Motley cabal of online hacker and librarians. All about online hacking and more ...

Monthly archives for June, 2010

Click-jacking scam spotted on facebook.

Jun18
2010 Leave a Comment Written by admin

Security researchers have spotted a new click-jacking scam on Facebook which spreads through the site’s news feed and ‘Like’ feature.

UK security vendor Sophos issued a warning to users over what the company describes as a “like-jacking” attack.

The attack appears as a link to a web page offering photos of the ’101 hottest women in the world.’ The link presents a page which, when clicked, forwards the victim to a third-party site, and accesses their news feed without notification.

Clicking on the page activates the ‘Like’ feature on Facebook which allows people to share pages. The page then appears on the news feeds of the victim’s connections, spreading itself to a new crop of potential targets.

No actual malware code is installed, and the updates can be manually removed from the status feed.

Graham Cluley, senior technology consultant at Sophos, explained that the scam makes money by generating advertising traffic.

Facebook was hit by a similar attack in May, and Cluley warned that the site needs to step up its security measures.

“Facebook really needs to grab this problem by the horns, as it is increasingly being struck by click-jacking worms,” Cluley wrote in a blog post.

“The social network should tighten up the way it handles the ‘liking’ of external web pages before it is more widely abused by malicious hackers and spammers.”

Posted in Hacking News, Online hacking - Tagged , , ,

Facebook user profiles feature spam messages

Jun17
2010 Leave a Comment Written by admin

According to security vendor Fortinet, the spam messages link to typical spam sites such as online pharmacy shops, one of which has been sourced to a web host that also serves content for several pill pushing sites.

Fortinet’s Global Security Research Team warned that Wall posts containing links must be handled with care and recommends they should not be followed.

“While hijacked accounts have not been proved to be utilised for anything beyond posting relatively innocuous spam 2.0, it is not a stretch to think that links to drive-by-install malicious sites could be injected at some point,” warned Fortinet.

Users should be wary of phishing attempts when confronted by a login page or upon clicking a link contained in a friend’s message, carefully check the login page URL, advised Fortinet.

Facebook’s “Wall” feature, allows users to post comments on friends’ profiles.

Meanwhile, the co-author of the book ‘Facebook — Now What???’, Jesse Stay revealed in a blog post last week that the incident may be linked to an application on Facebook known as Secret Crush.

Stay wrote that the application installed Spyware on peoples’ computers and Facebook was forced to remove it in January but two months later it still seemed to be wreaking havoc.

“Doing a search for “crush calculator” on Facebook revealed a few groups users have set up to apologise to their friends for someone hacking into their account and sending messages about the “Crush Calculator”.

Additionally, just last week security researchers uncovered a new wave of attacks in which profiles on Facebook were used to post images – in this case the images were of child torture.

According to Fortinet, Facebook has been notified and is looking into the issue.

Posted in Hacking News, Online hacking, Spam - Tagged , , ,

The Anti-Malware Testing Standards Organisation has adopted two new sets of guidelines for benchmarking software.

Jun16
2010 Leave a Comment Written by admin

Consumers frustrated by antivirus software slowing down their PCs could get a clearer picture of which are the worst culprits following calls for industry-wide benchmarks.

The Anti-Malware Testing Standards Organisation (AMTSO), which is tasked with improving methodologies for testing security programs, has adopted two new sets of guidelines for benchmarking software.

The AMTSO claims the guidelines – one for whole products and one concentrating on performance – should improve transparency and could reduce the bickering between AV companies over whose products are more effective.

Members of the group, which includes most major AV vendors, have agreed to adopt the new standards, and say they will also be be used by independent testing companies such as Virus Bulletin, AV-Comparatives and West Coast Labs.

According to AMTSO, accurate speed testing should be an integral part of benchmarking security software, but existing methods vary too much to have any relevance.

“The Performance Testing Guidelines examines the myriad – and often subtle – complexities in conducting speed tests,” said Mikko Hypponen, chief research officer of F-Secure.

“It is very tempting to take a simplistic approach to measuring speed and footprint of an antivirus program. However, there is as much art as there is science in understanding the various elements which can skew the results for the unwary tester.”

There is also concern among security experts that without an industry standard benchmark, independent testing companies can too easily get results wrong.

“It is as easy to over-emphasise irrelevant metrics by implementing poorly-conceived benchmarking methodologies, as it is to bias a detection test,” the organisation says.

Posted in Security Software - Tagged , , ,

Commtouch patented Recurrent Pattern Detection (RPD) technology unveiled

Jun15
2010 Leave a Comment Written by admin

Spammers have created sophisticated methods of varying their images slightly with each spam attack, making it even more difficult for most anti-spam technologies to catch this type of spam.

Commtouch’s patented Recurrent Pattern Detection (RPD) technology matches recurrent patterns across similar messages, regardless of the content or language of the message, and regardless of variations in the messages.

The enhanced Commtouch solution can decode images in spam, allowing the RPD technology to block image-based spam.

“Over the past several months, through processing billions of email messages, we identified an increase in this particular subset of spam, containing images only,” said Amir Lev, Commtouch’s Chief Technology Officer.

“Traditional anti-spam technology — such as content-based, Bayesian filtering, Heuristics and URL filtering — is practically defenseless against this image-based spam, leaving organizations open to floods of these types of email,” said Lev.

Posted in Spam - Tagged , , ,

SAP programmers to get Codeprofiler software

Jun14
2010 Leave a Comment Written by admin

German software house SAP has licensed code-checking software from Virtual Forge to help companies test and secure code written in the high level Abap programming language, part of SAP’s NetWeaver suite.

Codeprofiler uses data- and control-flow analysis at up to 5,000 lines of source code per second to deliver quick reliable results, the company said.

Gunter Bitz, who is responsible for quality assurance at SAP, said SAP was using Codeprofiler internally alongside SAP’s own Checkman tool.

“With Codeprofiler, SAP customers can systematically verify the entire Abap source code of their self-developed code on security and compliance weaknesses,” he said. “For security tests, complete coverage is important, as an intruder can infiltrate a system through one single weak point.

Virtual Force CEO Andreas Wiegenstein said Codeprofiler systematically examined authorisation checks, access to sensitive tables or usage of critical functions in the standard SAP software to reduce the risk of running insecure code.

Posted in Security Software - Tagged , ,

Twitter launching its own web link shortener to boost security soon.

Jun13
2010 Leave a Comment Written by admin

Twitter has announced it is another step closer to launching its own web link shortener to boost security, which could push out popular services such as bit.ly and tinyurl.

IT security researchers have repeatedly highlighted the potential threat of link shorteners since they became popular for use on the 140-character-limit microblogging site.

With bit.ly, tinyurl and other similar services enabling users to compress web addresses in such a way that hides the true destination, some researchers have warned of a spike in malicious links.

The Twitter link-shortening service, first announced in April, is currently being tested and will be rolled out to all users in the next few months, according to a blog post by Sean Garrett, vice-president of communications at Twitter.

“We want to display links in a way that removes the obscurity of shortened links and lets you know where a link will take you,” he wrote.

Once rolled out, the service will automatically shorten and scan links posted to Twitter or third-party applications.

The service will also enable Twitter to track all links shared through the site to contribute to the metrics behind Twitter’s Promoted Tweets platform, said Garrett.

The data will also help Twitter improve its ability to determine if a Tweet is relevant and interesting to users, he said.

The data may even help Twitter to provide additional services and revenue streams. “An example would be analytics within our eventual commercial accounts service,” said Garrett.

Posted in Security Software - Tagged , , ,

Open Text bets are on Nstein’s Text Mining Engine

Jun12
2010 Leave a Comment Written by admin

Open Text (news, site) is starting to reveal its plans in regards to the recently closed deal on Nstein Technologies. Just as we thought, the first bets are on Nstein’s Text Mining Engine (TME) — now known as Open Text Content Analytics — and its integration with the entire Open Text Enterprise CMS Suite.

What’s Shaking at Nstein?

The Québécoise home will (for now) remain Nstein’s grounds with headquarters still in Montreal and focus on dev activities for content analytics and semantic technology.

While nothing is official yet as to how other departments and groups of Nstein will be impacted by the acquisition, we can say confidently there will probably be some cuts, trimming down the “fat” around the core activity – product development.

Open Text also sings a very familiar song saying that it will continue to support Nstein’s products — TME, DAM and Web CMS — although clearly the favorite child in this family is the TME.

Nstein’s Content Analytics Technology

As we have told you in the past, Nstein’s TME is a powerful beast that uses enhancedsemantic analysis to extract ‘linguistic DNA’ in order to enable searches that provide not only precise responses to search parameters, but also related content.

Nstein’s software creates a “semantic fingerprint” for an organization’s content, allowing them to unlock content’s value and make it more findable, visible, understandable, organized and analysis-ready.

Other linguistic features include:

  • Sentiment analysis
  • Metadata awareness
  • Language awareness
  • Broad taxonomical capabilities

And this is how it comes together with Enterprise CMS-type content, including documents, e-mail, social media, web content, OCR-treated scanned images and content in business systems, such as Microsoft, SAP and Oracle.

TME + ECM Integration Points

Initially, Open Text plans to integrate content analytics with Vignette Content Management (VCM) and Media Management (which is due for a refresher).

Next, will come its Enterprise Library — the content repository at the core of the ECM Suite — where content analytics will be providing additional functionalities for content retrieval on top of the existing native search.

Over the next year, the plan is to make content analytics available as part of every application that is in the Open Text ECM Suite, including the recently released Open Text Everywhere mobile ECM product.

Other integration points for content analytics are as follows:

  • Expand the use of Nstein’s technology in the area of user engagement
  • Adding content analytics to its WCM systems like (formerly known as) RedDot
  • Leveraging it in Open Text Social Media (also has been renamed recently to Open Text Social Workplace) (+if there’s still anyone there on the SM side left to work on the integration)
  • Use in compliance and litigation readiness scenarios for content archiving and retention management
  • Applicable in records management thanks to its classification technology
  • In eDiscovery, can be used for content collection and review.

So much to do! Let’s see how it works out for both Open Text and Nstein.

Posted in Web Sematics - Tagged , ,

FBI investigating exposed personal data of Apple iPad users on the AT&T network

Jun11
2010 Leave a Comment Written by admin

The FBI is to investigate the security breach which exposed personal data of Apple iPad users on the AT&T network, including several high-ranking government officials.

The breach, first reported by the website Gawker, occurred when a group calling itself Goatse Security hacked into AT&T’s iPad subscriber data, obtaining a list of email addresses that also included celebrities, chief executives and politicians.

“The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat,” FBI spokesman Jason Pack said.

AT&T has acknowledged the security breach but said it had corrected the flaw and that only email addresses were exposed to hackers who identified a security weakness. It declined to comment on the FBI investigation.

The quick FBI probe into the security flaw came amid reports of several high-ranking government officials on the list of iPad owners with compromised personal information.

In all, more than 100,000 email addresses are believed to have been exposed.

One source in the telecommunications industry said it was not surprising that the FBI was looking at the breach.

“If there’s a high profile data compromise it’s not unusual to get a phone call from government officials,” said the executive, who asked not to be named.

The iPad, launched in April, has already sold more than 2 million units worldwide.

Not Apple’s fault?

Security experts said it was unlikely that other information besides email addresses had been compromised.

Charlie Miller, an analyst with Independent Security Evaluators, argued that the breach had nothing to do the iPad’s security.

“The actual vulnerability is pretty basic, but the loss of data is not serious, in my opinion. The data on the iPad and the devices themselves were never compromised or vulnerable,” Miller said via e-mail.

George Kurtz, chief technology officer for security software company McAfee, also downplayed the severity of the breach.

“I would guess that this application vulnerability gained so much attention because, after all, it is Apple we are talking about,” Kurtz wrote in a blog post.

“The hype around Apple products – like the new iPhone and iPad – is amazing. However, the reality is this type of vulnerability isn’t really news and happens all day long.”

Posted in Hacking News - Tagged , ,

Mom convicted for hacking son’s Facebook Account

Jun10
2010 Leave a Comment Written by admin

An Arkansas mom found guilty of harassment charges for hacking into her son’s Facebook account. The teen who wants a no-contact order said his mother hacked his account, changed his password and posted slanderous, vulgar comments on his wall.

The woman, Denise New, who locked her son out of his Facebook account and posted her own items there was convicted Thursday of misdemeanor harassment and ordered not to have contact with the teenager.

Clark County District Judge Randy Hill ordered New, of Arkadelphia, to pay a $435 fine and complete anger-management and parenting classes. He said he would consider allowing her to see her 17-year-old son if she completes the two courses. Her son, Lane New who lives with his grandmother, who’s had custody of him for years.

The mother and son said she once had a good relationship but that it began to deteriorate this spring. She said the dispute that led to the Facebook postings arose when the boy was visiting. She had asked him to return a key to her home, which he declined to do, and she then refused to let him into the house to retrieve some of his belongings.

Some of the postings Denise New said she put on her son’s Facebook page included vulgarities. One, which she said she mistakenly posted on her son’s page instead of her own, said: “The only mistake I ever made was having a kid.”

Denise New, the 17-year-old’s mother, is outraged and believes she was within her legal rights to monitor her child.

New has admitted to changing the passwords, but claims he left his account logged in on her computer. She also admits to making several postings, but told authorities the rest of it was a “conversation” between her, her son, and his friends.

Todd Turner, a prosecutor on the case, defined Arkansas’ harassment law as forbidding a person from repeatedly committing acts that alarm or seriously annoy another person without good cause. Because of the son’s age he declined to go into any further detail reports

Hill gave Denise New a 30-day suspended jail sentence, which she would have to serve only if she did not fulfill the other conditions during her yearlong probation.

New has said she posted items on her son’s account after he had failed to log off the social-networking site. She also changed his password so he couldn’t use it again.

One of the Facebook messages Hill said he was disturbed by was worded to appear as though Lane New had written it: “Check this out — I went to my mom’s and deliberately started an argument and called the police on her. She almost went to jail. How cool is that? Ha, ha, ha.”

Denise New said she posted that item because she thought her son had told two police officers who came to her home that she had hit him during their confrontation. She said she had merely pushed her son back away from a door he was approaching

That posting, the judge said, could only be construed as an effort by the mother to make out her son to be a liar. Hill also criticized the mother for using vulgarities in messages left on her son’s cell-phone voicemail.

“You said you were trying to teach him a lesson,” the judge said to Denise New. “Were you trying to teach him it’s OK to use foul language? Nobody has the right to talk to anybody else like that.”

New had testified that the vulgarities she used in the Facebook postings and the cell-phone messages reflected the relaxed relationship she had once had with her son. Such language was common in everyday joking between the two of them, she said.

But the judge called it “totally, completely inappropriate.”

New’s attorney, Justin Hurst, said he would discuss a possible appeal with his client and decide whether to pursue one within the next few weeks.

She portrayed the matter as an effort by her to exercise supervision over her son’s Internet activities. “If I’m found guilty on this, it is going to be open season” on parents,” said Denise New.

In pronouncing judgment, Hill said that was clearly not the case. “The issue is: Did someone act in a way to harass or harm another person?” Hill said.


Posted in Online hacking - Tagged , ,

New Computer Security Threat for Wireless Networks: Typhoid Adware

Jun09
2010 Leave a Comment Written by admin

There’s a potential threat lurking in your internet café, say University of Calgary computer science researchers. It’s called Typhoid adware and works in similar fashion to Typhoid Mary, the first identified healthy carrier of typhoid fever who spread the disease to dozens of people in the New York area in the early 1900s.

“Our research describes a potential computer security threat and offers some solutions,” says associate professor John Aycock, who co-authored a paper with assistant professor Mea Wang and students Daniel Medeiros Nunes de Castro and Eric Lin. “We’re looking at a different variant of adware — Typhoid adware -which we haven’t seen out there yet, but we believe could be a threat soon.”

Adware is software that sneaks onto computers often when users download things, for example fancy tool bars or free screen savers, and it typically pops up lots and lots of ads. Typhoid adware needs a wireless internet café or other area where users share a non-encrypted wireless connection.

“Typhoid adware is designed for public places where people bring their laptops,” says Aycock. “It’s far more covert, displaying advertisements on computers that don’t have the adware installed, not the ones that do.”

The paper demonstrates how Typhoid adware works as well as presents solutions on how to defend against such attacks. De Castro recently presented it at the EICAR conference in Paris, a conference devoted to IT security.

Typically, adware authors install their software on as many machines as possible. But Typhoid adware comes from another person’s computer and convinces other laptops to communicate with it and not the legitimate access point. Then the Typhoid adware automatically inserts advertisements in videos and web pages on the other computers. Meanwhile, the carrier sips her latté in peace — she sees no advertisements and doesn’t know she is infected ¬- just like symptomless Typhoid Mary.

U of C researchers have come up with a number of defenses against Typhoid adware. One is protecting the content of videos to ensure that what users see comes from the original source. Another is a way to “tell” laptops they are at an Internet café to make them more suspicious of contact from other computers.

“When you go to an Internet café, you tell your computer you are there and it can put up these defenses. Anti-virus companies can do the same thing through software that stops your computer from being misled and re-directed to someone else,” says Aycock.

Why worry about ads? Aycock explains it this way: “Not only are ads annoying but they can also advertise rogue antivirus software that’s harmful to your computer, so ads are in some sense the tip of the iceberg.”

Posted in Malware - Tagged , ,
« Older Entries Newer Entries »
wordpress visitor
© 2011 USRlib.info