Major Dropbox security flaw discovered

Dropbox is a popular tool used to sync files between multiple computers and devices that a user owns. A user installs the software, designates a folder to keep syncronized, and is able to access those files among other machines that they own. The tool was even picked as one of the top ten tools that every PC should have installed.

Unfortunately, it appears that the tool has a major security flaw in it that could expose your files to everyone on the Internet. According to security specialist Derek Newton, the issue stems from the fact that the tool uses a simple configuration file to link all of the Dropbox machines together. The file, config.db, is a small table that contains only three fields: email, dropbox_path, and host_id. Since the host_id is not actually tied to a specific host and does not appear to change over time, an attacker could create a piece of malware that silently locates and sends back the config.dh file. The attacker would then be able to start up a copy of Dropbox with the stolen config file in place and instantly be part of the victim’s mesh of computers. The tool does not notify the user of how many machines are connected, so the victim would have no way to know that their files were being stolen.

Source:
http://www.neowin.net/news/major-dropbox-security-flaw-discovered

Posted in Internet, Privacy, Security | No Comments

Ransomware squeezes users with bogus Windows activation demand

A new Trojan tries to extort money from users by convincing them to dial international telephone numbers to reactive Windows, a security researcher said today.

Once on a PC, the malware displays a message claiming that Windows is “locked” and must be reactivated, said Mikko Hypponen, the chief research officer of Helsinki-based F-Secure. Users seeing the message cannot boot Windows in either normal or Safe mode, Hypponen said.

“This copy of Windows is locked. You may be a victim of fraud or there may be an internal error,” the message states.

Source:
http://www.computerworld.com/s/article/9215711/Ransomware_squeezes_users_with_bogus_Windows_activation_demand?taxonomyId=17

Posted in Internet, Security, Windows | No Comments

TCHunt, Search For TrueCrypt Volumes

TCHunt is a small portable application that can be used to find encrypted True Crypt volumes on the system. It has been specifically designed to demonstrate the possibility of finding True Crypt volumes even if they are not mounted and well disguised by the user. With True Crypt, it is possible to encrypt a partition of a hard drive, or a specific amount of storage space which is stored in a container file on a storage device.

These volumes can have sizes from 19 Kilobytes onwards and completely arbitrary file names and extensions. The program has been designed to show that it is possible to identify those True Crypt containers even if they are reasonable small and disguised by the user. It is more or less impossible to verify the existence of a True Crypt container without technical help unless the container itself is rather large or placed in a location where it can be easily identified. While it is possible to analyze each possible container file on a system, it would take a very long time to do so.

Source:
http://www.ghacks.net/2011/04/11/tchunt-search-for-truecrypt-volumes/

Posted in Privacy, Software | No Comments

State of Texas exposes data on 3.5 million people

Susan Combs, Comptroller for the state of Texas announced a massive data leak that resulted in 3.5 million peoples social security numbers, names, addresses and in some cases their birth date and drivers license number being exposed.

Unlike private companies who have had large releases of PII (Personally Identifiable Information) recently, the state of Texas is not providing credit monitoring or other services for the victims of their mistake. They are simply providing sage advice…

Source:
http://nakedsecurity.sophos.com/2011/04/12/state-of-texas-leaks-data-on-3-5-million-people/

Posted in Internet, Privacy | No Comments

Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat

A critical vulnerability exists in Flash Player 10.2.153.1 and earlier versions (Adobe Flash Player 10.2.154.25 and earlier for Chrome users) for Windows, Macintosh, Linux and Solaris, Adobe Flash Player 10.2.156.12 and earlier versions for Android, and the Authplay.dll component that ships with Adobe Reader and Acrobat X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh operating systems.

This vulnerability (CVE-2011-0611) could cause a crash and potentially allow an attacker to take control of the affected system. There are reports that this vulnerability is being exploited in the wild in targeted attacks via a Flash (.swf) file embedded in a Microsoft Word (.doc) file delivered as an email attachment, targeting the Windows platform. At this time, Adobe is not aware of any attacks via PDF targeting Adobe Reader and Acrobat. Adobe Reader X Protected Mode mitigations would prevent an exploit of this kind from executing.

Source:
http://www.adobe.com/support/security/advisories/apsa11-02.html

Posted in Internet, Software | No Comments