Spamvertised ‘Tax information needed urgently’ emails lead to malware

Security researchers from AppRiver, have intercepted a currently spamvertised malware campaign, enticing end users into clicking on malicious links.

Impersonating INTUIT Inc., the maker of the popular tax software TurboFax, cybercriminals are spamvertising links are attempting to trick end users into thinking that “it appears that your name and/or Taxpayer Identification Number, that is stated on your account is different from the data obtained from the Social Security Administration“, and that by clicking on link found in the malicious email, they will get the opportunity to check the data on their account.

Upon clicking on  the link, a trojan horse is dropped on the targeted PC using a malicious Javascript.

Users are advised to avoid interacting with suspicious emails, and to ensure that their hosts are free from vulnerabilities most commonly exploited by web malware exploitation kits.

From ZDNet ZeroDay Blog by

Source: http://www.zdnet.com/blog/security/spamvertised-tax-information-needed-urgently-emails-lead-to-malware/10253?

Over 3 years later, “deleted” Facebook photos are still online

Facebook is still working on deleting photos from its servers in a timely manner nearly three years after Ars first brought attention to the topic.

The company admitted on Friday that its older systems for storing uploaded content “did not always delete images from content delivery networks in a reasonable period of time even though they were immediately removed from the site,” but said it’s currently finishing up a newer system that makes the process much quicker. In the meantime, photos that users thought they “deleted” from the social network months or even years ago remain accessible via direct link.

From ArsTechnica By Jacqui Cheng

For full article see: http://packetstormsecurity.org/news/view/20565/Over-3-Years-Later-Deleted-Facebook-Photos-Are-Still-Online.html

FBI warns new cyber scam

The Wisconsin Department of Agriculture, Trade and Consumer Protection (DATCP) and the Federal Bureau of Investigation (FBI) are warning the public about a new email phishing scam involving a piece of malware appropriately called “Gameover.”

“All phishing scams aim to collect your personal data, but the ‘Gameover’ scam goes straight for your banking accounts,” said Sandy Chalmers, Division Administrator for Trade and Consumer Protection. “Falling prey to this scam can do a tremendous amount of damage to your finances.”

This scam works like this:
1. You receive an unsolicited and fraudulent email claiming to be from the National Automated Clearing House Association (NACHA), Federal Reserve Bank or Federal Deposit Insurance Corporation (FDIC).

2. The email will note that there is a problem with your banking accounts or with a recent transaction.

3. You will be asked to click a link to correct the information.

4. By clicking the link, you will be taken to a phony website where you will inadvertently download the Gameover malware. The malware promptly infects your computer and steals your banking information.

From WSAW.com by WSAW Staff

Source: http://www.wsaw.com/home/headlines/FBI_Warns_New_Cyber_Scam_138671124.html

HP recalls fax machines due to fire and burn hazards

The U.S. Consumer Product Safety Commission, in cooperation with Hewlett-Packard (HP) announced a voluntary recall February 2 of about 928,000 HP fax 1040 and 1050 machines. The importer was Hewlett-Packard Co., of Palo Alto, California. The machines were manufactured in China.

The fax machines can overheat due to an internal electrical component failure, posing fire and burn hazards. HP is aware of seven reports of machines overheating and catching fire, resulting in property damage, including one instance of significant property damage and one instance of a minor burn injury to a consumer’s finger. Six incidents were reported in the United States.

The machines were sold at electronics, computer, and camera stores nationwide, and online at www.shopping.hp.com and other Web sites from November 2004 through December 2011.

Some of the recalled fax machines were replacement units for a previous recall involving HP fax model 1010 in June 2008.

From the US Product Safety Commission website

Source: http://www.cpsc.gov/cpscpub/prerel/prhtml12/12101.html

RealPlayer Update Closes Critical Holes

RealNetworks has released an update to RealPlayer to close a number of holes in its media player application. Version 15.02.71 of RealPlayer addresses a total of seven remote code execution vulnerabilities, rated as highly critical by Secunia, which could be exploited by an attacker to compromise a victim’s system. … The company notes that it has “received no reports of any machines actually being compromised as a result of the now-remedied vulnerabilities.” Further details about these security bugs are not provided.

From The H Security

Source: http://www.h-online.com/security/news/item/RealPlayer-update-closes-critical-holes-1429639.html

Android Market Flooded With Fake Malware-Laden Apps

Spotted by the security watchdogs at Android Police, the suspicious apps include phony versions of “Jetpack Joyride,” “Madden NFL 12,” “Batman Arkham City Lockdown,” “Angry Chicken” and nearly a dozen others. Also found lurking the Android Market is a phony version of the Pinterest app, the popular new online pinboard.

The bogus Pinterest app, from the ironically named developer “Official Android App,” installs other apps without the user’s permission. … If an app developer is “already known and trusted by Google, that developer account will be a prime target for cybercriminals,” [Dmitri] Bestuzhev wrote in a Kaspersky Lab blog.

Bestuzhev said he also expects rogue app makers to begin developing harmful apps that work differently in specific parts of the world.

From MSNBC.com By Matt Liebowitz

Source: http://www.msnbc.msn.com/id/46283701/

Copyright lawsuit targets owners of non-secure wireless networks

A federal lawsuit filed in Massachusetts could test the question of whether individuals who leave their wireless networks unsecured can be held liable if someone uses the network to illegally download copyrighted content. 

The lawsuit was filed by Liberty Media Holdings LLC, a San Diego producer of adult content.  The company has accused more than 50 Massachusetts people, both named and unnamed, of using BitTorrent file-sharing technology to illegally download and share a gay porn movie. 

According to the compliant, the illegal downloads and sharing were traced to IP addresses belonging to the individuals named in the compliant and to several John Does. The complaint alleges that each of the defendants either was directly responsible for downloading and sharing the movie or contributed to the piracy through their negligence. 

Even if the defendants did not directly download the movies, they had control over the Internet access used for copyright infringement purposes, the lawsuit noted.

From ComputerWorld By Jaikumar Vijayan

Source: http://www.computerworld.com/s/article/9224003/Copyright_lawsuit_targets_owners_of_non_secure_wireless_networks?taxonomyId=17

 

Facebook malware scam takes hold

A large number of Facebook users were sharing a link to a malware-laden fake CNN news page reporting the United States attacked Iran and Saudi Arabia, security firm Sophos said February 3.

If users who follow the link click to play what purports to be video coverage of the attack, they are prompted to update their Adobe Flash player with a pop-up window that looks like the real thing. Those who accept the prompt unwittingly install malware.

Within 3 hours of the scam’s appearance, more than 60,000 users followed a link to the spoofed CNN page, according to a Sophos senior security adviser.

Facebook removed that link, but others were still being shared. In a statement, Facebook said it was “in the process of cleaning up this spam now, and remediating any affected users.”

From ComputerWorld By Cameron Scott

Source: http://www.computerworld.com/s/article/9223976/Facebook_malware_scam_takes_hold?taxonomyId=17