SECURITY WARNINGS & Notices - Please post them here

[polonus]

Necurs malware threatens and disables av scanners: http://blogs.technet.com/b/mmpc/archive/2012/12/06/unexpected-reboot-necurs.aspx (article link author = Microsoft Malware Protection Center's Tim Liu)

polonus

[polonus]

Malicious QR barcode stickers found http://www.theregister.co.uk/2012/12/10/qr_code_sticker_scam/  (article author = John Leyden)

polonus

[DavidR]

This issue with the potential for malicious QR codes has been known about for some considerable time now (certainly for me) as like the short URLs there are limited ways to confirm what the end URL is without actually clicking on the link or scanning the QR code.

[polonus]

Hi DavidR,

Yes and you will see these scan codes more and more. On local busses, in newspaper ads, etc.

polonus

[Asyn]

Millions stolen with mTAN fraud
http://www.h-online.com/security/news/item/Millions-stolen-with-mTAN-fraud-1763923.html
https://www.checkpoint.com/products/downloads/whitepapers/Eurograbber_White_Paper.pdf

[mchain]

Hi DavidR,

Yes and you will see these scan codes more and more. On local busses, in newspaper ads, etc.

polonus

Millions stolen with mTAN fraud
http://www.h-online.com/security/news/item/Millions-stolen-with-mTAN-fraud-1763923.html
https://www.checkpoint.com/products/downloads/whitepapers/Eurograbber_White_Paper.pdf

I recall a time when a phone was just simply a phone.  I choose to have a service that costs only $40.00 a month, and it certainly does not support a smartphone, and does what I need to have it do.  Internet surfing is useless on this device, but it is there.  Think risk factor is much less with such a device, IMO.

[Asyn]

Joomla sites misused to deploy malware
http://www.h-online.com/open/news/item/Joomla-sites-misused-to-deploy-malware-1766841.html
https://isc.sans.edu/diary/Joomla+and+WordPress+Bulk+Exploit+Going+on/14677

[Asyn]

Apps for Windows 8 easily hacked
http://www.h-online.com/security/news/item/Apps-for-Windows-8-easily-hacked-1767839.html

[polonus]

Users of IE spied upon through unpatched mouse-cursor vulnerability (virtual keyboard users at risk): http://spider.io/blog/2012/12/internet-explorer-data-leakage/

polonus

[polonus]

More Google Chrome specific malware expected in 2013. For instance malcreants like to adopt the Carberp digital bankrobber to function in the Google Chrome browser: http://malware.dontneedcoffee.com/2012/12/carberprenaissance.html#!/2012/12/carberprenaissance.html (link author = Kafeine)

polonus

[polonus]

Carberp started to infect through malcious QR: http://www.securelist.com/en/blog/208194045/Carberp_in_the_Mobile (link article author = Denis, Kaspersky Lab Expert on a series of articles on Man in the Mobile Attacks)

polonus

[JuninhoSlo]

Internet Explorer Bug Tracks Every Mouse Move, Even Outside the Browser
http://www.bitdefender.com/security/internet-explorer-bug-tracks-every-mouse-move-even-outside-the-browser.html

[mchain]

Trojan.Batchwiper

http://www.symantec.com/connect/blogs/trojanbatchwiper-reported-iran

[Asyn]

Exynos 4 critical security hole affects many Galaxy devices
http://www.h-online.com/open/news/item/Exynos-4-critical-security-hole-affects-many-Galaxy-devices-1770075.html

[polonus]

Massive iframe injection alert: http://stopmalvertising.com/malware-reports/massive-iframe-injection-hits-several-cms.html
(article author Kimbedrley)

polonus