262 matches found
New OSX/Imuler Variant Targeting Tibetan Activists
Researchers over at Intego have recently discovered a new variant of OSX/Imuler the data-stealing Mac malware, detected as OSX/Imuler.E which is believed to be targeting Tibetan rights activists. "This backdoor Trojan family was first discovered in September 2011 as a Mac PDF Trojan horse and has...
IT Security Horror Stories: Tale of the Fake IT Rep
Some IT security monsters arent as obvious as a Mummy. At Coalfire Labs, we discover--and help our clients address--some pretty scary security and compliance problems. There are lots of deceptive monsters looking to exploit the weaknesses of their victims. This is one of those terrifying but true...
FTC Takes On Scareware Marketers, Court Imposes $163M Judgment
The United States District Court of Maryland ruled in favor of the Federal Trade Commission on Sept. 24, imposing a judgment of more than $163 million against the managers and directors of an enterprise whose sole function the FTC alleges was to defraud its customers with scareware. Kristi Ross w...
Fake ADP and FDIC Notifications Leading Users to Blackhole Exploit Kit
With the latest iteration of the Blackhole Exploit Kit hitting the web this week, attackers are going to great lengths to spread around links to get unsuspecting victims to click through to the first version of the kit. E-mail notifications claiming to come from Microsoft Exchange, ADP, the Feder...
FTC Bares Teeth, Levies $800k Fine Against Data Brokerage Firm
In a first-of-its-kind ruling, the Federal Trade Commission FTC told data brokerage firm Spokeo it has until tomorrow to hand over $800,000 to the Treasurer of the United States. The ruling came in a case addressing the sale of personal Internet information for the purpose of job applicant...
Report: Google Negotiating with FTC over Apple Safari Privacy Breach
Search giant Google is in negotiations with the U.S. Federal Trade Commission FTC over the size of a fine it will pay. This, after the company was found in breach of privacy controls in Apple’s Safari browser earlier this year. According to an article from the Bloomberg news service, an unnamed...
Deceptive In-App Ads Hit Users of Draw Something
I really like the new app by OMGPOP called Draw Something. I play this game with my friends possibly a little too much. Draw Something has attracted more than 50 million downloads, and was just acquired by Zynga for $200 million dollars. It was surprising the other day when I noticed an...
Fake iPhone Camera+ App Allowed in App Store
A fake version of the popular Camera+ iPhone application was offered on Apple’s App Store over the weekend, according to a post by Glyn Evans on the iPhoneography blog on Saturday, just the latest example of suspicious and malicious applications to slip through Apple’s shadowy application vetting...
Facebook Security Phishing Attack In The Wild
At the time of writing there is a new Facebook phishing attack going on. It will not just try to steal your Facebook credentials; it will also try to steal credit card information and other important information such as security questions. This Facebook phishing attack is pretty interesting becau...
FTC Gives Refunds to Rogue Antivirus Victims
The Federal Trade Commission FTC is sending reimbursement checks to more than 300,000 people victimized by a rogue antivirus scam. According to the FTC, the checks are the result of the settlement between the agency and several defendants named in a complaint the FTC filed in 2008. As part of the...
Shady ChatSend App Linked to Facebook Spamming Activity
Security experts are warning Facebook users about a shady file-sharing application called ChatSend that has been linked to spammy e-mail and wall posts from the accounts of Facebook users who download it. According to a report by GFI Labs, questionable messages that link to ChatSend’s Facebook pa...
FTC Settles Charges With Android App Developer Over 'Unfair' Default Settings
In a landmark move, the Federal Trade Commission has settled charges it brought against the maker of a P2P file-sharing application that the commission alleged included unfair default settings that caused users to unknowingly share photos, videos and other personal data. The settlement with...
March, 2010: PS3 OtherOS Option deleted in firmware update
Its doubtful that executives at Sony thought too much if at all about their decision to rescind an obscure feature dubbed “OtherOS” that had been added to the PlayStation 3 System Software soon after its launch. The feature allowed other operating systems, specifically Linux, to be run on the...
FTC: Google Used Deceptive Practices In Buzz Social Network
Search giant Google has agreed to settle a case with the U.S. Federal Trade Commission on Wednesday over charges that it used deceptive tactics and violated its own privacy policy when it launched Google Buzz, a social network, in 2010. Google agreed to implement a comprehensive privacy program a...
FTC Charges Scareware Operators to Pay $8 Million Settlement
The FTC doled out $8 million in fines to the operators of an online scareware scheme. The scam involves tricking consumers into thinking their computers are infected with malware and then selling them software to remedy problems that doesn’t exist in the first place. A district court order in...
Understanding The Porn + Malware Connections
CAMBRIDGE — For a minimal investment of about $160, a single porn site operator can infect more than 20,000 computers with malware for use in cybercrime, according to an academic study presented at the Workshop on the Economics of Information Security WEIS 2010. The research team presented a...
Windows 7 Compatibility Spam Hides Trojan
A deceptive “help” message invites recipients to check their PCs’ compatibility with Windows 7 by downloading and running an altered version of the Windows 7 Upgrade Advisor concealing a Trojan. Read the full article. Help Net Security...
OpenJDK: Signed applet remote misuse possibility (6782871)
The Java Plug-in in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier, and 5.0 Update 17 and earlier, allows remote attackers to trick a user into trusting a signed applet via unknown vectors that misrepresent the security warning dialog, related to a "Swing...
Microsoft Takes Aim at Malvertising Threat
Less than a week after a malicious advertising attack against the New York Times ad servers, Microsoft filed five civil lawsuits against companies allegedly using online advertising to serve malware. The lawsuits allege that individuals using the business names “Soft Solutions,” “Direct Ad,”...
Examples to explain: a network of deception methods, and offensive and defensive!- Vulnerability warning-the black bar safety net
Lure the enemy in depth is a very practical tactics, ancient and modern, many military, politicians, entrepreneurs all of the tactics talked about, in the network attack and Defense is no exception, the system administrator will also use such tactics. Since each network system has a security...