Deprecation of SHA-1 Hashing Algorithm for Microsoft Root Certificate Program

Microsoft is announcing a policy change to the Microsoft Root Certificate Program. The new policy will no longer allow root certificate authorities to issue X.509 certificates using the SHA-1 hashing algorithm for the purposes of SSL and code signing after January 1, 2016. Using the SHA-1 hashing algorithm in digital certificates could allow an attacker to spoof content, perform phishing attacks, or perform man-in-the-middle attacks.

Recommendation: Microsoft recommends that certificate authorities no longer sign newly generated certificates using the SHA-1 hashing algorithm and begin migrating to SHA-2. Microsoft also recommends that customers replace their SHA-1 certificates with SHA-2 certificates at the earliest opportunity.

Source:
http://technet.microsoft.com/en-us/security/advisory/2880823

Posted in Coding, Internet, Security, Windows | No Comments

Instagram Users Compromise Their Own Accounts for Likes

Symantec Security Response has discovered many Instagram users have willingly shared their usernames and passwords to a bot-like app in order to increase likes and followers.

The application known as InstLike was available for iOS and Android devices. It could be found in both Apple App Store and Google Play Store. Google and Apple have since removed the applications from their respective stores. There is also a mobile version of the application online.

InstLike claims users will receive likes and followers for free. But as we have warned previously, these kind of “free” services for social networks are not actually free. In the case of InstLike, the application asks users to provide their Instagram login credentials. Applications that wish to interact with Instagram accounts, however, should instead use the Instagram API.

Source:
http://www.symantec.com/connect/blogs/instagram-users-compromise-their-own-accounts-likes

Posted in Internet, Privacy, Security | No Comments

The WhiteHat Aviator Web Browser

With every website you visit, you’re vulnerable to malicious hackers out to steal your surfing history, passwords, email access, bank account numbers, medical info, and more. And the “big browsers” don’t do enough to stop it.

But now you can protect yourself before you go on the Web – with WhiteHat Aviator, the Web’s most secure and private browser. With WhiteHat Aviator, you get the industry’s best and tightest security and privacy safeguards – all built-in, all activated, all ready-to-go.

https://www.whitehatsec.com/aviator/#

Posted in Internet, Privacy, Security | 1 Comment

Google Adding Automatic Malware Blocking to Chrome

Google is adding several security updates to its Chrome browser, including automatic malware blocking and the option to reset browser settings.

Newer, stealthier browser malware is released through things like free screensavers, video plug-ins, or fake security updates. It then hides, making it difficult for users to find and uninstall the programs themselves.

As a result, the stable version of Chrome now has a “reset browser settings button.” Located under the advanced settings, it returns Chrome to a factory-fresh state. Google said it was one of the most requested additions on the Chrome help forums, and is designed to clear the browser of any potential malware.

Going forward, Google will also “automatically block downloads of malware that we detect” in Chrome. At this point, the feature is only available in the Canary build version of Chrome – the earlier, test version of the browser that comes before dev, beta, and stable. But it will eventually hit the stable channel.

If Chrome blocks something, a message will appear in the download tray telling you the browser has blocked something. “You can click ‘Dismiss’ knowing Chrome is working to keep you safe,” Google said in a blog post.

The new option joins Chrome’s existing security features such as “Safe Browsing.” Google claims to flag over 10,000 websites a day searching for potential threats and steers users away from them using Safe Browsing.

Source:
http://www.pcmag.com/article2/0,2817,2426682,00.asp?kc=PCRSS03069TX1K0001121

Posted in Internet, Privacy, Security, Software | No Comments

Cryptolocker: How to avoid getting infected and what to do if you are

There’s a big threat wiling around on the Internet right now: A particularly nasty piece of ransomware called Cryptolocker. Many, many organizations are being infected with this malware, but fortunately, there are surefire ways to avoid it and also ways to mitigate the damage without letting the lowlifes win.

What is Cryptolocker?

Cryptolocker comes in the door through social engineering. Usually the virus payload hides in an attachment to a phishing message, one purporting to be from a business copier like Xerox that is delivering a PDF of a scanned image, from a major delivery service like UPS orFedEx offering tracking information or from a bank letter confirming a wire or money transfer.

The virus is, of course, an executable attachment, but interestingly the icon representing the executable is a PDF file. With Windows’ hidden extensions feature, the sender simply adds “.pdf” to the end of the file (Windows hides the .exe) and the unwitting user is fooled into thinking the attachment is a harmless PDF file from a trusted sender. It is, of course, anything but harmless.

Once Cryptolocker is in the door, it targets files with the following extensions:

*.odt, *.ods, *.odp, *.odm, *.odc, *.odb, *.doc, *.docx, *.docm, *.wps, *.xls, *.xlsx, *.xlsm, *.xlsb, *.xlk, *.ppt, *.pptx, *.pptm, *.mdb, *.accdb, *.pst, *.dwg, *.dxf, *.dxg, *.wpd, *.rtf, *.wb2, *.mdf, *.dbf, *.psd, *.pdd, *.pdf, *.eps, *.ai, *.indd, *.cdr, *.jpg, *.jpe, img_*.jpg, *.dng, *.3fr, *.arw, *.srf, *.sr2, *.bay, *.crw, *.cr2, *.dcr, *.kdc, *.erf, *.mef, *.mrw, *.nef, *.nrw, *.orf, *.raf, *.raw, *.rwl, *.rw2, *.r3d, *.ptx, *.pef, *.srw, *.x3f, *.der, *.cer, *.crt, *.pem, *.pfx, *.p12, *.p7b, *.p7c

When it finds a file matching that extension, it encrypts the file using a public key and then makes a record of the file in the Windows registry under HKEY_CURRENT_USER\Software\CryptoLocker\Files. It then prompts the user that his or her files have been encrypted and that he or she must use prepaid cards or Bitcoin to send hundreds of dollars to the author of the malware.

Source:
http://www.computerworld.com/s/article/9243537/Cryptolocker_How_to_avoid_getting_infected_and_what_to_do_if_you_are_

Posted in Internet, Privacy, Security, Software, Windows | No Comments