Thursday, July 26, 2012

Blackhole Exploit Sucks in Twitter Users

According to the security firm Sophos, who seems to be on top of every single major spam attack that happens on the internet these days, a widespread spam attack that links to malware has weaseled its way onto Twitter. The tweets that are trying to lure unsuspecting users in include things like: "It's you on photo?" or "It's about you?" In addition to that, the tweets and URLs typically include a user's Twitter handle. Many of the links that Sophos has discovered include a .RU domain name.

According to Head of Sophos' U.S. Labs Richard Wang, "The attack itself is very simple, relying on people's natural curiosity about anything they think mentions them. Including the target's Twitter username in the link is an added hook to reel people in." Twitter added through a spokesman's email saying, "We're aware of the issue and we're working to resolve it."

The links in the tweets themselves lead to a Trojan that ultimately redirects users to Russian websites that contain the Blackhole exploit kit, according to Sophos. The Blackhole exploit kit first emerged back in 2010 and is widely used in spam attacks. The version of the kit that is floating around Twitter targets vulnerabilities in Adobe Reader and Shockwave Flash, Sophos discovered.

If you feel that you have been affected by the spamming attacks, or you just want to take precautions against it in general, then you can protect yourself by updating your anti-malware software, patching your operating system and making sure your browser and browser plugins are up-to-date. In addition to that, you could just be smart and not click on anything on Twitter that you don't recognize.

Source: Computer World - Twitter suffers malware spam outbreak
Tech Army OrganizationFind out what is going on in the Tech Army World.

What are the Top 10 Money Making Missions?
What other companies have joined and what do they do?
How do I join the Tech Army Organization ?

Thursday, July 12, 2012

Yahoo Gets Hacked, Quickly Follows Up with a Patch

Yahoo recently announced that it has fixed the vulnerability in its system that led to the unauthorized release of more than 450,000 email passwords from users of Yahoo Voices. According to a blog post by Yahoo, "We have taken swift action and have now fixed this vulnerability, deployed additional security measures for affected Yahoo! users, enhanced our underlying security controls and are in the process of notifying affected users. In addition, we will continue to take significant measures to protect our users and their data."

The released data only affected those users who joined Associated Content before May 2010, the same time Yahoo acquired the company. According to Yahoo, "This compromised file was a standalone file that was not used to grant access to Yahoo systems and services." The next time the affected users sign into their Yahoo account, they will be asked to answer a series of authentication questions to change and validate account details, according to Yahoo.

The company added, "At Yahoo we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We sincerely apologize to all affected users." Those affected users encompass 453,491 people whose emails and passwords were posted online by hacker group D33DS Company according to security firm Sophos. In a recent response to Sophos, D33DS Company stated, "We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat."

Sophos recently released a new blog post that highlighted some of the insecure passwords many of the Yahoo hack victims were using. This included 1,666 people who used "123456" as their password and an additional 780 users who used "password" as their password. Among the other top choices were passwords like "welcome", "ninja", "sunshine", "princess" and "qwerty". I suddenly don't feel as bad for these people as I used to.

Yahoo isn't the only one who got hacked this week. Nvidia recently announced that it shut down its Developer Zone after it got hacked. That hack may have allowed the hacker to gain access to password information as well. In addition to Nvidia and Yahoo, Phandroid also got hacked, this one occurring on its Android forums.

Source: PC Mag - Yahoo Patches Email Vulnerability