Fake parking tickets direct to malicious Web site

In a scary online-offline Internet scam hybrid cars in North Dakota have been tagged with fake parking citations that include a Web address hosting malicious software that drops a Trojan onto the computer.

The yellow tickets found on the cars in Grand Forks, North Dakota, read: “PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to” and gave a Web site, according to a blog posting on the SANS Internet Storm Center site.

The site referenced shows photos of cars in parking lots in that town and prompts the visitor to download a toolbar to see purported photos of the ticketed car. Downloading the executable installs a Trojan and displays a fake security alert when the system is rebooted. The fake alert prompts the computer user to install a fake anti-virus scanner, SANS said.

“The initial program installed itself as a browser helper object (BHO) for Internet Explorer that downloaded a component from childhe.com and attempted to trick the victim into installing a fake anti-virus scanner from bestantispyware securityscan.com and protectionsoft warecheck.com,” wrote SANS analyst Lenny Zeltser.

Source:
http://news.cnet.com/8301-1009_3-10156841-83.html?part=rss&subj=news&tag=2547-1_3-0-5

Posted in General BS, Internet, Privacy, Security | No Comments

Firefox 3.0.6 Now Available

Firefox 3.0.6 fixes several issues found in Firefox 3.0.5:

• Fixed several security issues.
• Fixed several stability issues.
• In previous versions of Firefox, some users experienced a problem where parts of the screen were not properly displaying after Firefox was open for long periods of time.
• Improved the ability for scripted commands (including those included in popular extensions like Adblock Plus) to work properly with plugins. (bug 438830)
• Removed the client user ID from crash reports.
• Fixed issues with the display of some Indic scripts.
• See the Firefox 3.0.5 release notes for changes in previous releases.

Posted in Internet, Software | No Comments

phpBB Downtime and Server Compromise

As you may already be aware from the message on phpBB.com or the topic in the #phpBB channel on Freenode, we have recently been attacked via a vulnerability in an outdated PHPList installation. The initial attack was performed well before a new version of the software was released or a patch provided. It is important to stress that no vulnerabilities have been found in the phpBB software itself.

We took area51.phpBB.com down along with phpBB.com to ensure integrity and prevent further damage. While we actively work to bring phpBB.com back online, we would also like to inform you of the damage that has been done.

The attacker gained entry through the PHPList application and was able to dump a complete backup of the emails on file. He then used the same exploit to access the phpBB.com database. Both the email list from PHPlist and a copy of the phpBB.com users table were then posted publicly.

phpBB3 uses a complex hashing algorithm in order to prevent someone from determining the plaintext value of a password. phpBB2, however, used a much simpler and less secure md5 algorithm to store passwords. This is one of the many reasons why we have decided to no longer support the phpBB2 software. Because hashes cannot be reversed, phpBB3 is set to convert phpBB2 hashes to the new phpBB3 standard during the first user login. Those users who registered while phpBB.com used phpBB2 and did not login on the new phpBB3 board continue to have their password hashes stored in the old format. Passwords stored in the old format are much less secure than those stored in the new format. The attackers have been focusing purely on the passwords stored in the old format.

If the password to your phpBB.com account is used anywhere else (especially with the same username), we strongly recommend that you change it. Using the same password across multiple sites is not security wise and should not be done under any circumstance. Additionally, you should change your password on phpBB.com, when it becomes available.

We apologise for not securing our servers in time to prevent this from happening. This demonstrates how critically important it is to always make sure that you keep up to date with any software that is running on your machine. Intrusion is possible even before a patch is provided to fix a vulnerability. At this time, the team is working around the clock to restore phpBB.com and other resources.

Source:
http://area51.phpbb.com/phpBB/viewtopic.php?f=3&t=29973

Posted in Coding, Internet, PHP, Privacy, Security | 1 Comment

RFID Passports Secretly Copied

If you have an RFID-lojacked passport but don’t keep it in a faraday cage wallet, this video of Chris Paget’s war-driving exploits—plucking information off them from afar—should make you think real hard about it.

Cruising through downtown San Francisco in his car with a $250 homebrew RFID reader setup consisting of a Symbol XR400 RFID reader and a Motorola AN400 patch antenna stuck to the side of his Volvo, he snagged the info off of two passports in just 20 minutes. The point, he says, is “mainly to defeat the argument that you can’t do it in the real world, that there’s no real-world attack here, that it’s all theoretical.” The range of his gear is about 30 feet, which is plenty of clearance.

He plans to release the source code of his software next month—not the first time he’s tried to publicly discuss his methods and the dangers of RFID embedded in personal IDs. It also won’t be the first time the government denies it’s really an issue, either.

http://www.youtube.com/watch?v=9isKnDiJNPk

Source:
http://i.gizmodo.com/5144548/scary-video-rfid-passports-secretly-copied-on-a-lovely-sunday-drive

Posted in General BS, Hardware, Networking | No Comments

Install TweetDeck In Ubuntu

TweetDeck is an Adobe Air desktop application that is currently in public beta. It aims to evolve the existing functionality of Twitter by taking an abundance of information i.e twitter feeds, and breaking it down into more manageable bite sized pieces.

To install this in Ubuntu, follow the below steps:

1. Go here and download the latest package of Adobe Air for Linux:
   http://get.adobe.com/air/
2. Open a Terminal and browse to where you downloaded the installer file (at the time of this post it was called “AdobeAIRInstaller.bin”)
3. Type chmod +x AdobeAIRInstaller.bin and press Enter
4. Type sudo ./AdobeAIRInstaller.bin and press Enter
5. Enter your password and this will launch the installer. Follow the prompts accordingly.
6. Now go here and download the TweetDeck Air file:
   http://www.tweetdeck.com/beta/
7. Open with Adobe Air and install the application by following the prompts.  You will need your Admin password.

That’s it.  You are done.

Posted in General BS, Internet, Linux | 2 Comments