Here is a good resource with a focus on Australia for Internet security alerts – https://www.communications.gov.au/what-we-do/internet/stay-smart-online/alert-service
It’s time to remind everyone again. Malware, Crypto Viruses and all kinds of nasties are still out there, and pose a bigger threat than ever.
Check out this latest ransomware variant – https://blog.knowbe4.com/its-here.-new-ransomware-hidden-in-infected-word-files
And Sophos: The current state of ransomware – https://blogs.sophos.com/tag/ransomware/
Here’s a reminder from way back in 2012 on how to detect and identify these viruses when they pop up in your mailbox.
- DO NOT OPEN ZIP ATTACHMENTS.
- DO NOT OPEN ATTACHMENTS. Right click and save them to a temporary location on your computer, and check it out before opening it.
- DO NOT CLICK ON LINKS IN EMAILS. Hover your mouse over the link and be absolutely sure it is a legitimate link before you click on it.
- REVIEW THIS BLOG POST. Again. http://blog.powerbiz.net.au/security/how-to-detect-and-deal-with-malicious-email-viruses/
Check out the list and remove them off your iPhone or iPad immediately. http://www.redmondpie.com/xcodeghost-malware-list-of-infected-ios-apps-that-you-should-delete-right-now/
- Angry Birds 2 (Chinese App Store only)
- Card Safe
- China Unicom Mobile Office
- CITIC Bank move card space
- Didi Chuxing
- Eyes Wide
- Freedom Battle
- guaji_gangtai en
- Guitar Master
- Hot stock market
- Jane book
- Lazy weekend
- Mara Mara
- Marital bed
- Microblogging camera
- nice dev
- OPlayer Lite
- Pocket billing
- Poor tour
- Railway 12306
- Stocks open class
- Telephone attribution assistant
- The driver drops
- The Kitchen
- Three new board
- Watercress reading
- WinZip Sector
- WinZip Standard
Have you ever gone out and walked up to someone you don’t know and given them the keys to your house?
Security (your keys, your alarm system, the locks and doors) are the protection you have for your physical home and the contents that you posses. We tend to look after these things fairly carefully.
In the electronic world today, people are less careful about the security in your “electronic” home. Your cloud accounts (email, data storage, shopping, banking, etc) define who we are just as much as our physical possessions. Yet, we tend to be less conscious about how we protect these personal “belongings”.
Jimmy Kimmel live put a reporter on the streets to interview people and as them what their password is. The results? Well, see for yourself…
Guard your online privacy, and if you have one of these passwords (http://blog.powerbiz.net.au/security/here-are-the-worst-passwords-for-2013-do-not-use-these/), please change them ASAP!
The video is well worth watching.
The bottom line is that if you have a third party flashlight app, you should remove it immediately … especially if you have an Android based phone (Samsung etc).
Here is the full report – http://www.snoopwall.com/threat-reports-10-01-2014/
Oh, and by the way, check your NAS devices to ensure that they are safe. Disconnect direct Internet access right now, until the devices are patched.
QNAP says that they are vulnerable to this, and urge users to take immediate action. http://www.qnap.com/useng/index.php?lang=en-us&sn=885&c=3036&sc=&n=22457
Apparently, Synology units are not generally affected (interesting…), but nevertheless, they are also coming out with a patch (also interesting…) https://www.synology.com/en-global/support/security/bash_shellshock
It was bound to happen. A major bug targeting the Linux community, and not Windows users. Thanks to Trend Micro labs, here are some related resources that will bring you up-to-date with this latest threat.
- Shellshock: A Technical Report – this technical brief describes the vulnerability in detail, as well as outlying which platforms are affected. http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-shellshock.pdf
- Shellshock Exploit Attempts Continue in China – servers in China are also being targeted by Shellshock. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-exploit-attempts-continue-in-china
- Shellshock Continues to Make Waves with Active IRC Bot – IRC bots are being spread via Shellshock, hitting approximately 400 systems. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-continues-to-make-waves-with-active-irc-bot/
- Shellshock Updates: BASHLITE C&Cs Seen, Shellshock Exploit Attempts in Brazil – we analyze the location of C&C servers associated with a DDoS attack using this vulnerability. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-updates-bashlite-ccs-seen-shellshock-exploit-attempts-in-brazil/
- Shellshock Vulnerability Used in Botnet Attacks – certain institutions are now being hit with DDoS attacks tied to botnets that spread via Shellshock. http://blog.trendmicro.com/trendlabs-security-intelligence/bash-bug-vulnerability-used-in-botnet-attacks/
- Shellshock – How Bad Can It Get? – we analyze possible scenarios how Shellshock can be exploited. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-how-bad-can-it-get/
- Bash Vulnerability (Shellshock) Exploit Emerges in the Wild, Leads to BASHLITE Malware – within hours of disclosure, Shellshock exploits were in the wild. http://blog.trendmicro.com/trendlabs-security-intelligence/bash-vulnerability-shellshock-exploit-emerges-in-the-wild-leads-to-flooder/
- Bash Vulnerability Leads to Shellshock: What it is, How it Affects You – initial disclosure of the vulnerability in Bash and a discussion of our solutions. http://blog.trendmicro.com/trendlabs-security-intelligence/shell-attack-on-your-server-bash-bug-cve-2014-7169-and-cve-2014-6271/
The original blog post can be found here – http://blog.trendmicro.com/trendlabs-security-intelligence/summary-of-shellshock-related-stories-and-materials/
Here is an example of an email phishing attack. If you are using outlook, you can hover the mouse pointer over the link “click here”. DO NOT CLICK ON THE LINK. Just move the mouse over it. You will see the highlighted link, which has nothing to do with ebay or paypal. Always look for the part between “http://” and the next “/”. If that does not sat ebay.com or paypal.com or something that you are expecting, then it is a phishing/malware attack.
If you would like more practice, go to this link to take the Phishing Quiz – http://www.opendns.com/phishing-quiz/. How well did you do?
For more information on detecting email malware and phishing attacks, review my earlier blog – http://blog.powerbiz.net.au/security/how-to-detect-and-deal-with-malicious-email-viruses/
A number of major news sites have reported today that a list of 5 million Gmail addresses and passwords were leaked to a Russion hacker site on Wednesday.
What can you do about this?
- Check if your account password was leaked – https://isleaked.com/en
- Change your Gmail password. Use a strong password – http://windows.microsoft.com/en-au/windows-vista/tips-for-creating-a-strong-password
- Take this as a reminder to run a manual virus and malware check – http://blog.powerbiz.net.au/useful-links/free-security-products/
A serious vulnerability has been discovered in the OpenSSL cryptographic software library which allows an attacker to steal information that would normally be protected by SSL/TLS encryption. This vulnerability allows anyone to compromise and steal data that is normally protected by this protocol, which can lead to further attacks and the compromise of IT systems that are breached.
There are many popular firewalls and systems that are exposed on the Internet that use this protocol, which makes this vulnerability a serious threat. Many common Linux based operating systems are vulnerable, and the vendors have released patches to fix this issue. It is recommended that firewalls, servers and appliances that use OpenSSL be patched immediately.
For more information on this threat and some answers to common questions, read this – http://heartbleed.com/
To test your system for this vulnerability, go to this site – http://filippo.io/Heartbleed/