| City College of San Francisco - Wednesday, January 18, 2012Malware Has Been Lurking on City College of San Francisco System for a Decade
(January 16, 2012)
Students, faculty, and staff at City College of San Francisco (California) are being urged to change their passwords, refrain from
using computers at the school to conduct financial transactions or any activity that requires a password, and check their home computers for infection following the detection of malware on the school's computer system. It appears that at least seven different strains of malware have been on the system for years. The problem was detected in November 2011, when those responsible for monitoring network activity noticed anomalous traffic patterns. An investigation revealed that malware had been stealing data for more than a decade. The compromised information includes banking data. http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2012/01/16/BA8T1MQ4E5.DTL
|
| Japanese Aerospace Agency Data Compromised - Wednesday, January 18, 2012 |
| Symantec today acknowledged the theft of source code - Tuesday, January 17, 20121/17/2012 - Symantec today acknowledged the theft of source code of some of its flagship security products, initially saying the hacked server was operated by the Indian government... but now admitting that its own network was compromised. In a statement provided to the Reuters news service, hackers had broken into its network and stole source code of some of the company's software. The hacker made off with source code of
- Symantec Endpoint Protection 11.0
- Symantec Antivirus 10.2,
- enterprise products between five and six years old.
- Norton Antivirus Corporate Edition,
- Norton Internet Security,
- Norton Utilities,
- Norton GoBack
- and pcAnywhere Norton Internet Security, Norton Utilities and PC-Anywhere are among Symantec's most prominent consumer-grade products. Hackers frequently analyze the source code for "zero-daying," meaning to build attacks that will be launched against unpatched vulnerabilities. Symantec is currently in the process of reaching out to our pcAnywhere customers to make them aware of the situation.
Plus, it wouldn't surprise me if compromised versions of software are made available "at a discount" or for free out there on the internet. People who install these softwares might as well just give the thieves all their passwords and bank account details. 1USA customers using any of the above listed software should contact 1USA Admins for recommendations of other good anti-virus & anti-malware software brands that are available. Read the Full Story... ================
UPDATE 1/31/2012:
Symantec is offering free upgrades to PC-Anywhere to anyone using older versions. If you have paid for a previous version, send an email to Symantec with your serial number.
|
| Cyber Conflict in the Middle-East Escalating - Monday, January 16, 2012(January 16, 2012)
Cyber attackers have hit the websites of the Israeli stock exchange, El Al airlines, and several banks. The activity began last week with the posting of stolen Israeli credit card details. An Israeli hacker then retaliated by posting personal information hundreds of Saudis, Egyptians, and Syrians online. The most recent spate of attacks did not interrupt trading or scheduled flights. http://www.msnbc.msn.com/id/46012902/ns/technology_and_science-security/
|
| "My email account has been hacked" from friends - Friday, January 13, 2012There are lots of spams & scams out there. If your friends are using an Email Server that isn't protected as well as 1USA's mail servers, then over the next two years, you can expect almost ALL of them to eventually send you an email saying "My email account has been hacked." The danger in that includes:
- the hacked person's online bank account is at risk.
- the hacked person's email account HAS ALREADY sent similar 'hacks' to YOUR email address.
- the scammer NOW HAS YOUR email address too. If you have additional email addresses on any of these domains IN ADDITION to your 1USA email address, then be very careful when using that email service.
--AOL, AIM.Com, Comcast, Gmail, Hotmail, MSN, Yahoo, Verizon --
The latest viruses can send your LoginName and Password to the hacker SIMPLY BY VIEWING the email for an instant. 1USA customers are fairly-well protected from scams because we implement SPF (sender policy framework) on the mail server. Remember also that the Free version of AVG, McAfee, Norton and other anti-virus programs do not issue updates to their software until AFTER someone reports a new virus to them.
Your best protection is:
#1 - the $50/yr Avast Pro (middle one) at www.avast.com - because it loads all internet-facing software in its own Virtual Memory area.
#2 - the $20 Trend Micro Titanium anti-virus software. BarryZ ====
And ever notice how people on those email services change their email addresses frequently? To stay ahead of the Spams?
If they weren't so cheap.. and if they could afford $5/mo for an email address that would protect them, they wouldn't need to spend a lot of money getting their computers de-loused frequently.
1USA has customers here since 1996 - using the same email address - and receiving No Spams.
Yes, they could save a lot of grief, egg on face, and even spend less on computer repairs - if they switched to 1USA email service.
|
| Hackers Stole eMail From US Chamber of Commerce - Saturday, December 24, 2011
According to a report in The Wall Street Journal today, unidentified sources
say that hackers who are in some way connected with the Chinese
government have stolen email from four employees at the UIS Chamber of
Commerce. All four targeted employees work on Asian policy. The
attackers had access to the network for more than a year when their
presence was detected and blocked in May 2010. More than 300 email
addresses were affected. Six weeks' worth of email messages were stolen,
including trade policy documents and trip schedules. The breach was
detected by the FBI, which noticed data flowing from their network to
Chinese servers. The Chamber of Commerce reported it disconnected
affected computers and destroyed some of them, then deployed technology
aimed at quickly detecting and deterring future attacks. Yup... here's another situation where people don't treat Email Security seriously until after an incident.
If they had been using 1USA's mail server, it would have kept out the infected file attachments.
BarryZ
|
| Employees in corporations are still clicking to view .pdf files - Saturday, December 24, 2011Sykipot Variant Was Used in Attempt to Steal Drone Information Analysis of the Sykipot variant that was used in recent spear phishing attacks against US military contractors indicates that it was designed to steal data pertaining to US military unmanned aircraft, among other things.
The spear phishing messages contained malicious PDF files that took advantage of an unpatched vulnerability in Adobe Reader. Adobe has since released a fix for the flaw. Again... if people at corporations were able to determine the Sending Mail Server and the source IP address, they would be more aware of the dangers of opening file attachments from unverified senders.
If they had used the 1USA Mail Server, which shows you the source of an email, fewer corporations would get hacked or compromised.
BarryZ
|
| iPad scammers pwn Lady Gaga's Facebook page - Monday, December 19, 2011We're plastic but we'll still have fun...
Fraudsters have hit gold after they managed to successfully plant an iPad-themed scam on the Facebook fan page of Lady Gaga.
The page has 45 million fans, so only a minute percentage need to click for scammers to tap into an Xmas-themed windfall.
The bogus messages claim the pop-star is running an iPad competition >Story from theregister.co.uk
|
| US spy drone 'tricked' into Iran landing by GPS spoofing - Sunday, December 18, 2011The US RQ-170 Sentinel spy drone that was recently captured and displayed by Iranian authorities may have been tricked into landing in Iran by electronic warfare experts using GPS spoofing techniques.
An unconfirmed report in the Christian Science Monitor yesterday quoted an unnamed Iranian engineer as saying that experts in the country were able to electronically ambush the drone, cuting off its communications links and reconfigure its GPS coordinates to trick it into landing in Iran. Full story at TechWorld
|
| Of note for municipal governments and logistics services - Thursday, December 15, 2011The FBI has said it's investigating claims a Houston, Texas?based water utility was breached last month by someone claiming to have accessed the internet-connected computers that control its generators, blowers, and other sensitive gear. Some models of the Modicon Quantum PLC used in industrial control systems contain multiple hidden accounts that use predetermined passwords to grant remote access.
Hard-coded passwords are a common weakness built into many industrial control systems, including some S7 series of PLCs from Siemens. Because the systems control the machinery connected to dams, gasoline refineries, and water treatment plants, unauthorized access is considered a national security threat because it could be used to sabotage their operation. Story at TheRegister
|
| Espionage hack attack preys on chemical firms - Wednesday, December 14, 2011
Spotted in the wild: Nitro Part II
More than two months after the discovery of an organized malware campaign targeting dozens of companies in the defense and chemical industries, the espionage hack attack shows no signs of letting up. The same group that targeted at least 38 companies between July and September is still at it
>From theregister.co.uk
====
If they used 1USA.Com for their email, they wouldn't be receiving malware-infected emails.
BarryZ
|
| Four Romanians charged with hacking 150 Subway shops - Sunday, December 11, 2011
Point-of-sale breach reaps millions in ill-gotten gains
Four Romanian nationals were charged with pocketing millions of dollars by hacking into the credit card processing systems of more than 200 businesses.
The men remotely accessed point-of-sale systems of 150 Subway sandwich shops and 50 unnamed retailers and stealing credit card data for more than 80,000 customers ?
>From theregister.co.uk Solution: Pay for food with cash.
BarryZ
|
| 4,000+ Sites Affected by SQL Injection Attack - Wednesday, December 07, 2011
(December 5, 2011)
A massive SQL injection attack appears to have infected more than 4,000
websites. Data gathered by the Internet Storm Center indicate that the
sites have been injected with a string that is inserted into several
tables. Users who visit the infected sites are being redirected to other
sites that attempt to place rogue anti-virus programs and other malware
on their machines.
Make sure that your computer is using good anti-virus software, like Avast or Trend Micro.
If it's using AVG, make sure it is the paid version because the free version even tells you "If you also use your PC for banking or shopping you need the protection of AVG Firewall in AVG Internet Security 2012 to keep hackers out."
|
| Hacker cuffed in job interview sting with hotel he blackmailed - Monday, November 28, 2011
Hungarian demanded Marriott job after stealing secrets
A job-seeking Hungarian hacker has pleaded guilty to breaking into the systems of the Marriott hotel chain before attempting to blackmail his way into an IT job.
Attila Nemeth, 26, sent Trojan-infected emails to Marriott employees late last year.
Because Marriott doesn't use 1USA's better-protected email service, employees clicked on the links in the email and ended up infecting the system, which allowed the hacker access to main data files.
>From theregister.co.uk
|
| AT&T Notifying Customers of Attempted Information Theft - Monday, November 21, 2011
AT&T is letting its customers know that attackers attempted to steal
online account data; the company does not believe that any information
was actually obtained. The "organized and systematic" effort to gather
the data was conducted with the help of auto-script technology to see
which AT&T phone numbers are linked to which AT&T online accounts.
http://www.theregister.co.uk/2011/11/21/att_attack/ If you didn't receive a letter in the mail yet, look closely at your next bill.
BarryZ
|
| CNET's Who Got Hacked year-to-date database - Friday, September 02, 2011For individuals: Read through to make sure that the companies you deal with are not listed.
For companies: Lock down your systems or you will end up like these guys. If you need a Certified MCSE Networking Technician to come do penetration testing at your office, please contact 1USA.Com Link to CNET's Who Got Hacked year-to-date database
It will open in a new window.
|
| Oak Ridge National Laboratory hacked because an employee opened an email with an infected attachment - Wednesday, April 20, 2011--Oak Ridge Attack
(April 19 & 20, 2011)
The US Department of Energy's (DOE) Oak Ridge National Laboratory in
Tennessee has shut down email systems and employee Internet access
following the discovery of a cyber attack last week. The attack, which
some have called an Advanced Persistent Threat (APT), appears to have
targeted Oak Ridge and several other national laboratories in the US.
The protective measures were taken after an investigation indicated that
the attackers were trying to steal technical data. Investigators
believe that they stole less than 1GB of data before the attack was
thwarted. The attack gained its initial foothold on the laboratory
system through spear phishing messages that appeared to come from the
HR department regarding employee benefit changes. When the recipients
clicked on the provided link, malware was downloaded to their systems.
More than 10 percent of the employees who received the message said they
clicked on the link; just two of those machines became infected with
malware that lay dormant for a week before it started harvesting and
sending data to a remote server. Lab deputy director Thomas Zacharia
says that "one of [the] core competencies at the lab is cyber security
research."
http://www.theregister.co.uk/2011/04/19/us_lab_security_breach/
http://www.computerworld.com/s/article/9215962/Oak_Ridge_National_Lab_shuts_down_Internet_email_after_cyberattack?source=CTWNLE_nlt_dailyam_2011-04-20
http://www.net-security.org/malware_news.php?id=1700
http://www.wired.com/threatlevel/2011/04/oak-ridge-lab-hack/
Spear phishing attacks such as the one against
ORNL invariably succeed. Users are getting training concerning how to
resist such attacks, but the training is not sufficient--it goes in one
ear and goes out another. More radical (and possibly somewhat
potentially traumatic) training such as inoculation training in which
users are sent simulated messages and malware in training labs and loud
noises go off if they open one of these messages is needed. Gee, if they only had the Sender Verification system that 1USA has.
|
| Mail server got hacked into in Turkey - Sunday, April 10, 2011Government mail server in Turkey sending fake emails.
Received-SPF: none (No spf1 record for (fedex.org) ) client-ip=212.174.143.101; envelope-from=<notification@fedex.org>; x-ip-name=mail.denizcilik.gov.tr
X-Default-Received-SPF: fail (Last token {-all} (res=FAIL)) client-ip=212.174.143.101; envelope-from=<notification@fedex.org>; x-ip-name=mail.denizcilik.gov.tr;
Received: from mail.denizcilik.gov.tr (mail.denizcilik.gov.tr [212.174.143.101])
by in.1usa.com (in.1usa.com) with ESMTP id 1304692-1851400
for <bob@1usa.com>; Sun, 10 Apr 2011 08:13:42 -0400
Return-Path: <notification@fedex.org>
Received: from localhost (localhost.localdomain [127.0.0.1])
by mail.denizcilik.gov.tr (Labris Messeging Suite) with ESMTP id 431373D015D;
Sun, 10 Apr 2011 15:13:33 +0300 (EEST)
X-Virus-Scanned: by Labris Messaging Suite Mail Security at
labristeknoloji.com
Received: from mail.denizcilik.gov.tr ([127.0.0.1])
by localhost (antispam.labristeknoloji.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id tqlIkpekk-XL; Sun, 10 Apr 2011 15:13:32 +0300 (EEST)
Received: from mail.denizcilik.gov.tr (localhost.localdomain [127.0.0.1])
by mail.denizcilik.gov.tr (Labris Messeging Suite) with ESMTP id 5256C3D013C;
Sun, 10 Apr 2011 15:13:32 +0300 (EEST)
MIME-Version: 1.0
Date: Sun, 10 Apr 2011 15:13:32 +0300
From: =?UTF-8?Q?FedEx_Office=C2=AE?= <notification@fedex.org>
To: info@fedex.org
Subject: [Spam7]
Tracking Number For Your Package: 867913276555 (Please Confirm and reply)
|
| How to Make Your Google Account More Secure - Saturday, March 05, 2011Google has introduced a tool, known as two-step verification, that will make Google accounts more secure and less vulnerable to hackers and phishing scams. Google users who choose to use the tool will still enter their passwords to get to Google accounts like Gmail, Picasa and Google Docs. But they will also need to enter a second verification code, generated on the spot for one-time use and sent to their cellphone through a text message, phone call or app. More details at this NY Times article.
|
| Got a Honda car? Your personal info may have been hacked. - Tuesday, January 04, 2011 |
| People using Hotmail, MSN, Yahoo mail, Gmail and others are getting hacked. - Saturday, July 17, 2010If you are receiving blank emails from one of your friends, or emails that contain only a http:// www address, there is a good chance that your friend's email account has been hacked. If someone you know has a Hotmail, MSN, Yahoo, AOL, Gmail or other "free webmail" account, you might consider advising them that there is some Hacking going on out there. Hackers get their hands on your account password then log into your account and send spams from your account to all of your friends, using your Address Book which is on their servers. To minimize damage, if you are using any of the above services, CHANGE YOUR PASSWORD FREQUENTLY. More details at Microsoft
Increase the security of your email account by switching to 1USA.Com email service.
|
| infection purged from PHP-Nuke.org - Wednesday, May 12, 2010Better late than never
The official website for content management system PHP-Nuke was purged of a nasty infection on Tuesday that for four days attempted to install malware on visitors' machines.
The website, which used an out-of-date version of PHP, was compromised as long ago as Friday, according to reports from Websense and Panda Labs. The Full Story...
|
| Iraqi militants are intercepting sensitive video feeds from US predator drones - Friday, December 18, 2009Iraqi militants are intercepting sensitive video feeds from US predator drones using $26 off-the-shelf software, and the same technique leaves feeds from most military aircraft vulnerable to snooping, according to published reports. Story is here.
|
| Pentagon Official Charged with Espionage Conspiracy - Friday, May 15, 2009 |
| Computer Security News website - Saturday, May 02, 2009 |
| Heartland Payment Systems - a US credit card payment house breached by sniffing malware - Wednesday, January 21, 2009 |
|
|