“There’s a new personal notification message special for Sorin Mustaca” is the subject of the email pretending to come from “Automation LinkedInNotifier”. But then, why is it coming from “gci@grey.si” ? Come on spammers, you disappoint me 🙂 Anybody can see it is a fake… And “Linked In” ? Not even this is right… It is just an online pharmacy … from Russia “with a lot of Love”:
A spam campaign sending emails from an “Auto ImageService” with the subject “Your file has been uploaded” is making its round on the Internet. The content of the email (see below) is very simple and advertises a link to a photo taken with a digital camera (DCIM stands for Digital Camera IMages) which was allegedly uploaded to some online image service. And now to my question: How do you react if you see such an email in your Inbox ? I guess, most people would think: “What file? Oh, a photo? Hmm…” And here it goes: – You know that JPG is a photo. Do you have compromising photos on your computer ? Is it maybe one of those photos? Better quickly check it…Click. Btw, if you are in this situation, you may want to check this article: Tips to secure your photos (including those with you naked) – You don’t know that JPG is a photo. You react to “file uploaded” and you click. Fortunately, at the moment when I checked this URL it was redirecting to a Russian website with online pharmacy. However, the target website at the first level of redirect was an obfuscated Javascript file that…
During the holidays season many people receive packages from the post or delivery services. We wrote about the dangers introduced by opening attachments in emails pretending to come from such entities. Without an active and up to date security software, attachments in email should never be open, no matter from where they come. We also recommend that consumers watch for a few things in order to not become a victim of the online fraudsters: – If you connect to the Internet via a WiFi, make sure it is encrypted – If you connect to the webshop via a mobile device like a tablet or smartphone, make sure that the website reacts correctly to touch. Not all website allow an easy usage via such interfaces. You don’t want to order 10 items instead of one, or press cancel instead of proceed after you searched for hours the right product. – If you don’t know the website you plan to buy from, always check its reputation. Search for other users who are commenting about that website. Searching for “<website> reputation” usually gives good and relevant results. – Always check that the connection to the online store where the payment is done is secured….
With the holidays and presents season approaching, most of us are thinking what presents to order for Christmas. Many people prefer to order them online than to spend hours chasing presents in a mall. I know I am one of those… This fact is also known by cyber criminals who are doing anything to get more money or to extend their botnets. If we see usually only some targeted fake shops or phishing campaigns, this time the stake was raised to a higher level. A spam campaign which pretends to represent the delivery service FedEx is delivering an archive attached to the emails. The ZIP file contains an executable file called Postal-Receipt.exe which, at the time of analyzing, was detected only by three antivirus software from the 48 registered at the online scanning service VirusTotal. Avira briefly analyzed the file and added the detection TR/Inject.exab for that file. The executable in the archive is a clever malware which tries to fool the user by starting a notepad, pretending to display the receipt. In background, it injects code in svchost.exe and tries to contact its command and control server in order to transfer some malicious payload on user’s computer. And this is how…
We have seen two years ago the first serious attempt to attack a nuclear power plant with a malware (Stuxnet) and the entire security industry as well as governments have started to take the entire issue very seriously. Basic utilities like electricity, water supply, gas for our cars and even food supplies depend on the availability of computer networks. It is to be expected that if there are assets which are important to someone in the Internet, there will be eventually also someone who will try to misuse them. Yes, the trend from last years is pretty clear in regard to cyberthreats. There will be no longer millions of malware out there, but those that will continue to exist or will newly appear, will be very serious threats. More and more is being done with help of computers and networks and even in households there are more and more devices connected to the Internet. “Serious threat” needs also to be redefined in this light. What five to ten years ago was considered “serious” – defacing websites, trojans that were executed on certain dates to spread some messages – can’t be compared with what is today being considered serious: human lives…
http://www.networkworld.com/news/2012/012412-authorities-prepare-to-close-down-255242.html?hpg1=bn “If your computer was infected at some point in time and it was using one of the DNS servers which are now controlled by FBI, after March 8, it will no longer be able to make any DNS requests through these servers,” Avira product manager and data security expert Sorin Mustaca said in a blog post. “In layman’s terms, you will no longer be able to browse the web, read emails and do everything you usually do on Internet.” Article written in Techblog on Monday,23.1.2012, question from the journalist sent on Tuesday with deadline one hour (or less), article published the same day. I love online media 🙂
If you own such a device, then the first thing you do with it is to upgrade its firmware to NextFW. The Support forum of Fujitsu-Siemens is full of useful How-Tos which help you reach your goal. After you’ve done that, you may want to enable the rsync daemon . With a running rsync service you can have basically your own private online backup service. This is at least what I tried to achieve. But it is tricky to make it run correctly. Read here about rsync utility and here about rsync daemon (aka rsyncd). Here is how I configured it so that it works also on Windows: amsadmin# cat /etc/rsyncd.conf lock file = /var/run/rsyncd.lock log file = /var/log/rsyncd.log pid file = /var/run/rsyncd.pid use chroot = no #max verbosity = 1 gid = wheel uid = amsadmin [backup] path = /mnt/home/storage/backup comment = bck export area for storage auth users = amsadmin secrets file = /mnt/.zap/etc/rsyncd.secrets read only = no write only = yes list = yes Make sure you make symlinks to /etc/rsyncd.conf and /etc/rsyncd.secrets. # ln -s /mnt/.zap/etc/rsync.conf /etc/rsyncd.conf # ln -s /mnt/.zap/etc/rsync.secrets /etc/rsyncd.secrets The file rsyncd.secrets is a standard plain text file containing something like:…
The source is an article I wrote for the Avira press release : http://www.avira.com/en/press-details/nid/528/news/consumers-concerns-online-shopping-safety Here are the tips: I recommend that consumers watch for a few things in order to not become a victim of the online fraudsters: Always check that the connection to the online store where the payment is done is secured. This can be observed first if the URL is starting with “https” and second if a small lock is present in the top left corner of the browser in the URL field (in Chrome) or the name of the website is written in a colored rectangle(in Firefox,IE). If the web browser gives any warnings about the security certificate of the website, then do not proceed to purchase anything from that website. If you don’t know the website you plan to buy from, always check its reputation first. Search for comments from other users about that website. Searching for “<website> reputation” usually gives good and relevant results. Give your financial details like credit card data only if the website is properly secured and its reputation is good. Try to choose payment methods which don’t require payment upfront. If PayPal is an option, choose that whenever possible….
Bug or feature ? Feature, of course, since it is coming from Google. Since G+, Picasa is receiving unlimited online storage. When I created my G+ account, I was asked if i want to merge my Picasa Web Account with G+. I said yes, and since then, the counter of the pictures doesn’t work anymore. I have 94 albums with a lot of pictures and movies and it says that I have used 0% of my account. If you’re signed up for Google+, photos up to 2048×2048 pixels and videos up to 15 minutes long won’t count towards this free storage limit. And Google will automatically resize photos for you when you upload them to Google+, so they stay under the free size limit. That means only photos uploaded directly to Picasa Web Albums over the 2048×2048 size will count towards the 1 GB of free storage, explains Google. And when that limit is reached, photos will be automatically resized. Meanwhile, for non-Google+ users, there are slightly stricter rules: photos up to 800×800 and videos up to 15 minutes won’t count towards free storage. Again, when the 1 GB limit is reached, larger photos will be resized down. Simply put, this…
When Consumers Go To The Cloud, Businesses Should Watch Out Companies should take a look at what cloud services their employees are using following last week’s authentication bug at Dropbox Dropbox encrypts data on the servers, but not to individual accounts, notes Sorin Mustaca, a product manager with security firm Avira. Anyone with admin access to the server can read all of its data. In addition, data on the servers of external services have lesser legal protections, Mustaca says. “I always advise our users to be very, very careful what they put online because if they put anything online, then the data does not belong to them anymore — it belongs to the cloud,” Mustaca says. “This is the most important lesson that needs to be learned by anybody. If you put it online, you lose control of the data.”
