Category: blog
-
Diginotar declared bankrupt
Browsers and operating systems had already revoked trust in Dutch CA. Dutch certificate authority Diginotar was declared bankrupt by a Dutch court this morning. Diginotar made the news earlier this month when a large number of rogue certificates signed by the CA were discovered . The certificates were generated by a hacker, possibly acting on…
-
Bank’s Twitter account hacked to send phishing messages
Important lessons for companies engaging in social media. Last week, the Twitter account of the Bank of Melbourne was hacked and used to send direct messages containing phishing links to its followers. A recently relaunched subsidiary of Westpac , the Australian bank engages heavily with its customers through its @BankofMelb Twitter account. However, the security…
-
Windows Help Files used in targeted attacks
Files with code-executing properties attached to emails. Researchers at Symantec have discovered Windows Help Files being used in targeted attacks. Such help files, which use the .hlp extension, are used by Windows Help , a program that allows users to find help for programs running on the popular operating system. Because the files can call…
-
Iranians spied on using rogue DigiNotar certificates
Fake certificates signed for CIA, Mossad, Google, Facebook. It is likely that Iranian Internet users have been spied on following a hack discovered at Dutch certificate authority (CA) DigiNotar last week, according to Trend Micro . In July, a hack at DigiNotar resulted in a large number of fake SSL certificates being issued for popular…
-
Spam sent via fake out-of-office messages
‘Sick leave’ message followed by weight loss spam. In an apparently new way of spreading their messages, spammers are advertising their products via fake out-of-office replies. The example VB has seen involved a legitimate email which was sent with an (unintentional) typo in the domain name of the intended recipient. What came back was an…
-
Fake codec trojan disables anti-virus software
Victim tricked into believing security software still active. A new trojan, discovered by researchers at ESET , spreads itself via fake codecs, then disables running anti-virus solutions and makes the user believe that the anti-virus is still running. The trojan spreads via Facebook chat and engages in a short, probably automated, conversation with the victim…