There's a new Facebook scam that is being sent as a private message from a friends account (now compromised) saying "Did you forget about me?" with a link attached.
Need we remind you not to click links in messages if they look in any way suspicious?
We would always say don't click any links at all that arrive in IM's,emails, tweets etc
There's also another scam on Facebook asking for money to be wired to a friend who has "just been mugged" and had all their money etc stolen. You will normally know this person, and therefore it should be relatively simple to know if this is suspicious, which for the security aware amongst you, it will be.
Safe surfing
It's hard to keep up with all the latest rogue-ware that pops up like a Whack-a-Mole game these days.
The latest is called DrGuard, and like all the other rogues, will do a fake scan of your PC and alert you to all sorts of problems that don't really exist.
Please be wary of ANY software that pops open to alert you of a problem.
A new Microsoft security update is due for release on Tue 9th March
Microsoft has issued a Security Bulletin Advance Notification,
indicating that its March release cycle will contain two bulletins.
These bulletins will have a severity rating of Important and will be
for Microsoft Windows and Microsoft Office.
Please keep an eye out for these updates
We've received a number of DM's this morning from followers saying:
"hi, i'm 24/female/horny... i have to get off here but message me on my windows live messenger name Paris545love@hotmail.com"
As always, please don't click any links. This is far too obvious to be a real threat we imagine, but some people might be caught out.
People sending out these DM's need to change their Twitter passwords and run anti-spyware scans on their computers.
We're still getting DM's from people who are the victim of a recent phishing scam, whereby they inadvertently send out DM's say " hahah This you??" with a link attachment.
Do not click this link, as it takes you to a fake Twitter login page which steals your information (if you type it in!) and then sends the same link to all the people you're following.
If you're the victim of this, we recommend changing your Twitter password immediately, and running an anti-spyware and anti-virus (from a reputable manufacturer) to check that there's no infection on your system.
Please read our Pop Up Scams page to make sure you don't download a rogue fake anti-virus program.
Read our first post about this.
As a side note, if you're running Google Chrome (or possibly Firefox with NoScript, although we've not checked) then this link attack would have been blocked.
Adobe has announced that a critical vulnerability has been identified in the Adobe Download Manager. This vulnerability (CVE-2010-0189) could potentially allow an attacker to download and install unauthorized software onto a user's system.
Users who have downloaded Adobe Reader for Windows from http://get.adobe.com/reader/ or Adobe Flash Player for Windows from http://get.adobe.com/flashplayer/ prior to the release of this Security Bulletin on February 23, 2010, can verify they are not vulnerable to this Adobe Download Manager issue by following the instructions below.
If the NOS files are found, the Adobe Download Manager issue can be mitigated by:
OR
And yet another rogue 'security' program appears on the net.
Desktop Security 2010 adds to the long list of rogue software scams.
It scans your system and then 'finds' a number of bad files that it's just previously installed.
If you're unfortunate to have this software installed, it probably slipped in un-noticed whilst you were visiting a bad website, downloading files from a peer to peer network, or installing some other nasty freeware.
It can be removed with a number of legitimate anti-spyware programs, such as Ad-Aware or manually here:
411-spyware.com which also has a great write up on the whole nasty program.
As ever, please please be wary of the sites you visit, the files that you download, and the links that you click.
The latest Twitter phishing scam involves a DM reading “lol, is this you”, "you look funny", "haha this is funny" and linking to a site called “bzpharma”, do not click the link.
If you do click the link and then enter your details (but why would you!?) then your Twitter account will be used to send out more rogue DM's.
If this has happened to you, we suggest you log in to your Twitter account and change your password immediately.
In fact we recommend you change you password frequently anyway (a pain, but a safer option)
It seems as though these DM's have been around for a while now, but have suddenly re-surfaced in large numbers recently.
AS ALWAYS: Be very wary and suspicious of any links sent to you, especially if the grammar is slightly odd.
Be even more careful with links that have been shortened, and therefore obscured.
We recommend using Sucuri which shows the real location of a shortened url.
The Mozilla Foundation has just released a number of security advisories concerning vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey. These vulnerabilities if exploited might allow a remote, unauthenticated attacker to execute arbitrary code or bypass security restrictions.
We recommend updating your current versions of any of the above products as soon as possible.
We would also recommend you set your software to automatically update. In Firefox for Mac, go to Preferences, Advanced, Updates tab and select the check box to automatically check for updates: Firefox, Add-Ons and Search Engines.
http://www.mozilla.org/security/known-vulnerabilities/
This new bulletin, APSB10-07, is a security update for Adobe Reader and Acrobat. These updates address two
critical vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, make unauthorised cross-domain requests, or cause a denial-of-service condition.
We advise you to update Adobe Reader and Acrobat (all platforms)
Please see our previous post for updates to Adobe Flash
Relevant Url:
http://www.adobe.com/support/security/bulletins/apsb10-07.html
Facebook users are currently being spammed with a bogus email asking them to review their agreement (by downloading an attached file)
We really hope that if you've visited our site, you won't get caught out by what is clearly a fake email.
The email reads as follows:
"Dear Facebook User,
Due to Facebook policy changes, all Facebook users must submit a new, udpated account agreement, regardless of their original account start date.
Accounts that do not submit the updated account agreement by the deadline will have restricted.
Please unzip the attached file and run "agreement.exe" by double clicking it.
Thanks
The Facebook Team"
Firstly anything addressed to Facebook User will be bogus.
Secondly, we really hope you'd be suspicious after being asked to double click an exe file
Thirdly, the use of language within the message is suspect.
If you unzip the file, you'll become the proud owner of a rogue malware anti virus called Security Tool.
Please do not respond to this message if you get it, and pass this post on to all your friends and family.
Please, always be suspicious of such emails.
Safe surfing.......
Visit TrendMicro http://blog.trendmicro.com/hi5-spam-invites-users-to-download-a-worm/ for further details (safe link)
There's a piece of supposed security software doing the rounds called Security Essentials 2010.
This is an infected piece of malware and should NOT be downloaded or installed.
It normally arrives by way of an email informing you that you have a virus, and to clean your system you need to download and install Security essentials 2010. It can also appears as a pop-up on a web page.
This is not to be confused with the excellent Microsoft Security Essentials, which absolutely should be downloaded and installed (for Windows)
More details: (notice the inconsistent lower case 'e', but by this time, it's probably too late!)
Known System Changes:
Files
%System%\warnings.html
%System%\helpers32.dll
%System%\winlogon32.exe
%System%\smss32.exe
%System%\41.exe
%Temp%\250904.exe
%StartMenu%\Security essentials 2010.lnk
%Desktop%\Security essentials 2010.lnk
%ProgramFiles%\Securityessentials2010\SE2010.exe
Folders
%ProgramFiles%\Securityessentials2010
RegistryEntries
Key: HKEY_CURRENT_USER\Software\SE2010
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Value: Security essentials 2010
Data: C:\Program Files\Securityessentials2010\SE2010.exe
Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Value: smss32.exe
Data: C:\WINDOWS\system32\smss32.exe
REMOVAL INSTRUCTIONS:
Delete Security essentials 2010 files:
%Program Files%\Securityessentials2010\SE2010.exe
Delete Security essentials 2010 registry entries:
HKEY_CURRENT_USER\Software\Security essentials 2010
HKEY_LOCAL_MACHINE\SOFTWARE\Security essentials 2010
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Security essentials 2010″
Sadly, if you do get yourself infected, the absolute safest and best way to rid your system is to completely re-format your hard drive and re-install Windows from fresh. A pain, but pretty much the only guaranteed way to safely remove all malware (some of which will have hooked itself so deep to your OS that you won't even know it exists).
This is why it is ESSENTIAL to have a current and viable backup system in place.
Please check out this link from the BBC
http://news.bbc.co.uk/newsbeat/hi/technology/newsid_10050000/newsid_10057300/10057391.stm
Adobe has released updates for Flash Player with a Tue 16th Feb release of Acrobat and Reader.
As Adobe products seem to be the target of an awful lot of exploits recently, you are urged to update those products as soon as possible.
Remember, we advise you to turn OFF javascript within Reader as a matter of course, which will prevent many vulnerabilities whenever they arise.
There are currently two bulletins:
The first bulletin, APSB10-06, is a security update for Adobe Flash
Player and Adobe AIR that addresses a critical vulnerability.
Exploitation of these vulnerabilities may allow an attacker to make
unauthorized cross-domain requests. The bulletin indicates that the
update also addresses a potential denial-of-service issue.
The second bulletin, APSB10-07, is a security advisory for Adobe
Reader and Acrobat. This shows that Adobe is planning to
release updates for Adobe Reader and Acrobat on February 16, 2010 to
address other critical security issues.
Please head here:
http://www.adobe.com/support/security/bulletins/apsb10-06.html
http://www.adobe.com/support/security/bulletins/apsb10-07.html
(both links safe as of time of posting)
If you use Google's Chrome browser, it has been updated to address a vulnerability.
This applies to Chrome for Windows and updates to 4.0.249.89 to address multiple
vulnerabilities.
Please head here: http://googlechromereleases.blogspot.com/2010/02/stable-channel-update.html (safe link as of time of posting) and update Chrome as soon as you are able.
With Valentines day almost upon us, it's a good time to mention to be careful of any rogue E-Cards that might land in your inbox.
Happy Valentines Day....
May all your cards be clean :)
Microsoft has recently fixed 26 vulnerabilities in 13 security bulletins as part of its Patch Tuesday, including critical ones for Windows that could be exploited to take control of a computer and one that has been resident in the 32-bit Windows kernel since for 17 years.
Please update Windows (if you must run it) via Windows Update (which we recommend is set to Automatic)
