CNN: The 12 most annoying types of Facebookers

This is my personal favourite article for the moment.

Read on to find out the top 12 most annoying types of Facebookers. :)

Burglars search Twitter, Facebook updates to target homes

You might be getting social with the wrong people. Do you check who is following you on Twitter or do you just love having lots of followers without ever reading a bio? When someone requests to be your 'friend' on Facebook, do you check to see if they are friends with people you know personally or do you just add them to your growing list?

One or more of these 'friends' might be making good use out of your updates on Twitter or Facebook...as a burglar. Every time you post excitedly about that upcoming vacation or how long you'll be gone at the mall, everyone in your network can read about it.

Not only are your updates tempting to a burglar, but your photos are as well! Perhaps you had a party at your home or you just finished your baby's new nursery. You upload the pictures to Facebook or TwitPic and everyone gets to see what's in your house. Including the person who just put you on the list of potential targets when you're on that warm vacation in the tropics next month.

This does not mean you should stop using Facebook and Twitter. Perhaps it is just a wake-up call to be a bit more savvy when it comes to choosing your friends and followers. Going to a site that allows you to get '1500 new followers overnight" is not only a terrible way to find followers, it might land you the one follower who puts your home on his target list.

Be smart when accepting friends on Facebook and followers on Twitter. Taking the time to be choosy about who you communicate with might just help you keep a burglar out of your neighborhood.

Full article here.

Trojan Could Enable Attackers To Eavesdrop On Skype Calls

The next time you open Skype and make calls on it, think twice about it.

Security researchers at Symantec have observed the public availability of source code for a Trojan that targets users of the Skype voice over IP service.

The Trojan has the ability to record audio from the computer -- including any Skype calls in progress -- and store the files locally in an encrypted MP3 file, where they can later be transmitted to the attacker.

Full article here.

Video: Social Zombies presentation from DEFCON

Presented on August 2, 2009 at DEFCON 17 in Las Vegas, Tom Eston and Kevin Johnson explore the various concerns related to malware delivery through social network sites. Ignoring the FUD and confusion being sowed today, this presentation will examine the risks and then present tools that can be used to exploit these issues.

This presentation begins by discussing how social networks work and the various privacy and security concerns that are caused by the trust mass that is social networks. We use this privacy confusion to exploit members and their companies during our penetration tests.

The presentation then discusses typical botnets and bot programs. Both the delivery of this malware through social networks and the use of these social networks as command and control channels will be examined.

Tom and Kevin next explore the use of browser-based bots and their delivery through custom social network applications and content. This research expands upon previous work by researchers such as Wade Alcorn and GNUCitizen and takes it into new C&C directions.

Finally, the information available through the social network APIs is explored using the bot delivery applications. This allows for complete coverage of the targets and their information.

Social Zombies: Your Friends Want To Eat Your Brains from Tom on Vimeo.

Attack Of The Tweets: Major Twitter Flaw Exposed

A newly exposed cross-site scripting (XSS) vulnerability in Twitter lets an attacker wrest control of a victim's account merely by sending him or her a tweet.

The embedded code can perform any tasks the Twitter Website can perform, including redirecting a user to another page, sending tweets, changing account information, or adding or deleting followers, he said.

"Simply by seeing one of these tweets, code can be run inside your browser impersonating you and doing anything that your browser can do. Perhaps it may simply redirect you to a pornographic website? Or maybe delete all of your tweets? Send a message to all of your friends? Maybe it would delete all of your followers, or worse still, just send the details needed to log in to your account off to another website for someone to use at their leisure," Slater said

Detailed article here.

More Employers Blocking Social Networks

Employers are gradually putting more restrictions on what websites their employees can view and are increasingly choosing to block access to popular social networking sites, according to a new report from security firm ScanSafe.

"When Web filtering first became an option for companies we generally saw them block access to typical categories such as pornography, illegal activities and hate and discrimination," said Spencer Parker, director of product management at ScanSafe.

"In recent months, employers are obviously wising up to the dangers and negative impact on productivity linked to certain sites and more and more of our customers have chosen to block social networking, online banking and Webmail."

The report found a 20 percent increase in the number of companies blocking social networking sites in the last six months. Currently, 76 percent of companies are blocking social networks and it is now a more popular category to block than online shopping (52%), weapons (75%), alcohol (64%), sports (51%) and Webmail (58%).

ScanSafe specifically found an increase in the number of customers choosing to block the below categories in the last 6 months.

28% increase in travel
27% increase in restaurants and bars
26% increase in sports
26% increase in online shopping
19% increase in Job Searches
16% increase in Webmail

"Social networking sites can expose businesses to malware and if not used for business purposes can be a drain on productivity and bandwidth," says Parker.

"Given the option, companies are increasingly taking a sterner approach to the sites that their employees are allowed to access. I imagine before long, social networking will be up there with pornography in terms of categories blocked."

Twitter Used As Botnet Command Center

As if being deluged under DDoS attacks isn't bad enough, this week Twitter found itself the target of another sort of threat. The Register recently reported that the wildly popular social networking service is also being used to direct part of a botnet's activities.

According to the report, a security analyst accidentally stumbled across a Twitter account being used by botherders as a cheap and effective way of directing infected computers to websites where they can get further instructions.

This appears to be the first time Twitter has been used as part of a botnet's command and control structure. At time of writing, the malicious account has already been taken offline.

For more details, you can also check the original post from Arbor Sert.

Credits

Nearly 80% Of Users Vulnerable To Adobe Flash Attack

Most users haven't fixed their Acrobat Reader apps two weeks after Adobe issued critical patch, Trusteer says.

Adobe may have sped up its process of releasing security patches to its software, but most users apparently aren't applying them immediately or at all, according to new data released today.

Trusteer found that close to 80 percent of users are running older and vulnerable versions of Flash, and 84 percent, older and vulnerable versions of Acrobat Reader. The data (PDF) was gathered from Trusteer's 2.5 million users of its Rapport browser security service, 98.8 percent of whom have Flash active in their browsers.

More details here.

So please be a good boy/girl and patch up your Adobe products:

WordPress Password Problem Crops Up

People who use version 2.8.3 of the WordPress blogging software may want to download an update posthaste. A vulnerability's been discovered that, while it won't let other folks take over accounts, will allow troublemakers to lock out administrators.

Laurent Gaffié gets credit for uncovering the problem, and according to a warning published on Full Disclosure, this hack isn't the domain of shadowy professionals and government agents. About all that's needed in order to pull it off is a Web browser and one special URL.

Then, it's possible to mess with the WordPress password reset function, resetting passwords without the admin ever getting any notice of the action.

You can imagine how this would prove problematic if an administrator couldn't figure out what was going on. And even if an admin did catch on, a prankster could probably manage to repeat the performance over and over, creating a real headache or even permanent roadblock.

Luckily, version 2.8.4 of WordPress has been made available in response, and it addresses the issue. So get to downloading the update as soon as seems convenient for the sake of not getting locked out of your blog.

52 percent of new viruses only last 24 hours

Every day, PandaLabs receives nearly 37,000 samples of new viruses, worms, Trojans and other types of Internet threats, 52 percent of which (that is 19,240 on average) spread and try to infect users for just 24 hours. After this, they become inactive and harmless as they are replaced by other, new variants that join the list of new specimens in circulation.

The reason for this lies in hackers’ motivation to profit financially from malware. To do this, they try to ensure their creations go unnoticed by users and security solution vendors.

Just 24 hours after they put any strain of malware into circulation, they will modify its code so that it can continue to spread without being detected by security companies.

According to Luis Corrons, Technical Director of PandaLabs, “This is a never-ending race which, unfortunately, the hackers are still winning. We have to wait until we get hold of the malware they have created to be able to analyze, classify and combat it. In this race, vendors that work with traditional, manual analysis techniques are too slow to vaccinate clients, as the distribution and infection span is very short.”

How Do They Know My Email Address?

Have you received email messages in the last several weeks with several random words in the subject line, and a random sentence in the message body? If your answer is yes, then you are one of the victims of the ongoing directory harvesting attack (DHA) by spammers.

The purpose of a DHA is to find valid email addresses on a domain for future spam attacks. During a DHA attack, any addresses for which the recipient’s email server accepts email are considered valid and will be added to the spammer’s address database to include in future spam attacks.

For example:

Sample #1:

From: joannjasmin8xs@xxxxxx.com
Subject: land

Those journalists showed them a photograph.

Sample #2:

From: clariceboldin9cg@xxxxxx.com
Subject: okay then

They told her the shortest way.

DHA is more than just an annoyance for email recipients. Every successful DHA attack equals one or more email address being subjected to future spam/malware attacks. Furthermore, these attacks also generate a large volume of unnecessary workload and consume significant amounts of system resources on the recipient’s email server. Symantec is closely monitoring these attacks and will inform readers of any further developments.

Credits

DDoS Attackers Continue Hitting Twitter, Facebook, Google

While it was reported earlier that Twitter is still struggling to recover form the DDOS attacks, the latest update seems to prove otherwise.

And to add on to the action, Google's Blogger blog publishing services were not spared as well. According to a Google spokeman, a small percentage of Blogger users have experienced error messages as the result of what appears to be an ongoing distributed denial of service attack aimed at multiple services across the web.

It is predicted that this DDOS may persist throughout the weekend.

Twitter & Facebook taken down by denial-of-service attack

Twitter spent the later part of the week fighting off a DOS (denial of service) attack, that also targeted fellow social-media site Facebook.

Social media sites Facebook and Twitter took a beating over the weekend after both were subjected to a DOS attack. Twitter was down for two hours on Thursday and still suffered from the attacks on Friday.

Facebook reported that people had trouble accessing the site on Thursday, but resolved the situation late that morning Pacific Time. A blogger from Georgia claimed that the Russian government sponsored the attacks in an effort to silence him for speaking out against the country's handling of Georgia.

While Twitter was mum on the attacks' motivation, a Facebook spokeswoman said they were directed at an "activist blogger" -- possibly the Georgia advocate -- rather than the sites themselves.

Email Scams Targeting Job Seekers

Email security firm Red Condor has issued a warning to email users about the latest email scams that are targeting people looking for employment.

Among the scams are emails that claim to be offering employment from legitimate companies such as Pepsi and Starbucks or that appear as messages from real job sites like CareerBuilder or Monster.com.

The fake employment offers frequently involve "payment processing" requests which give scammers an excuse to ask for a respondent's bank account information.

In addition to email spam, other scammers are using Craigslist to post fake job ads. When people respond to the ads, they receive an email reply that requires them to go to a "credit check" website to get their credit scores. The credit check link contains the scammer's affiliate, so when the victims pay for the credit check, the scammer gets a commission.

An email response to "Legal Secretary job posting" on craigslist email said, "Do not send me your info or report, I just want to make sure your score is above the 400 mark so check it and give me your exact score when you e-mail me your resume and references."

"Unfortunately, as with all phishing attacks, there is no legitimate employment offer coming, and victims have either given their personal information or money to unknown, deceitful sources," said Dr. Tom Steding, chief executive officer of Red Condor.

"Spammers are once again demonstrating that nothing is off limits as they focus their efforts on the millions of people that are unemployed and looking for work.

Mobile Malware Targeting Smartphones

Nearly one out of every 63 smartphones powered by the Symbian operating system is infected with some form of malware, according to a new study by mobile security firm SMobile Systems.

A comparison of these statistics to the worldwide smartphone population places the number of infected devices globally in the millions. Because the vast majority of these infections are designed to be stealthy and the fact few smartphones have Anti-Malware applications, most infected users are unaware their devices have been compromised.

Throughout 2009 SMobile's Global Threat Center has seen an increase in the capabilities of new malware infecting mobile devices, as well as frequency of attacks. The attacks have taken the form of worms and Trojans that are transmitted via Bluetooth, SMS, MMS, or emails, as well as Spyware that is downloaded from various online application and shareware websites.

Detailed report here.