Internet phone systems become the fraudster’s tool

Cybercriminals have found a new launching pad for their scams: the phone systems of small and medium-sized businesses across the U.S. In recent weeks, they have hacked into dozens of telephone systems across the country, using them as a way to contact unsuspecting bank customers and trick them into divulging their bank account numbers and passwords. The victims typically bank with smaller regional institutions, which typically have fewer resources to detect scams. Scammers hack into phone systems and then call victims, playing prerecorded messages that say there has been a billing error or warn them that the bank account has … Continue reading Internet phone systems become the fraudster’s tool

Cooking Your Own Goose

SophosLabs analysts today encountered a strange looking application called "Anonymous E-Mail Sender".   Interested to download and try this anonymising email doohickey if you’d ever chance upon it? If you’ve just said "Yes", you’ve just agreed to installing a Trojan on your computer (detected by Sophos as Troj/Pasta-B). More with screenshot in http://www.sophos.com/blogs/sophoslabs/post/7138

Opera and Firefox released new builds

Browsers by Opera and Mozilla has been updated so grab them.  Both have built-in updater so existing users should receive the update notice when using the program.  If not, get them in: Opera Download:  http://www.opera.com/browser/download/ (What’s new in http://www.opera.com/browser/features/) Firefox Download:  http://www.mozilla.com/en-US/firefox/all.html (Release notes in http://www.mozilla.com/en-US/firefox/3.5.4/releasenotes/)

Dasient spots 640,000 malware-infected Web sites

Security start-up Dasient says more than 640,000 Web sites out of about 5.8 million pages were infected with malware between July and September of this year.  Dasient, which specializes in combating malware on Web sites, identified more than 52,000 specific Web-based malware infections, making a total of 72,000 unique infections it has catalogued since the company launched earlier this year. "There are about 7,000 sites infected every day," says Dasient co-founder Neil Daswani. Dasient has also observed that the reinfection rate on Web sites that have been cleaned up is 39.6%. Attackers use automated scripts or malicious advertisements, among other … Continue reading Dasient spots 640,000 malware-infected Web sites

Websense Alert: Malicious Facebook Password Spam

Websense Security Labs ThreatSeeker Network has discovered a new wave of malicious email attacks claiming to be a password reset confirmation from Facebook. The From: address on the messages is spoofed using support@facebook.com to make the messages believable to recipients. The messages contain a .zip file attachment with an .exe file inside. The .exe file currently has a detection rate of about 30 percent on VirusTotal. Our ThreatSeekerâ„¢ Network has seen up to 90,000 of these messages sent out so far today. The malicious exe file connects to two servers to download additional malicious files and joins the Bredolab botnet … Continue reading Websense Alert: Malicious Facebook Password Spam

Symantec ties DLP software to third-party security tools

Symantec has updated its Data-Loss Prevention Suite so that if the software finds a data issue that needs fixing, it can apply third-party encryption and digital-rights management controls to the problem. Announced today, Symantec DLP Suite v. 10 adds what’s called the "Flex-Response" capability to find sensitive data that has been left unprotected in the enterprise and apply security controls through encryption and DRM products from vendors such as PGP, Oracle, GigaTrust, Liquid Machines and Microsoft. Symantec is also publishing a set of open APIs and a software development kit (SDK) to facilitate support for security controls through additional products, … Continue reading Symantec ties DLP software to third-party security tools

Social Engineering in Real-World Computer Attacks

From SAN’s Internet Storm Center: Why bother breaking down the door if you can simply ask to be let in? Social engineering works, both during penetration testing and as part of real-world attacks. This note explores how attackers are using social engineering to compromise computer defenses. Starting in the Physical World Malware Installation Tricks Targeted Attack Tricks More on above in http://isc.sans.org/diary.html?storyid=7465

CalOptima says data on 68,000 members may be compromised

Plans notification after loss of disks containing the info Personally identifiable information on about 68,000 members of CalOptima, a Medicaid managed care plan serving Orange County, Calif., may have been compromised after several CDs containing the information went missing earlier this month. The unencrypted data on the CDs includes member names, home addresses, dates of birth, medical procedure codes, diagnosis codes and member ID numbers, and an unspecified number of Social Security numbers. http://www.networkworld.com/news/2009/102609-caloptima-says-data-on-68000.html

You think bundled add-ons in installer is safe? Not

Some people think that there’s no harm installing software with add-on because you can simply uncheck it from the installation wizard.  True that un-checking to install the third-party and unnecessary add-on is easy to do but remember that there are hundreds or thousands of end-users is impacted because some of them "trust" and "not reading closely" what they will click.  Anyway, here’s a good example of third party add-on detected by Microsoft Security Essentials as threat.  Threat level is "severe" Posted too in CoU’s Installers Hall of Shame thread.http://www.calendarofupdates.com/updates/index.php?s=&showtopic=16109&view=findpost&p=92432 Imagine if other anti-malware is not detecting such risk that is … Continue reading You think bundled add-ons in installer is safe? Not

The Effects of Leaks: A Candid Interview

The Windows community is somewhat notorious for leaks from upcoming versions of Windows (obligatory link to this guy since that’s most of what he does), and while the official PR word from Microsoft and many other companies with regards to leaks is a simple ‘no comment,’ no one has really gotten a candid, inside look at the various things that go down when word, screenshots, or builds of upcoming software leak. I managed to get some time with a senior Microsoft employee for the sake of discussing leaks, and the conclusions reached (leaks heavily affect communication, not so much the … Continue reading The Effects of Leaks: A Candid Interview