Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
PC-Virus Disrupts Systems inside Reputed American Schools PDF Print E-mail
Written by Administrator   
Tuesday, 31 March 2015 07:00

Two schools in Maryland (USA) namely Mary B. Neal Elementary School and Henry E. Lackey High School were lately affected when malware contaminated their computer systems, although it couldn't be determined what purpose lay behind the assaults, published somdnews.com dated March 19, 2015.

As per Katie O'Malley-Simpson, spokeswoman for school system, the virus after first spotted at Lackey, contaminated PCs which had Windows XP running. Somdnews.com published this.

The incident prevented school officials from logging onto the computers infected with the virus; consequently, faculty members have been unable to gain admission into grade-books, although they're yet able to see and work on the grades via PCs running Windows 7.

Reportedly, USA's public schools have all their new PCs equipped with Windows 7 while officials already took on the job of converting the schools' existing computers to Windows 7 from Windows XP even before the incident occurred.

When an earlier anti-virus scan couldn't retrieve the PCs from infection, PC analysts for the school system got engaged in converting the machines' OS into an alternate one.

Unfortunately, nothing is known about the length of time that will be required for rectifying the problem.

Indeed, it'll be time consuming, says O'Malley-Simpson, considering the numerous numbers of PCs to be scanned. Shared drives are frequently used when teachers and staff perform their jobs at the two schools, enabling any virus for disseminating fast, she tells.

Disturbingly, it isn't unknown about American schools having contracted malware during the last 30 days since one likewise incident occurred during the 4th-week of February 2015 at the Washington County Public Schools.

There an official said that e-mail viruses struck the schools' computers on 23rd-24th February which resulted in hours for the passage of electronic mails that affected PC-operators both internally and externally of the schools' PC-network. Heraldmailmedia.com reported this, February 24, 2015.

The e-mail viruses came in 2 separate messages as zipped archives, stated Director of Information Technology Arnold Hammann of the School System. One seemed as though it contained certain fax file attached, while the other was labeled "your documents are attached," Hammann indicated that heraldmailmedia.com reported.

Read more... - PC-Virus Disrupts Sy...
 
Phishing Email Identified Impersonating Wells Fargo PDF Print E-mail
Written by Administrator   
Tuesday, 31 March 2015 07:00

Whbl.com reported on 19th March, 2015 stating that a scam email has been identified which is allegedly being sent out from Wells Fargo, a multinational banking and financial organization based in San Francisco, California, US which could cause problems for you or your computers.

The email is from a senior official of the bank Carrie Toldstedt and carries a logo of Wells Fargo along with her photo supposedly with your latest account information.

The fake email says that the bank has received some documents regarding your account and if you want to confirm the changes then please check/view documents and click here.

The fake email while trying to sound genuine also says that this email and any files transmitted with it are confidential and planned exclusively for the use of the individual or entity to whom it is addressed. If you have received this email by mistake, please inform the system manager. This message contains confidential information and it is addressed to the individual named. If you are not the actual addressee, then you should not distribute, disseminate or copy this email. If you have received this email by mistake, then please inform the sender immediately by return mail and delete the same from your system. However, if you are not the actual recipient, then you are requested not to disclose copy, spread or take any action in support of the contents of this information.

If you click on the link in the email, you will land on a phishing webpage.

Phishing or fake emails may include links which direct you to fake websites known as phishing websites and might ask for your personal or financial details through luring and clever language. These emails may also communicate an urgent requirement to update your information or communicate with you to guarantee the security of your accounts (as has been done in the above case).

To minimize such type of malicious attacks, Wells Fargo clearly says not to click links, open any attachments or respond to emails coming from unknown and suspicious persons (like Carrie Toldstedt in the above case). However, if you receive a suspicious email forward the email to the bank.

Read more... - Phishing Email Ident...
 
Scam E-mail Offering Health Insurance Prowl across Europe PDF Print E-mail
Written by Administrator   
Tuesday, 31 March 2015 07:00

A scam e-mail is circulating in Europe providing health insurance to travelers across the continent if they pay one meager fee when in reality no such charge is taken from European residents, published itv.com dated March 19, 2015.

Europeans holding an EHIC (European Health Insurance Card) don't have to pay any fee while are let to avail the state healthcare service anywhere across EU, even Switzerland, by paying a reduced fee alternatively nothing at times.

The Trading Standards Team of Notts County Council knows about the scam e-mail purporting to be from certain Belgium firm promising the insurance for 15 pounds.

The said scam comes after an alert issued in 2014 regarding dubious websites providing returns filing services alternatively driving license and passport renewals for a fee whilst the firm was just an independently working organization furnishing merely service for form checking.

European citizens require visiting government websites having the suffix gov.uk in their URLs in connection with tax returns, passport applications and driving licenses.

According to Chairman Coun Glynn Gilfoyle of the Community Safety Committee for Notts County Council, scammers keep on devising new tactics to defraud people off their money while the current e-mail typically resembles ongoing scams which are popularly known. Itv.com published this.

Gilfoyle explains the above kind of scams appear as though they're providing a service by charging an expense that's either non-chargeable anyway, while merely offers to check forms alternatively provides no service at all.

He adds that travelers in European Union require remembering that they're under free else low cost state health service through the possession of an EHIC.

Anyone applying for the free EHIC requires visiting National Health Service's online site that provides downloadable forms along with online application facility. Applicants must possess the National Insurance Number, Family Name/Surname, Birth Date and Forenames to get the card. Hence, such e-mails shouldn't be trusted instead just deleted.

Another way for applying to get an EHIC is via the phone number 0845 606 2030.

For a person not a national of European Economic Association, he/she should apply over snail mail while posting the documents needed with the application.

Read more... - Scam E-mail Offering...
 
‘Rocket Kitten’ Targets Organisations in Israel and Europe PDF Print E-mail
Written by Administrator   
Monday, 30 March 2015 11:00


Trend Micro, a security firm, has disclosed a fresh targeted attack against European and Israel organizations which was launched by the state-backed threat group called 'Rocket Kitten'.

The firm said that the campaign Woolen-GoldFish is a dissimilar set-up from a previous effort by the group.

Trend Micro said in a fresh report that the previous attack depended on a spear-phishing email loaded with a tainted attached Office file and GHOLE malware started to download whenever users had to permit macros to witness the content of the attachment.

This new operation contains an improved and more reliable spear-phishing element with restricted content designed to persuade the user to click through.

It also replaces the nasty attachment with a link of Microsoft OneDrive which leads to a malevolent PowerPoint file known as 'Iran's Missiles program.ppt.exe.' The report claimed that this tactic could have been developed to help the attack avoid the email security.

The executable then drops a CWoolger keylogger's version on the machine of the victim to hover up the details. The authors of this report claim that this malware is not as sophisticated as its contemporaries.

Interestingly, Trend Micro has found many clues which suggest a connection between Rocket Kitten and Iran. Metadata of the malicious files reveal that many individuals have contributed to the development of the malware but the main author is apparently using the online moniker "Wool3n.h4t."

Researchers say that a blog is hosted by a free service in Iran with the help of Wool3n.h4t. The blog is presently not active and hosted posts published by a user known as "Masoud pk," which may be the real identity of Wool3n.h4t. If Wool3n.h4t is the name of Masoud, then he could be Iranian because it is one of the top 50 most common names in Iran.

Experts analyzed the command and control (C&C) servers used by the GHOLE malware and found a connection with Iran.

V3.co.uk published a report on 19th March, 2015 quoting a paper as "threat actors involved in Operation Woolen Goldfish consistently using other malware with command and control reference is hard-coded as an IP address in the binary. A domain name was not used and moreover it lands on the system with a name which is very similar to some variants of Ghole malware (used by Rocket Kitten)."

Read more... - ‘Rocket Kitten’ ...
 
Cisco Identifies a New “PoSeidon” Point-of-Sale Malware PDF Print E-mail
Written by Administrator   
Monday, 30 March 2015 11:00


Thehackernews.com published news on 22nd March, 2015 stating that the security experts of Cisco's Talos Security Intelligence & Research Group has discovered a new and horrible breed of Point-of-Sale malware dubbed "PoSeidon" and the team says that it is more advanced and nasty than the previous Point-of-Sale malware.

The Point-of-Sale malware is designed to have the capabilities of both the notorious Zeus banking Trojan and infamous BlackPOS Trojan which robbed Millions from big retailers of US such as Home Depot in 2014 and Target in 2013.

PoSeidon scrapes memory from PoS terminals to search for sequences of card number of major card issuers such as Master card, Visa, Discover and Amex and then uses the Luhn algorithm to confirm the validity of credit/debit card numbers.

Researchers say that the Trojan then siphons the captured credit card information off to Russian (.ru) domains to harvest and probably resale.

Cisco's team explained that interestingly, at a high level, PoSeidon starts with a Loader binary which, when being executed, will first try to maintain persistence to avoid a system reboot which may happen.

The Loader then contacts a command and control server rescuing a URL containing another binary to download and execute. The downloaded binary known as FindStr installs a keylogger and scans the memory of the PoS device for sequence numbers which could be the number of credit card. When the numbers are verified as credit card numbers, keystrokes and credit card numbers are encoded and sent to an exfiltration server.

Cisco said that the component of the keylogger was potentially used to steal passwords and could have been vector which is the initial infection.

Researchers say that PoSeidon is among other increasing number of malware abusing POS systems which demonstrate the advanced strategies and approaches of authors of malware.

"Attackers will continue to attack POS systems and implement many complicated techniques in trying to avoid detection. Attackers will go on to invest in improvement and techniques of new malware family as long as they get good returns from the attacks on POS."

Cisco observes that the network administrators must adhere to best practices of the industry if they intend to pose a challenge to POS malware.

Read more... - Cisco Identifies a N...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1253
Polls
The Spamproblem is
 
Who's online
We have 120 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us