The phishing email is using spoof email address and also using the logo of PayPal (logo is retrieved from PayPal secure server). The phishing message: Dear PayPal ® customer,We recently reviewed your account, and we suspect an unauthorized transaction on your account.Protecting your account is our primary concern. As a preventive measure we have temporary limited your access to sensitive information.Paypal features.To ensure that your account is not compromised, simply hit “Resolution Center” to confirm your identity as member of Paypal.• Login to your Paypal with your Paypal username and password.• Confirm your identity as a card memeber of Paypal.Please … Continue reading Phishing: PayPalX Account Review Department
Mozilla blog today a status update on Chrome Protocol Directory Traversal issue: Based on this new information Mozilla has changed the security severity rating to high. A fix is included in Firefox 22.214.171.124 which be available shortly.
The White House’s 2009 budget proposal will include a new multibillion-dollar program to help stop hostile penetrations of information networks, several sources said. Bush administration officials, who called the program “very classified,” said more needs to be done to steel networks against the kind of debilitating strike that paralyzed Estonian servers for several days last spring, and the one that threatened the Pentagon and may have been launched from China. “We are already at war in the cyber domain,” one defense official said Jan. 24. That official said the program would cost $16 billion over five years; other defense sector … Continue reading White House to launch info security initiative
Most men believe that they know more about online security than women, but new research suggests that both sexes are equally vulnerable to malware and other threats. The poll of 1,400 UK adults found that men are likely to be more confident about their levels of online protection, and only four per cent are unaware of what protection they have. However, both sexes showed the same levels of vulnerability to online crime. “My gut feeling, because I’m a man, is that it is one of those societal gender things,” said Larry Bridwell, global security strategist at AVG which commissioned the … Continue reading Men overconfident about online security
A breach at Baylor University is the latest in a string of more than a dozen data security incidents on United States campuses reported by a variety of sources so far in January 2008. According to a report yesterday in Baylor’s campus newspaper, The Lariat, a student employee accessed the IDs of 526 users of the university’s communications service, the Baylor Information Network. It was the second suspected “inside job” reported this month at a university.http://redmondmag.com/news/article.asp?EditorialsID=9478
Go to http://sunbeltblog.blogspot.com/2008/01/best-eula-ever.html to see best EULA ever made. Not much work for EULAlyzer if all EULA’s are like that!
Looks can be deceiving, and malware authors are relying on that old adage to lure potential victims into their most recent scheme. The plan? Dress up as a spyware removal tool, use a great-looking site, complete with blogs, news and product lineup, dazzle the user with plausible reviews, and encourage them to click through. The site hxxp://removal-tool.com manages to do all that http://blog.trendmicro.com/spyware-removal-site-delivers-malware/
Pranksters have taken advantage of interest in the next version of Windows to post fake – but reportedly harmless – builds of Windows 7 on BitTorrent. A supposedly leaked “internal milestone 1” Alpha version of Windows 7 (previously codenamed Blackcomb) is easily found using Torrent search engines. But the weighty 2.17GB download is a bandwidth-sapping waste of time composed of fake ISO disc images containing nothing but a string of zeros. http://www.theregister.co.uk/2008/01/29/windows_7_fake_bittorrent/
Website that is hosting storm worm infected file change its look. From no lace heart to with laces! Last month: Today: But the infected file is still withlove.exe
Consumers Beware…. Tax Scam’s via email, online and by telephone are ramping up, especially with the prospect of receiving the “rebate” from the Fed’s. A report from Kansas City Missouri indicates that the crooks are returning to the age old telephone in order to attempt to scam consumers. The FBI have reported that at least 4 people have been contacted. Once again, just a reminder…. Use extreme care to not fall victim to these crooks. www.kmbc.com/news/15152423/detail.html http://isc.sans.org/diary.html?storyid=3901