The worm that infected an Iranian nuclear site, Stuxnet, or something very much like it, may be getting ready to strike again, say researchers. A recently discovered malware dubbed Duqu (for the prefix of its files, ~DQ, is designed to steal information needed to mount another such attack, and provide remote access to industrial installations such as, well, nuclear plants.
It can be a pretty scary thing to log into your Gmail account and be met with a blazing red banner that says “Warning: We believe your account was recently accessed from:” followed by a geographic location that you decidedly aren’t, often a place such as Russia, Poland or China, and that followed by the options “Show details and preferences” and “Ignore”. Usually you can be certain that at that moment, the first thing you need to do is change your password, because your account was almost certainly hacked or otherwise compromised. However, that’s not always true if you get a warning of a remote access in the U.S., such as “We believe your account was recently accessed from: United States (CA).”
It’s kind of fun to see a friend’s smiling face as their email address picture when you open an email from them. But there is a little-known danger to having a contact picture associated with someone who sends you email. That’s because those contact images are displayed even if the email is from someone who has hijacked your friend’s email address, which happens all the time with phishing, scamming and spamming. It’s called “spoofing”, and any scammer or spammer can put your friend’s email address as their own “from” address. What this means is that any scammer can send you email “from” your friend’s email address, and your email program will display the address book picture you have set as the contact image. And many, if not most, people, seeing their friend’s email address image in that email, will have a false sense of security that the email really is from their friend. It’s as if the address book image being present in the email somehow proves it’s really from their friend. Well, it doesn’t. And here are real-life examples to prove it.
A Magistrate has recommended to the Federal court in Maine that a bank (in this case Ocean Bank of Maine) has no liability, even though it allowed hackers to remove more than $500,000 from one of the bank’s customers accounts. The customer, Patco Construction, had been the victim of the Zeus trojan, which steals passwords once surreptitiously installed on a victim’s computer.
Earlier this month the White House released what it is calling its “Cybersecurity Legislative Proposal”. It makes for an interesting read, and so we thought we would share it with you. Let us know what you think.
Three researchers in Germany at the University of Ulm have discovered a massive security hole in Android – so big, in fact, that it affects at least 97%, and as many as 99%, of all Android users. The researchers, Bastian Könings, Jens Nickels, and Florian Schaub, have discovered that the security flaw allows anyone who is sniffing around your connection on an unsecured wireless network to acquire your Google authorization credentials from a specific token (the authToken), giving them access to your contacts, your calendar and, well – really any application that authenticates you by using your Google authorization credentials contained within that authToken.
Nicole Santos is getting quite a name for herself, and deservedly so. Her name has been spammed all across Facebook, in wall posts that are full of profanities, and also almost always exhort the spammed to “Vote for Nicole Santos”. The trick, of course, is that at the bottom of the post, next to the “Comment” and “See Friendship” links, is a link to “Remove this app”. Because the language in the wall posts is so foul, one’s first instinct is to hit that link as quickly as possible – but don’t click that link because that is how the virus infects your machine. (There is also a similar virus spam going around Facebook right now that exhorts you to “Please do your part in PREVENTING SPAM by VERIFYING YOUR ACCOUNT. Click VERIFY MY ACCOUNT right next to comment below to begin the verification process”.)
Lots of you are asking lots of questions about the Sony PlayStation Network (“How was the Sony Play Station Network taken down?”, “Who hacked the the Sony PlayStation Network?”, “Is it true that it was done with rooted Sony PSP handhelds?”, and, perhaps most importantly, “Is the Sony PSN secure now?” To bring you up-to-date, if you are scratching your head right now, first, the Sony PlayStation Network (referred to in shorthand as the “PSN”) was taken down last month in a concerted cyber attack which, at first Sony claimed was down due to “maintenance” but, eventually, they admitted that a hacking attack had taken them down. The hacker or hackers also caused Sony’s Qriocity services to go down. Oh, and wait – it also extended to the Sony Online Entertainment network. In short, if you have ever completed any transaction online with Sony, you need to treat your identity and credit card information as compromised.
The “Security Alert” trojan, sometimes known as a ‘rogue antivirus’ attack, is making the rounds again. First spotted a few years ago, until recently the “web security” antivirus alert trojan targeted mainly PCs, tricking Windows users into downloading the evil ‘BestAntivirus2011.exe’ file by telling them that “To help protect your computer Windows web security have detected trojans and ready to remove them.” (Note the poor language usage.) Now this same tactic is being used to attack Mac users – all that has changed is the “Windows” to “Apple” and the file name (‘MacProtector.mpkg for Macs’) – even the poor language remains the same! “To help protect your computer Apple web security have detected trojans and ready to remove them.” says the pop-up. Don’t fall for it, and whatever you do, don’t click on “Remove all”, which will cause the malware to be downloaded to your computer.
If you are a conscientious parent who wants to let their child use an iPod Touch (or “iTouch”) or iPad, but who wants the iPod Touch wifi disabled before you give it to them, you may be frustrated at the lack of any way to disable wifi so as to lock down the iPad or iPod Touch internet access. You can’t password protect the internet access on an iPod Touch or iPad, as there are no passwords for iPod iTouch wifi. In fact, natively, there is no way to disable or password protect the iPod Touch internet access (how stupid, Apple, get on the ball here! Give us some iPod Touch wifi apps to disable wifi!) Oh sure, you can put parental control restrictions on individual applications (Safari, Email), but your child can still turn the iPod Touch wireless internet on, and for some parents, that’s still too much of a risk (and we say “Bravo!” to them for ‘getting’ it). There is, however, an iPod Touch hack that will allow you to disable wifi on your iPod Touch or iPad, by password protecting the iPod Touch wifi on/off switch, and here it is.
Over the course of the past week, we have received four – count ’em – 4 online greeting cards. We’ve been cautioning against the evils of the online greeting card industry industry for years, but apparently it’s time to do it again.
If you received a notice from one or another company with whom you do business or have done business in the past, saying that your email address has been compromised due to a data security breach at email service provider (ESP) Epsilon (due to their customers’ email lists being hacked and stolen), you’re not alone. Oh, you are so not alone. Banks, large merchants, and others, have all had their entire list of customers’ email addresses swiped and leaked due to the Epsilon data breach. Chase Bank, Citi Bank, Best Buy, Krogers – even Disney, have all been affected – as have their customers. Of course, lots of people receiving these notices will assume that they are phishing attempts (and there will undoubtedly be phishing attempts riding on the coat tails of this fiasco). Here is the complete list as we know it today – if you have received a notice saying that your email address has been compromised, please add the name of the company involved to the list here.
We have often taken flack for saying that children have no business being on Facebook (or the Internet in general), and that parents really don’t understand the dangers of letting your child on the Internet without adequate supervision and precautions. Now a group of police officers is saying the same thing, going so far as to say that you need to have your child’s Facebook password, and monitor their activity on Facebook – even if it means stealing their Facebook password to do it.