80% of Olympic sites are scams The 2012 Summer Olympics in London are well underway and so are the scams. 80 percent of Olympic Web domains are either only registered for the purpose of scamming or spamming visitors. The new statistic comes from Zscaler, which looked at all identified domains containing the string "olympics" accessed by its customers over the course of a day. The security firm then classified them into three categories for further analysis: typo squatting, "TV on PC" scam, and "Made for Adsense" sites. Other scams include software for watching the Games that is actually spyware/adware, and survey scams. Typo squatting, also called URL hijacking, is nothing new. The "TV on PC" scam type pushes receiving Cable/Satellite TV on a PC for a very low monthly fee. The "Made for Adsense" (MfA) sites are highly targeted websites that drive web traffic from search engines by including enough content to get listed in results for a specific query. See also:
Reuters hacked, fake news posted Update on August 5 - Reuters Twitter account hacked Thomson Reuters was hacked on Friday. The publication's blogging platform was breached and a false story about an alleged interview with a Syrian rebel leader was posted, the company has confirmed. "Reuters.com was a target of a hack on Friday," the company said in a statement. "Our blogging platform was compromised and fabricated blog posts were falsely attributed to several Reuters journalists. The phony interview was with Riad al-Assad, the head of the Free Syrian Army, who apparently said his forces were pulling back from the northern province of Aleppo after repeated battles with the Syrian Army. The Free Syrian Army issued a statement saying that the interview never took place and blamed President Bashar al-Assad's government for planting the story. While Reuters confirmed the hack, the firm said it does not yet have any information on the party responsible for the fake news. See also:
Malware warning: Your AT&T bill is ready to be viewed Scammers are pushing out malware by trying to trick users into thinking their AT&T bill is ready. Usually with the subject "Your AT&T bill is ready to be viewed" the spam claims you owe the telecom hundreds of dollars, but really you're just at risk of getting your computer infected by the Blackhole exploit kit. The e-mail is part of a massive phishing campaign. Websense, which first discovered it, has already detected more than 200,000 fake e-mails masquerading as billing information from the giant American communication services provider. Here's the e-mail's main body: Your online bill is ready to be viewedDear Valued Customer,A new bill for your AT&T account is ready.Any payments completed after your bill period expires will not be shown in the bill amount listed directly below. As you can see in the screenshot above, it's actually a decent fake. As a general word of caution, never blindly click on links in e-mails. See also:
HP TouchPad gets Android 4.1 Jelly Bean Since day one, the HP TouchPad hasn't been treated very well by its parent company, and as always, it's been up to the hacker community to save the day. Last month, Google open-sourced Android 4.1 (Jelly Bean) for third-party modification. As such, nobody should be surprised to learn TouchPad owners can now install Jelly Bean on their tablet (albeit it's currently a CyanogenMod 10 build). Over on XDA Developers, forum user "Jcsullins" has revealed an Unofficial CM10 Preview based on Google's latest mobile OS. HP probably doesn't care, but anyone who knows that their HP TouchPad will never get a proper OS update is likely jumping for joy. It is now my job to give you the usual warnings. Some users are reporting their device doesn't charge properly after installing this pre-release CyanogenMod 10 build, but this isn't happening for everyone. See also:
Breach clean-up cost LinkedIn nearly $1 million, another $2-3 million in upgrades US missile defense staff told to stop watching porn John James Jr., director of the U.S. Missile Defense Agency (MDA), recently sent out a one-page memo warning employees and contractors to stop using agency computers to visit pornographic Web sites. That's right; apparently they were watching the wrong type of bombshells. Missile defense workers were reportedly accessing sites and sending messages with pornographic content despite the inherent risk of malware. Here's an excerpt of the July 27 memo, obtained by Bloomberg: Specifically, there have been instances of employees and contractors accessing websites, or transmitting messages, containing pornographic or sexually explicit images. The message was just a warning; the MDA says that the porn sites did not cause any harm to its computer network. "MDA has more than 8,000 employees, and less than a half-dozen were found to have accessed restricted sites or downloaded inappropriate materials," an MDA spokesperson said in a statement. See also: