Malware Targets Job-seekers

A new version of the Gameover computer Trojan is targeting job hunters and recruiters by attempting to steal log-in credentials for Monster.com and CareerBuilder.com accounts.

Gameover is one of several Trojan programs that are based on the infamous Zeus banking malware, whose source code was leaked on the Internet in 2011. Like Zeus, Gameover can steal log-in credentials and other sensitive information by injecting rogue Web forms into legitimate websites when accessed from infected computers.

The ability to inject content into browsing sessions in real time has traditionally been used by computer Trojans to steal online banking credentials and financial information. However, cybercriminals are increasingly using this technique to compromise other types of accounts as well.

For example, in February, researchers from security firm Adallom found a Zeus variant that stole Salesforce.com log-in credentials and scraped business data from the compromised accounts.

The latest development involves a new Gameover variant that contains a configuration file to target Monster.com accounts, one of the largest employment websites in the world, security researchers from antivirus firm F-Secure said.

“A computer infected with Gameover ZeuS will inject a new ‘Sign In’ button [into the Monster.com sign-in page], but the page looks otherwise identical,” they said.

After the victims authenticate through the rogue Web form the malware injects a second page that asks them to select and answer three security questions out of 18. The answers to these questions expose additional personal information and potentially enable attackers to bypass the identity verification process.

Targeting Monster.com is a new development, but the Gameover malware had already been targeting CareerBuilder.com, another large employment website, for some time.

Recruiters with accounts on employment websites should be wary of irregularities on log-in pages, especially if those accounts are tied to bank accounts and spending budgets, the F-Secure researchers said. “It wouldn’t be a bad idea for sites such as Monster to introduce two factor authentication beyond mere security questions.”

The authors of the Gameover Trojan program have been particularly active recently. In early February researchers from security firm Malcovery Security reported that a new variant of Gameover was being distributed as an encrypted .enc file in order to bypass network-level defenses. Later that month researchers from Sophos detected a Gameover variant with a kernel-level rootkit component that protected its files and processes, making it harder to remove.

Unlike most other Zeus spinoffs, Gameover is also using peer-to-peer technology for command-and-control instead of traditional hosted servers, which improves its resilience to takedown efforts by security researchers.

Source

Inventor Predicts Future Of 3D

Pablos Holman predicts that in the not too distant future our diets will be tailored to our metabolisms, adding a few bits of broccoli, a smattering of beets and some meat — all extruded from a 3D printer in an appetizing form to please our palates.

Holman is a futurist and inventor at the Intellectual Ventures Laboratory in Bellevue, Wash., where he and others work on futuristic projects like printable food. He was not alone in speaking on the topic at the Inside 3D Printing Conference last week.

Avi Reichentall, CEO of 3D Systems, one of the largest consumer printer companies, has already been able to configure his machines to create a variety of sugary goods, including cakes and candy. The sweets were on display with ornate designs.

Reichentall said consumers can expect his company to build a machine that will take a place next to the coffee maker on a kitchen counter, but instead of a caffeine shot, it will offer a sugar rush.

“We are working on a chocolate printer. I want a chocolate printer in my kitchen. I want it to be as cool as a Keurig coffee maker,” Reichentall said. “We now have 3D printed sugar. We’re going to bring to pastry chefs and confectionaries and bakers a whole range of new sugar printing capabilities.

“This is coming to a marketplace near you very soon,” he said.

While Reichentall focuses on desserts, Holman is busy with main courses, creating machines that can take freeze-dried food and hydrate it as it is being extruded through nozzles to create an eye-pleasing meal.

Source

Google Snubs Privacy

Search giant Google has told the British government it is immune to prosecution on privacy issues and it can do what it like. The US Company is accused of illegally snooping on its British customers by bypassing privacy settings on Apple devices, such as iPads, to track their browsing history.

A group of British people took Google to court but the search engine is trying to get the case thrown out. Its argument is that it is not subject to British privacy law because it is based in California. This is the second time that Google has tried to avoid British law by pretending to operate in another country. It has come under fire for failing to pay tax in the UK

Nick Pickles, director of Big Brother Watch, said: ‘It is deeply worrying for a company with millions of British users to be brazenly saying they do not regard themselves bound by UK law. Solicitor Dan Tench, of law firm Olswang, said this was another instance of Google being here when it suits them and not being here when it doesn’t. Ironically when the US ordered Google to stop what it was doing, it forced the search engine to pay a $22.5million to regulators.

There are some indications that Google may not get its way. In July the Information Commissioner’s Office told Google its privacy rules breached UK law so it will be very hard for it to stand up in court and say it didn’t.

Source

Is Twitter Home To Malware?

Security outfit Trusteer has recently identified an active configuration of TorRAT targeting Twitter users. The malware launches a Man-in-the-Browser (MitB) attack through the browser of infected PCs, gaining access to the victim’s Twitter account to create malicious tweets.

Dana Tamir, Enterprise Security Director for Trusteer the malware, which has been used as a financial malware to gain access to user credentials and target their financial transactions, now has a new goal: to spread malware using the online social networking service. At this time the attack is targeting the Dutch market. But since Twitter is used by millions of users around the world, this type of attack can be used to target any market and any industry.

The attack is carried out by injecting Javascript code into the victim’s Twitter account page. The malware collects the user’s authentication token, which enables it to make authorized calls to Twitter’s APIs, and then posts new, malicious tweets on behalf of the victim.

Tamir said that the attack is particularly difficult to defend against because it uses a new sophisticated approach to spear-phishing. Twitter users follow accounts that they trust. Because the malware creates malicious tweets and sends them through a compromised account of a trusted person or organization being followed, the tweets seem to be genuine. The fact that the tweets include shortened URLs is not concerning: Twitter limits the number of characters in a message, so followers expect to get interesting news bits in the form of a short text message followed by a shortened URL. However, a shortened URL can be used to disguises the underlying URL address, so that followers have no way of knowing if the link is suspicious.

Source

Server 2008 Support Ends In 2015

Microsoft has extended support for Windows Server 2008 until 15 January 2015.

Microsoft’s Windows Server 2008 operating system had been earmarked to enter the firm’s extended support phase on 9 July 2013, however the firm has moved that date back by 18 months. The firm said that it will keep Windows Server 2008 in the mainstream support phase until 15 January 2015.

Microsoft generally provides a decade of support for its high profile operating systems and software applications. The company said, “Microsoft policy provides a minimum of five years of Mainstream Support or two years of Mainstream Support after the successor product ships, whichever is longer.”

Of course Microsoft likes its customers to buy newer, shiner versions of its software whenever the firm releases it, but server operating systems customers are resistant to change in order to avoid any possible disruption in service availability. The company is desperately trying to get customers to migrate from Windows XP to Windows 7 and Windows 8, even though it extended support for the operating system until 8 APril 2014.

Source…

Tool Created To Hack BlackBerry Passwords

A Russian security firm has upgraded a phone-password cracking software with the ability to figure out the master device password for Research in Motion’s BlackBerry devices.

Elcomsoft said on Thursday that before it developed the product, it was believed that there was no way to uncover a device password on a BlackBerry smartphone or PlayBook tablet. BlackBerry smartphones are configured to wipe all data on the phone if a password is typed incorrectly 10 times in a row, the company said.

Elcomsoft said it figured a way around the problem using a BlackBerry’s removable media card, but only if a user has configured their smartphone in a specific way. In order for Elcomsoft’s software to be successful, a user must have enabled the feature to encrypt data on the media card.

The feature is disabled by default, but Elcomsoft said around 30% of BlackBerry users have it enabled for extra security.

The company’s software can then analyze the encrypted media card and use a brute-force method to figure out a password, which involves trying millions of possible password combinations per second until one works.

Elcomsoft said it can recover a seven-character password in less than an hour if the password is all lower-case or all capital letters. The software does not need access to the actual BlackBerry device but just the encrypted media card.

Read More..

Goo.gl Link Spreading Malware via Twitter

As if we don’t have enough to worry about when it comes to potential attacks of all kinds. First there were reports about the social media site Facebook and its highly infected news feeds now there appears to be yet another mischief seeking internet fiend sending out infected Goo.gl links via Twitter. Users are being warned not to click these suspicious links as they might direct you to malicious sites.

Read More….