Over 1 million tech questions and answers.

Security flaw puts iPhone users at risk of phishing attacks (Updated)

Q: Security flaw puts iPhone users at risk of phishing attacks (Updated)

Security flaw puts iPhone users at risk of phishing attacks (Updated).

A flaw in Apple's implementation of SCEP makes it relatively trivial for a hacker to generate a malicious configuration profile that looks legitimate to users and funnels e-mail, Web, or VPN traffic to a malicious server.

-- Tom

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Security flaw puts iPhone users at risk of phishing attacks (Updated)

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 121.6

A security vulnerability found in a widely-used open-source software has been described as "the most serious bug."
A major vulnerability has been found and fixed in OpenSSH, an open-source remote connectivity tool using the Secure Shell protocol. The flaw was the result of an "experimental" feature that allows users to resume connections
According to a mailing list disclosing the flaw, a malicious server can trick an affected client to leak client memory, including a client's private user keys.
The affected code is enabled by default in OpenSSH client versions 5.4 to 7.1. The matching server code was never shipped, the mailing list said.
The flaw doesn't have a catchy name like some other previous flaws, but disabling client-side roaming support fixes the issue.
The flaw, which is said to be years old, was found by Qualys' security advisory team.
 
Wolfgang Kandek, chief technology officer at Qualys, confirmed in an email that the company disclosed the bugs to the OpenSSH team on January 11, and commended the team for working "incredibly fast" to get a patch out three days later.

"Developers and admins are advised to regenerate and rotate keys to systems they touch, whether for hobby [or] weekend projects, or more sensitive servers -- including Github," he added.
Bottom line? Patch now, and patch fast.

 
 

Article

A:'Serious' security flaw in OpenSSH puts private keys at risk:ZDnet

HeartBleed 2.0?
 
*Frantically checks all administered servers*

Read other 5 answers
RELEVANCY SCORE 108.8

IE flaw puts Windows XP SP2 at risk.Published: September 16, 2005, 7:08 AM PDTBy Dawn Kawamoto, Staff Writer, CNET News.com A flaw has been discovered in Internet Explorer that could enable a remote attack on systems running Windows XP with Service Pack 2, eEye Digital Security has warned.The flaw, which also affects systems running Windows XP, is found in the default installations of Microsoft's IE, according to an advisory released by the security company on Thursday."The flaw is not wormable but allows for the remote execution (of code) with some level of end-user intervention," said Mike Puterbaugh, eEye's senior director of product marketing. Complete article at CNET News

A:IE flaw puts Windows XP SP2 at risk

Another flaw in IE?
Noooooo, tell me it ain't so.

Read other 1 answers
RELEVANCY SCORE 99.2

Update: A document written by the hackers has clarified what they did and what privacy and security risks they believe the PlayStation 3 poses. The PS3's connection to PSN is protected by SSL. As is common to SSL implementations, the identity of the remote server is verified using a list of certificates stored on each PS3. The credit card and other information is sent over this SSL connection. So far so good; this is all safe, and your web browser depends on the same mechanisms for online purchases.
The concern raised by the hackers is that custom firmwares could subvert this system. A custom firmware can include custom certificates in its trusted list. It can also use custom DNS servers. This raises the prospect of a malicious entity operating his own proxies to snaffle sensitive data. He would distribute a custom firmware that had a certificate corresponding to his proxy, and that used a DNS server that directed PSN connections to the proxy. His proxy would decrypt the data sent to it, and then re-encrypt it and forward it to the real PSN servers.
Read more at:
http://arstechnica.com/gaming/news/...ing-stunning-lack-of-credit-card-security.ars
 

Read other answers
RELEVANCY SCORE 95.2

An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week...This week, Microsoft did not revisit the origin of the .NET add-on, but simply told Firefox users that they should uninstall the component if they weren't able to deploy the patches provided in the MS09-054 update.the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the ?browse and you?re owned? attacks that are typically used in drive-by malware downloads.Mozilla added the addon to their default blocklist.Sources:http://www.computerworld.com/s/article/913...x_users_at_riskhttp://blogs.zdnet.com/security/?p=4614&am...g=trunk;contenthttps://www.mozilla.com/en-US/blocklist/

A:Sneaky Microsoft plug-in puts Firefox users at risk

To add to what AA posted:Mozilla now has a site you can check your plugins for security updates. Just click and it is pretty darn fast. http://www.mozilla.com/en-US/plugincheck/And This:To protect users who may not have installed Microsoft's patch, Mozilla is automatically blocking two add-ons: the Microsoft .Net Framework Assistant and a related plugin called the Windows Presentation Foundation. The open-source browser started blocking the software late Friday night."Because of the difficulties some users have had entirely removing the add-on, and because of the severity of the risk it represents if not disabled, we contacted Microsoft today to indicate that we were looking to disable the extension and plugin for all users via our blocklisting mechanism," wrote Mozilla Vice President of Engineering Mike Shaver in a blog posting. "Microsoft agreed with the plan, and we put the blocklist entry live immediately."Buggy plugins are a growing problem, as cyber criminals have increasingly leveraged flaws in products such as Adobe Flash Player and QuickTime to launch browser-based attacks. Earlier this week, Mozilla launched a Plugin Check site where Firefox users can see if their plugins are up-to-date.

Read other 23 answers
RELEVANCY SCORE 95.2

An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week.



Sneaky Microsoft plug-in puts Firefox users at risk

A:Sneaky Microsoft plug-in puts Firefox users at risk.

Originally Posted by JMH







An add-on that Microsoft silently slipped into Mozilla's Firefox last February leaves the browser open to attack, Microsoft's security engineers acknowledged earlier this week.



Sneaky Microsoft plug-in puts Firefox users at risk



This is the sneaky, under-handed, back-door burglary conducted through a Microsoft Windows Update and referred to in the article shown as a link above;

Thankfully this vulnerability was picked up by Mozilla Firefox, and disabled by them through an automatic notification. It cannot be disabled or removed through the normal Firefox methods, and must be extracted through the Registry system, shown as a link below.

This despicable action by Microsoft, has severely dented my faith and trust in what they now present as 'Updates', and any future Windows updates mentioning Firefox will be thoroughly researched before any installation is considered.

Instructions for the removal of this nasty piece of Microsoft 'business', are here;

How to remove the .NET Framework Assistant for Firefox

*******s!!

Read other 4 answers
RELEVANCY SCORE 93.2

 
A change in some early versions of Google's Chrome browser is attracting the attention of security researchers who say it can make it harder for end users to know when they're visiting a malicious site trying to push malware or phish login credentials.

http://arstechnica.com/security/2014/05/address-bar-tweak-in-early-version-of-chrome-puts-even-savvy-users-at-risk/

A:Address bar tweak in early Chrome beta puts even savvy users at risk

Seems to be going the Microsoft route of adding "features" and making the software "intelligent"... (see hidden extensions for known file types and autorun, for example)
 
Hell, why not just do away with the address bar and force people to enter their desired destination through Google... lol

Read other 1 answers
RELEVANCY SCORE 89.6

Hello guys,

Every time I start IE 7, I get the message "Your security setting level puts your computer at risk"

I change the setting, yet I keep getting this message.

Does this mean I am infected with virus??

A:Ie: Your Security Setting Level Puts Your Computer At Risk

NO ,not infected. Well hopefully not as you are set too low.It's a built in nag warning from uncle MSFT. See if your settings are as this...http://msmvps.com/blogs/spywaresucks/archi.../20/506626.aspxEDIT: Sorry, Welcome to Bleeping Computer...

Read other 1 answers
RELEVANCY SCORE 88.8

Ever since I updated to IE8, I have been getting this error every time I log on:

Your security setting level puts your computer at risk.

but my security level is already at High. Is there a way to fix this? Clicking 'Fix security settings' does not do anything.

Read other answers
RELEVANCY SCORE 84

Criminals are stepping up their attacks leveraging an unpatched flaw in Microsoft's Internet Explorer browser, using it to install fake antivirus products and malicious back doors on victim's computers.

Microsoft first warned of the bug on March 9, saying that it had been used in "targeted attacks." But now, according to researchers, the exploits are much more widespread. By late last week, security vendor AVG was getting reports of 30,000 attacks per day, according to Roger Thompson, AVG's chief research officer.



Source -
Security companies warn of uptick in attacks using new IE flaw | Security Central - InfoWorld

Read other answers
RELEVANCY SCORE 77.2

Hello there.

My father has a Windows 7 notebook, with nothing but the basics: Firefox (+Plugins), Thunderbird, VLC, Skype, MS Office 2010, SolidWorks, MS Security Essentials, everything updated. However, he told me that last week it began playing a sound like if a usb drive was plugged and Java began asking to update at every boot, he didn't want to update Java by himself, especially because it shows that administration privileges window, but after a few boots he succumbed and clicked to install, I don't know if it has something to do with it, but after that the computer start booting normally and an "Ask Toolbar" was installed on the system. I removed that (using "uninstall a program") as soon as I noticed, and scanned the system with a full MSE scan, nothing was found.
My father is not computer-savvy but he doesn't browse "risk" sites and he spends most of time on Thunderbird, Skype, Office and Firefox browsing Wikipedia and well-known sites on engineering, I have installed Adblock, Noscript, WOT and he almost never browse strange sites, when he does he search for them on Google and always check WOT ratings. On the recent history there are no downloads or unusual sites.
I know that Ask Toolbar is a software installed by malwares and generally 'criminal' stuff, so I'm attentive to any unusual signals like strange processes. I'm not sure if the very Ask Toolbar is a malware/spyware, but I'm beginning to think Ask is a criminal company itself.

E... Read more

A:Fully updated install, MSE, Ask Toolbar was installed, security risk?

Unfortunately, Java has gone the way of many other free programs. They install unwanted crapware on unsuspecting people.

What is the Ask Toolbar?

You could try using the free 30 day trial version of Revo Uninstaller Pro (forced uninstall option) to remove the Ask Toolbar. Another free utility to help remove Ask Toolbar is AdwCleaner by Xplode.

Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall

AdwCleaner

As far as whether or not MSE is any good, all I'll say is I use it and haven't been infected. But no anti-malware product is going to be 100% effective 100% of the time. If there was such a thing we'd all be using it. An anti-malware product that is rated high by one testing organization may rate low by another testing organization. That's just the nature of the business. Whatever anti-malware product one chooses to use, I recommend supplementing that product with additional free on-demand scanners just to make sure something didin't slip through.

Malwarebytes

ESET Online Scanner

HitmanPro

SuperAntispyware

Read other 9 answers
RELEVANCY SCORE 75.2

VPN users are facing a massive security flaw as websites can easily see their home IP-addresses through WebRTC. The vulnerability is limited to supporting browsers such as Firefox and Chrome, and appears to affect Windows users only. Luckily the security hole is relatively easy to fix.

The Snowden revelations have made it clear that online privacy is certainly not a given.

Just a few days ago we learned that the Canadian Government tracked visitors of dozens of popular file-sharing sites.

As these stories make headlines around the world interest in anonymity services such as VPNs has increased, as even regular Internet users don?t like the idea of being spied on.

Unfortunately, even the best VPN services can?t guarantee to be 100% secure. This week a very concerning security flaw revealed that it?s easy to see the real IP-addresses of many VPN users through a WebRTC feature.

With a few lines of code websites can make requests to STUN servers and log users? VPN IP-address and the ?hidden? home IP-address, as well as local network addresses.

The vulnerability affects WebRTC-supporting browsers including Firefox and Chrome and appears to be limited to Windows machines.

A demo published on GitHub by developer Daniel Roesler allows people to check if they are affected by the security flaw.

IP-address leak


The demo claims that browser plugins can?t block the vulnerability, but luckily this isn?t entirely true. There are several easy fixes available to ... Read more

A:Huge security flaw leaks vpn users real ip-addresses

The main issue is about DNS leaks not VPN. I am using a VPN from past 8 months and having no issue with it. The main problem is which VPN you choose, if you choose a good VPN then these types of issues not appear. I choose my VPN after reading this article from a review site. 5 Best VPN Software for Year 2015 Facilitating Ease of Use
 

Read other 1 answers
RELEVANCY SCORE 74.4

DELL ISN'T HAVING A GOOD WEEK.A second root certificate has been found on its PCs and laptops, that could leave users' personal information vulnerable to hackers.
The second certificate, called DSDTestProvider, is installed by an application called Dell System Detect (DSD), which users are prompted to download and install when they visit the Dell support website. 
Carnegie Mellon University CERT said in an advisory that the flaw allows hackers to create trusted certificates and impersonate sites and launch man-in-the-middle attacks.
 

Article

A:Second security flaw leaves Dell PC users vulnerable to hackers:Inquirer.net

Microsoft reacted to this and updated Windows Defender (and Microsoft Security Essentials) to remove that rogue certificate http://www.zdnet.com/article/windows-defender-removes-potentially-dangerous-dell-certificate/

Read other 1 answers
RELEVANCY SCORE 73.6

The problems have been revealed by security firm IOActive – just weeks after Lenovo was found to be shipping PCs with pre-installed ‘Superfish' adware that also left its users open to MITM attacks.
 
IOActive researchers Michael Milvich and Sofiane Talmat say in an advisory that they discovered the latest “high-severity” privilege escalation vulnerabilities in Lenovo's System Update service, which enables users to download the latest drivers and other software, including security patches, from Lenovo's website.
The researchers found the flaws in February, and have now gone public on them after giving Lenovo time to develop a patch, issued last month.
 
But while the patch fixes the problems, users have to download the security update to protect themselves. Milvich and Talmat say that one of the vulnerabilities, CVE-2015-2233, allows local and remote hackers to bypass the device's signature validation checks and replace trusted Lenovo applications with malware.
 
Another bug, CVE-2015-2219, is a weakness in Lenovo's security token system, which means least-privileged users could gain high-level access to Lenovo PCs, laptops and other devices and run their own malicious commands and programs.

 
Article

A:PC maker Lenovo exposes users to "massive security risk"

I'm starting to like Lenovo products less and less now. They have super good products for the price (specs wise), but security and privacy wise, it seems like they have a lot to learn from.

Read other 7 answers
RELEVANCY SCORE 70.4

 
A vulnerability in fully patched versions of Internet Explorer allows attackers to steal login credentials and inject malicious content into users' browsing sessions. Microsoft officials said they're working on a fix for the bug, which works successfully on IE 11 running on both Windows 7 and 8.1.
The vulnerability is known as a universal cross-site scripting (XSS) bug. It allows attackers to bypass the same origin policy, a crucially important principle in Web application models that prevents one site from accessing or modifying browser cookies or other content set by any other site. A proof-of-concept exploit published in the past few days shows how websites can violate this rule when people use supported versions Internet Explorer running the latest patches to visit maliciously crafted pages.
To demonstrate the attack, the demo injects the words "Hacked by Deusen" into the website of the Daily Mail. But it also could have stolen HTML-based data the news site, or any other website, stores on visitors' computers. That means it would be trivial for attackers to use it to steal authentication cookies many websites use to grant access to user accounts once a visitor has entered a user name and password. Once in possession of the cookie, an attacker could access the same restricted areas normally available only to the victim, including those with credit card data, browsing histories, and other confidential data. Phishers could also exploit the bug to trick people into div... Read more

A:Serious bug in fully patched Internet Explorer puts user credentials at risk

The article doesn't make any sense.  It starts of by talking about a vulnerability in Internet Explorer, then talks about websites doing something with cookies, and then the exploit is "proven" by hacking some website.

+++
Just realized the quoted text is not the whole article.  Reading the Ars Technica article from the link now...

Read other 5 answers
RELEVANCY SCORE 69.2

 
Several critical vulnerabilities in the protocol implementation used to synchronize clock settings over the Internet are putting countless servers at risk of remote hijacks until they install a security patch, an advisory issued by the federal government warned.
The remote-code execution bugs reside in versions of the network time protocol prior to 4.2.8, according to an advisory issued Friday by the Industrial Control Systems Cyber Emergency Response Team. In many cases, the vulnerabilities can be exploited remotely by hackers with only a low level of skill.
"Exploitation of these vulnerabilities could allow an attacker to execute arbitrary code with the privileges of the [network time protocol daemon] process," the advisory warned. Exploit code that targets the vulnerabilities is publicly available. It's not clear exactly what privileges NTP processes get on the typical server, but a handful of knowledgeable people said they believed it usually involved unfettered root access. Even if the rights are limited, it's not uncommon for hackers to combine exploits with privilege elevation attacks, which increase the system resources a targeted app has the ability to control.

 

Attack code exploiting critical bugs in net time sync puts servers at risk
 

Read other answers
RELEVANCY SCORE 68.4

I had no problem with my iPhone 5 I just got the 6. I updated iTunes but when I plug my phone in it says I need to update my iTunes. I am on a Mac 10.7.5.
 

A:iTunes is updated wont connect to iPhone til updated

it might be a case of going through the motions. click checking for the itunes update to resolve it.. "Check for updates" its going to say iTunes isnt up to date. but Download iTunes from Apple and see if everything syncs ok

beyond this, even a new phone will respond to updates or the latest upgrades. latest imo was el capitain on the Mac app store.
 

Read other 2 answers
RELEVANCY SCORE 68

So I was looking at a few of my Blizzard support mails because my game account got hacked. It turns out two of these were 'phishing' mails as they called it (probably the reason I was hacked in the first place).

googled the adress of the sender and it led me to the forums were people say that you should not click the links in the e-mail but they do not elaborate.

Now moments before I had told hotmail the e-mails were safe and I had clicked on the links of the e-mails. Google chrome displayed a warning on the site saying that it is suspected as a phishing site, so I didn't type in any information on the site. But I had viewed the e-mail and clicked on the links. Does anyone of you security guys know when I can technically be at risk or is it OK since i didn't download anything and didn't type anything?

Thank you.
 

A:Phishing e-mails, when am I at risk?

Read other 6 answers
RELEVANCY SCORE 67.2

Hi! What's your mother's maiden name?
Fraudsters have begun experimenting with introducing IM chats to phishing attacks.
Conmen are trialling the inclusion of IM features into fraudulent e-banking websites. The tactic is designed to trick prospective marks into handing over the answers to secret security questions, thereby giving cybercrims an increased ability to loot compromised accounts



Read more -
Fraudsters add IM to phishing attacks ? The Register

Read other answers
RELEVANCY SCORE 67.2

http://myonlinesecurity.co.uk/spoofed-apple-your-apple-id-has-been-suspended-815268-phishing/

With a little bit of thought and a suitable domain, you will fool people
An unwary user would think it was a genuine Apple site from the url hxxp://apple.idapple.co.uk/ and the email could well come from Apple. Most typical users would think the ssl domain is a secure address, because we keep on saying watch for an SSL icon in browser window to show it is a secure site.
Apple Customer Service < secure @ apple.ssl.co.uk>

Yes a knowledgeable person would avoid the phishes, but the average user with a little bit of knowledge is more likely to fall for it. The absolute beginner might not.
 

Read other answers
RELEVANCY SCORE 66.8

"Why Phishing Works" is a recent study (PDF) that examines phishing website techniques. The most visually deceptive website spoof in the study was able to fool 90% of the study's participants. That 90% figure includes the most technically advanced users among the participants. It was the look, not the spoofing of security features that did the job...f-secure.com/weblog

A:Flaw In Human Brain Prevents Detection Of Phishing Websites

Hi quietman7, help me out a bit please as I don't do electronic banking. Were they looking for you to give them you're ID,as on the left, Or both ID and password, as on the right?

Read other 3 answers
RELEVANCY SCORE 66.4

Hiya

Remote Procedure Call (RPC) is a protocol used by the Windows
operating system. RPC provides an inter-process communication
mechanism that allows a program running on one computer to
seamlessly execute code on a remote system. The protocol itself
is derived from the OSF (Open Software Foundation) RPC protocol,
but with the addition of some Microsoft specific extensions.

There is a vulnerability in the part of RPC that deals with
message exchange over TCP/IP. The failure results because of
incorrect handling of malformed messages. This particular
vulnerabilty affects the RPC Endpoint Mapper process, which
listens on TCP/IP port 135. The RPC endpoint mapper allows RPC
clients to determine the port number currently assigned to a
particular RPC service.

To exploit this vulnerability, an attacker would need to
establish a TCP/IP connection to the Endpoint Mapper process on
a remote machine. Once the connection was established, the
attacker would begin the RPC connection negotiation before
transmitting a malformed message. At this point, the process on
the remote machine would fail. The RPC Endpoint Mapper process
is responsible for maintaining the connection information for
all of the processes on that machine using RPC. Because the
Endpoint Mapper runs within the RPC service itself, exploiting
this vulnerability would cause the RPC service to fail, with the
attendant loss of any RPC-based services the server offers, as
well as potential loss of som... Read more

Read other answers
RELEVANCY SCORE 66.4

Internet Storm Center - Advice on Preventing Phishing Attackshttp://isc.sans.org//diary.php?date=2005-02-12PDF - Advice on Preventing Phishing Attackshttp://isc.sans.org/presentations/phishthat.pdfProgressively, phishers have taken great pain to include real code from the real site that they are spoofing. For example, if you click on any of the links of the phishing/fake site, it will take you to the actual real site pages. But over at real site, the real site should be able to see the referral URL that sent you there. If the real site is getting visitors referred by any URL other than their own, then they should actively create a page with a big fat warning banner at the top saying that it is likely that the user was just at a fake site previously. Note that referring URLs can come from legitimate locations, like a local business directory or something similar. Here are some of the techniques discussed that website owner can consider to detect whether their sites could be possibly targeted by phishers: Some recommendations: * Use cookies to track deep-linking visitors (set a cookie for visitors arriving at the main page, then use it to track state; alarm visitors who do not have a top-level non-persistent cookie). * Filter referral URLs coming from sites unrelated to the bank (easier said than done, but a default deny rule would be a good place to start, particularly for the deep links). * Provide an email address to handle questions and a FAQ. * Use warning banners to educa... Read more

Read other answers
RELEVANCY SCORE 65.6

CYBER SECURITY BOFFINS have uncovered a flaw in the way Firefox handles third-party browser extensions that could expose millions of users to sneaky malware.
Researchers from the Northeastern University in Boston discovered a flaw that allows hackers to stealthily execute malicious code hiding behind seemingly innocent extensions, such as NoScript and Firebug. They can then steal personal data or even seize control of a machine's resources.
The flaw stems from a weakness in Firefox’s extension structure, which doesn’t isolate various browser add-ons. This allows them to connect to the capabilities of other popular third-party extensions.   
Edit:
But Firefox users can breathe a little easier because it’s not clear whether the flaw has actually been used in any extensions, as the researchers demonstrated it only as a proof-of-concept. They have supplied the attack framework to Mozilla so that the company can firm up the way it handles security in reviewing extension approvals.

Article

A:Firefox extension flaw exposes millions to cyber attacks

Good find JohnC thanks for sharing!

Read other 4 answers
RELEVANCY SCORE 65.6

NIST.org has discovered new ways of utilizing some old vulnerabilities at Google and Yahoo. Both have a number of URL redirection holes that can assist Phishing attacks, Trojan distribution, spammers, etc. Neither have fixed the problem after being notified several months ago. The article at NIST.org outlines a new method of utilizing these holes that can be used to trick users in to visiting malicious websites. The ultimate destination of an eMail or web link can be completely masked by Google and mostly hidden by Yahoo.Float your cursor over this Google.com link and check the task below. Then click it to see if its what you thought it would be (the link is safe). If you use Firefox the problem is even worse.You can read the full article here:http://www.nist.org/news.php?extend.147(please return here to comment)John Herron, CISSPEditor at NIST.org

Read other answers
RELEVANCY SCORE 65.6

After the number of phishing attacks drastically declined by 45% in August, the trend continued during September according to Symantec. United States remains the country hosting the most phishing sites, which increased in number due to a lower usage of automated toolkits.



Phishing Attacks Continue to Decrease in Number - The number of phishing sites in US has increased by four percent - Softpedia

Read other answers
RELEVANCY SCORE 65.6

Botnet Unleashes Variety Of New Phishing Attacks.

Attackers use phony messages of system upgrades, Outlook updates, and Microsoft Conficker 'cleanup tool' to spread malware

Beware Windows users!

-- Tom
 

A:Botnet Unleashes Variety Of New Phishing Attacks

url don't work
 

Read other 1 answers
RELEVANCY SCORE 64.8

New wave of phishing attacks serves malware to PCs and Macs








By Ed Bott
March 23, 2012, 5:24am PDT


Summary: Malware distributors have launched a new wave of attacks aimed at taking over unpatched PCs and Macs. They look like routine messages from a bank or a social network, but instead of phishing for passwords, they?re serving up malware.


In the past few weeks, I?ve noticed an alarming increase in fraudulent email messages coming to some old, well-established email addresses of mine.


It?s not just the quantity of messages that?s noteworthy, it?s the quality as well. This particular wave of attacks includes some attacks that are frighteningly real looking. And they?re being used to serve up a toxic brew of malware to unprotected systems.


Consider these two examples of messages I received this week. The first appears to be a fraud alert from American Express:


It has all the right logos, and the wording has the same professional tone and grammatical accuracy I would expect of a legitimate communication from American Express. Unlike many phishing messages, this one made me look much more closely, and I suspect that the click-through rate was higher than most such attempts.



see full report

A:New wave of phishing attacks serves malware to PCs and Macs

I received a message from "Bank of America" on my answering machine telling me about my new account. I don't have an account with "BofA"!!

Read other 2 answers
RELEVANCY SCORE 64.8

The add-in works by adding a button to the Outlook ribbon UI. Users are supposed to select emails from their Outlook client, which they suspect might be part of a phishing attack, or just coming from spammers that they want banned on the company's email server.
Pressing the PhishReporter button will forward the selected emails as attachments to a specially set up email address. Here, the security and IR staff can analyze the email, and if found to be malicious in nature, they can blacklist the domain in the company's spam blocker.

 

The PhishReporter Outlook Add-In is the preferred way of reporting phishing emails because it automates the process of forwarding suspicious emails "as attachments," and by doing so preserving important email header information.
This operation is essential for security and IR staff because employees usually just forward the email, rewriting the original headers with their own.
The original phishing email header isn't lost since it remains in the user's client email, but IR teams usually have to contact the employee and teach him how to properly forward the email so they can analyze it. This makes security teams lose precious time, which is crucial since most phishing campaigns are most effective during their first hours.
The PhishReporter Outlook Add-In is available on GitHub. The project has no ties to an yet unreleased project of the same name developed by KnowBe4.
 

 
Source : http://news.softpedia.com/news/phishreporter-a-fre... Read more

Read other answers
RELEVANCY SCORE 64.8

A long read, but very worthwhile!!

From the costly to the clever to the just plain creepy, here are the recent phishing campaigns that have earned our reluctant recognition.
You invest in the slickest, smartest, security gear. The latest in threat intelligence, behavior analysis, and every other cutting-edge tech that widened your eyes on the trade show floor. It's excellent, exciting, expensive...and useless against a top-notch social engineer.

Okay, that might be a bit of an overstatement, but there are plenty of examples when social engineering bested the best security technology -- tosack Troy with a wooden horse or to steal diamonds with a charming smile.

These days, the social engineer's favorite tool isn't the smile; it's the humble phishing message.

It's a very adaptable piece of kit. It can deliver any manner of malicious payloads, as attachments, embedded objects, or links. It can be customized to lure in any kind of game -- from John Q. Public to John Q. White House Ambassador. It can be used as part of attacks to steal data, steal money, or steal secrets.

Adaptable and successful. Take a peak behind some of the biggest breaches and costliest attacks and you may see a phishing message at the root of it.

So, with some help from experts at KnowBe4 and PhishLabs, we've decided to recognize some of the most intriguing examples of phishing in recent history. The clever, the costly, the just plain creepy.

Read on to see which attack ... Read more

Read other answers
RELEVANCY SCORE 64.4

PowerPoint flaw hits Mac and Windows
Second major Microsoft vulnerability in two weeks
http://mail.vnunet.com/cgi-bin1/flo/y/evPr0KA1Kc0UKn0DQlQ0Ao

Experts warn of 'severe risk' email worm
Win32.Warezov.at spreading in the wild
http://mail.vnunet.com/cgi-bin1/flo/y/evPr0KA1Kc0UKn0DQO10An

Stration worm masquerades as security patch
Users must resist the temptation of opening unsolicited attachments
http://mail.vnunet.com/cgi-bin1/flo/y/evPr0Hd7VN0UKn0DQOw0AR
Golf sites fall into malware sand trap
Spyware, adware and Trojan authors tap Ryder Cup zeitgeist
http://mail.vnunet.com/cgi-bin1/flo/y/evPr0Hd7VN0UKn0DQFh0A2
 

Read other answers
RELEVANCY SCORE 63.2

Trojan AyFone.A - New iPhone based Phishing attackA new social engineering scheme has surfaced, which tries to convince folks they can save $100 by ordering the new iPhone online. This new attack is well crafted and even appears to spoof Apple's true e-commerce web site address. Users can become infected by visiting malicious websites which can automatically download and install the trojan horse, if IE security controls have been lowered. Users should always be aware of scammers, as there are no free lunches in most things offered to us via the Internet. Trojan AyFone.A - New iPhone based Phishing attackhttp://blogs.zdnet.com/hardware/?p=574QUOTE: scammers are using the iPhone to try to steal money from unwitting customers looking to get their hands on the new Apple cellphone. This morning, Sunbelt researchers discovered a new custom Trojan that attempts to steal money by selling a fake iPhone. This Trojan looks custom-built and has very poor coverage by AV vendorsMcAfee: Phish-BuyPhony http://secunia.com/virus_information/39773/phish-buyphony/http://vil.nai.com/vil/content/v_142599.htmQUOTE: Phish-BuyPhony is a Internet Explorer Browser Helper Object (BHO) maliciously designed to hijack well known websites to steal money by masquerading Apple's iPhone on-line shop. When successful, the victim is brought to a fake site where payment is made to the crooks via Western Union or MoneyGram.McAfee Protection: DAT 5605 provides detection for this new threatTrend: T... Read more

Read other answers
RELEVANCY SCORE 62.4

iPhone, BlackBerry, Palm Pre All Vulnerable To Spear-Phishing Experiment.

Phony LinkedIn invitation from 'Bill Gates' lands in smartphone inboxes

-- Tom
 

Read other answers
RELEVANCY SCORE 62

I've just had to wipe my hard disk and reinstall Windows XP (SP2). I loaded all the security updates from Win Update. I then reinstalled my Antivirus software and associated firewall. Now, whenever I am on the net, every 60secs my antivrius software tells me that I am being attacked and it has rejected the virus MS04-011 LSASS.

It never happened before. Anyone any ideas? XP is fully updated.

Thanks

Beech
 

Read other answers
RELEVANCY SCORE 61.6

Right, so I recieved a phishing email which had a link, however no attachment. I knew it was a phishing email but because my iPhone touchscreen is messed up I unfortunately opened it via Safari. At the time this outlook account was also logged in to another computer elsewhere in the house. The link weirdly opened the YouTube homepage which I found very strange as the link address was very much different. I'm panicking at the moment that someone may have access to my IP address, be able to send malware through my WIFI or have sensitive information. Does anybody have an idea as to the level of threat and actions I should take from here?
I've forwarded this to the company they were posing as who has an email for phishing emails and ran Malwarebytes and McAfee which hasn't found anything on my windows PC. I've also changed the email password. Pretty worried guys!

Read other answers
RELEVANCY SCORE 60.8

I already have a home security camera system. What I'am looking for is software I can put on my desk top that will notify me on my iphone when motion detection is activated. As well as allow me
to monitor the cameras from my iphone.

Read other answers
RELEVANCY SCORE 59.2

I think this problem I'm having has as much (or more) to do with Windows as it does with the iPhone. That's why I'm posting it here, but I've also posted it to the Apple Support Community, hoping somebody somewhere knows how to fix this.

Just a little background. I've had "ownership issues" with certain files on my computer and I'm pretty sure this is causing the problem. I've posted about this ownership issue before on here, but was never able to resolve the general issue. In this instance, I would be content with a solution to just this specific problem. And, by the way, I've tried creating new user accounts to try to solve this and that just doesn't work for me.

Just updated my iPhone 5S to the new ios through itunes on my computer. Now I'm getting this 0xE800000A error message. This actually happened right after I updated while the phone was still connected to the computer. It says "iTunes could not connect to the iPhone. An unknown error has occurred 0xE800000A." On the phone, it keeps popping up that annoying "trust this computer?" box.

This has happened to me before, but the solutions I've used for this problem before don't work now. I have Windows 7 Ultimate N. The usual solution found on the internet says to delete the Lockdown folder in C://ProgramData/Apple, but this does not work for me. In fact, that "solution" makes it worse as, when I do that, the error message pops up immediately without even giving me the ... Read more

A:Just updated my iPhone to new ios - now getting error message

Have you tried pressing ok or yes?

Read other 9 answers
RELEVANCY SCORE 59.2

By TOM PULLAR-STRECKER - The Dominion Post.

**** May be of interest to our New Zealand Readers.***





Sixteen of New Zealand's top 100 computer users, including some banks and government agencies, may be unable to fully protect some of their computers from hackers after Microsoft said it would not patch a fault in the Windows 2000 operating system.
Microsoft issued a fix for a vulnerability in other operating systems affected by a networking flaw on Tuesday, but said it could not patch Windows 2000 without rewriting a significant portion of the operating system, which might prevent some software applications working properly.



Link. -
Windows 2000 users left with unfixable flaw | Stuff.co.nz

Read other answers
RELEVANCY SCORE 59.2

Mac OS X Users Vulnerable To Major Java Flaw.

"Security researchers say that Mac OS X users are vulnerable to a critical, 6-month-old, remote vulnerability in Java, a component that is enabled by default in Web browsers on this platform. ...this vulnerability differs from typical Java security flaws in that it is 'a pure Java vulnerability' and doesn't involve any native code. It affected not only Sun's Java but other implementations such as OpenJDK, on multiple platforms, including Linux and Windows. 'This means you can write a 100% reliable exploit in pure Java. This exploit will work on all the platforms, all the architectures and all the browsers,'

Note: Patched by everyone but Apple!

-- Tom
 

A:Mac OS Users Vulnerable To Major Java Flaw

Interesting!
 

Read other 1 answers
RELEVANCY SCORE 58.8

Thank you for letting me know the correct way to notify a BSOD problem. I *think* I've attached the correct information - please accept my apologies in advance if I haven't.
I'm running Windows 7 on a brand new laptop.
I got the first BSOD when attempting to download pictures from my iPhone to the laptop. Approximately 3-4 photos downloaded and then the BSOD appeared. I restarted the computer and attempted to repeat the process, but it blue screened again. I am unable to download pictures from my iPhone at all.
The computer also does the BSOD when I attempt to open any photos that were downloaded onto the computer prior to the first BSOD.
This problem first appeared at the end of January - up until that time the iPhone was working perfectly with the laptop.
In the past week and a half or so, I have been getting a consistent BSOD when attempting to listen to music using iTunes, download from the iTunes store and transfer music from my iPod to the laptop.
There is another problem which may (or may not) be contributing to the BSOD.
My iPhone, iPod and original iTunes accounts were set up on a desktop computer, which is now cactus and may not be able to be revived My iPhone will charge on the laptop, but it will not sync, nor back up nor collect any updates from iPhone. I have the same issue with the iPod. I have iTunes home-sharing turned on on both computers, but it appears to only work when the desktop AND laptop are on, and obviously, since the desktop is cactus, it isn't o... Read more

A:BSOD with iPhone and iTunes updated with minidump

  
Quote: Originally Posted by mizbear


Thank you for letting me know the correct way to notify a BSOD problem. I *think* I've attached the correct information - please accept my apologies in advance if I haven't.
I'm running Windows 7 on a brand new laptop.
I got the first BSOD when attempting to download pictures from my iPhone to the laptop. Approximately 3-4 photos downloaded and then the BSOD appeared. I restarted the computer and attempted to repeat the process, but it blue screened again. I am unable to download pictures from my iPhone at all.
The computer also does the BSOD when I attempt to open any photos that were downloaded onto the computer prior to the first BSOD.
This problem first appeared at the end of January - up until that time the iPhone was working perfectly with the laptop.
In the past week and a half or so, I have been getting a consistent BSOD when attempting to listen to music using iTunes, download from the iTunes store and transfer music from my iPod to the laptop.
There is another problem which may (or may not) be contributing to the BSOD.
My iPhone, iPod and original iTunes accounts were set up on a desktop computer, which is now cactus and may not be able to be revived My iPhone will charge on the laptop, but it will not sync, nor back up nor collect any updates from iPhone. I have the same issue with the iPod. I have iTunes home-sharing turned on on both computers, but it appears to only work when the desktop ... Read more

Read other 4 answers
RELEVANCY SCORE 58.8

Just updated to above. Part of setup was to enter my ID as an email address. This was refused as the "address in use". i had to change to another email address I use, but I need to change back to the old address
 

A:Updated iphone to 5.0.1, lost old email address

i think the only option if it will not let you change back is call apple and have ago at them down the phone and htne ask if there is any way, or get a different email app.
 

Read other 2 answers
RELEVANCY SCORE 58.4

Hello everyone!Do Not Respond to the following email if you get it in your inbox!! IT IS A SCAM!!! Warning Code:VX2G99AAJ Tuesday, June 16, 2009 9:15 PMFrom [email protected] Tue Jun 16 18:15:44 2009Return-Path: <[email protected]> Authentication-Results: mta125.mail.re4.yahoo.com from=cogeco.ca; domainkeys=neutral (no sig); from=cogeco.ca; dkim=neutral (no sig) Received: from 216.221.81.29 (EHLO fep7.cogeco.net) (216.221.81.29) by mta125.mail.re4.yahoo.com with SMTP; Tue, 16 Jun 2009 18:15:41 -0700 Received: from cogeco.ca (smtp1.cogeco.ca [216.221.81.28]) by fep7.cogeco.net (Postfix) with SMTP id C6A52260C; Tue, 16 Jun 2009 21:15:44 -0400 (EDT) To: (Recipient List Suppressed) Sender: [email protected] From: [email protected] Add sender to Contacts Reply-to: [email protected] Subject: Warning Code:VX2G99AAJ Date: Tue, 16 Jun 2009 19:15:44 -0600 Message-id: <[email protected]> Content-Length: 1135 Compact HeadersONLINE WEBMAIL TEAM UPGRADE 2009 EDITION NOTIFICATION:PLEASE COMFIRM COMPLY ASAP!!!=================================Dear ONLINE WEBMAIL Owner,This message is from the ONLINE WEBMAIL TEAM users messaging center to all ONLINE WEBMAIL TEAM account owners. We arecurrently upgrading our web/data base and carrying out maintenances of all our e-mail accounts in order to reduce therate of spam... Read more

Read other answers
RELEVANCY SCORE 58.4

Quote:
Email security firm, Red Condor has issued a warning for an aggressive spear phishing email campaign that asks recipients to "apply a new set of settings" to their mailboxes because of a recent "security upgrade" of their mailing service.


Source -
Phishing Campaign Targets Microsoft Outlook Users

A:Microsoft Outlook Users. [Phishing]

You always provide good information. This is especially helpful

Read other 2 answers
RELEVANCY SCORE 58.4

According to McAfee this is number six in the list of malware targeting people in the last 24 hours.If you get an e-mail that appears to be from Facebook saying the company reset your password and urging you to open an attachment, it is a scam. ...The attachment contains a password stealer that can potentially access any username and password combination used on the computer, not just the login credentials for Facebook....See screenshot at either of these links:Beware the new Facebook password reset scam | InSecurity Complex - CNET NewsMcAfee Security Insights Blog ? Blog Archive ? Facebook Password Reset Scam Threatens Computers WorldwideEdit 3-19-2010 to add additional information:Facebook is warning its users about BredoLab malware serving campaign using the well known ?Facebook Password Reset Confirmation Customer Support? social engineering theme. Facebook password reset themed malware campaign in the wild | Zero Day | ZDNet.comAccording to Gary Warner, the UAB director of research in computer forensics most antivirus not detecting these computer viruses:Cyber-criminals are using fake e-mails to target Facebook users and deliver computer viruses that were being detected only by one-third of the 42 most common anti-virus products as of noon Thursday, March 18, says a leading cyber-crime researcher at the University of Alabama at Birmingham (UAB). New Spam Targeting Facebook Users Is Invisible to Most Virus Scans, Says UAB Expert

A:350 million Facebook users at risk

Thanks for the heads up. I don't particularly like facebook and hardly go on it.

Read other 6 answers
RELEVANCY SCORE 58.4

Based on data published by Microsoft and interviews with researchers, Krebs found that critical security issues remained unpatched in Internet Explorer for 284 days during 2006. The Mozilla Foundation's Firefox browser only suffered a single period of vulnerability lasting nine days, according to the analysis.http://www.securityfocus.com/brief/400

Read other answers
RELEVANCY SCORE 57.6

http://www.downloadsquad.com/2010/0...-beware-malware-tries-and-succeeds-to-extort/
Now they are holding pirates up with a fake lawsuit notice...


http://torrentfreak.com/malware-extort-cash-from-bittorrent-users-100411/

ICCP Foundation claims to be an international company operating out of Switzerland. They say they are &#8220;committed to promoting the cultural and economic benefits of copyright&#8221; while assisting their partners to fight &#8220;copyright theft around the world&#8221;.

In fact what they really do is operate a scam to extort money from BitTorrent users....Click to expand...
 

A:New Phishing malware targets Torrent users

Read other 11 answers