January 2014 - Posts

Scammy stuff on Facebook

Yeah, I know…  the sender of the invites to this “event” swears up-n-down that they didn’t like the page, or send me or others an invite, and he can’t find anything in his apps that looks suspicious

Here’s the “event”.  Within hours the invite count had reached 784,432.

If you’re silly enough to go to leaked-snapshots.org, you will see a fake Facebook login page…

image

image

Fridge sends spam emails as attack hits smart gadgets

Well, I suppose we knew it had to happen sooner or later...

"A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets.  The fridge was one of more than 100,000 devices used to take part in the spam campaign. Uncovered by security firm Proofpoint the attack compromised computers, home routers, media PCs and smart TV sets. The attack is believed to be one of the first to exploit the lax security on devices that are part of the "internet of things".

Cite: http://www.bbc.co.uk/news/technology-25780908

Posted by sandi with no comments
Filed under:

Hitman Pro writeup about the Yahoo malvertizing incident

It's an excellent write-up, and worth a read:

http://hitmanpro.wordpress.com/2014/01/05/malware-served-via-yahoo-affected-millions/ 

Lessons for the layman: keep all software on your computer up to date and get rid of Java (you know, the stuff that runs java applets). Run antivirus and keep it up to date (but remember, antivirus is more reactive than proactive and may not catch the really new stuff).

Make no mistake, Yahoo are the victims here as much as those people who are left with infected computers. If you are a publisher or in ad-ops, do what you can to avoid the miscreants: http://www.anti-malvertising.com/  

 

Important information from Google about Chrome support for NPAPI ending

Cite: http://blog.chromium.org/2013/09/saying-goodbye-to-our-old-friend-npapi.html

"Starting in January 2014, Chrome will block webpage-instantiated NPAPI plug-ins by default on the Stable channel. To avoid disruption to users, we will temporarily whitelist the most popular NPAPI plug-ins that are not already blocked for security reasons. These are: 

  1. Silverlight (launched by 15% of Chrome users last month)
  2. Unity (9.1%)
  3. Google Earth (9.1%)
  4. Java (8.9%) *
  5. Google Talk (8.7%)
  6. Facebook Video (6.0%)

Already blocked by default for security reasons."

Posted by sandi with no comments
Filed under:

Yep, malvertizing is still around

I don't write about it as much as I used to, but malvertizing is definitely still around; Yahoo being a recent target:
http://blog.fox-it.com/2014/01/03/malicious-advertisements-served-via-yahoo/

Misleading Flash / Java / web browser update alerts / advertisements-disguised-as-alerts continue to do the rounds as well.  If you ever come across such things, please drop me a line via a comment and I will get it looked at.