| |
CyberheistNews Vol 4, 29
Editor's Corner
Scam Of The Week: MH17 Airplane Crash
Almost 300 people get shot out of the air and the only thing cyber-criminals can think of is how to exploit the disaster. What else is new. Disgusting.
Scammers are now using the MH17 disaster in the Ukraine to trick people in clicking on links, both on Facebook, Twitter and phishing emails.
Here are some examples, a link that supposedly was a video of the Malaysia Airlines crash went to a pornographic website. Facebook pages dedicated to victims contain links to scam websites. For instance, a Facebook page apparently dedicated to Liam Sweeney was set up hosting spam, and uses his name and picture. The page was deleted but others will spring up.
Hundreds of tweets were posted that seemingly were about the MH17 disaster, but in reality included spam links or links that lead to a malware infection. When you see some title that claims a video camera catching the MH17 Crash over Ukraine, delete it, ignore it and do not forward, or worse, retweet it.
Previous disasters have been exploited like this, but the bad guys have pulled out all the stops and go for Social Media in a big way these days. Be wary of anything that is about flight MH17 the coming months. THINK BEFORE YOU CLICK !
(For KnowBe4 customers, we will have a template with flight MH17 ready for you later today.)
GameOver ZeuS Is Making a Comeback
Despite the efforts of different law enforcement agencies and several private security companies to disrupt a massive GameOver ZeuS botnet in early June, a new variant of the malware has been uncovered.
Security researchers from Malcovery say that the mutation they found is fresh, as they found that one of the domains used for command and control activity had been registered on Thursday, July 10, in China, and it was active.
The operators of the new GameOver ZeuS strain delivers the malware through spam purporting to be notifications from financial institutions. Fake messages from banks such as M&T and NatWest are among the samples caught by the security researchers.
The emails come with an attachment, which, once opened, executes the malware payload and communication with command and control servers is initiated in order to receive instructions. More: http://news.softpedia.com/news/GameOver-ZeuS-Is-Making-a-Comeback-450523.shtml
Friday 25th Is System Admin Day!
July 25, 2014 is the 15th Annual System Administrator Appreciation Day.
Your network is secure, your computer is up and running, and your printer is jam-free. Why? Because you've got an awesome sysadmin (or maybe a whole IT department) keeping your business up and running. So say IT loud; say IT proud … Happy SysAdmin Day!
Wait… what exactly is SysAdmin Day? Oh, it’s only the single greatest 24 hours on the planet… and pretty much the most important holiday of the year. It’s also the perfect opportunity to pay tribute to the heroic men and women who, come rain or shine, prevent disasters, keep IT secure and put out tech fires left and right.
At this point, you may be thinking, "Great. I get it. My sysadmin is a rock star. But now what?" Glad you asked! Proper observation of SysAdmin Day includes (but is not limited to): - Cake & Ice cream
- Pizza
- Cards
- Gifts
- Words of gratitude
- Custom t-shirts celebrating the epic greatness of your SysAdmin(s)
- Balloons
- Streamers
- Confetti
Show Your Appreciation! More: http://sysadminday.com/
Quotes of the Week
"Those who have no interest in politics will be forever ruled by those who do." - G.Edward Griffin
"An eye for an eye only ends up making the whole world blind." - Mahatma Gandhi
Thanks for reading CyberheistNews! Please forward to your friends. But if you want to unsubscribe,
you can do that right here
|
Take One Minute And Watch This New Video
Horrifying Confessions Of A Security Sleuth
How bad is computer security in the business world? Complete disarray, if you believe a friend of mine who's worked in the industry forever. Behold his hair-raising tales from within the IT security industry. Here is one story, and there are worse: "I once worked for a great security company that was acquired by a very large, very well-known antivirus vendor. One of the first things we did was to pen test the antivirus vendor's software that was running on tens of millions of computers. What did we find? Hundreds of buffer overflow bugs and other exploits. The software people were running to protect themselves probably had more bugs than the software they were trying to protect." More:
http://www.infoworld.com/t/security/horrifying-confessions-of-security-sleuth-246101?
What's Eating Internet Security?
Researchers constantly are discovering new ways to attack existing systems, "not because computers are better or faster, but just because of new investigations, insight or inspiration," said Seth Hanford, manager of Cisco's Threat Research Analysis & Communications. In short, we could be discovering more security flaws because we're now paying more attention to security. This is an interesting article at TechNewsWorld:
http://www.technewsworld.com/edpick/80734.html
"Lots Of Bad Guys Doing Bad Things"
The new Symantec Internet Security Threat Report, June edition stated it succinctly with that title.
"Symantec Matt" said on Spiceworks: "In case you didn't have time for some light reading, I am here to bring you the June Internet Security Threat Report. Like StarLord said "something good...something bad...a bit of both". Grab the full June Internet Security Threat Report as there is all kinds of important info in there concerning:
- Targeted Attacks & Data Breaches
- Malware Tactics & Vulnerabilities
- Social Media & Mobile Threats
- Phishing, Spam & Email Threats
Some key findings in this months report:
- There was an average of 88 spear-phishing attacks per day in June.
- The number of Android variants per family reached the lowest levels seen in the last twelve months, at 18 variants per family.
- The largest data breach reported in June took place in May, and resulted in the exposure of 1.3 million identities.
Here is the deck at slideshare.net:
http://www.slideshare.net/symantec/june-internet-security-threat-report
All Major Browsers Contain Security Vulnerabilities!
Have a look at the close numbers between IE, Chrome, and Firefox. Just because you use something else than IE doesn’t mean you’re safer. Even Apple's Safari has almost 600 known holes. Yikes. Although checking attachments in the Google VIEW option is still my favorite option to prevent malware infections. See for yourself:
Internet Explorer 1337 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=internet+explorer
Google Chrome 1113 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=chrome
Firefox 1217 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox
Safari 598 CVE entries:
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=safari
Cyberheist 'FAVE' LINKS:
* This Week's Links We Like. Tips, Hints And Fun Stuff.
I didn't think an airliner could do this ... until I saw this video of Boeing test pilots practicing with their Dreamliner 787-9 for the Farnborough Air Show 2014. Straight up & vertical, and NO CGI!:
http://www.flixxy.com/i-did-not-think-an-airliner-could-do-this-boeing-787-9-dreamliner.htm
Weird Al’s Star-Studded Parody of Pharrell’s ‘Happy’ Is Perfection:
http://www.wired.com/2014/07/weird-al-happy-parody/
A moving company in Taiwan has a clever way of using two forklifts to get their truck loaded quickly and efficiently:
http://www.flixxy.com/two-forklifts-and-a-truck-in-taiwan.htm?utm_source=nl
A very funny commercial by shampoo.ch, a Swiss website for hair care and beauty products. Look at those girl's faces:
http://www.flixxy.com/sexy-window-cleaner-at-the-hair-salon.htm?utm_source=nl
What's more entertaining than watching a cute panda playing on a slide? Watching 4 cute pandas playing on a slide!
http://www.flixxy.com/cute-pandas-playing-on-the-slide.htm?utm_source=nl
Lions are powerful animals, but they are also capable of lots of love and affection. WOW:
http://www.flixxy.com/there-is-nothing-like-a-lion-love.htm?utm_source=nl
|
|
