Security Alert – Java Vulnerabilities
Last week the Department of Homeland Security advised individuals to disable Java in their browsers in response to the release of vulnerability information on the web.
“Web exploit packs” have been sold online enabling amateurs to perform numerous malicious tasks on machines on which Java is installed.
Java has since released an update but the warning remains at Homeland Security.
Facebook Security Warning
Avoid clicking any links on emails or messages containing the following subject lines : “Hi baby, please check my Facebook profile,” or “I miss you, check my new photo please”
These links install malware on your system.
Keep Those Receipts !
A new virus has been detected by Seculert on point of sale terminals in the United States, Britain and Canada.
“Dexter” forwards information from debit and credit cards directly to fraudsters who can duplicate cards.
Seculert estimates that hundreds of terminals have been infected, in 40 nations, so it’s best to keep an eye out for odd transactions on your bank statements and credit card bills.
You should also consider enabling email and/or mobile alerts on your accounts, as an extra security measure.
Urgent Security Warning
Skype users be warned : Do not open any message whose subject line is “lol is this your new profile pic?” !
This message directs individuals to a malware infected file, using an URL shortener services like goo.gl, that in turn infects an individual’s computers.
This malware collects user names and passwords for numerous sites and services including Facebook, Twitter, Godaddy, Paypal, eBay, Netflix and Yahoo. It may also lock your system and send unsolicited messages to individuals in your contact lists, asking your contacts to download the infected file(s) to their computers.
Skype advises their users to refrain from clicking “on suspicious or unusual files and links, even if it’s coming from people you know”. They also suggest their users update their software, including their anti-virus software.
Update to “Scammers On The Prowl”
In June 2011 I had posted a somewhat off-topic warning about a security issue I had been encountering for months.
I had been receiving unsolicited calls from individuals with thick Indian accents claiming to be “Software Maintenance Department of Online PC Care” asking me to give them access to my computer because of some alleged virus infection.
This was of course a common con by that time, which also involved individuals claiming to represent Microsoft calling random numbers in Canada, the United States and the United Kingdom.
Basically they gained access, altered settings without the user’s knowledge and then proceeded to extort $49 to $450 from the user to “repair” the damage they had caused.
The Federal Trade Commission in the United States have taken legal actions against these fraudsters yesterday, freezing their assets and demanding a halt to this activity.
The Canadian Radio-Television and Telecommunications Commission have also penalized the companies involved in this tech support scam in respect to Canada’s no call list legislation.
If you have received a call of this nature, please file a complaint with the CRTC via this form.
Germany Issues Security Warning
The government of Germany has issued a warning to their citizens asking them to use alternatives to Internet Explorer because of a security issue that has been discovered over the weekend.
Germany’s Internet Explorer users have been urged to use alternative browsers like Firefox or Chrome until a patch is issued by Microsoft.
Microsoft is currently working on a patch and asks users to install the latest version of their Enhanced Mitigation Experience Toolkit as a temporary measure until this patch is released.
I personally use Firefox to browse and Spybot’s Search & Destroy immunity function, which instructs all of the browsers to block problematic sites. But I’ve turned Spybot’s resident “SDHelper” and “Teatimer” off to avoid conflicts with my security software.