Some 40,000 followers of Rich Sanchez's Twitter page may have been led to believe that the CNN anchor had a drug problem after a tweet appeared saying "i am high on crack right now might not be coming into work today." No, Sanchez wasn't really high on crack, nor was he cracking a joke (see what we did there?), but he was the victim of a hacker who took control of his account while he was away doing rehab (for his knee, not for drugs).
Around the same time this occurred, a password stealing phishing scam has been gaining steam by disguising itself as a private message leading to a fake Twitter log-in screen and targeting various celebrities, such as Britney Spears, the account for Fox News, and president elect Barack Obama. The ordeal had Sanchez scratching his head, but Twitter has now revealed this incident had nothing to do with the recent phishing scam.
"The issue with these 33 accounts is different from the Phishing scam aimed at Twitter users this weekend," Twitter wrote in a blog post. "These accounts were compromised by an individual who hacked into some of the tools our support team uses to help people do things like edit the mail address associated with their Twitter account when they can't remember or get stuck. We considered this a very serious breach of security and immediately took the support tools offline. We'll put them back only when they're safe and secure."
The falsly incriminating tweet has been removed, and we hear Sanchez made it work that day, sober and all.
It is common knowledge that smartphones are fast emerging as a dainty prey for malware proliferators. But a recent press release by IT security firm ESET, which spelled out some of the potential threats in 2009, might have iPhone and Android users worried in particular.
ESET warned in the press release that it expects both the iPhone and Android to become more vulnerable to malware. The company also expects both the smartphone platforms to fall prey to mobile browser exploits that might target their WebKit-based browsers.
The security firm has prognosticated an increase in fake antivirus extortion in 2009. “Some of the major antivirus companies have seen their websites spoofed over the last couple of months,” according to David Harley, Director of Malware Intelligence at ESET. The real threat lies in the fact that internet charlatans are leaving no stone turned in their bid to appear as credible as possible.
According to a recent security study, low assurance digital certificates have become a new gateway for hackers to get to your personal data, by means of a man-in-the-middle (MITM) attack.
The MITM attack consists of a hacker putting themselves between two parties in a dialogue, such as a person and their bank. Once in place they effectively control the conversation to get login credentials or other, far more valuable information.
Generally, untrustworthy certificates will be halted by error messages or warnings that throw up red flags for potential problems, at least to the more internet-savvy. However, more crafty hackers will often add a legitimately issued certificate to the mix, making even the most secure browsers continue on their merry way, as if nothing has happened.
So how can you keep yourself safe online? Well, at time of press there isn’t any kind of listed fix, but just watch yourself and your information. Acting supremely paranoid can’t hurt, can it?
Since 2002, CastleCops has been among the leading antimalware research websites, offering a Wiki, blog, malware removal and prevention tips, and much more. CastleCops founder Paul Laudanski went to work for Microsoft's Live Consumer Services team in mid-May of this year, and CastleCops, which was volunteer-driven, did not survive the transition. CastleCops' last day on duty was December 23, as the farewell message relates:
You have arrived at the CastleCops website, which is currently offline. It has been our pleasure to investigate online crime and volunteer with our virtual family to assist with your computer needs and make the Internet a safer place. Unfortunately, all things come to an end. Keep up the good fight folks, for the spirit of this community lies within each of us. We are empowered to improve the safety and security of the Internet in our own way. Let us feel blessed for the impact we made and the relationships created.
With respect to the server marathon, by March 17 2009 CastleCops will refund contributions made through PayPal that were specifically designated for servers. Unfortunately, server donations made via check cannot be returned because we do not have the addresses for the donating entity. Unless instructed otherwise, CastleCops will re-allocate these funds as a donation to the Internet Systems Consortium (ISC.org). This organization sponsored our hosting environment for approximately the past 2 years. Please contact us [cc at laudanski dot com] before March 17, 2009, if you would like a return of your server marathon donation. Otherwise, we would like to thank the ISC for their unfettered support.
We thank everyone in creating our unique footprint and memories in time.
Love, Best Wishes and Happy Holidays, CastleCops PST 23 Dec 2008
If you've depended upon CastleCops' databases and forums as a resource for fighting malware, now what? Join us after the jump for new resources, and for your chance to suggest your favorite anti-malware websites and tools.
Terry Childs, who locked down San Francisco's FiberWan system last summer, will get his day in court on January 13, exactly six months since he went into the slammer for allegedly hijacking the network he designed and maintained. $5 million bail stands between Childs and a 'get out of jail' card until trial.
After an eight-day preliminary hearing, Superior Court Judge Paul Alvarado ruled Wednesday that prosecutors had produced enough evidence of Terry Childs' probable guilt to hold him for trial on four felony charges of tampering with a computer network, denying other authorized users access to the network and causing more than $200,000 in losses.
How much more than $200,000? According to prosecutors, the city claims it spent almost $1.5 million in "attempts to regain control of the network and assess its vulnerability to intrusions."
Childs' attorney claims her client was trying to protect the network from other employees:
Mr. Childs had good reason to be protective of the password. His co-workers and supervisors had in the past maliciously damaged the system themselves, hindered his ability to maintain it...and shown complete indifference to maintaining it themselves...He was the only person in that department capable of running that system.
The case made our 250 Most Important Tech Products, Events, and People of 2008list at number 232. Stay tuned to MaximumPC.com for further updates.
If you've purchased a digital photo frame from Amazon recently, it's in your best interest to pay attention to any emails originating from Amazon Customer Service. That's because the online e-tailer has been warning its customers that one of Samsung's digital frames, specifically its SPF-85H 8-inch unit, ships with a little something extra.
"We have recently learned that Samsung has issued an alert affecting its SPF-85H 8-Inch Digital Photo Frame," Amazon writes. "The alert concerns discovery of the W32.Sality.AE worm on the installation disc SAMSUNG FRAME MANAGER XP VERSION 1.08, which is needed for using the SPF-85H as a USB monitor."
Vista owners and those running a different Frame Manager version aren't affected by the worm, Samsung says. For those that are affected, Samsung advises removing the worm using Norton Internet Security 2009, uninstalling Frame Manager 1.08, and then updating to Frame Manager XP 1.082.
Thsi isn't the first time malware has made its way onto digital picture frames. Earlier in the year, some Insignia units sold at Best Buy were found to contain a Trojan Horse payload, with reports claiming several other vendors, such as Sam's Club, Target, and Costco, were also selling infected digital frames.
Before you drop in on the American Express website to see how much damage you did to your credit line with holiday shopping, you should know it's vulnerable to an XSS (cross-site scripting) exploit. As The Registerreports, this news comes after a bungled attempt to fix the problem. As El Reg puts it,
The cross-site scripting (XSS) error that makes it trivial for attackers to steal americanexpress.com user's authentication cookies is alive and kicking. The confusion stems from a mistake made by many application developers who incorrectly assume that the root cause of a vulnerability is closed as soon as a particular exploit no longer works.
So far, only proof-of-concept exploits have been written to show how easy it would be to pilfer login credentials, but until AmEx really eradicates this problem, keep a careful eye on your website transactions. For a list of precautions you can take to stop XSS exploits, see our 2007 article.
Have you been victimized by an XSS error? Join us after the jump and sound off.
"In our world of customized online services, responsible use of data is critical to establishing and maintaining user trust," said Anne Toth, Yahoo!'s Vice President of Policy and Head of Privacy. "We know that our users expect relevant and compelling content and advertising when they visit Yahoo!, but they also want assurances that we are focused on protecting their privacy."
The new limit puts Yahoo well ahead of its competition. Earlier this year, Google reduced its data retention time frame from 18 months to nine months, and Microsoft vowed to cut its data retention policy to six months if its rivals did the same.
Yahoo will begin implementing the new policy next month and says it will be effective across all of the company's services by the middle of 2010.
Could it be possible that legitimate email messages only account for 10 percent of all email? According to the Cisco 2008 Annual Security Report, the answer is 'yes.' The report claims that nearly 200 billion pieces of spam are sent and received every day, accounting for 90 percent of the world's email. Making the influx of spam messages possible are armies of hijacked computers, Cisco says.
"Every year we see threats evolve as criminals discover new ways to exploit people, networks, and the internet," said Cisco chief security researcher Patrick Peterson. "The botnet is, in many cases, ground-zero for online criminal threats."
Cisco points to the United States as by far the biggest source of spam, accounting for 17.2 percent of the messages. Turkey came in second at 9.2 percent, and Russia ranked third accounting for 8 percent.
What's most striking is that spam volumes have nearly doubled in 2008 compared to 2007. This despite a handful of recent busts by the FTC on various spam rings, which appear to have done nothing when looking at the overall picture. And because spammers "rarely use computers in their physical possession, instead renting or building botnets," the FTC will continue to fight an uphill battle until security improves across the board. Don't hold your breath.