Katy Perry and Russell Brand baits to spread a new Facebook worm
Once again, user curiosity becomes cyber-criminals’ best ally. Scammers exploit people’s interest in celebrities to infect users. We have recently detected a new Facebook scam that uses a fake video of singer Katy Perry and ex-husband actor Russell Brand to trick users. If the user clicks the link, they are taken to a fake Facebook [...]—
read the article
Sex, lies and Twitter
Last week we got a new follower in Twitter, Alena Edwards: No tweets so far, the only information about “her” is the message in her profile, where she’s looking for funny guys and gives us a link. Probably it is a spammer, but instead of tweeting links just put the spam link in the profile [...]—
read the article
Megaupload and the cybercrime fight
As most of you already now, yesterday Megaupload was closed by the FBI, accused of “copyright infringement”. You can read FBI’s press release here where the details of the case are explained, and you can see how each accused person in this case could face 50 years jail time. We should be concerned, as the [...]—
read the article
Microsoft Security Advisory (2641690): Fraudulent Digital Certificates Could Allow Spoofing – Version: 3.0
Revision Note: V3.0 (January 19, 2012): Revised to announce the release of an update for Windows Mobile 6.x, Windows Phone 7, and Windows Phone 7.5 devices.
Summary: Microsoft is aware that DigiCert Sdn. Bhd, a Malaysian subordinate certification authority (CA) under Entrust and GTE CyberTrust, has issued 22 certificates with weak 512 bit keys. These weak encryption keys, when broken, could allow an attacker to use the certificates fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer. While this is not a vulnerability in a Microsoft product, this issue affects all supported releases of Microsoft Windows.
The Rise of the Ransomware
In the last months we have seen an increase of ransomware attacks. While the first ones we saw were posing as Microsoft to threaten the user because it had been detected a pirated version of Windows, and in case you didn’t pay the fine they would contact the local law enforcement agencies, the new ones [...]—
read the article