News and information concerning the Internet Security community.
A new variant of malware that affects internet routers and Google Analytics has been discovered. The new router malware is designed to inject questionable ads and pornography into the websites you visit. The new malware modifies the affected router’s DNS settings in order to target and intercept Google Analytics codes and replace them with new malicious code.
CryptoLocker ransomware has been targeting and causing havoc on computers since 2013, but now the infamous ransomware is back and it has its aim set on those who play video games. The new malware, an encryption virus, targets many popular video games games including Call of Duty, World of Warcraft, League of Legends and Minecraft.
New features have been found concerning the dangerous banking Vawtrak malware that allow the malware to send and receive data through encrypted favicons distributed through the Tor network. This malware is used to harvest banking, gaming, and social media details, such as passwords, and is considered one of the worst single threats in existence. It uses Tor2Web proxy to receive updates from its cyber criminal developers and can access and update servers that are hosted on the Tor hidden web services without having to use specialist software such as Torbrowser. The communication with the remote server is done over SSL, which adds deeper encryption.
For the most part, adware-type programs have been pestering Windows users with unwanted pop-up and targeted advertisements. The Windows adware usually bundles with free third-party downloads. They deliver advertisements in a variety of forms, including in-text hyperlinks, banner and skyscraper ads and other commercial material. But now many Mac OS users have become bombarded with pop-up advertisements too.
This page contains information about the Shellshock software bug that affects Android, OSX, iOS, Windows, Linux, and others. What is Shellshock and what can you do about it?
5 million Google Gmail usernames and passwords have been leaked and published onto the internet by Russian hackers.The leaked usernames and passwords were not actually ‘hacked’ from the Google server. The information was likely acquired by email phishing scams, use of weak passwords, and other generic strategies.
Symantec Norton (Symantec) is one of the biggest names in Antivirus software. They claim their software is innovative and can “do it all.” Having said that, it’s strange that their software suites including Norton Internet Security and Norton 360 do not detect and remove the most common security threats in the world including Potentially Unwanted Programs (PUPs), like adware and browser hijackers that Anti-Malware software Malwarebytes or HitmanPro do… Well, until now. This fact has always given the latter a bigger advantage over Symantec’s security products as the previously mentioned Anti-Malware products begin to take over the security field based on the fact that they do detect and remove PUPs on a steady basis.
In regards to the plethora of major security breaches in 2014, including the Target indent and current P.F. Chang’s investigation, it seems using your credit card to make purchases might not be the way to go in the future. Instead, replacing your credit card with good ol’ cash appears to be the optimal choice.
If you were a customer to the China Bistro P.F. Changs between March and May of 2014, you may want to sit down. Customer credit card information has been found for sale on the website rescator ranging from $18 to $140 and charges on these cards have already been made. The credit card information stolen from P.F. Chang’s appears to be taken from at least six states as well as Puerto Rico, Mexico, Canada, Argentina, Chile, and the Middle East.
If you have an account with eBay (ebay.com) you are advised to immediately change your eBay password. In February and March of 2014 cyberattackers compromised and used several eBay employee log-in credentials in order to gain access to eBay’s corporate network. The cyber-criminals compromised a database containing encrypted passwords and other non-financial customer data. Customer and eBay user information including home addresses, email addresses, telephone numbers, date of birth, and full names have been breached by the culprits. eBay could find no evidence to suggest that financial information was observed during the cyberattack.
