FIFA World Cup themed malware campaign spreads malicious PDF files | Zero Day |

For all of you World Cup Soccer fans:

Researchers from Symantec are reporting on an ongoing targeted malware campaign using a FIFA World Cup 2010 theme, in an attempt to trick end users into executing a malicious PDF file, exploiting a recently patched flaw in Adobe Reader.More details on the campaign:The attackers have downloaded Greenlife’s PDF document, and changed it to include malicious code. They then attempted to email the malicious PDF to a user in a major international organization that brings together governments from all over the world. We should emphasize that downloading the PDF from the Greenlife website is perfectly safe at the time of writing this blog.The attack makes use of a recently patched vulnerability in Adobe Reader – CVE-2010-0188. The patch for this critical rated vulnerability was released by Adobe on February 16, 2010. Since then we have observed a large number of targeted attacks attempting to exploit this vulnerability. Proof-of-Concept exploit code is available in the Internet which is contributing to the large number of observed attacks. The exploit makes use of a flaw in the TIFF file parsing in Adobe Reader. In particular, a stack overflow is caused by inserting a TIFF image into the PDF with a specially crafted “DotRange” tag.

According to recent reports, malicious PDF files not only comprised 80 percent of all exploits for 2009, but also, represent the preferred infection vector for targeted attacks in general, for the first time ever surpassing the use of malicious Microsoft Office files.

Users should not just update their Adobe products, or perhaps even consider an alternative PDF reader, if truly paranoid. They should take a comprehensive approach when dealing with all the 3rd party applications and browser plugins, currently installed.

via FIFA World Cup themed malware campaign spreads malicious PDF files | Zero Day |


LifeLock Settles FTC Charges For $12 Million — InformationWeek

I was thinking about using them. With the ease of identity theft, there must be something that can be used…Common sense?

The FTC complaint alleged that the firm’s identity theft protection and data security claims were false.By Thomas ClaburnInformationWeekMarch 10, 2010 11:19 AMThe Federal Trade Commission on Tuesday announced that identity theft protection company LifeLock has agreed to pay $12 million to the FTC and 35 state attorneys general to settle charges that its service doesn’t work as advertised.The agency says the payment represents one of the largest FTC-coordinated settlements on record. The settlement forbids company principals from making further deceptive claims and requires the company to take measures to protect customer data.

“While LifeLock promised consumers complete protection against all types of identity theft, in truth, the protection it actually provided left enough holes that you could drive a truck through it,” said FTC Chairman Jon Leibowitz in a statement.Since 2006, LifeLock has been charging customers $10 per month to protect them against identity theft. The company rose to prominence as a result of its advertising campaign involving the public display of CEO Todd Davis’s social security number on the side of a truck, ostensibly as proof that its identity theft protection service worked.

The FTC charged that the fraud alerts LifeLock placed on customer accounts weren’t effective against most types of identity theft, that its service claims were false, and that its data protection claims were false.

In 2008, LifeLock was sued in a civil lawsuit that made claims similar to the FTC’s allegations. That lawsuit alleged that “the statements by LifeLock’s CEO regarding the ability of LifeLock to protect his own identity are deceptive because his identity was stolen while he was a customer…”

via LifeLock Settles FTC Charges For $12 Million — InformationWeek.

Do You Really Know Where That Link Is Taking You?

These are some scary technical times we live in. Yes, it’s very nice that everything is available with a click of the mouse button, but do you really know where that click is taking you?

Scammers are taking advantage of every hot news story out. Do a search for an issue and the results may contain poisoned links that lead to malware. The malware could be in the form of rogue antivirus software, which looks like a professional looking antivirus program and warns you of non-existent infections. The fake apps then push you to buy a license for the software to clean up the fake malware it finds. Once you’ve clicked on that link, look out. Some of the things the downloaded malware will do is steal passwords and logins by recording your keystrokes. It can install programs that will turn your computer into  bot to be used in future infections of other computers. It could be used to hold your data for ransom, where the owner of the malware charges you in order to receive the removal information. In many instances,  you’re reformatting your hard drive and reinstalling your programs.

So, how do you really know that the link you’re clicking on is safe? My preference is to install W.O.T. (Web of Trust) in your browser. When you do a search, W.O.T. will place a circle next to the link and it will be Green for safe, Yellow for caution, and Red for stay-away. The other thing you can do with W.O.T. is to right-click on a link on a website and choose View WOT Scorecard. That will take you to a page that shows you the ratings of the page before you actually visit it. The latest browsers are trying to help keep you safe as well, with built-in phishing and malware protection so it’s recommended that you update your browsers to the most recent versions. You can find the latest version of Firefox here, Internet Explorer here, and Google Chrome here.

Now and in the future, it’s really important to be careful about your browsing. Make sure the links you click on are going to be good for you.

You might be breaking the law with your computer: UPDATED | 10 Things |

Twice this week I’ve had people ask me that  if they connect to a neighbor’s unsecured wi-fi if it is possible that their neighbor could gain access to their files or information. I told them that since they were actually joining that neighbor’s network, than under certain circumstances, yes their information could be accessed. I was reminded of the other reason you may not want to ride your neighbor’s wi-fi in this article of 10 ways you might be breaking the law with your computer. The item pertaining to this topic follows.

State and federal laws regarding access to networks

Many states have criminal laws that prohibit accessing any computer or network without the owner’s permission. For example, in Texas, the statute is Penal Code section 33.02, Breach of Computer Security. It says, “A person commits an offense if the person knowingly accesses a computer, computer network or computer system without the effective consent of the owner.” The penalty grade ranges from misdemeanor to first degree felony (which is the same grade as murder), depending on whether the person obtains benefit, harms or defrauds someone, or alters, damages, or deletes files.

The wording of most such laws encompass connecting to a wireless network without explicit permission, even if the Wi-Fi network is unsecured. The inclusion of the culpable mental state of “knowing” as an element of the offense means that if your computer automatically connects to your neighbor’s wireless network instead of your own and you aren’t aware of it, you haven’t committed a crime. But if you decide to hop onto the nearest unencrypted Wi-Fi network to surf the Internet, knowing full well that it doesn’t belong to you and no one has given you permission, you could be prosecuted under these laws.

A Michigan man was arrested for using a café’s Wi-Fi network (which was reserved for customers) from his car in 2007. Similar arrests have been made in Florida, Illinois, Washington, and Alaska.

The federal law that covers unauthorized access is Title 18 U.S.C. Section 1030, which prohibits intentionally accessing a computer without authorization or exceeding authorized access. But it applies to “protected computers,” which are defined as those used by the U.S. government, by a financial institution, or used in or affecting interstate or foreign commerce. In addition to fines and imprisonment, penalties include forfeiture of any personal property used to commit the crime or derived from proceeds traceable to any violation. You can read the text of that section here.

In a recent case regarding unauthorized access, a high profile lawsuit was filed against a school district in Pennsylvania by students who alleged that district personnel activated their school-issued laptops in their homes and spied on them with the laptops’ webcams. The FBI is investigating to determine whether any criminal laws were broken. Because the school district owned the computers, there is controversy over whether they had the right to remotely access them without the permission of the users.

via 10 ways you might be breaking the law with your computer: UPDATED | 10 Things |

Are you still texting while you drive?

I see it all of the time. People driving next to me looking down at their phones while texting. If they knew about this site, they’d be able to send texts verbally to anyone on their contact list.

I came across Dial2Do the other day. I’m signing up for the 30 day trial period and will let you know my thoughts, but what it proposes to do is great for those of us on the road a lot.

Not only can you  send texts, but you can create reminders, and even listen to and send e-mail – all while keeping your hands on the wheel and your eyes on the road. For those using Twitter, you can send your tweets verbally. The reminders are transcribed and sent to your listed e-mail account. You can send thoughts and ideas to your Evernote account. You can get local weather, and listen to news feeds, and much more.

The cost? $40/year or $4/month. The cost of a cell phone usage ticket? Around here it’s $275.  I’m going to try it. I’ll report back in a few weeks.

Trojan Pretends to Be Microsoft Security Suite –

Microsoft is warning users that a Trojan is masquerading as the company’s popular free Microsoft Security Essentials (MSE) package.

The alert came from Microsoft’s (NASDAQ: MSFT) Malware Protection Center (MMPC) on Wednesday.

“One of the oldest tricks used by rogue antivirus products is to use a similar name as, or have a similar look and feel to, legitimate security software,” Microsoft said in a post on the MMPC’s Threat Research & Response Blog. “So it was inevitable that the day would arrive when a rogue would masquerade as something similar to Microsoft Security Essentials.”

The masquerading rogue security tool goes by the name Security Essentials 2010, which is very similar to the actual name of Microsoft’s suite, though the real suite does not have a date in its name.

Users who encounter the fake will see a bogus malware detection scanner that reports many files on a PC are infected with various types of malware, including Trojans and adware, replete with what looks like a legit “system warning.”

Users infected with the Trojan, known as Win32/Fakeinit, will be presented with a screen informing them that the software is just a “trial version” and that “removal and real-time protection features are disabled.”

The solution, the fake software informs users, is to “activate [the] full version.”

That’s not a good idea, however.

“Fakeinit’s downloader not only installs the fake scanner component — it also monitors other running processes and attempts to terminate the ones it doesn’t like, claiming that they are infected,” Microsoft’s blog entry cautions.

The bogus anti-malware product also makes changes to the user’s registry to lower security settings, and to prevent users from deleting the “Your System Is Infected” background that it displays in order to raise the user’s anxiety level.

According to the blog post, Fakeinit also downloads a second Trojan that installs the Alureon rootkit — another piece of malware that Microsoft warned a week ago was the source of many Windows XP machines exhibiting blue screens and constant reboots.

Additionally, the malware cuts off access to a list of URLs popular with users, including,, and many others, according to Microsoft.

Aside from some minor grammatical errors in the text — a common tipoff that a piece of software is actually malware — what gives away the real purpose of the bogus software are the statements identifying it as a “trial version” and requests to activate the full product.

The actual Microsoft Security Essentials suite is available without charge from

via Trojan Pretends to Be Microsoft Security Suite –

Stuart J. Johnston is a contributing writer at, the news service of, the network for technology professionals.

Realtime Updates On Your Google Search Results

Cool Google Search Tip: Google has a feature that brings your search results to life with a dynamic stream of real-time content from across the web. Now, immediately after conducting a search, you can see live updates from people on popular sites like Twitter and FriendFeed, as well as headlines from news and blog posts published just seconds before. When they are relevant, Google ranks these latest results to show the freshest information right on the search results page.

Try searching for your favorite TV show, sporting event or the latest development on a recent government bill or world event. Whether it’s an eyewitness tweet, a breaking news story or a fresh blog post, you can find it on Google right after it’s published on the web.

Click on “Latest results” or select “Latest” from the search options menu (see the following tip to access this menu) to view a full page of live tweets, blogs, news and other web content scrolling right on Google. You can also filter your results to see only “Updates” from micro-blogs like Twitter, FriendFeed, Jaiku and others.

An example: I did a Google search for “Chile earthquake”. From the search results page, I scrolled down until I found “Latest results for Chile earthquake”. Once I clicked on that link, I was taken to a page that continually updated with links to the most recent web entries from all over that dealt with the earthquake in Chile.

Another Cool Google Tip: Kind of a hidden feature on the Google search results page is the light blue bar just above the search results. If you look at the left side of the bar, you’ll see an option to “Show Options”. When you click on this, Google opens a column on the left that allows you to further refine your search. One of the most useful sections of this column is the time frame filter. You can click “Latest” to see what I discussed in the first section, or find results that occurred in the past 24 hours, week, or year.