duminică, 28 octombrie 2012

Μαθηματα Ελληνικα AutoHotKey - Περι των Tutorials AutoHotKey.



Τα Tutorials δεν θα σου μαθουν το AHK!!!

Τα tutorials υπαρχουν για να καλυπτουν καποια κενα που εχεις αποκτησει,διαβαζοντας και μαθαινοντας απο μονος σου την AHK.
Δεν θα υπαρξει κανενα tutorial που θα σου λεει

Μαθημα 1#Ξεκινωντας
Μαθημα 2#Μαθε να κλεβεις
Μαθημα 3#Μαθε να κλεβεις-Εμβαθυνση στο κλεψιμο ...
ΟΧΙ!
Αν εισαι τεμπελης και περιμενεις να μαθεις AHK μεσα απο τα tutorials,τρεξε αυτο το σκριπτ--->


Loop
{

msgbox
,den 8a ma8eis POTE ahk!
}

Διάβασε περισσότερα....

joi, 11 octombrie 2012

Πρόταση νόμου για τη σεξουαλική κακοποίηση ανηλίκων κατέθεσε η Ειρήνη Χαραλαμπίδου

Posted Image

Πρόταση νόμου που τροποποιεί τον ποινικό κώδικα στο θέμα των σεξουαλικών αδικημάτων κατά ανηλίκων με τη συμπερίληψη διατάξεων για προστασία των παιδιών και θεραπεία ατόμων που πάσχουν από παιδοφιλία κατέθεσε η Βουλευτής του ΑΚΕΛ Ειρήνη Χαραλαμπίδου.

Σε δηλώσεις της στη Βουλή, η κ. Χαραλαμπίδου ανέφερε ότι "οι μηχανισμοί, οι οποίοι αναφέρονται στην πρόταση είναι τέτοιοι που προστατεύουν το κοινωνικό σύνολο μετά την αποφυλάκιση των θυτών και λειτουργούν αποτρεπτικά, αλλά και ως ασφαλιστική δικλίδα, για αποφυγή επανάληψης του αδικήματος".
Σκοπός του προτεινόμενου νομοθετήματος, πρόσθεσε, "είναι με την εισαγωγή νέων άρθρων, να υπάρξει πληρέστερη και πιο σύγχρονη αντιμετώπιση σεξουαλικών αδικημάτων κατά ανηλίκων, καθώς και η λήψη μέτρων για την αντιμετώπιση της παιδοφιλίας".

Read More...

luni, 8 octombrie 2012

Stop The Hacking - Cyber Crime Combat - Vote Personal Privacy


Posted Image

The Internet has become a dangerous place in the last years and is not fun anymore.Everyone is in danger to become a victim.It's time to fight back and to not aloud them to cloud this part of our live.

Act today !

Stop The Hacking !

Posted Image

vineri, 5 octombrie 2012

"lol is this your new profile pic?" Skype message leads to Trojan


Posted Image

There is new spam campaign that designed to lure Skype users into clicking the malicious links provided in the fake messages.

A message that reads something like this " l.ol is this your new profile pic? Goo.gl/[unique_string]." is being sent from compromised Skype accounts. The link provided in the message is created using the Google URL shortening service, leads to malicious sites instead.

Read More ...

"Verify your facebook account " spam steals authentication token

Few days after miley cyrus facebook spam, there is new spam that lures user into providing authentication token. Today, i got a notification that one of my friend tagged me in a photo. So , i just take a look into the post, it has a picture with a title "verify your facebook account at [tiny_url]"

 " Attention Please!
WARNING: Announcement from FACEBOOK Verificatio Team. All profile Must be verified Before OCTOBER 2012 To Avoid Scams and Scams under SOPA ACT. The unverfied Accounts will be Terminated.

Verify your account using the link given in description" the message

written in the picture reads
.''

Yes, it is none other than spam similar to previous one but the concept is changed.



Read More ...

marți, 25 septembrie 2012

Οι Anonymous ενάντιο στο σύστημα-παιδοφιλίας | Μήνυμα προς την ελληνική αστυνομία



'Ηρθε στην προσοχή μας, ότι η Ελληνική Αστυνομία προστατεύει δραστηριότητες παιδόφιλων, με υπάρχουσες αποδείξεις για σεξουαλική παρενόχληση παιδιών.

Τα αδέλφια και οι αδελφές μας Anonymous καταζητούντε απο το αστυνομικό σώμα στην Ελλάδα, για συλλογή αποδείξεων ενάντια σε άτομα που είναι παιδόφιλοι!

Ποιός είναι το λάθος τους; Είναι γνωστό το τί γίνεται εδώ. Συλλαμβάνοντας Anonymous  είναι πιο επικερδές για τις καριέρες σας. Μια προαγωγή και μια χειραψία απο τον αρμόδιο υπουργό, είναι πιο σημαντικό για εσάς.

Αλλά αλήθεια ... ποιό είναι το σχέδιό σας; Σχεδιάζετε να συλλάβετε χιλιάδες ανθρώπους; Οι Operations Greece, υποστηρίζονται απο αδελφούς και αδελφές απο όλο το κόσμο.

Προτείνουμε να κάνετε αυτό που σας λέει η κοινή λογική σας! Δεν μας ενδιαφέρουν οι καριέρες σας. Εμάς μας νοιάζει η δικαιοσύνη. Μια φορά στη μίζερη ζωή σας, κάντε το σωστό!

Η ομιλία αληθειών δεν απαγορεύθηκε ακόμα. Η προστασία των παιδιών δεν είναι έγκλημα ... Η παιδοφιλία όμως είναι...! Αναθεωρείστε τις αποδείξεις που συλέγχθηκαν απο τους Anonymous και φέρτε τη δικαιοσύνη ενάντια στην αδικία, αποκαλύψτε την αλήθεια και μην την κρύβετε προστατεύοντας τους παιδόφιλους.

Η #OpGreece έχει ξεκινήσει. Σας παρακολουθούμε.

Είμαστε οι Anonymous.
Είμαστε Λεγεώνα.
Δεν Συγχωρούμε.
Δεν Ξεχνάμε.
Να μας περιμένετε.

Anonymous against pedo-system | Message to the police of Greece.



It comes to our attention, that police of Greece is protecting pedophiles event, with existing proofs of sexual harassment of children. Our Brothers and Sisters Anonymous are wanted by police forces in Greece, for collecting proofs against pedo person.
What is their fault? It is well known what is happening here. Arresting Anonymous is more profitable for your careers. A promotion and a handshake from the competent minister, is much more important to you.
But really... What is your plan? Are you planning to arrest thousands of people? Operations Greece, is supported by Brothers and Sisters from all around the world.
We suggest you to do what common sense command you! We do not care for your careers. We care for justice. Once in your miserable life, do it right!

Speech of truth is not forbidden yet. Protecting kids is not crime... Pedophilia is...! Consider proofs collected by Anonymous and bring justice against injustice, reveal the truth and not hide it by protecting pedophiles.

#OpGreece is engaged. We Are Watching You.

We Are Anonymous.
We Are Legion.
We Do Not Forgive.
We Do Not Forget.
Expect Us.



joi, 13 septembrie 2012

Help Us To Set Up Our Lab To Provide Internet Security Education






About Us

We manage, since 3rd of August 2011, a community called Professional Defence. It's a community which informs people about risks while surfing on the internet. We've got a lot of topics there to discuss with parents how to protect their children, how the world can protect their computers/websites/servers/smartphones, how to detect many frauds from scammers online and avoid them, and many other things to discuss based on security because the truth is that many people don't know to protect themselves.
So, now we want to expand all this effort to something bigger. We've already started designing and coding some projects but we need your help to finish them. We want to raise some money to setup a lab to work easier and faster, because now we work each one in his home, separated. And we want to build this lab to stick together as a team and work with no interruptions, no nothing!
What we want this lab for, actually? Our projects include many pc and web services, such as our advanced website security system which prevents many attacks from hackers, but it's not released yet because we are waiting to build this lab first and get ready to support all our upcoming projects in the future.

What We Need & What You Get

The following list explains how we are going to spend all the money we'll raise:
  • Rent a place to work.
  • Required furniture.
  • More powerful computers to get the job done.
  • Printers/Fax Machines.
  • Internet Connection/Telephony.
  • Advertisement.
About the perks:
  • 500$: We will post the names of these contributors to a special article in our website, as soon as we open our services website.
  • 1000$: Three lucky will have the chance to get a service of their choice and receive one year support for it.
  • 2000$: One lucky will have the chance to order from us a website development choosing the platform, content, design and as a gift 2 years license of our website security system.
About the funds:
If we don't raise all the money, as the goal is, then we are going to use them to finish our projects, provide and support them and when the time comes and we've got the money we need, finally we are going to set up this lab we've always wanted.

Other Ways You Can Help

You can spread to the world the message that we need help to help them too and don't forget to share our campaign using the Indiegogo share tools! Even this help is very useful for us!
Thank you all!


Contribute Now >> >

vineri, 7 septembrie 2012

Android Core Forum

Το AndroidCore είναι μια νέα κοινότητα με ολοκληρωμένη θεματολογία σε σχέση με τα έξυπνα κινητά και τις κινητές τηλεφωνίες, με σκοπό γίνει καταφύγιο για όσους χρειάζονται υποστήριξη, ενημέρωση, εκπαίδευση σχετικά με τις συσκευές τηλεφώνου.

Οι ενότητες που υπάρχουν στην κοινότητά αυτή καλύπτουν από τις πιο διάσημες πλατφόρμες έξυπνων κινητών όπως Android, iOS, Windows Phone, συζητήσεις ανα κατασκευαστή κινητών όπως Apple, BlackBerry, HTC, Huawei, LG, Motorola, Nokia, Samsung, Sony, ZTE μέχρι και ενημέρωση ή bοήθεια σχετικά με τις ελληνικές τηλεφωνίες.

Νέες ενότητες που έρχονται σύντομα είμαστε πεπεισμένοι ότι θα σας πείσουν ότι αυτό είναι το στέκι σας. Γιατί, τι νόημα έχει όταν ακριbοπληρώνεις το έξυπνο κινητό σου αλλά δεν ξέρεις πως να αξιοποιήσεις όλες τις δυνατότητες του ή να το διορθώσεις αν έχει κάποιο πρόbλημα;

Είστε όλοι ευπρόσδεκτοι στην κοινότητά μας, να την ομορφύνετε, να την υποστηρίξετε και να σας υποστηρίξει!

Η ομάδα του AndroidCore


Posted Image 



http://androidcore.org/



sâmbătă, 18 august 2012

Το ProDefence γίνεται επίσημος συνεργάτης με την Kaspersky



Με χαρά σας ανακοινώνουμε την νέα μας συνεργασία με την διάσημη εταιρία προστασίας απο ιούς Kaspersky Labs!

Τα προϊόντα που προσφέρει η Kaspersky είναι τα εξής:

* Kaspersky PURE 2.0
* Kaspersky ONE
* Kaspersky Internet Security 2012
* Kaspersky Internet Security Special Ferrari Edition
* Kaspersky Anti-Virus 2012
* Kaspersky Anti-Virus 2011 for Mac
* Kaspersky Mobile Security
* Kaspersky Tablet Security
* Kaspersky Password Manager

Τα προϊόντα της παρέχουν προστασία ενώ είστε στο σπίτι, στο γραφείο σας ή στην επιχείρησή σας.

Διαβάστε περισσότερα...

miercuri, 15 august 2012

#OpTrapWire, Anonymous against surveillance systems



In this days I have written several times regarding surveillance systems and the huge business around it. Private companies, government agencies and cyber units are all working to develop new tools to spy on wide audience.
This tools are really attractive for those governments that desire to monitor and pursue dissident, in many cases these application arming the hands of the Executioner.
A spyware is a tool and it could be used for good purposes as bad ones, we cannot demonize them, however, we must remain outraged when the companies in the name of money violate all kinds of rules to make profit at the expense of the human rights.
It’s normal at this point that the voice of Anonymous thunder in defense of these rights by bringing the light of the sun a problem that is often shelved for obvious reasons, to talk about certain issues is inconvenient and detrimental to the interests of many.
We are facing with a growing and profitable market that has too much shadow starting from the names of the players that operate on it.
This time Anonymous has started an operation named #opTrapware that targets the massive surveillance project named Trapwire after that WikiLeaks has recently disclosed information regarding a global system of surveillance run by the U.S. government.On August 12 the group of hacktivist has published on Anonpaste a call to arms in order to “initiate the doom of this evil and misbegotten program (TrapWire).”

Which are the revelation made by Wikileaks?
At the beginning of August Wikileaks published documents related to intelligence firm Stratfor describing the massive electronic spying system run by the U.S. government.


Read more ...

Beware of Shady “Product Development Summits” Invitations

Posted Image

Would you pay $900 (730 EUR) to take part in discussions on business strategies and ideas? If you did, you should be on the lookout for spam emails that advertise the Product Development Summits.

Here’s how these emails look like:


Hi [recipient name], hope all is well. On behalf of our Board, I wanted to personally invite you into The Product Development Summit because of your key role and experience.


Read more...

Finfisher, the case of a cyber espionage tool found everywhere

Posted Image

Two days ago, reading the news that lawful interception malware FinFisher was discovered in the wild I thought …
“wow finally we have the evidence, probably we will debate for a long time regarding the use of this tool and of similar agents”
But as fate would have it the same day came the news that a new malware has hit the Middle East and the interesting items on Finfisher ended in oblivion.
What is surprising is that the FinFisher spyware has been discovered on at least five continents.
What is FinFisher?
It is a powerful cyber espionage agent developed by Gamma Group that is able to secretly spy on target’s computers intercepting communications, recording every keystroke and taking the complete control of the host.

Read more ...

Young Cybercrime Expert Details Online War Between Pakistan and India

In the past few years, not a week went by without a website being hacked as part of the ongoing online conflict between Indian and Pakistani hackers. Ashish Saini, a young researcher who has been actively involved in helping Indian police investigate cyber incidents, has provided Softpedia with some interesting insight.

“The cyberwar between the two countries started in May 1998, when India conducted its nuclear tests. Soon after India officially announced the tests, a group of Pakistan-based hackers called ‘milw0rm’ broke into the Bhabha Atomic Research Center website and posted anti-India and anti-nuclear messages,” Saini explains.


“The cyberwars usually have been limited to defacements of each other's sites. Defacement causes a low level damage, in which only the home page of a site is replaced with the hacker's own page, usually with some message for the victim.”

Read more...

Protection Against Online Identity Theft: Valuable Tips for College Students

Posted Image

Experts from PrivacyGuardare trying to educate college students about the risks of identity theft. They offer three valuable pieces of advice on how to avoid falling victim to such crimes.

Identity theft is a phenomenon that has caused many problems to individuals and companies in the past few years. Since we’re living in the era of information, cybercriminals and fraudsters can put to good use any personal details, from usernames and passwords, to birth dates and social security numbers.


So, what can college students – appointed by a recent study as being the most likely to engage in risky behavior online – do to protect their digital and financial assets?

Read more ...

vineri, 3 august 2012

1 χρόνος ProDefence

Posted Image

Σήμερα [03/08/2012], όπως μπορεί να παρατηρήσατε καθώς μπήκατε στην αρχική του φόρουμ, κλείνουμε τον πρώτο χρόνο της λειτουργίας μας. Μας χαροποιεί ιδιαίτερα που πολλά παιδιά προθυμοποιήθηκαν να μας βοηθήσουν σε κάποιες ενότητες του φόρουμ, επίσης μας έκανε εντύπωση που πολλοί ενδιαφέρθηκαν για το θέμα της ασφάλειας, καθώς είναι ένα κομμάτι που δεν ασχολούνται αρκετοί σήμερα. Και το ότι ήρθαν χρήστες και ασχολήθηκαν, συνεχίζουν να ασχολούνται, μας ενθαρρύνει να συνεχίσουμε σταθεροί και αμετακίνητοι να κάνουμε αυτό που πέρσι ξεκινήσαμε και θέλαμε να κάνουμε: να ενημερώνουμε τον κόσμο, ότι το ιντερνέτ δεν είναι ασφαλές και πρέπει να μάθουμε πώς να το αξιοποιούμε σωστά στις ζωές μας. Επίσης, οι γονείς να μάθουν πώς να προστατεύουν τα παιδιά τους, οι νέοι ή και οι παλιοί χρήστες του ιντερνέτ να μάθουν να προστατεύουν τον υπολογιστή τους, τα κινητά τους. Οι διαχειριστές των ιστοσελίδων να μάθουν πώς να προστατεύουν τις ιστοσελίδες τους καθώς ιδιαίτερα στην Ελλάδα υπάρχει μεγάλο πρόβλημα με την ασφάλεια στις ιστοσελίδες. Οι διαχειριστές δεν προσέχουν καθόλου, πολλοί ούτε καν μετά από προειδοποιήσεις, επιθέσεις κτλ δεν δίνουν καν σημασία. Πρέπει κάποια στιγμή όλοι αυτοί οι άνθρωποι, όλοι εμείς μαζί να κινητοποιηθούμε για ένα ασφαλέστερο σερφάρισμα. Γιατί ασφαλής δεν θα είναι ποτέ το ιντερνέτ αλλά όσο πιο πολύ προστατευόμαστε εμείς τόσο πιο καλή θα είναι η εμπειρία μας στο διαδίκτυο.



Διαβάστε περισσότερα

joi, 2 august 2012

Βρέθηκε η άκρη για την διαρροή διευθύνσεων email στο Dropbox



Πριν μερικές βδομάδες, οι χρήστες του Dropbox παρατήρησαν ότι δέχτηκαν μηνύματα spam στο email που είχαν ορίσει για το Dropbox και το χρησιμοποιούσαν μόνο εκεί και πουθενά αλλού.
Τελικά το θέμα ερευνήθηκε και τα πράγματα δεν δείχνουν τόσο καλά.

Το dropbox δεν το χάκαραν αλλά οι διευθύνσεις αυτές που δέχτηκαν τα spam μηνύματα είχαν διαρρεύσει απο τον λογαριασμό ενός υπαλλήλου του dropbox που δούλευε σε κάποιο project.

Αυτό που πραγματικά έγινε είναι ότι χάκαραν μια άλλη ιστοσελίδα και οι συνδιασμοί όνομα χρήστη/κωδικών διέρρευσαν. Πολλοί χρήστες του dropbox χρησιμοποιούσαν το ίδιο όνομα χρήστη/κωδικό στο dropbox και στην σελίδα που χακάραν συμπεριλαμβανομένου και του λογαριασμού του υπαλλήλου του Dropbox.

Σε κάποιους λογαριασμού πήραν πρόσβαση χρησιμοποιώντας τους κλεμένους κωδικούς συμπεριλαμβανομένου του υπαλλήλου.
Στον λογαριασμό του υπαλλήλου βρήκαν μια λίστα με διευθύνσεις email που χρησιμοποιήθηκαν αργότερα για spam.

Διαβάστε περισσότερα

Ανακαλύφθηκε νέος ιός που δεν μπορεί να αφαιρεθεί!

Posted Image

Τρομακτικά νέα ακόμα και για τον πιο έξυπνο κομπιουτεράκια.

Όλοι οι ιοί προκαλούν προβλήματα, μερικοί είναι επικίνδυνοι και έχουν ένα κοινό χαρακτηριστικό: μπορούν να αφαιρεθούν μετά απο το format του υπολογιστή μας.

Δυστυχώς όμως υπάρχουν και ιοί που ούτε μετά απο format ή αλλαγή του σκληρού δίσκου μπορούν να αφαιρεθούν.

Στο συνέδριο ασφαλείας Black Hat στο Λας Βέγκας την περασμένη βδομάδα παρουσιάστηκε πως κάποιο λογισμικό θα μπορούσε να κρυφτεί στο BIOS του υπολογιστή.
Το λογισμικό αυτό θα μπορεί να έχει απομακρυσμένη πρόσβαση μέσω του ιντερνέτ.

Το εργαλείο αυτό είναι εγκατεστημένο στο BIOS τσιπ της μητρικής κάρτας του υπολογιστή. Αυτό σημαίνει ότι με το πάτημα του κουμπιού για την έναρξη του υπογολογιστή το λογισμικό μπορεί να τρέξει.

Διαβάστε περισσότερα

sâmbătă, 28 iulie 2012

Skype αρνείται ισχυρισμούς για την ασφάλεια χρήστη και τις αλλαγές απορρήτου

Posted Image

Αυτήν την βδομάδα, lλόγων αναφορών σε διάφορες τροποποιήσεις στην αρχιτεκτονική του Skype για την διευκόλυνση της παρακολούθησης των συζητήσεων των χρηστών που προέκυψαν, ανάγκασε την εταιρία να προχωρήσει ενα βήμα μπροστά για να καθαρίσει λίγο τα πράγματα σε αυτό το ζήτημα.

Σύμφωνα με το Skype, όλοι οι ισχυρισμοί για αυτό επιτρέποντας τις υπηρεσίες επιβολής νόμου να έχουν πρόσβαση στις συζητήσεις των χρηστών, το αρχείο κλήσεων, τις βίντεο κλήσεις και άλλα παρόμοια είναι εσφαλμένοι.

Η εταιρία έκανε μερικές σειρές απο αλλαγές στην αρχιτεκτονική του, αλλά αυτές ήταν στοχευμένες στο να κάνουν σίγουρο ότι οι χρήστες θα απολάμβαναν την καλύτερη δυνατή εμπειρία.

"Εστιάζουμε κάθε μέρα στο χτίσιμο του καλύτερου δυνατού προϊόντος για να μοιράζονται τις εμπειρίες τους οι άνθρωποι όποτε είναι χώρια. Θέλουμε το Skype να είναι αξιόπιστο, γρήγορο, εύκολο στη χρήση, και στις περισσότερες περιπτώσεις - δωρεάν," αναφέρει σε δημοσίευση ο Mark Gillett του Skype.

"Φυσικά, αυτό δεν γίνεται δια μαγείας. Δεν είναι μικρή η τεχνική πρόκληση ώστε να σιγουρέψουμε πως οι άνθρωποι θα μπορούν να συνδεθούν όποτε και όπου θέλουν αυτοί. Απαιτεί επένδυση, καινοτομία και δέσμευση για τη χρήση νέων τεχνολογιών και δυνατοτήτων."

Διαβάστε περισσότερα...

joi, 26 iulie 2012

Crisis: Το Νέο Trojan που βρέθηκε για υπολογιστές Apple Mac

Posted Image

Ένα νέο trojan αποκαλύφθηκε πρόσφατα το οποίο επηρεάζει τους Mac υπολογιστές της Apple, αλλά ακόμα το ρίσκο είναι μικρό, καθώς το κακόβουλο λογισμικό δεν βρέθηκε να επηρεάζει άλλα μηχανήματα στον έξω κόσμο.

Όμως, το λογισμικό είναι ικανό να εγκατασταθεί απο μόνο του χωρίς να ζητήσει την άδεια του χρήστη, και μπορεί να κρύψει τον εαυτό του πολύ καλά αν εγκατασταθεί ως root, αναφέρει η Intego Virus Team, η οποία βρήκε το trojan.

Το νέο λογισμικό λέγεται Crisis, και είναι ένα trojan dropper. Η Intego επίσης επισημαίνει ότι εκτελεί μερικές τεχνικές anti-analysis και stealthing που δεν είναι κοινές όπως τα υπόλοιπα κακόβουλα λογισμικά για OS X.

Η ομάδα επίσης σημειώνει ότι η απειλή φαίνεται να επηρεάζει μόνο τις εκδόσεις Snow Leopard (10.6) και Lion (10.7).

“Εγκαταστείται χωρίς να χρειάζεται την αντίδραση του χρήστη, χωρίς να χρειάζεται καν κωδικό για να τρέξει. Το trojan προστατεύει τον εαυτό του έναντι των επανεκκινήσεων, ώστε να συνεχίσει να τρέχει μέχρι να αφαιρεθεί,” εξηγεί η ομάδα.

Read More

miercuri, 25 iulie 2012

Ζητούνται μεταφραστές - ProDefence.org



Γειά σας,

θα θέλαμε να σας ενημερώσουμε ότι ψάχνουμε άτομα που έχουν όρεξη και θέληση να μεταφράζουν διάφορα χρήσιμα κείμενα, είτε θα είναι ειδήσεις, είτε μικρά tutorials.

Όσοι ενδιαφέρεστε δηλώστε συμμετοχή γράφωντας σε αυτό το θέμα. Αναφέρετε και μερικές λεπτομέρειες όπως:
  • αν ξέρετε αγγλικά
  • πόσο καλό είναι το επίπεδο γνώσης των αγγλικών, 
  • πόσες ώρες την ημέρα μπορείτε να ασχοληθείτε με την μετάφραση.
 Περισσότερες πληροφορίες ...

Ευχαριστούμε,
ProDefence Team

Το Mac OS X 10.8 Mountain Lion Τώρα Διαθέσιμο Για Λήψη



Σήμερα, η Apple έκανε διαθέσιμη για λήψη την τελευταία "γεύση" του Mac OS X, με όνομα 10.8 Mountain Lion ή Βουνίσιο Λιοντάρι, το οποίο περιέχει 200 νέες λειτουργίες συγκρίνοντάς το με το προηγούμενο λογισμικό για Mac.

Οι χρήστες που επέλεξαν να κατεβάσουν και να εγκαταστήσουν την νέα γεύση του λειτουργικού συστήματος στα μηχανήματά τους θα επωφεληθούν απο τις βελτιωμένες δυνατότητες στην συνομιλία, καλύτερο κέντρο ειδοποιήσεων, ενισχυμένες δυνατότητες διαμοιρασμού, όπως επίσης και μια ευρεία ποικιλία απο άλλες ενημερώσεις.

Η νέα πλατφόρμα έγινε διαθέσιμη στην τιμή των 19.99 δολλαρίων, αλλά είναι διαθέσιμο δωρεάν σε όσους χρήστες πλήρωσαν έναν νέο Mac τους τελευταίους 5-6 εβδομάδες περίπου.

Το OS X 10.8 Mountain Lion έρχεται με μια νέα εφαρμογή Μηνυμάτων, παρέχοντας στους χρήστες την δυνατότητα να στέλνουν εύκολα κείμενο, φωτογραφίες, βίντεο, επαφές, συνδέσμους, και πολλά περισσότερα στις επαφές τους σε άλλον Mac, iPhone, iPad, ή iPod touch.

Η εφαρμογή επίσης παρέχει στους χρήστες μια δυνατότητα να ξεκινούν μια συζήτηση σε μια συσκευή και να την συνεχίζουν σε μια άλλη, ενώ θα επωφελούνται απο την υποστήριξη για τις υπηρεσίας άμεσης συνομιλίας όπως την AIM, Yahoo! Google Talk και Jabber.

Read More

marți, 24 iulie 2012

Το Skype θα μπορούσε να υποκλέπτει συνομιλίες, δεν το επιβεβαιώνει



Το Skype, η δημοφιλής υπηρεσία VoIP, έχει εκτελέσει μια σειρά αλλαγών στην αρχιτεκτονική που θα το επέτρεπε να υποκλέπτει κλήσεις πιο εύκολα.

Η εταιρία έχει αντισταθεί πολύ στο να πάρει μέρος στις δραστηριότητες της online παρακολούθησης, παρόλαυτα πολλοί κυβερνητικοί φορείς το έχουν ζητήσει αυτό.

Στην πραγματικότητα, η κρυπτογράφηση του Skype και οι πολύπλοκες συνδέσεις στο δίκτυο απο πυρήνα σε πυρήνα (P2P) θεωρούντα ότι ήταν σχεδόν αδύνατον να υποκλαπούν, κάτι το οποίο προκάλεσε πονοκεφάλους σε πολλές υπηρεσίες. Αλλά όλα αυτά ενδέχεται να έχουν αλλάξει πρόσφατα, αναφέρουν χάκερς.

Σύμφωνα με ένα πρόσφατο άρθρο στο ExtremeTech, μετά την αγορά του Skype, η Microsoft μετακίνησε μερικούς απο τους supernodes που δημιουργούν τους χρήστες του δικτύου να φαίνονται ως nodes, αλλά μερικοί γίνονται supernodes, επηρεάζοντας την κίνηση δεδομένων στους Dedicated Linux Servers, υπο τον άμεσο έλεγχό της.

Κάνοντάς το αυτό, η εταιρία κέρδισε την θέση στην οποία θα μπορύσε εύκολα να υποκλέψει συνομιλίες. Στην πραγματικότητα, η Microsoft λέγεται ότι δουλέυει σε αυτούς τους supernodes ώστε να κάνει σίγουρο ότι η επιβολή νόμου έχει πρόσβαση ώστε να παρακολουθεί τις κλήσεις.

Read More...

luni, 23 iulie 2012

Ρώσσος χάκερ κατηγορήθηκε για επίθεση στο Amazon.com συνελήφθη στην Κύπρο

Ο Ντιμιτρι Ολεγκοβιτς Ζουμπακα, ένας άνθρωπος που κατηγορήθηκε για την έναρξη απο μια σειρά επιθέσεων DDoS στο Amazon.com, έχει συλληφθεί αυτήν την βδομάδα απο τις αρχές της Κύπρου σύμφωνα με διεθνές ένταλμα, όπως το Τμήμα Δικαιοσύνης αποκάλυψε.

“Η έρευνα με αποκορύφωμα την σύλληψη του Dmitry Zubakha απο τις αρχές στην Κύπρο ήταν εξαιρετικά πολύπλοκη. Η σύλληψη του Zubakha είναι ένα αποτέλεσμα απο μια συντονισμένη προσπάθεια απο την Μυστική Υπηρεσία,  το Δικηγορικό Γραφείο των Ηνωμένων Πολιτειών για την Δυτική Περιφέρεια της Ουάσιγκτον και το Αστυνομικό Τμήμα του Σιάτλ,” είπε ο James Helminski απο την Μυστική Υπηρεσία Ηνωμένων Πολιτειών στο Σιάτλ.

“Θα ήθελα επίσης να επαινέσω το Amazon.com για την ειλικρίνεια και την βοήθεια για την αντιμετώπιση με αυτήν την σειρά απο επιθέσεων στο δίκτυο υπολογιστών που είχε ενδεχομένως επηρεαστεί δυσμενώς απο την ικανότητα να υπηρετεί τους πελάτες της.”

Read More ...

Hacked το site του αεροδρομίου 'Μακεδονία' της Θεσ/νικης



To site του αεροδρομίου της Θεσσαλονίκης (airport-thessaloniki.com) αυτή τη στιγμή έχει υποστεί deface χωρίς να γνωρίζουμε εαν έχουν προκλιθή περαιτέρω ζημίες ή μόνο deface.

Παρακαλούμε τους αρμόδιους να επαναφέρουν το site άμεσα καθώς σίγουρα κάποιοι άνθρωποι αυτήν την ώρα θα θέλουν να δουν/αλλάξουν ώστε να πετάξουν. 


ProDefence Topic 

duminică, 10 iunie 2012

Facebook for children idea becoming of age

http://www.prodefence.org/index.php/topic/3958-facebook-for-children-idea-becoming-of-age/

Facebook Privacy and Cyber Crime Discussed at First Day of G8 and G20

http://www.prodefence.org/index.php/topic/3956-facebook-privacy-and-cyber-crime-discussed-at-first-day-of-g8-and-g20/

ZERO DAY A film about cybercrime and threats to the Internet

http://www.prodefence.org/index.php/topic/3950-zero-day-a-film-about-cybercrime-and-threats-to-the-internet/

Cyber attacks: Not a matter of if, but when

http://www.prodefence.org/index.php/topic/3946-cyber-attacks-not-a-matter-of-if-but-when/

sâmbătă, 9 iunie 2012

Proofpoint polices email for 'spear phishers'

http://www.prodefence.org/index.php/topic/3942-proofpoint-polices-email-for-spear-phishers/

DoD Cyber Crime Conference Call for Papers

http://www.prodefence.org/index.php/topic/3944-dod-cyber-crime-conference-call-for-papers/

The Security Paradox Of IPv6; Shoring Up The Holes

http://www.prodefence.org/index.php/topic/3936-the-security-paradox-of-ipv6-shoring-up-the-holes/

Cybercrime 'Much Bigger Than Al Qaeda

http://www.prodefence.org/index.php/topic/3941-cybercrime-much-bigger-than-al-qaeda/

Founder of Ann Arbor company Duo Security outwits Google's Bouncer program

http://www.prodefence.org/index.php/topic/3935-founder-of-ann-arbor-company-duo-security-outwits-googles-bouncer-program/

sâmbătă, 2 iunie 2012

AlienVault: Firms Fear That Security Breaches Could Cost Lives

http://www.prodefence.org/index.php/topic/3887-alienvault-firms-fear-that-security-breaches-could-cost-lives/

UGNazi Attacks Wounded Warrior Project to Spite The Jester Started By Xander, Today, 09:39 AM

http://www.prodefence.org/index.php/topic/3886-ugnazi-attacks-wounded-warrior-project-to-spite-the-jester/

Anonymous Hackers Leak Details of Montreal F1

http://www.prodefence.org/index.php/topic/3885-anonymous-hackers-leak-details-of-montreal-f1/

Malicious Files Can Be Served Apparently from Legitimate Sites

http://www.prodefence.org/index.php/topic/3884-malicious-files-can-be-served-apparently-from-legitimate-sites/

Security App of the Week: Bitdefender USB Immunizer

http://www.prodefence.org/index.php/topic/3883-security-app-of-the-week-bitdefender-usb-immunizer/

luni, 28 mai 2012

Spam Report: April 2012

April in figures

  • The percentage of spam in email traffic was up 2.2 percentage points from March and averaged 77.2%.
  • The percentage of phishing emails remained unchanged from March and amounted to 0.01%.
  • In April, malicious files were found in 2.8% of all emails — the same amount as in the previous month.
  • Over 20% of phishing attacks in April targeted Facebook users.
Spam in the spotlight

New tricks spotted in fraudulent and malicious spam

Spammers who spread malicious code and phishing emails are still looking for the best shortcut to reach computer users. Malicious spam is developing quickly, and malicious users are systemically adding to their arsenal of tricks, both with technical innovations and with new tactics involving social engineering.
Wikipedia and Amazon — bad experience?

In April, we detected spam that at first glance looked just like your typical malicious mass mailing designed to look like an official Facebook notification. The email, allegedly from the social network, announced a new Friend Request on Facebook. Like most of the emails made to look like Facebook notifications over the past year, this mailing was well done and looked like the real thing, at first glance. According to the plans of the malicious users, if the user clicked on any of the links in the email, he would be taken to a website infected with malicious code, rather than Facebook. Sounds familiar, doesn’t it? There is just one difference here — the links in the emails didn’t take users to hacked domains or to sites registered in the .in or co.cc domains, but to pages on Wikipedia and Amazon.

Posted Image
Apparently, malicious users seeded malicious script on their newly created Wikipedia pages as well as on pages made to look like advertisements for pre-owned goods on Amazon.com. Why “apparently”? Because this tactic was not the most effective, as the teams on both services responded promptly, and by the time the links were spread, the pages were already disabled.


Diablo III – pre-release phishing

In early June, the long-awaited game Diablo III is expected to hit the shelves. IT security professionals have some concerns associated with this particular game, and Blizzard has officially permitted the trade of in-game items in this new MMORPG. It is reasonable to expect that phishers will quickly set their sights on Diablo III players. But no one expected malicious users to start using this game even before it was released.
Phishing emails appeared in spam traffic playing off of the impatience of gamers anxiously awaiting Diablo III’s release. The emails stated that they would be given the opportunity to play a beta version of Diablo III for a specific period of time. In order to do so, they would need to enter their battle.net account information (a resource where Blizzard account information is stored). Of course, the link in the email did not lead to the specified site, but to a phishing webpage. Each email was slightly different, but the basic features were ultimately the same.

Posted Image
After obtaining the registration data from a battle.net user, malicious users would then have access to that user’s accounts for popular games like World of Warcraft and Starcraft, which are still in high demand on the black market.
Political spam

Political spam got back in action in April, primarily targeting US and French readers. Mentions of Barack Obama in spam emails were as frequent as they were during the first year after his election. Furthermore, his name is used not only in political emails “exposing his political course” or pointing to the allegation that the President of the US “is afraid of losing the upcoming election,” but also in emails advertising a variety of traditional spammer products. For example, his name is mentioned in one mass spam mailing offering Viagra.

Posted Image
With the upcoming elections in the US, Internet user interest in the battle for the presidency and the personalities of the candidates and the current president will only grow. Spammers will doubtless fan the flames of this interest by spreading propaganda, in addition to continuing to take advantage of this interest for their own purposes. In the months to come, we expect an increase in the number of emails with links allegedly leading to web pages with scandalous information about the candidates and the elections in general. Furthermore, the links will likely take users to advertisements for libido-boosting medications in the best case scenario (as in the example above), or to a malicious program in the worst case scenario.
French political spam is also more active these days, although we did expect a larger volume of political spam mailings in France during the frenzy of the recent presidential race there. The spam emails that we detected were few in number. They included advertisements for T-shirts with pro-Sarkozy slogans.

Posted Image
Other hot topics

The complex situation in Syria has also become the subject of spam emails. “Nigerian” spammers are actively mailing out messages from “lawyers and bank clerks working in the country.” At month’s end, we had also detected emails from “Assad’s wife.” We regularly encounter emails from the “family members of leaders” of a variety of countries facing unstable conditions. Sometimes Nigerian spam emails are even presented as having been written by these very leaders. So it is altogether possible that in the future we will see emails allegedly written by Bashar al-Assad himself. The Assads’ children are still quite young, so we are unlikely to see any of these emails allegedly written by them, although you never know. After all, nothing is sacred to spammers, and a crisis in any country is nothing more than an opportunity to rake in some cash.
We are also seeing a surge in the amount of spam exploiting the European football championship. This event is due to start in June, and Internet users are increasingly interested from day to day. Many spam mailings offer rooms to football fans that haven’t yet made hotel reservations in Poland and Ukraine. However, the accommodation offered by the spammers is bare-bones at best, while the prices have been greatly inflated.
The Summer Olympics in London are currently the focus of attention among “lottery” scammers. Just about every week we see emails announcing lottery winnings, allegedly from a lottery held by the Olympics Foundation.

Posted Image
Statistical summary

Sources of spam

Posted Image

Sources of spam in April 2012 (TOP 20)

In April, the Top 20 sources of spam underwent some major changes from prior months.
The most noticeable change over the month was the US jumping from 20th to 2nd place in the rankings. The proportion of spam originating in the US surged by over 7 percentage points. The amount of spam coming from China also increased – by 5 percentage points – and that country is now ranked 5th among the world’s top sources of spam. Meanwhile, the percentage of unwanted correspondence originating in Indonesia fell by 5.2 percentage points. This Asian country fell 10 places and ended up in 12th place last month.
We presume that this change in the spam landscape correlates with the redistribution of powerful spammer-run botnets and their relocation from regions where spam operations have been low-level over the past year. Note that both the US and China (and Hong Kong in particular) were some of the top targets in the first quarter of 2012 for spammers spreading malicious mailings. The infection of new computers in these countries has clearly led to the growth of new botnets.
The other changes in the ratings among sources of spam were limited to no more than 2.5 percentage points.
Malware in mail traffic

In April, malware was found in 2.8% of all emails, which more or less matches the levels detected in March’s mail traffic.
The distribution of email antivirus detections by country

Posted Image
The distribution of email antivirus detections by country, April 2012
Just as it was in the first quarter of 2012, the US has taken the leading position in terms of the number of email antivirus detections. The percentage of Kaspersky Mail Antivirus detections in the US rose only slightly, by just 0.64 percentage points.
Australia (-3.9 percentage points) and Hong Kong (-2 percentage points), countries that had been ranked second and third, respectively, in March, conceded their places to Vietnam in April, which climbed up from 4th to 2nd place. The proportion of mail antivirus detections in Vietnam increased by 2.4 percentage points.
The percentages of detections in other countries fluctuated within a range of 2 percentage points.
Top 10 malicious programs spread by email

Posted Image
Top 10 malicious programs spread via email in April 2012
Some 13.7% of all Kaspersky Mail Antivirus detections are for the traditional leader in our Top 10: Trojan-Spy.HTML.Fraud.gen. Detections of this Trojan were 1.6 percentage points higher in April than in March. This malicious program is designed to look like an HTML page serving as a registration form for a financial organization or an online service. The registration data entered on the page are then sent to malicious users.
The usual suspects in our Top 10 — the email worms Email-Worm.Win32.Bagle.gt, Email-Worm.Win32.Mydoom.m and Email-Worm.Win32.NetSky.q — are in third, fifth, and ninth place in this month’s ranking respectively. Readers may recall that the functions of the Mydoom and Netsky families of worms are limited to the harvesting of email addresses from infected computers, and sending themselves to these addresses. Bagle.gt is the only worm in the Top 10 that is also capable of sending requests to online resources and then downloading malicious programs.
We should draw attention to the appearance of the script Trojan — Trojan-Downloader.JS.Iframe.cvq — in April’s Top 10. It accounted for nearly 2% of all mail antivirus detections. Another 10% or so of all mail antivirus detections in April were represented by script-based malicious programs that were detected using proactive methods. This is relatively worrisome, as script-based threats in HTML emails launch destructive actions as soon as a recipient opens the email.
Phishing

The percentage of phishing emails remained unchanged from March and amounted to 0.01%.
Posted Image

The distribution of the Top 100 organizations targeted by phishers, by category — April 2012

This rating is based on our anti-phishing component detections activated every time a user attempts to click on a phishing link, regardless of whether the link is in a spam email or on a web page.
In April, we saw a major change in the top phisher-targeted organizations: for the first time in four months, financial organizations (23.61%) left first place, and were replaced by social networking sites (28.8%). The percentage of social networking sites targeted in phishing attacks increased by almost 6 percentage points. The main contributing factor to that rise was due to the numerous attacks on Facebook: over 20% of all phishing attacks in April targeted Facebook users.
Compared to March, the percentage of attacks against financial organizations fell somewhat, as did the percentage of attacks against online stores and search engines, IT vendors and organizations in the “other” category. All of these changes were within a range of 1.5 percentage points.
As a result, one can see a slight change in the focus of phishing attacks increasingly toward the users of social networks.
Spam by category

Posted Image
Spam by category in April 2012

The percentage of the traditional leaders in the top spam categories — Computer Fraud and Personal Finances — changed only slightly in April. The former fell by 2.2 percentage points, and the latter rose by 0.8 percentage points.
The share of advertisements for online casinos remains high at just over 6%.
Most spam emails advertising online casinos clearly show signs of fraud, malicious code, or something else. The Personal Finances category is more often than not made up of dubious offers for cheap loans or fast cash, and there is usually something fishy about them.
Having reviewed these data, one can confidently say that more than half of all spam in April aimed to steal financial or personal information from computer users, as well as indirectly steal their money and install malicious code on their computers.
Incidentally, the most substantial change that we noted from March to April was a rise of 4.75 percentage points in the Interior Design spam category. In April, Kaspersky Lab noted several mass mailings in this category. Apparently, this surge in interior design-themed spam is connected to the “spring cleaning” advertising campaigns pushed by many furniture and renovation companies.
The percentages of other spam categories fluctuated only slightly in April, within a range of 1.5 percentage points.
Conclusion

It needs to be said that spam is posing more of a threat than ever: there is a high percentage of malicious code in attachments, and Kaspersky Lab is detecting a considerable number of spam emails containing malicious links. Furthermore, IT security professionals are seeing even more spam containing script-based threats, which means that even just opening an email could put users at risk. The fact that these mailings continue to spread from month to month demonstrates that Internet users are not sufficiently informed; spam would not be such an attractive means of proliferating malicious code if it were not so lucrative for cybercriminals. Internet users often do not even suspect that their computer’s performance faces any threat at all, not to mention their personal data or cash, when they open a spam email.
In the months to come, we expect a return of the all-too-familiar spam mailings with scandalous news items about current US President Barack Obama. Furthermore, phishing attacks will likely focus more on social networking sites, and possibly online games — as summer vacation is upon us, students on break from school will be more active online. While these users tend not to have bank accounts, they do spend a lot of time on social networks and other online entertainment.



securelist.com

'Flame' cyberespionage worm discovered on thousands of machines across Middle East

Flame trojan code


The UN's International Telecommunications Union and Kaspersky Labs revealed today that it has discovered Flame, a new trojan rivaling Stuxnet. Codenamed "Worm.Win32.Flame," the malware is currently being researched and it is described as "one of the most complex threats ever discovered." It is believed to be active across thousands of computers in the Middle East, primarily in Iran and Israel, as well as on some machines in North Africa.
Researchers believe that the trojan's primary function is cyberespionage: once Flame infects a computer, it is equipped to record audio from connected or built-in microphones, monitor nearby Bluetooth devices, take screenshots, and save data from documents and emails. All of this data, apparently stolen as part of a targeted attack, is constantly sent up to command and control servers.
Flame "has no major similarities with Stuxnet" or its malware family member Duqu, and is believed to be created and controlled by a separate group. The newly-discovered worm does share some aspects with Stuxnet and Duqu, however. Most disappointingly, Flame takes advantage of the same printer spooling hole and autorun.inf infection methods exploited by Stuxnet. According to Kaspersky Lab's reports, it's believed that Flame achieves its initial infection from users who are victims of phishing attacks, and then once it has made it onto a computer it can be spread over local area networks or via USB flash drives with other machines.
The bad news is that it's confirmed that the worm has spread over local area networks to fully-patched Windows 7 systems, but the good news is that you shouldn't have to worry about Flame breaking into your PC in its current form. As a cyberespionage tool, the trojan has been seen targeting some individuals, but also education and government organizations mainly in the Middle East. Additionally, the research says that the worm surveys a system and will then uninstall itself from machines it thinks are not interesting.
Why is Flame considered to be such a complex threat, then? Well, the malware itself can be up to as large as 20MB — about twenty times larger than Stuxnet. This size is part of what makes Flame unique. According to Kaspersky, most malware is as simple and small as possible, as that makes it easiest to hide the malicious code and get it onto unsuspecting machines. In this case, however, Flame's size made it hard to detect since no one was looking for it. Part of the reason why Flame is so large is because it has optional plug-ins that can be added after a machine is infected to try and get specific data. Different machines have different assortments of plug-ins on them; that 20MB maximum size includes all 20 different plug-ins that have been discovered. Unfortunately, that massive size is going to make it difficult for researchers to get their hands around Flame: Kaspersky says that since it took "several months" to understand Stuxet's 500KB of code, it's expected that Flame may require a year's worth of effort.

theverge.com

vineri, 25 mai 2012

How zombie LulzSec exposed privates' love lives with PHP hack



A dating website for US soldiers was hacked and its database leaked after it blindly trusted user-submitted files, according to an analysis by security firm Imperva. The report highlights the danger of handling documents uploaded to web apps.
"LulzSec Reborn" hacktivists attacked MilitarySingles.com and disclosed sensitive information on more than 170,000 lonely-heart privates in March this year. Hackers uploaded a PHP file that posed as a harmless text document and then commandeered the web server to cough up the contents of its user and a hashed password database.
Rob Rachwald, director of security strategy at Imperva, said the attack would have been blocked if MilitarySingles.com had filtered user-supplied content.
He added that a similar Remote File Inclusion-style vulnerabilities will exist in other sites that use PHP and actively solicit photos, video and so on.
Imperva reckons more than 90 per cent of the MilitarySingles.com passwords were cracked in nine hours thanks to extended dictionary-based rainbow lookup tables. MilitarySingles.com stored passwords as non-reversible hashes, rather than in plain text, however it did not salt the hashes, which would have made the process of recovering the passwords far more difficult. Insisting on hard-to-guess passwords isn't good enough unless developers pay attention to encryption best practices, said Rachwald.
The attack against MilitarySingles.com is the only notable assault by LulzSec Reborn. Imperva's analysis suggests the group has no more than six members, who set out to "embarrass the military". The crew is apparently "not as motivated" as the original LulzSec, according to Rachwald, adding that it has made little or no contribution to IRC chats and hacker forums.

MilitarySingles.com, which bills itself as the "dating website for single soldiers... and those interested in meeting them", is run by eSingles Inc.
Government and military personnel ought to have special policies regarding social networking to prevent their information from being easily accessed and manipulated. Rachwald told El Reg that an outright ban is likely to be flouted. Instead soldiers should be encouraged to use pseudonyms and particularly warned against disclosing their location, he said.

theregister.co.uk

Fake Angry Birds app makers fined £50k for shock cash suck



A firm that disguised Android malware as Angry Birds games has been fined £50,000 ($78,300) by UK premium-rate service regulator PhonepayPlus.
A1 Agregator posted mobile apps posing as smash-hit games, including Cut the Rope, on Android marketplaces and other outlets. Rather than offer free entertainment, the software silently sent out a text in order to receive a string of premium-rate messages, costing victims £5 per SMS. Users would have to uninstall the counterfeit apps from their phone to prevent further messages and charges.
The malicious code also covered up evidence of the message swapping which might have alerted punters to the whopping charges on their upcoming bills.
A total of 34 people, perhaps only a small percentage of those affected, complained to PhonepayPlus by the end of last year. In a ruling this month, the watchdog found A1 Agregator guilty of multiple breaches of its code of conduct and levied a fine of £50,000, estimated as the upper limit of the illicit profits made through the scam. A1 Agregator, which wasn't even registered with PhonepayPlus at the time of its offence, must refund defrauded victims in full within three months, whether they've complained or not.
It is understood the firm trousered £27,850 ($43,600) from the scam.

A1 Agregator - which was "formally reprimanded" over its behaviour - must also submit any other premium-rate services it develops to PhonepayPlus for approval over the next 12 months.
Premium-rate SMS scams account for 36.4 per cent of malware on smartphones, the second largest type after spyware, according to analysts Juniper Research.
And Carl Leonard, senior security research manager of EMEA at Websense, added: "Mobile apps are a powerful malware delivery technique as most users are willing to allow apps to do anything to get the desired functionality. Cyber criminals are beginning to use these malicious apps not only to make a quick buck but to also steal valuable data."
"For example, a malicious app could access the data on your phone, or access all of your contacts. This is particularly bad news for businesses that allow bring your own device (BYOD) schemes but don’t have the right security to protect their mobile data," he added.

Android virus evolution

Mobile malware scams first emerged in Russia and China several years ago. Fraudsters are beginning to turn to the West for victims, Kaspersky Lab warns.
"The mobile threat landscape is dominated by malware designed to run on Android – 65 per cent of all threats are aimed at this platform," said David Emm, senior security researcher at Kaspersky. "The platform is popular, it’s easy to write apps for it and it’s easy to distribute them via Google Play – so it’s little wonder that cybercriminals are making use of Google Play, where malware masquerades as a legitimate app."
"SMS Trojans, of the sort mentioned in the [PhonepayPlus] report, are currently the biggest category of mobile malware. And it’s important to understand that it’s not just a problem in Russia or China. Cybercriminals seek to make money from them across the globe, including here in the UK," he concluded.
In the past mobile malware often offered a free application as bait. During installation, the Trojan would display some kind of decoy error message. This prompted victims to search for answers on web forums and elsewhere - which was the last thing scammers want because it could lead marks to the realisation that they'd been suckered.
More recently cybercrooks have begun offering a bait that actually works. A blog post by F-Secure, published with a helpful video, describes an unrelated case of a Trojan installing a working copy of Rovio's Angry Birds Space as it compromises the phone.


theregister.co.uk

Hackers Reveal the Price of iOS Jailbreaks at HITB 2012 Amsterdam



There have been a lot of interesting developments here at Hack in the Box in Amsterdam, and one of them is the first ever union of the jailbreak Dream Team. Today, Softpedia has had the chance to interview the members of the Chronic Dev Team and learn some things that many were probably curious about.

One of the topics we discussed referred to the financial value of jailbreaks. So how much is their work and the information they possess worth?

“This is hard to answer. I think it depends on who you sell your exploits to, if it’s for the underground or the legal scene,” Pod2g said.

“This is a difficult question to answer, but it's a lot. Every jailbreak exploit represents like, maybe, $100,000. This is the price of all root exploits.”

We then asked him to comment on a recent statement in which he said he wouldn’t sell the beta version even for $1 million (760,000 EUR).

“I wrote that, but it's not all about the money. We're doing this for the fame of course. We're doing it for the people, because we want people to be able to have their devices jailbroken,” he explained.


“This is what we're doing. This is what we like, so this is not about money. That's why even if we could get anything from these jailbreaks, if the only thing we could get is to make people happy, that is enough for us.”

It’s interesting to see a price estimate for the jailbreaks, but as the hackers highlighted, it’s not all about the money. There probably isn’t a researcher in the world who would refuse money if someone wanted to reward him, but these guys really gave us the impression, during our talk, that they’re really in it for the challenge and the users, not for their personal gain.


softpedia.com

sâmbătă, 19 mai 2012

Hacker Behind “Call of Duty” Trojan Sent to Prison for 1.5 Years



Many gamers may have noticed the Trojan-infected file that’s being advertised as a patch for the popular Call of Duty game. As it turns out, the mastermind behind this scheme is a 20-year-old student from the UK who has used the malware to collect credit card details from the affected computers.

Kent Online reports that Lewis Martin was apprehended by police while trying to steal computer equipment from colleges in Dover and Deal.

When investigators searched his house, they uncovered documents containing 300 credit card credentials, along with passwords. The details of a fraudulent bank loan were also found.

Prosecutors accused him of using the Trojan to collect credit card details, passwords and credentials to websites such as PayPal, which he sold on the underground markets for sums between $1 (.76 EUR) and $5 (4 EUR).

Now, he has been sentenced to serve 18 months in prison for fraud and burglary charges.


Apparently, Martin was known by law enforcement representatives as a burglar, since he was caught on numerous occasions breaking into educational institutions. However, we’re more interested in the part in which he used the piece of malware to commit his crimes.

This incident shows that users subject their digital assets to numerous risks when downloading games from untrusted sources.

We’ve recently seen how most “Diablo 3 free download” searches point to malware-laden websites. With patches and key generators the problem is even more serious because most of the malicious files actually work, making users disregard the warnings displayed by their antivirus software.

What they don’t know is that while they’re happy to be playing the game, a nasty Trojan is logging their every move, stealing every bit of valuable information it finds.

“Game players would be wise to pay attention to the technique used by Lewys Martin to infect computers,” Graham Cluley, senior technology consultant at Sophos, advises.

“It's not uncommon for malware to be distributed in the form of cracks and hacks for popular computer games - if you run unknown code on your computer to meddle with a video game, you might well be allowing malware to insidiously install itself too.”


softpedia.com

Social Engineering and Hacking Skills Put to the Test at HITB 2012 Amsterdam



As we’ve mentioned on previous occasions, this year’s Hack in the Box (HITB) security conference in Amsterdam will feature a lot of great speakers and challenges. One of these will be the “Social Engineering and CTF Challenge” created and run by Sogeti Nederland B.V.

“With #SSEC2012, Sogeti Nederland is very excited to bring a social engineering element into this year’s HITBSecConf. The human factor is often referred to as the weak link in infosecurity defenses,” revealed Martin Visser, a senior security specialist.

“This challenge is aimed to not only highlight the human risk factor, but to also demonstrate the ease with which it can be compromised. Knowing what are the common pretext strategies used to fraud employees is key in protecting organisations from social engineering attacks.”

The competitor’s skills will certainly be put to the test in the contest whose purpose is to raise awareness on attacks that target the weakest link in cybersecurity, the human factor.


Over the course of two days participants will have to hack into wireless routers, social engineer the employees of high-profile Dutch companies and solve a challenge in Sogeti’s CTF web app.

For the social engineering part, contestants will have to trick company employees into performing certain tasks or handing out certain pieces of information. Of course, they will not have to obtain passwords or other sensitive data, but less significant details such as the name of the company’s catering company.

“The human element remains a major potential security vulnerability in any organisation. Verizon’s 2011 Data Breach Investigations report showed that 11% of breaches are from social engineering attacks and of these, 44% are from pretexting”, said Dhillon Andrew Kannabhiran, the founder and CEO of HITB.

Users from all around the world can join in on the action since it will be broadcasted via webcam feed and audio stream.


softpedia.com

Flashback Operators Fail to Cash Out Their “Winnings”



Some time ago Symantec revealed that the masterminds behind the now-infamous OSX Flashback Trojan made bundles of money. Further analysis, however, has shown that they may have failed to collect as a result of their operations.

Previously, we had learned that the fraudsters made money by displaying ads on compromised computers. The figures show that they’ve displayed 10 million advertisements on the devices of the affected individuals over the course of three weeks.

Of those 10 million, 400,000 were actually clicked on, which normally meant that they would have received $14,000 (10,640 EUR) from the pay-per-click (PPC) providers.

However, according to Symantec, the PPC firms don’t just hand over money to anyone without performing a few checks, this being a perfect example of a situation in which the scammers failed to bypass the anti-fraud measures.

Firms that offer PPC services are more than happy to pay up if users actually see their ads, but in click fraud cases such as this one, the victims may not see the ads, and they’re certainly not interested in the content that's being displayed because in most cases it’s irrelevant.

Furthermore, the cybercrooks may have analyzed each PPC provider to see which one suits their needs, since 98% of the adverts originate from the same organization.


While it’s estimated that a total of 600,000 machines have been infected with Flashback, in reality only 2% (around 10,000) of them were compromised to serve the final payload, the one that actually earned money.

As the researchers highlighted, the campaign was a success, but it could have been even more so, a situation in which the fraudsters could have made millions of dollars in a year.

Fortunately, they failed to collect, which may discourage others from launching such campaigns. On the other hand, the failure may make them more determined to try harder next time.


softpedia.com

Worm Uses Facebook PMs and Instant Messaging Apps to Spread



Social media platforms and popular instant messaging (IM) apps are great mediums for cybercriminals to spread their malicious elements. Trend Micro experts provide a great example of a worm that’s making its way to computers using such methods.

The researchers report that the piece of malware, identified as Worm_Steckct.evl, is distributed via a link that’s sent in private messages on Facebook and IM programs.

The shortened links contained in the posts point to an archive called “May09- Picture18.JPG_ www.facebook.com.zip” which hides a file named “May09-Picture18.JPG _www.facebook.com.” The .com extension reveals that in fact this is an executable file.

Once it’s run, the worm steps into play and terminates all the processes and services created by security software, thus ensuring that antivirus applications cannot disrupt its evildoings.


Steckct.evl then downloads another worm, detected as Worm_Eboom.ac, which monitors the victim’s browsing sessions.

The worrying part is that it doesn’t only log the posts and private messages the customer creates or deletes on Facebook, MySpace, Twitter, WordPress, or Meebo, but it can also spread by utilizing the user’s active session on these sites.

“Facebook and IM applications are tools to share and connect. Cybercriminals’ use of these tools is nothing new, but there are users who fall prey to these schemes. We recommend users to be conscious with their online behavior, in particular on social media sites,” Cris Pantanilla, Threat Response Engineer at Trend Micro writes.

As the expert highlights and as we’ve highlighted numerous times before, internauts must be wary of links that point to shady-looking websites or suspicious files.

In this particular case, it’s clear that the alleged picture taken on “May09” is not a JPG file, but an executable that’s not even so cleverly masked.


softpedia.com

joi, 17 mai 2012

Σχηματισμός δικογραφίας για κακόβουλο λογισμικό σε ηλεκτρονικές σελίδες

ΔΕΛΤΙΟ ΤΥΠΟΥ 

Κακόβουλο λογισμικό εντοπίστηκε στο διαδίκτυο για δήθεν
μπλοκάρισμα ηλεκτρονικών σελίδων και υπολογιστών από την Ελληνική Αστυνομία. 

Εμφανίζεται μήνυμα, το οποίο ενημερώνει το χρήστη πως για την
απεμπλοκή απαιτείται η πληρωμή αντιτίμου των 50 ευρώ μέσω προπληρωμένης κάρτας. 

Πρόκειται για ιστοσελίδες που παρέχουν τη δυνατότητα για παράνομο "κατέβασμα" ταινιών, τραγουδιών και άλλων ψηφιακών αρχείων. 


Κακόβουλο λογισμικό εντοπίστηκε για άλλη μια φορά στο διαδίκτυο, στο οποίο εμφανίζεται μήνυμα για δήθεν μπλοκάρισμα ηλεκτρονικών σελίδων και αντίστοιχα των χρηστών των σελίδων αυτών από την Ελληνική Αστυνομία (ΕΛ.ΑΣ).
Στο συγκεκριμένο μήνυμα αναφέρεται πως για την απεμπλοκή απαιτείται η αποστολή 50 ευρώ μέσω προπληρωμένης κάρτας (Paysafe card), προκειμένου να επανέλθει ο υπολογιστής στην κανονική του λειτουργία.
Όπως προέκυψε από την αστυνομική έρευνα, το κακόβουλο λογισμικό φιλοξενείται σε ιστοσελίδες του διαδικτύου, στις οποίες οι χρήστες έχουν τη δυνατότητα να κατεβάζουν ψηφιακά αρχεία με οπτικοακουστικό υλικό (τραγούδια, ταινίες κ.ά.) και προσβάλει υπολογιστές με λειτουργικό σύστημα Windows.
Συγκεκριμένα, κατά τη διαδικασία «φόρτωσης» της ιστοσελίδας, εμφανίζεται αυτόματα στην οθόνη του υπολογιστή μήνυμα, το οποίο ενημερώνει το χρήστη ότι έχουν εντοπιστεί παράνομα μουσικά αρχεία και για το λόγο αυτό ο υπολογιστής του έχει πλέον μπλοκαριστεί από την Ελληνική Αστυνομία.

Στην περίπτωση που ο χρήστης συμπληρώσει τον αριθμό της προπληρωμένης κάρτας, αυτός αποστέλλεται σε συγκεκριμένη ηλεκτρονική διεύθυνση και αποθηκεύεται σε βάση δεδομένων που έχει δημιουργηθεί, παρέχοντας πλέον πρόσβαση στα συγκεκριμένα στοιχεία από άλλα άτομα.
Από τη Δίωξη Ηλεκτρονικού Εγκλήματος έχει σχηματιστεί δικογραφία, η οποία θα υποβληθεί στην Εισαγγελία Πρωτοδικών Αθηνών.
Καλούνται οι πολίτες που τυχόν έχουν εντοπίσει ή έχει προσβληθεί ο υπολογιστής τους, από το συγκεκριμένο κακόβουλο λογισμικό, να μην εισαγάγουν το ποσό που δήθεν απαιτείται για την απεμπλοκή του και σε κάθε περίπτωση, εφόσον επιθυμούν, μπορούν να υποβάλλουν έγκληση στην Υποδιεύθυνση Δίωξης Ηλεκτρονικού Εγκλήματος (Λ. Αλεξάνδρας 173, Τ.Κ. 11522, Αμπελόκηποι).
Ως λύση προτείνεται η επανεκκίνηση του ηλεκτρονικού υπολογιστή σε ασφαλή λειτουργία (F 8 και επιλογή safe mode κατά την εκκίνηση) και στη συνέχεια να πραγματοποιηθεί επαναφορά του συστήματος σε ημερομηνία προγενέστερη από την ημερομηνία που εμφανίσθηκε το μήνυμα (Εργαλεία Συστήματος Επαναφορά συστήματος).
Σημειώνεται ότι οι πολίτες πριν εκτελέσουν την επαναφορά λειτουργίας του συστήματος πρέπει να ενημερωθούν μέσω της ακόλουθης ιστοσελίδας http://windows.microsoft.com/el-gr/windows-vista/What-is-System-Restore, για την έννοια της επαναφοράς συστήματος και για το είδος των αρχείων που τροποποιούνται κατά την εφαρμογή της.
Για περισσότερες πληροφορίες σχετικά με την προσβολή από το κακόβουλο λογισμικό, απευθυνθείτε στη Δίωξη Ηλεκτρονικού Εγκλήματος, στα εξής στοιχεία επικοινωνίας:

marți, 15 mai 2012

Avast Warns About “FakeInst” and Alternative Android Markets


The large number of malicious websites designed to infect Android devices with the well-known Android:FakeInst SMS Trojan have made Avast security experts issue another warning to alert users of its presence. They also advise smartphone owners to beware of shady-looking alternative Android app markets.

Researchers have found several domains, such as t2file.net and uote.net, which store at least 25 new apps that mask the piece of malware.

After users are lured onto these websites, they’re presented with a phony Downloader program. The truly evil thing about this app is that it tells the victim that the operation may cost money, but the Quit button doesn’t work.

Once the installation process begins, there’s nothing you can do, but click on the Agree or OK buttons. Of course, there are methods to stop the task, but to the untrained user it appears as he/she has no other choice.


What is even more worrying is the fact that once one of these buttons is pressed, an SMS to a premium rate number is already sent out. To make matters worse, the Trojan contains premium numbers for around 60 different countries worldwide, which means that if the victim isn’t located in Antarctica, he/she will most likely end up with an inflated phone bill.

In order to prevent experts from analyzing the malware, its creators have used AES encryption to make the file inaccessible.

Each SMS sent out by Android:FakeInst costs around $4 (3 EUR), which means that the cybercriminals behind this operation can earn considerable amounts of money from users who make the mistake of downloading software from alternative markets.

“Never trust weird looking alternative markets and always check the app permissions. If you’ve downloaded a game that asks for SMS and Phone calls permissions, it probably means that someone is about to “play you” instead,” Avast’s Alena Varkočková explained.


softpedia.com