing some of the new attacks that are made possible by this technology.   HTML5 (and its associated APIs) is not an upgrade like you may be familiar with when it comes to software – it’s actually a whole lot of individual features, each with differing browser support. There is a good Wikipedia article that shows which features are currently implemented. For me there are very many fantastic features in HTML5, but five of them really stand out – and I think these will really change how we interact with the web.

HTML5 – Considerations of this new web standard http://blog.trendmicro.com/html5-the-bad/

QUOTE: In today’s post, we will look at how some of the features of HTML5 can be misused by attackers. This post is not meant to be an exhaustive list, but if you are interested in more details we will be releasing an in-depth paper on HTML5 Attacks tomorrow

Zeus – New version with Christmas 2011 theme

A new version of Zeus with a Christmas theme has emerged

Zeus – New version with Christmas 2011 theme http://blog.trendmicro.com/merry-christmas-zeus/
http://blog.trendmicro.com/zeus-2-0-8-9-and-the-ghost-panel

QUOTE: This morning, I came across an entertaining Christmas-themed ZeuS Web panel while monitoring online forums. I investigated the contents of the web panel package, which turned out to be Ghost Panel with a modified skin.   The Ghost Panel is an altered version of the last Zeus Web Panel (version 2.0.8.9) before the crimeware’s development was halted by its original author, Monstr/Slavik. The Ghost Panel was a craft of another hacker with the handle FreeZS, and was primarily created to become more resilient to AV monitoring.  While professional criminal parties capitalize on ZeuS by improving the bot’s functionalities, this reminds us that leaked Zeus versions are still being utilized by petty criminals who continue to contribute to the number of ZeuS attacks that we are facing today.

UPS Undeliverable Phishing Scam – NOV 2011 version

UPS Undeliverable Phishing Scam – NOV 2011 version

Please be careful with all email alerts as a new UPS Undeliverable Phishing Scam has been circulating during November

UPS Undeliverable Phishing Scam – NOV 2011 version
http://securitywatch.pcmag.com/none/291069-ups-phishing-scam-targets-cyber-monday-shoppers

QUOTE: As soon as you hit “confirm purchase,” the anticipation begins: when will your package arrive?  Preying on the emtionally charged experience, hackers know many of you will throw caution to the wind and click into an email that says “UPS package not delivered.”  This latest email scam has been mutating and progressing since early November, according to antispam vendor Cloudmark, with reports spiking over Thanksgiving weekend.

AV Protection 2011 – New Fake AV product circulating

Please be careful of any unsual AV warnings or product offers as new FakeAV attacks continue to circulate:
 
AV Protection 2011 – New Fake AV product circulating http://sunbeltblog.blogspot.com/2011/11/patrick-our-resident-rogue-av-expert.html
http://malwareprotectioncenter.com/2011/11/18/av-protection-2011-rogue-of-the-fakescanti-family/

QUOTE: AV Protection 2011 is a rogue of the FakeScanti Family, that uses deceptive tactics, fake spam email alerts, and results of fake scans showing the computer being infected, and also the blocking of all applications when trying to run them to scare the user into buying the rogue to clean the fake infections shown.

Facebook – New Worm circulating in wild

Please be careful of spammed news alerts, any links presented, and free screensaver or other offers.

Facebook – New Worm circulating in wild http://sunbeltblog.blogspot.com/2011/11/new-facebook-worm-in-wild.html

QUOTE: Our friends at CSIS, a Danish security company, has spotted a worm spreading within the Facebook platform. In a recent news article penned by Peter Kruse, the worm is said to be “a classic” one in terms of how it infects Internet users: uses stolen credentials to log in to Facebook accounts and then spam contacts. The message is said to contain a link to a file purporting to be an image—Screenshot of the file shows it has a .JPG extension—but it’s actually a malicious screensaver. Once run, it drops a cocktail of malicious files onto the system, including ZeuS, a popular Trojan spyware capable of stealing user information from infected systems.

 

 

Criminals sabotaging Cyber Monday, security experts warn

On the largest e-commerce day of the year, individuals should remain cautious for spammed email, Facebook, or phishing attacks  

Criminals sabotaging Cyber Monday, security experts warn http://www.computerworld.com/s/article/9222209/Criminals_sabotaging_Cyber_Monday_security_experts_warn

QUOTE: Security experts today warned consumers of a rapidly mutating spam campaign using bogus messages from United Parcel Service (UPS) claiming that a package could not be delivered. The spam run, which actually began earlier this month, is just one way that security researchers believe criminals will exploit the holiday season online buying spree.

WINDOWS 8: Special Registry setting for classic Start Menu

The Metro UI supports mobile technology well and many users might prefer this for the desktop also.  In case the classic start menu is needed, below is an early workaround:  An option for the classic approach might be beneficial for corporate users in a future build

WINDOWS 8: Navigating the Start Menu http://www.qa.com/about-qa/blogs/2011/november/windows-8-navigating-the-start-menu/

QUOTE: If you have stumbled across the beta version of Windows 8 you may too be struggling with the new start button, it just takes you from the Metro UI to the Desktop and back. With the Windows 8 client that I am using as the developer preview, the behavior of the start menu is not ideal. The Metro UI is designed for touch screens and all programs are placed on the Metro UI, we loose any sort of ordering that we have with the normal Start Menu > All Programs. In addition access to the search dialogue that is so useful in Windows 7 is lost. Thankfully help is at hand with a simple registry key change, setting RPEnabled to 0.

Mobile Security – List of Vulnerable Android Smartphones

A recent evaluation by Bit9 is noted below and the actual list can be found in links below

The 12 Most Vulnerable Smartphones http://securitywatch.pcmag.com/none/290796-the-12-most-vulnerable-smartphones
http://www.bit9.com/orphan-android/

QUOTE: How vulnerable is your smartphone to malware attacks? Android is by far the most targeted mobile operating system, but some popular Android phones made by Samsung, HTC, and Motorola, fare a lot worse than others. Bit9, an enterprise-oriented security vendor, ranked the 12 most vulnerable cell phones (the “dirty dozen”) based on how dated its software is out of the box. Android fragmentation is well documented, but your average cell phone user probably doesn’t care if he or she’s on Android 2.3 or Android 2.3.7. Functionally, the versions are similar.

Holiday 2011 – Online Shopping Safety Tips

Below are key safety tips from Facecrooks and Trend Micro for the holiday season:

Holiday 2011 – Online Shopping Safety Tips http://facecrooks.com/Safety-Center/Internet-Safety-Privacy/Online-Shopping-Safety-Tips.html

QUOTE: Black Friday and Cyber Monday are just around the corner. Many shoppers will avoid the mayhem and madness of brick and mortar establishments in favor of online retailers. Online shoppers are a favorite target of cyber criminals. Your credit card details, banking information and personal data are under constant assault from cyber criminals trying to do you harm. The type of attacks seen by Trend Micro include:

* Blackhat SEO attacks – search results for hot items such as gadgets and others can be poisoned to lead users to malicious sites,

* Scams – coming off as online promos, scams trick users into becoming victims of their malicious schemes that can lead to information and financial theft.

* Session hijacking – users who do their shopping while connected to unsecure networks put themselves at risk of this attack, which involves sniffing through networks for certain kinds of information such as account credentials, and using the said information to impersonate the users and execute actions.

Trend Micro Safety tips http://blog.trendmicro.com/online-shopping-safety-tips-infographic