Bin Laden Blogger Site Hacked

According to ComputerWorld, curious Web surfers who visited the blog,, belonging to the guy that was tweeting about the Bin Laden takedown from on the ground as it happened, may have had fake-anti-virus malware quietly installed onto their computers.  The blog was quickly hacked, and the site was attempting to install the malicious “Windows Recovery” program until about 9:30 a.m. Pacific Time Monday.

Windows Recovery hides system folders on the PC and then tries to scare the victim into paying for bogus software that it claims will fix the issue.  If you visited this blog during that time period, best be running a real anti-virus scan on it, ASAP.  Follow the removal advice provided in the link above.

Another Sony Breach!!

It’s a bad time to be Sony.  Wired is reporting that hackers may have stolen the personal information of another 24.6 million customers, this time from Sony Online Entertainment, Sony said on Monday.  More than 20,000 credit card and bank account numbers were also put at risk.  This is on top of the earlier 77 million user PSN breach.  Sony Online Entertainment is a division of the company that publishes online multiplayer games like DC Universe Online, which was switched off Monday after Sony learned of the intrusion.

Also at risk are 10,700 direct debit records from customers in Austria, Germany, Netherlands and Spain, containing bank-account numbers, customers’ names and addresses that was stored in an “outdated database from 2007.”  Hackers may have had this information for more than two weeks now, as this intrusion occurred April 16 – 17, Sony said.

As compensation for the Sony Online Entertainment leak, Sony said that it will give all of its customers 30 days of additional subscription time, plus an extra day for each day the servers remain down.  Sony did not say when its SOE services would be back online.  As a goodwill gesture, Sony says it will offer all customers a selection of downloadable content and 30 free days of its premium PlayStation Plus service.

Come on Sony, time to get back in the game!  Pay for your shortcuts, fix your mistakes, and do it right.  Your reputation is on the line.

-=[FREE]=- Security Awareness Quizzes & Tools

Security Awareness is THE MOST EFFECTIVE solution to most information security problems.  Security needs to become a part of our home and work-based culture.  We all want to do the right thing, and I believe that if people are aware of the threats that they face in an environment, how to identify them, provided tools, ideas and direction for dealing with them, they are likely to deal with those threats more effectively.

Today more than ever it is critical that the general public and employees consider the threats that the Internet brings right into their home and work lives.  Every one of us works hard enough for the money that we earn.  To have someone unfairly interfere with, or deprive us of, our wages or jobs is simply unacceptable.  We don’t all have to become certified experts at information security, but every single one of us MUST be prepared to work and play safely in the online environment.

Do you believe that you have a solid grasp of the basics of Information Technology and Security?  Do you know how to explain concepts like DNS and DHCP?  Can you spot a phishing attack?  Do you understand malware?  Can you identify the many threats to your network and home PC?  Can you identify the steps that should be taken to eliminate those threats?  If you think you can, step right up and take a few pop quizzes, online for free.  Knock off one or two a day, research the areas that you are unsure of, and before you know it, you will be contributing to the ongoing security culture within your own organization, and keeping your home and work PCs safe from scammers and criminals.

These general items could be reviewed, adapted, and used as a foundation for building your own Security Awareness Program.  A real Security Awareness Program should be tailored to your specific organization, the identified threats and vulnerabilities that your organization faces, and adapted to reflect your specific policy and regulatory environment.

<Shameless Plug>  By the way, this is one of the many areas that I can help you with.  Be the first on your block to make me a job offer!</Shameless Plug>

Continue reading

Beware Osama Email Links

I haven’t read anywhere yetWell, that didn’t take long.  Threatpost has reported that Kaspersky Labs has detected spam e-mail campaigns and search engine optimized Web pages offering news and images of Bin Laden within hours of the first reports of his death.  Clicking those links directed Web surfers to malicious Web pages that try to install Best Antivirus 2011, a fake anti malware program.

A virus researcher wrote about a Facebook spam campaign offering free subway rides and plane tickets to “celebrate Osamas death.”  The malicious Facebook pages ask for personal information to win a prize, but users end up spamming friends and getting redirected to other pages seeking even more personal information.

Current events and big news stories are a popular tool to lure malware victims.  Malware has now been foisted onto Osama Bin Laden news seekers, be prepared for it.  It is simply too globally interesting and compelling a story to be long ignored by the malicious.  There are enough sketchy and mising details to launch a long and successful spam campaign.  Do not blindly trust anonymous emailings regarding hot news items.  If you are unsure about the reliability of your sources, your news is questionable anyway.  What should you do?  I sift through between 1000-3000 messages a day.  Here is my 6 step news spam avoidance process…

  1. Look Closely.  If the email address in the header doesn’t match what is displayed in the “From” field, or in the body of the email, delete it.
  2. Is the spelling and grammer in the body correct?  If not, delete it.
  3. Is the link “shortened”?  Some people use link shorteners to mask web addresses.  Great way to hide your malicious intent.  Delete it.
  4. Does the link to the story appear to lead to the expected web site?  (If the email came from CNN, does it actually show or\cnn.html)  Delete.
  5. Roll your mouse over, but don’t click.  Does the pop-up text match the address?  If not delete it.
  6. Finally, if you’re really interested in a news story, type the link to the main news site into your browser yourself, and seek the story out.  If it’s a top story, it should be easy to find.

Always treat your email with suspicion.  If I receive an email, I consider it the first stage of a conversation.  The source of any information provided initially needs to be verified, and then the facts validated.  Too many people would love to take your hand, lead you down the garden path, and bit the snot out of you behind the rose bushes.