Shanktified!

Note: This is a lot easier to see in fullscreen mode.
If you have any questions, please let me know.

[ UPDATE:  Facebook has reversed itself and fixed this vulnerability ]

ZDNet.com reports:

The Register’s Dan Goodin has the scoop on an obvious security vulnerability that’s being ignored by the powers at Facebook.

The issue, as demonstrated by this proof-of-concept, shows how a social network application can be rigged to hijack a Facebook user’s session identification cookies, deliver pop-up messages or change the color of Facebook pages. 

Continue reading »

This is mostly a geek-read, so let me sum it up for you.  The more apps you add to facebook and myspace, the less safe you are.  Don’t add people you don’t know well (ouch, log in my own eye) and use unique passwords for each account. This or this may help.

“A quick (and very much incomplete) hall of shame here includes MySpace, LiveJournal, and Hi5, all of which we’re surprised haven’t sunk into the East Bay under the weight of their own pwnability.”

More here >> The ugly truth: Satan, social networks and security.

One of the things stopping me from getting an Iphone is what appears to be a lack of secure email (at least in my preliminary research).   For example, I think an OpenPGP is great and I use it often in thunderbird (more on that here).  But If I send a PGP encrypted email to someone who would otherwise be able to open the email with OpenPGP/Enigmail setup on Thunderbird, they won’t be able to read it on thier Iphone.

Any of you have experience with Iphone email security?  Please share your thoughts in the comment section.

We thought it might be an AVG false positive, but thanks to a helpful comment from Martyn (here)  we now know that’s not the case.

SHeur.bzpu is a backdoor trojan

http://www.microsoft.com/security/portal/SearchResults.aspx?query=SHeur.bzpu

Backdoor:Win32/Nuwar.gen!D

Aliases: SHeur.BCFX (AVG)

Description: Backdoor:Win32/Nuwar.gen!D is a generic detection for a backdoor trojan that allows unauthorized access to an infected computer. The trojan receives commands indirectly from a remote attacker via its connection to a malicious peer-to-peer network. This trojan also contains advanced stealth…

Published Date: 06/16/2008

Severity Rating: Medium

The Federal Bureau of Investigation and its partner, the Internet Crime Complaint Center (IC3), have received reports of recent spam e-mails spreading the Storm Worm malicious software, known as malware. These e-mails, which contain the phrase “F.B.I. vs. facebook,” direct e-mail recipients to click on a link to view an article about the FBI and Facebook, a popular social networking website. The Storm Worm virus has also been spread in the past in e-mails advertising a holiday e-card link. Clicking on the link downloads malware onto the Internet connected device, causing it to become infected with the virus and part of the Storm Worm botnet.

“The spammers spreading this virus are preying on Internet users and making their computers an unwitting part of criminal botnet activity. We urge citizens to help prevent the spread of botnets by becoming web-savvy. Following some simple computer security practices will reduce the risk that their computers will be compromised,” said Special Agent Richard Kolko, Chief, FBI National Press Office.

Everyone should consider the following:

* Do not respond to unsolicited (spam) e-mail.

* Be skeptical of individuals representing themselves as officials soliciting personal information via e-mail.

* Do not click on links contained within an unsolicited e-mail.

* Be cautious of e-mail claiming to contain pictures in attached files, as the files may contain viruses. Only open attachments from known senders.

* Validate the legitimacy of the organization by directly accessing the organization’s website rather than following an alleged link to the site.

* Do not provide personal or financial information to anyone who solicits information.

More here: Optimus Media News » FBI Warns of Storm Worm Virus.

ZDNet.com has news about Ubuntu available at BestBuy for 20 bucks, writing:

So what do you get for your twenty bucks? The retail box contains ”Ubuntu 8.04 CD, a Quick Start Guide and 60 days of support from the ValuSoft team, trained and backed by the Canonical support guys. The support covers installation and getting started using Ubuntu and is priced at $19.99.”

This is good news from a marketing standpoint; pushing Linux even more main stream.  Will they sell a lot of boxes?  Probably not.  But this is still a good move. Or at least it can be.  I’d like to see what they wrote on the box.  There is still a lot of misunderstanding about Linux and how something free can be as good (or arguably better) than a 200-300 dollar operating system.  There’s also a great deal of misconception about what software will work and won’t work on it.

Back to the article:  I agree 2 month’s of support is not worth the 20 bucks.  Download the ISO and burn a disk. Don’t know how or what I even just said?  Click here.

Continue reading »

WMA’s (windows media audio) are carrying a trojan/worm.   When I have to clean someone PC, it’s usually because they were downloading illegal music downloads.  Click here to read the rest of the story.

In short, if you are having issues getting online since the security upgrade (that probably happened automatically without your knowledge, uninstall Zone Alarm, download the new version here, and reinstall.  All should be fine)

ZoneAlarm updated after Microsoft’s DNS patch | Defense in Depth - computer security, hacking, crime, viruses - CNET News.com
Since Tuesday, ZoneAlarm customers have complained that access to the Internet was denied after installing MS08-037, a patch designed by Microsoft to correct a vulnerability in both the client and server Domain Name System packages within Windows. Earlier on Tuesday, a security researcher announced a massive, multi-vendor patch release to address a fundamental flaw in DNS that could allow attackers to spoof IP addresses.

There are a growing number of reports that this is a false positive within AGV.

I’ll update you with more soon, but for now check out this excellent post on the topic (translated to English here). Complete with screen shots and search engine analysis.

Please leave a comment if you have any information to share. Unlike the AVG Forum, stupid questions will not be deleted nor the questioners abused. We were all stupid at some point so, chill-out folks.

Update: I have found AVG to do find this with multiple PCs in separate locations. It’s definitely a false positive (misreading from the AVG software). (A note to AVG users, don’t let this bother you, I’ve been using AVG for years and I think this is only the 2nd time Its found a false positive.)

Another Update: AVG will not quarantine Quickbooks files, but it will quarantine Quicken files automatically (in many cases). If you get a message that says the files were deleted you can get them out of AVG’s Virus Vault.

Update #3: I see that the folks at Quickbooks are aware of the issue and are working with AVG to repair it.