|
2017-1 Privacy and Security NewsThe latest privacy and security news you should be concerned about. MP3 - 2017-1 Privacy and Security News
2017-1 Privacy and Security NewsStenago malvertising campaign, FTC lawsuit over Java, security browser plugins, check your email address for being breached, Gmail phishing attacks, and Google privacy items you should action. |
Stenago Malvertising CampaignOriginally reported on Secplicity: Malvertising—the combination of malware and advertising—is nothing new. Cyber criminals have long taken advantage of legitimate web advertising agencies to sneak evil code into the ads of some very popular websites. However, a new malvertising campaign called Stenago takes stealthy malicious ads to a new level. By hiding its evil script in the transparency data of an image, and by avoiding infecting security researcher’s machines, Stenago has been successfully spreading malware for months, if not years. Millions infected by malvertising hiding in a banner image – Ars Technica Excellent article:
Notable excerpts: Stegano hides parts of its malicious code in parameters controlling the transparency of pixels used to display banner ads. After verifying that the targeted browser isn't running in a virtual machine or connected to other types of security software often used to detect attacks, the script redirects the browser to a site that hosts three exploits for now-patched Adobe Flash vulnerabilities.
Among other things, the script checked for the presence of packet capture, sandboxing, and virtualization software and a variety of security products. Machines that didn't exhibit signs of the software and contained a vulnerable version of Flash were then redirected to the exploit site, which would serve one of two families of malware. The Ursnif family is made up mainly of modules for stealing e-mail credentials, logging keystrokes, taking screenshots and videos, and acting as a backdoor. The Ramnit variety of malware offers most of the same capabilities and mainly targets the banking industry. QPC Comments on the Topic: This thing analyzes the environment of the computer and then presents a customized response, malicious or benign. Specifically, if it was detected that security protections were in place, the malware would present benign content. This is because it did not want to be detected by security pros. The image wasn’t the malicious object itself, it was the javascript that included the malicious code. Security researchers spend time analyzing malicious javascript regularly as it is a huge attack vector. A security appliance, properly configured, can run scans on javascript on websites. If the malware detects that it is being executed in a security protected environment, it just terminates.
|
Oracle/FTC lawsuit over Java SE and versions not uninstallinghttps://www.java.com/en/uninstall/attachmentA.xml
Really old versions are still not uninstalled. You should check your computer for old versions of Java. |
How Google tracks you and what you can do about ithttp://www.zerohedge.com/news/2017-01-18/heres-how-google-tracks-you-and-what-you-can-do-about-it If you're not paying for it you're not the customer - you are the product. Google Takeout https://takeout.google.com/settings/takeout My Google Activity https://myactivity.google.com -All your YouTube watching is tracked if you watch while using a browser where your Gmail account is logged in. -All your past web browsing history is tracked and stored if you are logged into your Gmail account in that browser while surfing. Additional browser plugins to consider
|
Sophisticated Gmail phishing attacksSophisticated Gmail phishing attacks victimize even tech pros https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/ Data URI scheme |
Check this website to see if any of your email addresses have been included in large breacheshttps://haveibeenpwned.com/ |
