Watch out for new Type of Hotmail Spam Attack
October 8, 2010 by admin
Filed under Security News
I just received new spam message from one of my Hotmail contact (My friend), it’s with new type of message and most of people could be fall into it so watch out.
The message looks like:
Subject : Hii
Content :
???? I don’t know what is that mean.
Finally the trapped link that included in the message is redirecting the victims to another website and its asking for the username and the password :
When you insert your information, the site will spam and steal the information from you and all your contacts, so be careful.
Splunk warns that it exposed users’ passwords
April 24, 2010 by admin
Filed under Security News
Splunk, a utility that allows IT administrators to search and analyse their organisation’s log files, has issued a warning to some of its users that their passwords were exposed by accident.
I wasn’t able to find mention of the incident on Splunk’s website, but a few affected users have Twittered about it, and a Clu-blog reader forwarded me an email from Splunk that tells more of the story:
Recently, some debug code was unintentionally implemented on the production splunk.com website which exposed a small number of passwords in our web server’s error log. The splunk.com team has corrected the issue and has improved their change process to prevent similar issues from occurring in the future.
In an abundance of caution, we have reset all affected users’ passwords and cleared all affected users’ active sessions on splunk.com. Your new temporary password has been emailed to the email address associated with your splunk.com account. We recommend that you change this temporary password as soon as possible using the instructions below.
It’s not clear from the warning sent out by Splunk how long passwords were exposed for, but there’s obviously a concern that if hackers had managed to stumble across the login details they could have tried to use them on other wesbites where users might use the same password.
In this case that could have been particular bad for enterprises, as Splunk’s typical users have key roles inside an organisation’s IT infrastructure and may have access to a number of critical systems and sensitive data.
Of course, it’s bad practice to use the same password on different websites – but that doesn’t stop far too many people from doing it.
Splunk’s action of changing affected users’ passwords was probably the right one – rather than waiting for users to do it themselves.
By Graham Cluley, Sophos
Beware airplane ticket N648365 – it contains malware
March 29, 2010 by admin
Filed under Security News
The bad guys are up to their old tricks again, spamming out malicious attachments posing as airline tickets.
The latest attack, which we’re seeing in many of our spamtraps around the world, poses as an email from Delta Air Lines.
Here’s a typical message:
Subject: Online order for airplane ticket N648365
Message body:
Good afternoon,
Thank you for using our new service "Buy airplane ticket Online" on our website.
Your account has been created:Your login: [removed]
Your password: G6vFjbdpYour credit card has been charged for $998.63.
We would like to remind you that whenever you order tickets on our website you get a discount of 10%! Attached to this message is the purchase Invoice and the airplane ticket.
To use your ticket, simply print it on a color printed, and you are set to take off for the journey!Kind regards,
Delta Air LinesAttached file: eTicket.zip
Of course, even if you haven’t booked an airline ticket you may still very well open the attachment – especially if you believe your credit card may have been charged for such a large amount of money!
Sophos detects the malicious file attached to the emails as Mal/BredoZp-B and Mal/EncPk-MP. Users of other anti-virus products are advised to ensure that they are up-to-date and capable of detecting this email-borne threat.
By Graham Cluley, Sophos
Related Blogs
New password-stealing virus targets Facebook
March 18, 2010 by admin
Filed under Security News
Hackers have flooded the Internet with virus-tainted spam that targets Facebook’s estimated 400 million users in an effort to steal banking passwords and gather other sensitive information.
The emails tell recipients that the passwords on their Facebook accounts have been reset, urging them to click on an attachment to obtain new login credentials, according to anti-virus software maker McAfee Inc.
If the attachment is opened, it downloads several types of malicious software, including a program that steals passwords, McAfee said on Wednesday.
Hackers have long targeted Facebook users, sending them tainted messages via the social networking company’s own internal email system. With this new attack, they are using regular Internet email to spread their malicious software.
A Facebook spokesman said the company could not comment on the specific case, but pointed to a status update the company posted on its web site earlier on Wednesday warning users about the spoofed email and advising users to delete the email and to warn their friends.
McAfee estimates that hackers sent out tens of millions of spam across Europe, the United States and Asia since the campaign began on Tuesday.
Dave Marcus, McAfee’s director of malware research and communications, said that he expects the hackers will succeed in infecting millions of computers.
“With Facebook as your lure, you potentially have 400 million people that can click on the attachment. If you get 10 percent success, that’s 40 million,” he said.
The email’s subject line says “Facebook password reset confirmation customer support,” according to Marcus.
(Additional reporting by Alexei Oreskovic; Editing by Bernard Orr)
Source : uk.news.yahoo.com
Facebook Password Reset Confirmation emails carry malware
March 18, 2010 by admin
Filed under Security News
Today I received an email about Facebook Password Reset Confirmation email with subject :
"The Facebook Team" <service@facebook.com>
and it tells me my facebook password changed for safety reason then they wants me to download the attached document to see the new password and the attachment (Facebook_document_145.zip) it content a virus called :
- Mal/FakeAV-BW [Sophos]
- Suspect-1B!E4800A5BF6F6 [McAfee]
- Not Detected [Kaspersky Lab]
- Not Detected [Microsoft]
its an EXE file with DOC icon .
Be careful with these kind of emails and don’t run any attachments that you don’t trust.
To Download the removal tool : (ClickHere)
Check your password — is it strong?
March 2, 2010 by admin
Filed under Protection Tools
Your online accounts, computer files, and personal information are more secure when you use strong passwords to help protect them.
Test the strength of your passwords: Click Here
Powered by Microsoft
Simple Tips For Better Web Password Security (Video)
October 30, 2009 by admin
Filed under Security Channel
Simple tips for better web password security from Sophos Labs on Vimeo.
Simple Facebook Flaw Put All Members at Risk of Identity Theft
June 23, 2009 by admin
Filed under Security News
IT security and control firm Sophos is again reminding internet users that their personal information may be being placed at risk – and is perhaps best kept off the internet – following news that popular social networking website Facebook contained a flaw that could have allowed hackers to access sensitive profile information about any of the site’s 200 million plus users.
The password dilemma (Podcast)
April 14, 2009 by admin
Filed under Security Channel
Graham Cluley, senior technology consultant at Sophos, discusses sensible password use, explaining how cybercriminals are cracking weak passwords with the aim of hacking into users’ email and web accounts and advises listeners how to create and manage multiple passwords.
