dslreports logo

By Mike Wehner

Your webcam can be a powerful tool for communicating with loved ones or even having a conversation with a world-famous luminary. But when that power is put into someone else's hands, it can have dire consequences. A new exploit of Adobe's Flash media application could potentially allow websites to access your webcam without your permission, opening the door for any number of unseemly people to peer into your world.

The exploit — which only affects Macs thus far — can be performed on web surfers using Safari and Firefox web browsers. The gaping hole in Adobe's security features was discovered by a Stanford computer science major named Feross Aboukhadijeh, who brought it to the attention of Adobe. After weeks without a response, Aboukhadijeh decided to make the glitch publicly known, in an attempt to force Adobe's hand. His plan worked, and Adobe released a statement saying they were working on the problem, and the fix wouldn't require a Flash update.

»news.yahoo.com/blogs/tec ··· 84.html

»www.youtube.com/watch?v= ··· embedded

comments?

 story category

By Mike Williams

Security firm BitDefender's report for Q1-2011 highlighted autorun-based exploits as one of the most exploited PC security vulnerabilities. But there's no need to panic, just yet.

comments?

 story category

by Fraser Howard

As we all know, compromised sites play an important role in web distributed malware, acting as the conduit, guiding user traffic to further malicious content. Sometimes, the attackers get lucky, and succeed in compromising a high profile, popular site. Another way to increase the number of users exposed to the attack is to compromise advertising content, thereby exposing all users of any 3rd party sites that happen to load the ads.

Late yesterday evening, we started to see evidence of such an attack - Sophos products were blocking certain ad content as Mal/Iframe-U.

Spotted here

comments?

 story category

By: Fahmida Y. Rashid

Millions of unique URLs have been infected with a rampant SQL injection attack Websense has dubbed “LizaMoon.” The SQL injection attack redirects users to a fake AV site.

A mass SQL injection attack that initially compromised 28,000 Websites has spiraled out of control. At the last count, more than a million sites have been compromised, with no end in sight.

Security firm Websense has been tracking the “LizaMoon” attack since it started March 29. The company’s malware researchers dubbed the attack LizaMoon after the first domain that victims were redirected to. At the redirected site, users saw a warning dialog that they had been infected with malware and a link to download a fake antivirus.

The users are shown a number of threats supposedly on their computer, but the fake AV, Windows Stability Center, won’t remove them until the user pays up, in a “very traditional rogue AV scam,” wrote Patrik Runald, the Websense researcher who has been following the attack over the past few days.

The list of redirect URLs has ballooned in the days since, as Websense updated its list March 31 with 20 additional sites, making this one of the biggest mass-injection attacks ever.

Spotted here

comments?

Computerworld - By Gregg Keizer

October 26, 2010 07:29 PM ET

Security experts today suggested ways Firefox users can protect themselves against Firesheep, the new browser add-on that lets amateurs hijack users' access to Facebook, Twitter and other popular services.

How to protect yourself against Firesheep attacks

comments?

 story category

John E Dunn, techworld.com

Fake antivirus programs appear to be adopting some of the money-raising tactics of more threatening ransom malware, security company Fortinet's latest threat report has found.

The most prevalent malware variant during August was TotalSecurity W32/FakeAlert.LU!tr, a malicious program that masquerades as antivirus software in order to sell worthless licenses for non-existent malware. On its own it accounted for 37.3 percent of all malware threats detected by the company during the month.

Unlike standard fake antivirus programs, however, the new version of TotalSecurity takes the ruse a stage further by preventing any applications other than a web browser to run, claiming they are "infected." The user is invited to have the infection cleaned by buying the bogus TotalSecurity product.

Adding an extra layer of sophistication to its arsenal -- and no doubt aware how quickly bogus antivirus software is blocked by genuine security products -- TotalSecurity can now vary the downloads it feeds to target PC using server-side polymorphism. Put another way, the exact version downloaded to a victim's PC will constantly change which makes detection harder.

"This is a technique typically seen with botnets, such as Waledac, and has been picked up by the developers of TotalSecurity. This is another example of how relying purely on antivirus is not a silver-bullet approach to protecting systems from infection," said Fortinet's threat research head, Derek Manky.

Spotted here

comments?

 story category

By John Leyden

Russian police have arrested 10 suspected members of a ransomware gang who allegedly made millions via a locked computer malware scam.

PCs infected by the WinLock Trojan at the centre of the scam were rendered unusable because the malware disabled key Windows components. More embarrassingly pornographic images were displayed on compromised machines, IDG adds.

Spotted here

comments?

 story category

Earlier this week, security firm Panda Labs reported that it had discovered that 25 percent of newly created worms have been specifically designed to spread through USB storage devices. Nowadays, this means not just USB flash drives, but any device that can be attached to a computer and used as external storage, including digital cameras, external hard drives, media players, and smartphones.

It's a simple enough technique: when an external storage device is attached to a Windows PC, if the root directory of the device contains an autorun.inf file, Windows will take the actions specified in the file. Naturally, if hackers have modified the autorun.inf file, it can be used to run any malware on the drive, causing the computer to be infected.

Email and the Web are still the most popular methods of malware transmission, but things are rapidly changing as more devices can be attached to PCs and emulate a dedicated external drive.

Spotted here

comments?

by Seth Rosenblatt

Freeware antivirus Avast 5 debuts today with several new features, but longtime fans are most likely to notice that the old interface has gone to wherever interfaces go when they die. Along with the new interface, Avast Free, Avast Professional, and the new Avast Internet Security introduce an overhauled feature set that keep the suite highly competitive. Arguably, the free version provides the most complete free antivirus on the market.

»download.cnet.com/8301-2 ··· 1_3-0-20

comments?

Health officials are warning the public about fake e-mails inviting people to sign up for swine flu vaccine registrations.

U.S. Centers for Disease Control and Prevention officials this week put out an advisory about the e-mails, which call for adults to create a personal H1N1 (swine flu) vaccination profile on the cdc.gov Web site. CDC officials say the e-mails appear to be spam messages designed by hackers to spread a computer virus. The CDC does not have such a vaccination program.

On the Net:

The CDC's warning: »www.cdc.gov/hoaxes_rumors.html

comments?

AV-Comparatives' November 2009 report has been released and there are eight winners. The other eight products didn't do so well.

By Emil Protalinski

Following its October 2009 removal report, AV-Comparatives has released its November 2009 retrospective/proactive comparative.

comments?