Security

<
TwitterFacebook
Get flash to fully experience Pearltrees
http://www.zdnet.com/blog/security/researchers-spot-fake-mobile-antivirus-scanners-on-google-play/12040 Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community on a daily basis. More details on Dancho Danchev's current and past professional affiliations, can be found in his LinkedIn profile . You can also follow him on Twitter

Researchers spot fake mobile antivirus scanners on Google Play

Posted on 17:52, April 23rd, 2012 by headgeek Will your Internet go down on July 9 th ? Months ago, the FBI set up a safety net of using government computers to fight against DNSChanger malware. The DNSChanger malware/virus was an online advertising scam to permit international hackers to take control of infected computers. http://indyscomputergeek.com/will-your-internet-go-down-on-july-9th/

Will your Internet go down on July 9th? | indyscomputergeek.com

Cocoon and Cocoon+ Now Approved as a Download on Mozilla's Firefox | Reuters

Santa Barbara, CA, March 22, 2012 (GLOBE NEWSWIRE) -- Cocoon, a free Internet privacy and security software developed by Virtual World Computing , protects online users from tracking cookies by Google , Facebook , and other online companies. "Firefox users can now download Cocoon from the official Firefox add-on repository ( addons.mozilla.org ). While over a quarter of a million people have found Cocoon on their own, we are delighted to now have the exposure of being part of the Firefox download nation," said Vernon Irvin, CEO and President at Virtual World Computing. http://www.reuters.com/article/2012/03/22/idUS210236+22-Mar-2012+GNW20120322

Compromised WordPress sites serving client-side exploits and malware | ZDNet

For a large number of people updating WordPress is risky or other issues prevent them doing so: quite possibly the majority of WP blogs out there are out of date. WP is an excellent software, but although personally I have always updated the next day, with 3.3 I refused, as with other people, due to the loathsome mandatory Toolbar and the now-collapsed sidebar in the Admin. Realistically, this means transferring to another CMS in the longer term; yet in the meantime I would be running an out-dated version. http://www.zdnet.com/blog/security/compromised-wordpress-sites-serving-client-side-exploits-and-malware/11008

RDP Honeypot on Amazon EC2 Virtual Server

http://samsclass.info/123/proj10/rdp-honeypot.htm This is a simple way to set up an RDP honeypot on a Linux machine. But BE CAREFUL! I have no reason to imagine that this is safe or secure, so I recommend using something like an Amazon Free EC2 machine with nothing you love on it, so there's nothing there for a hacker to take.
https://addons.mozilla.org/en-US/firefox/addon/vwc-cocoon/?src=search

VWC Cocoon :: Add-ons for Firefox

It is our goal to provide in plain English, the clearest, most concise, and most accurate privacy policy on the Internet. We are open to your suggestions for any changes we could include to make this more clear. Our business is to protect your privacy. We do not share your data with anyone unless required by law.
http://blog.getcocoon.com/2012/03/09/part-7-the-online-pickpockets-of-the-world-wide-mall/

Part 7: The Online Pickpockets of The World Wide Mall

The less you use your primary email address, the less likely it is to fall into the wrong hands. Using the Cocoon browser add-on to protect yourself may not be the only way, but it’s certainly one of the easiest. Cocoon’s Mailslots feature is a great tool to use for avoiding spam as well as possible identity theft or phishing attempts. The less you use your primary email address, the less likely it is to fall into the wrong hands. And should you fall victim to a phishing attempt, using a disposable email address will make sure the criminal involved doesn’t get ahold of your real information. Browsing the Internet with Cocoon will route all of your traffic through our encrypted servers, so prying eyes cannot see it.
Brick and mortar shops are seeing their fair share of Internet usage too. Brick and mortar shops are seeing their fair share of Internet usage too. If you’re old fashioned like I am, you probably still enjoy browsing the tactile selection of merchandise at your local mall or boutique. This sensation, however, is supplemented by the ability to pull out your mobile device and draw comparisons with online vendors, review forums, and so on.

Part 3: The Online Pickpockets of The World Wide Mall

http://blog.getcocoon.com/2012/03/03/part-3-the-online-pickpockets-of-the-world-wide-mall/
http://download.cnet.com/8301-2007_4-57370093-12/cocoon-now-sheathes-you-in-ie-too/ The Cocoon add-on for Firefox rounded up a bunch of highly useful security features and presented them to you in one tight package. Cocoon has come to Internet Explorer, and it's available exclusively on Download.com today. The first beta of Cocoon for Internet Explorer ports the add-on's entire feature set from Firefox to IE, and it'll work on IE8 and IE9 as far back as Windows XP.

Cocoon now sheathes you in IE, too | The Download Blog - Download.com

Cybercriminals are sharpening their tools

http://blog.getcocoon.com/2012/02/01/cybercriminals-are-sharpening-their-tools/ By Blake Bronstad Commerce in today’s world pushes convenience like never before. With more and more businesses encouraging the use of their services online, consumers are offered increasingly attractive options in which they may stay productive on the Internet. Where the people go, so does the money; and where the money goes, criminals will follow. Just as the online community is growing and evolving, so is the world of cybercrime. Zappos proved to be yet another example of why online consumers need to protect themselves and stay alert.
Tor Vulnerable to Remote arbitrary code Execution According to latest post of Gentoo Linux Security Advisory, There are multiple vulnerabilities have been found in TOR , the most severe ofwhich may allow a remote attacker to execute arbitrary code. TOR is an implementation of second generation Onion Routing, a connection-oriented anonymizing communication service. Using this Vulnerability remote attacker could possibly execute arbitrary code or cause a Denial of Service. Furthermore, a remote relay the user is directly connected to may be able to disclose anonymous information about that user or enumerate bridges in the user's connection.

Tor Vulnerable to Remote arbitrary code Execution | The Hacker News (THN)

Hackers target child game sites

Avast recently reported that some child game sites have become the latest target of hackers. If the child is playing games on a shared family computer – malware can affect all family members who login to the family computer. If the child has their own computer, it should be checked on a regular basis (by an adult) for potential cybercriminal activities. All computers in the household should have regular updates of antivirus and other security software.

You Can One-Up The Bad Guys With Unmask Parasites

Short links can take you to both good sites and bad sites… The idea behind using Third-party link-shortening services is to make sharing long links shorter and easier. Short links can take you to both good sites and bad sites and are often used in social networking to trick you into visiting a malicious site. For example: http://www.schneier.com/blog/archives/2011/12/tagging_people.html?utm_source=twitterfeed&utm_medium=twitter becomes http://t.co/hU3zPZnZ when using a link-shortening service. Shortened URLS are great for staying within the character restrictions of a social networking post.

Ten things you didn't know about Sourcefire - TechDay

1. Headquarted in Columbia, Maryland, Sourcefire was founded in January 2001 by Martin Roesch, author of open-source intrusion detection system Snort . 2. Snort is the world’s most widely-deployed intrusion detection and prevention technology, with nearly 4 million downloads to date. 3.

568 reasons First State Super's security breach should worry you - security breach, security, Patrick Webster, information security, First State Super (FSS) - CSO | The Resource for Data Security Executives

I'm sure more than a few CSOs hugged their teddy bears a little tighter the night they heard about the penetration of First State Super's (FSS's) information-security breach and the man who instigated it with the kind of "attack" a nine-year-old might try. But it worked, and the consequences are still becoming clear. In the course of a week, one small security leak has left 770,000 customers wondering whether their personal data has been breached, potentially cost a major superannuation operator a $23 million contract , and pitched the company into the fast lane towards a dramatic face-off with state and federal privacy regulators. It's unlikely that Patrick Webster, the security consultant who started it all by informing FSS he could access any member's super statements by simply changing an index number in the retrieval URL, expected any of this would happen.
Infosec Security