Latest News

YouTube Scam Emails

Jonathan — Thu, 24 May 2012 06:51:15 +0000

There's a large number of emails doing the rounds that appear to come from YouTube.

They appear to have been sent from service@youtube.com and tell you to click a link.

If you've been on this site at all, you'll no that you must never click links in emails, especially from service providers.

This is a bogus email so delete it.

Apple OS X Java Update

Jonathan — Fri, 13 Apr 2012 09:10:09 +0000

Apple have released an update that fixes the Flashback Trojan vulnerability:

Got to Software Updates and install it as soon as possible -

This Java security update removes the most common variants of the Flashback malware.

This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.

This update is recommended for all Mac users with Java installed.

For details about this update see: http://support.apple.com/kb/HT5242

Microsoft Patch Tuesday

Jonathan — Tue, 10 Apr 2012 23:37:36 +0000

As announced, Microsoft have updated a number or Windows files. if you run a PC please ensure you run Windows Update to take advantage of these.

The following files have been patched

Patches are available for the following:
- (MS12-023) Cumulative Security Update for Internet Explorer (2675157)
- (MS12-024) Vulnerability in Windows Could Allow Remote Code Execution (2653956)
- (MS12-025) Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2671605)
- (MS11-026) Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Information Disclosure (2663860)
- (MS12-027) Vulnerability in MSCOMCTL.OCX Could Allow Remote Code Execution (2664258)
- (MS12-028) Vulnerability in Microsoft Office Could Allow for Remote Code Execution (2639185)

Apple OSX Update

Jonathan — Mon, 09 Apr 2012 12:01:46 +0000

Apple released a second security update on Friday in its continuing battle against the Flashback trojan, which already has infected nearly 650,000 Macs worldwide.

Check your Software Update right now and stay up to date and safe.

Mac OSX Java Malware: OSX/Flashfake.c

Jonathan — Sat, 07 Apr 2012 16:18:37 +0000

This Trojan is installed via exploitation of a flaw in Oracle Java (CVE-2012-0507). The Mac OS X - based malware masquerades as an Adobe Flash Player install.

Upon infection the malware will install fake/rogue security software, and allow for the downloading of additional malicious components, sensitive data extrusion, and other malicious control methods.

Infected hosts report back to an external server and can receive further instructions/payloads via that method (C&C / bot-based control). CVE-2012-0507 is an Oracle Java vulnerability, which was patched by Apple (as a 34rd party component) in April 2012.

Therefore....make sure your OSX software is up to date

Chrome for Mac Update

Jonathan — Fri, 06 Apr 2012 09:05:46 +0000

Google have just updated Chrome for Mac.

On your Mac go to the Chrome menu bar, Chrome; About Chrome, Update Now

Twitter Spam Alert

Jonathan — Thu, 05 Apr 2012 12:01:50 +0000

Don't click a link from a DM if it says the following:
"Hi this user is making very bad things about you...LINK"
Hopefully the bad English would alert you to suspicious content, but the link would probably take you to a website full of Malware and nastiness.
BE VERY CAREFUL ABOUT CLICKING LINKS, especially when received from somebody you know.

Happy Holidays

Jonathan — Wed, 04 Apr 2012 13:08:55 +0000

Just to wish you all a happy and secure break over the holidays.
It's early days for us here at SimpleNetSecurity.com and we only want to encourage online safety & security.
So please do what you can to spread the word and pass on our link to all your friends & family.
Please feel free to link to us if you have your own website, or 'Like' us on Facebook and let's all try to make the Internet a happier safer place.
All comments most welcome.
Many thanks

Microsoft Word Document Malware

Jonathan — Thu, 29 Mar 2012 08:20:21 +0000

Updating Word for Mac to the latests version protects you against this:

Exploit-OLE2.gen

MTIS12-053-A

THREAT IDENTIFIER(S)	Exploit-OLE2.gen;?Mac Control? RAT
THREAT TYPE	Malware
RISK ASSESSMENT	Medium/On-Watch
MAIN THREAT VECTORS	Web; E-Mail; WAN; LAN
USER INTERACTION REQUIRED	Yes
DESCRIPTION	The Exploit-OLE2.gen trojan disguises itself as a Word Document. Upon opening in a vulnerable Mac system, it executes a script that writes the malware itself and then a shell script that runs it. The malware takes advantage of a Java vulnerability patched by Microsoft in Bulletin MS09-027. In the variants observed, the malware is stored as binary files called "DockLight" or "launchd" while showing the user a text about Tibetan freedom and grievances. Both binaries can be easily found just by looking for them in the system.
IMPORTANCE	Medium. This threat has gained media attention

Adobe Flash

Jonathan — Wed, 28 Mar 2012 17:33:15 +0000

Adobe has released a Security Advisory for Adobe Flash Player to address

multiple vulnerabilities affecting the following software versions:

* Adobe Flash Player 11.1.102.63 and earlier versions for Windows,

Macintosh, Linux, and Solaris operating systems * Adobe Flash Player

11.1.111.7 and earlier versions for Android 3.x and 2.x * Adobe Air

3.1.0.4880 and earlier versions for Windows, Macintosh, and Android

Exploitation of these vulnerabilities may allow an attacker to cause a

denial-of-service condition or take control of the affected system.

Review Adobe Security Bulletin APSB12-07 and apply any necessary updates to mitigate the risk.

In addition, Adobe Flash Player 11.2 for Windows contains a background

updater that will allow future updates to be downloaded and installed

automatically. For more information please see the Adobe security

software engineering team blog post.

American Airlines Ticket Email

Jonathan — Mon, 16 Jan 2012 11:07:05 +0000

This one seems to still be doing the rounds.

Basically, and email pretending to be from American Airlines arrives telling you about either a refund, or a new ticket you have purchased.

If you click on the link, your PC will immediately be infected by a Trojan that is very difficult to remove.

So the best bet is to not be suckered in by curiosity!

There's a link here that we've not tested, but may help. Failing that, honestly, the best course of action after an infection is to wipe clean your hard drive, re-formatting, and do a fresh re-install of Windows.

However, you will lose ALL your data, so you must have had a good backup before doing this.

THREE RULES TO ALWAYS FOLLOW:

Backup all the data you wouldn't want to lose (documents, photos, music, videos etc)

Run a good anti-virus

NEVER click links in emails or social network sites

Good luck!

Linkedin Emails

Jonathan — Mon, 16 Jan 2012 11:02:10 +0000

We have received a growing number of emails pretending to be from Linkedin.

These look like Inbox messages, if you're a Linkedin user, but if you click on the link, it re-directs you to a suspicious site. It is not yet clear whether there are nasties downloaded to your computer, but the rule as ever: DO NOT CLICK LINKS IN EMAILS

Best of luck for your safety and security in 2012

Lulzsec email harvests

Jonathan — Tue, 12 Jul 2011 19:50:47 +0000

There's a cool little website that can check if your email address has been compromised.

It seems to be legitimate, so possibly worth checking out in light of all the recent security breaches by hackers.

Enter your password into the text box and click to see if it has been collected by hackers. If you're unliky enough to have had your email address hacked or harvested, change your password immediately.

https://shouldichangemypassword.com/

Dropbox Hack

Jonathan — Tue, 12 Jul 2011 19:47:12 +0000

If you're a Dropbox user, there was a bug on their servers a few weeks back, whereby for 4 hours on Sunday June 19th, anybody could log into anybody elses account with any password.

This was fixed very quickly, but worth going to dropbox.com/events and checking through your event log for that day to see if there's anything suspicious going on.

If there is, change your Dropbox password immediately for safety.

Facebook Goods Spam

Jonathan — Mon, 04 Apr 2011 02:43:00 +0000

There's a new email doing the rounds that appears to come from Facebook.

It's a very convincing email that asks the recipient to 'Get Started' using 'Facebook Goods'

Clicking any of the links within the email will take the recipient to an online Pharmacy page, and potentially download malware to your computer.

DON"T CLICK LINKS IN EMAILS