Awesome VPN Comparison Chart

January 31, 2016 – 7:15 AM

Here’s a great VPN comparison chart showing various details such as logging, location, privacy, security and pricing.  Excellent resource to bookmark.

https://docs.google.com/spreadsheets/d/1FJTvWT5RHFSYuEoFVpAeQjuQPU4BVzbOigT0xebxTOw/htmlview?usp=sharing&sle=true

How to avoid the latest LastPass Phishing Attack

January 16, 2016 – 1:24 PM

Sean Cassidy discovered recently that the popular password manager LastPass is vulnerable to a  phishing attack that takes advantage of the way messages are displayed to users of the service.

The method that he describes on his blog works in Google Chrome, and to a degree in Firefox as well.

The main difference between the two browsers is that fake messages displayed to Chrome users on attack sites look identical to the message the LastPass extension would display to them, while that’s not the case if Firefox is being used.

Source:
http://www.ghacks.net/2016/01/16/how-to-avoid-the-latest-lastpass-phishing-attack/

Trend Micro password manager had remote command execution holes and dumped data to anyone

January 12, 2016 – 5:42 AM

A password management tool installed by default alongside Trend Micro AntiVirus was found vulnerable to remote code execution thanks to the work of Google’s Project Zero security team.

Discovered by Project Zero’s Tavis Ormandy, the password tool was built using JavaScript and node.js, and started a local web server that would listen, without using a whitelist or same origin policy, for API commands.

“It’s even possible to bypass MOTW [Mark of the Web], and spawn commands without any prompts whatsoever.”

According to the security researcher, even after Trend Micro issued an initial fix, the product still exposed nearly 70 API calls to the internet.

“I happened to notice that the /api/showSB endpoint will spawn an ancient build of Chromium (version 41) with –disable-sandbox. To add insult to injury, they append ‘(Secure Browser)’ to the UserAgent.”, Ormandy said.

Source:
http://www.zdnet.com/article/trend-micro-password-manager-had-remote-command-execution-holes-and-dumped-data-to-anyone-project/

AVG putting millions of Chrome users at risk

January 1, 2016 – 7:33 AM

Security company AVG, well known for its free and commercial security products that offer a wide range of security related safeguards and services, has put millions of Chrome users at risk recently by breaking Chrome security in a fundamental way in one of its extensions for the web browser.

AVG, like many other security companies offering free products, is using different monetization strategies to earn revenue from its free offerings.

One part of the equation are getting customers to upgrade to paid versions of AVG and for a while , that was the only way things worked for companies like AVG.

The free version works fine on its own but is being used to advertise the paid version that is offering advanced features such as anti-spam or an enhanced firewall on top of that.

Security companies started to add other revenue streams to their free offerings, and one of the most prominent one in recent time involved the creation of browser extensions and the manipulation of the browser’s default search engine, home page and new tab page that go along with it.

Customers who install AVG software on their PC get a prompt in the end to safeguard their browsers. A click on ok in the interface installs AVG Web TuneUp in compatible browsers with minimal user interaction.

The extension has more than 8 million users according to the Chrome Web Store (according to Google’s own statistics nearly nine million).

Source:
http://www.ghacks.net/2016/01/01/avg-putting-millions-of-chrome-users-at-risk/

New, improved Macro malware hitting Microsoft Office

December 16, 2015 – 4:40 PM

The comeback was 16 years in the making, but macro malware is once again on security professional’s radar in a big way impacting at least 100,000 people since it began its resurgence earlier this year, according to Intel Security.

The malware, which uses the macros found in Windows Office products like Word and Excel, saw its heyday in 1999 when it was first observed and known as the Melissa virus. Some good work by Microsoft at the time, that included added a permissions step for Office documents users, helped curtail the issue, but now it is again on the rise.

“Certainly over the last 12 months we have witnessed a spike. In underground forums there are multitudes of tools that allow people to create malicious macro malware attachments that has also fed the spike,” Raj Samani, vice president and CTO of Intel Security, told SCMagazine.com in an email Wednesday.

Fellow Intel Security executive Vincent Weafer, senior vice president, Intel Security, wrote in an Intel Security Perspectives blog that the number of incidents of macro malware is up fourfold this year, adding that just as in 1999, Office documents are still the preferred targets. The latest incarnation includes several new twists to spread the malware, including using socially-engineered phishing campaigns to target corporate workers, where Office is most often used. Previously, the email attack was much less sophisticated.

Source:
http://www.scmagazine.com/macro-malware-hitting-microsoft-office-16-years-later/article/460250/