Browser Bug Could Allow Phishing Without Email

A bug found in all major browsers could make it easier for criminals to steal online banking credentials using a new type of attack called “in-session phishing,” according to researchers at security vendor Trusteer.

In-session phishing (pdf) gives the bad guys a solution to the biggest problem facing phishers these days: how to reach new victims. In a traditional phishing attack, the scammers send out millions of phoney e-mail messages disguised to look like they come from legitimate companies, such as banks or online payment companies.

Those messages are often blocked by spam-filtering software, but with in-session phishing, the e-mail message is taken out of the equation, replaced by a pop-up browser window.

Here’s how an attack would work: The bad guys would hack a legitimate Web site and plant HTML code that looks like a pop-up security alert window. The pop-up would then ask the victim to enter password and login information, and possibly answer other security questions used by the banks to verify the identity of their customers.

Source:
http://www.pcworld.com/article/156974/browser_bug_could_allow_phishing_without_email.html?tk=rss_news

Posted in Coding, Internet, Privacy, Security | No Comments

Hacker Leaves Message for Microsoft in Trojan Code

Here’s a new way to get Microsoft to pay attention to you: Slip a brief message into the malicious Trojan horse program you just wrote.

That’s what an unnamed Russian hacker did recently with a variation of Win32/Zlob, a Trojan program victims are being tricked into installing on their computers.

The message is surprisingly cordial, given that Microsoft’s security researchers spend their days trying to put people like Zlob’s author out of business. “Just want to say ‘Hello’ from Russia. You are really good guys. It was a surprise for me that Microsoft can respond on threats so fast,” the hacker wrote, adding, “Happy New Year, guys, and good luck!”

Zlob is one of the most common types of Trojan programs used to attack Windows these days. In a typical Zlob scam, the victim is sent a link to what looks like an interesting video. When the link is clicked, the user is told to install a multimedia codec file in order to watch the video. That file is actually malicious software.

It’s not clear whether the author of this message is the creator of Zlob, according to Joe Stewart, a researcher with SecureWorks. That’s because “Zlob is one of those things that gets mislabeled by AV companies a lot,” he said via e-mail. “Basically any time they see malware being spread by ‘you need this video codec…’ messages in multimedia files, it gets the Zlob label.”

Source:
http://tech.yahoo.com/news/pcworld/20090112/tc_pcworld/hackerleavesmessageformicrosoftintrojancode

Posted in Coding, Internet, Security, Windows | No Comments

Google adds HTTPS-only browsing to Chrome

Google has quietly released a pre-beta version of Google Chrome 2.0 with a new HTTPS-only browsing mode.

The new feature lets users add “force-https to your Google Chrome shortcut” to only load Web sites with valid security certificates.   “Sites with SSL certificate errors will not load,” the company explained.

The newest Chrome release also updates the WebKit and V8 JavaScript engines, offers a better implementation for SafeBrowsing (malware/phishing protection), and new code for the HTTP network protocol.

Source:
http://blogs.zdnet.com/security/?p=2369

Posted in Internet, Privacy, Security, Windows | No Comments

Windows 7 Beta Direct Downloads

Here are links to the direct downloads for Windows 7 Beta.  You will still need to go back to Microsoft for your registration key but at least you can get it downloaded and burned to a DVD a while.

Windows 7 Beta (x86): 7000.0.081212-1400_client_en-us_Ultimate-GB1CULXFRE_EN_DVD.ISO

Windows 7 Beta (x64): 7000.0.081212-1400_client_en-us_Ultimate-GB1CULXFRE_EN_DVD.ISO

Links courtesy of:
http://www.sizzledcore.com/2009/01/10/windows-7-beta-direct-download-links/

Posted in Windows | No Comments

Downadup Blocklist

Here’s a list of domains that are currently distributing the Downadup worm:

http://www.f-secure.com/weblog/archives/downadup_domain_blocklist.txt

Posted in Internet, Networking, Security | 1 Comment