Monthly Archives: September 2011

Facebook birthday T-shirt scam steals secret mobile email addresses

Facebook birthday T-shirt scam steals secret mobile email addresses

Facebook scams are getting sneakier - with the latest attack using the lure of a free T-shirt celebrating Facebook's birthday in an attempt to steal the secret backdoor key to your account.

Hotel credit card wrong transaction email malware attack

Hotel credit card wrong transaction email malware attack

Emails claiming to be from a hotel about a wrong transaction on your credit card are being spammed worldwide - with the intention of infecting your computer with a malware.

Crowd-sourcing mischief on Google Maps leads customers astray

places-thumb

As if we weren't already a drifting, confused mob of smartphone-jabbing zombies already, Google has presented a new way to baffle business customers.

Businesses are protesting about how easy it is to lie to Google's Yellow Pages-ish Google Places.

Anonymous suspects bailed - banned from using online nicknames and IRC

Anonymous suspects bailed - banned from using online nicknames or IRC

Four men have appeared in court regarding various Anonymous and LulzSec internet attacks, and were granted bail on the condition that they did not use specific online nicknames or Internet Relay Chat.

GlobalSign stops issuing SSL certificates in response to Iranian hacker

iStockWarningBreach245

Digital certificate authority GlobalSIgn, the fifth largest issuer of SSL certificates, ceased signing new certificates today after accusations by an Iranian hacker that they are compromised.

An analysis of the pay-per-install underground economy

UsenixTalk

Researchers presented a paper at the USENIX Security Symposium a few weeks ago looking at the financial underpinnings of the criminal malware economy. Their findings show much of what is driving criminals to infect innocent victims.

Firefox 6.0.2 fixes yet more DigiNotar certificate fallout

msfa35-square

Firefox 6.0.2 has just come out, blocking even more browser certificates than Firefox 6.0.1, in yet more fallout from the mess caused by disgraced Dutch web security company DigiNotar.

Microsoft revokes DigiNotar certificates from Windows, Mac users still vulnerable

MSKB2607712-200

Microsoft has permanently revoked all five certificates belonging to DigiNotar for Windows users. In addition to Windows 7 and Vista the new release also provides protection for users of Windows XP. Users of Windows should check for updates and apply this patch as soon as possible.

Pink claims her Facebook page was 'hacked'

pink-thumb

Pop singer Pink has posted an angry message to hackers, who she claims stole photographs from her Facebook page.

But was Pink's Facebook page really hacked, or was she just one of the many people who have been careless with their privacy settings?

Sleazy slutty emails bombard inboxes, carrying malware

xxx-thumb

Social engineering tricks continue to fool users into making poor decisions - remember to always think with your head, not with your trousers.

Bad guys want your Twitter passwords - don't be phished via a DM attack!

Spammers take over Twitter Trends with sexy hashtags

We continue to see Twitter users being targeted by criminal campaigns designed to phish passwords for the site.

The problem is that often they are disguised as direct messages (DMs in Twitter parlance) from your online friends.

Facebook privacy bathroom settings joke reveals a serious security message

Facebook privacy bathroom settings joke reveals a serious security message

A joke chain letter about how you can change your Facebook privacy settings to prevent the site creeping into the bathroom and stealing your towel is certainly amusing..

But users shouldn't feel too smug about their privacy on the social network.

Operation Black Tulip: Fox-IT's report on the DigiNotar breach

CCPhotography_GalBlackTulip245

A preliminary report was released today by Fox-IT, the security team investigating the attack against certificate authority DigiNotar. Many interesting details are included about the hack, including more indications that it primarily affected Iranian users.

Is Al Gore asking permission to spam from your social networking account?

Is Al Gore asking permission to spam from your social networking account?

Al Gore's Climate Reality Project is encouraging social networking users to "donate" their online accounts for what they call "24 hours of Reality".

During that time, the organisation will be able access your Twitter and Facebook account and post information about climate change and an awareness event being held on September 14th.

Facebook page hijacking locks out original admins [VIDEO]

terrytoad-250

It's easier to hijack a Facebook page than you would expect, because of sloppy security from the social network.

Watch our video and find out how.

Dutch Queen's phone number exposed on net via WikiLeaks

queen-beatrix-thumb

Queen Beatrix of the Netherlands has her personal phone number released onto the web, via WikiLeaks diplomatic cables.

Even regal grandmothers can find they have been exposed by WikiLeaks.

SSL certificate debacle includes CIA, MI6, Mossad and Tor

iStockSpy245

Over 500 falsely signed certificates have now been identified and browser makers are permanently removing DigiNotar as a trusted certificate authority. The targeted organizations are far reaching including the CIA and MI6.

DNS hack hits popular websites: Daily Telegraph, The Register, UPS, etc

DNS hack hits popular websites: Telegraph, Register, UPS, etc

Popular websites including The Register, The Daily Telegraph, UPS, and others have fallen victim to a DNS hack that has resulted in visitors being redirected to third-party webpages.

WikiLeaks exposes thousands of sources in written-password SNAFU

WikiLeaks exposes thousands of sources in written-password SNAFU

The cone of silence over WikiLeaks' thousands of sources - many of whose lives are at risk if identified - has been shattered, all thanks to the most mundane, all-too-human security screwup imaginable.

To wit: WikiLeaks founder Julian Assange wrote down the password on a piece of paper.

UK student loans targeted by phishers in latest spam campaign

UK student loans targeted by phishers in latest spam campaign

With British students about to start another year at university, the last thing they probably want to hear is that there is a problem with a student loan.

But that's precisely the camouflage that online scammers are using to steal personal information today.