Alleged “Likejackers” agree to root out Facebook spam

Adscend Media LLC also pays $100,000 in attorneys’ fees to state

SEATTLE – The owners of a California-based online marketing company have agreed to stop spamming Facebook users. The details were revealed today in a settlement – a consent decree – between Adscend Media LLC and the Washington State Attorney General’s Office.

“Today’s settlement puts a stop to Adscend’s ‘likejacking’ and other misleading tactics that led Facebook users to fork over personal information or buy subscription services from sites that appeared to be recommended by friends,” said Washington State Attorney General Rob McKenna.

In January, McKenna’s office and Facebook sued Jeremy Bash and Fehzan Ali, the owners of Adscend Media LLC for initiating posts to Facebook pages that appeared to offer visitors an opportunity to view scandalous or provocative content. However, before being able to view the content, a series of required steps lured Facebook users into eventually visiting commercial websites. Other tactics included “likejacking,” in which Facebook users were tricked into clicking the “like” button, inadvertently spreading the sales pitches to friends.

Adscend, hired to promote products, in turn does business with “affiliates” who create attention-getting marketing messages. Too often, according to the Attorney General’s Office, those messages amounted to social media spam.

http://www.atg.wa.gov/pressrelease.aspx?&id=29716

http://nakedsecurity.sophos.com/2012/05/08/facebook-clickjacking/

Certifiedbug.com

Washington state AG and Facebook target social media spammers

The Microsoft Security Response Center (MSRC)

Today we’re releasing our advance notification for the May security bulletin release, which is scheduled for Tuesday, May 8. This month’s release includes 7 bulletins addressing 23 vulnerabilities in Microsoft Windows, Office, Silverlight, and .NET Framework. All 7 bulletins will be released on Tuesday, May 8 at approximately 10 a.m. PDT. Revisit this blog on Tuesday for our official risk and impact analysis, along with deployment guidance and a video overview of the release.

As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.

http://technet.microsoft.com/en-us/security/bulletin/ms12-may

Certifiedbug.com

Microsoft Security Bulletin Summary for May 2012

Fix various issues relating to new mail notifications and filtering on POP3 based accounts
Fixes an occasional startup crash seen in TB 12.0
Fixes an issue with corrrupted message bodies when using movemail

http://www.mozilla.org/en-US/thunderbird/12.0.1/releasenotes/

If you do not receive an update notice when using the application, select “Check for Updates” from the Help menu.

Or download: http://www.mozilla.org/en-US/thunderbird/all.html

Certifiedbug.com

Thunderbird 12.0.1 released

Sophos

A popular Firefox add-on appears to have started leaking private information about every website that users visit to a third-party server, including sensitive data which could identify individuals or reduce their security.

Naked Security reader Rob Sanders alerted us to the activities of the recently updated ShowIP add-on for the Firefox browser.

Currently over 170,000 people are said to be using ShowIP.

What the add-on’s description doesn’t say is that since version 1.3 (released on April 19th 2012) it has also sent – unencrypted – the full URL of sites visited using HTTPS, and sites viewed in Private Browsing mode, to a site called ip2info.org.

The user never realises that the data has been shared with a third-party, unless they use special tools to monitor what data is being sent from their computer.

http://nakedsecurity.sophos.com/2012/05/01/privacy-concern-showip-firefox-add-on/

Certifiedbug.com

Firefox ShowIP add-on privacy concerns

Microsoft Security Blog

Today we released the latest volume of the Microsoft Security Intelligence Report (SIR) containing a large body of new data and analysis on the threat landscape. This volume of the SIR includes:Latest industry vulnerability disclosure trends and analysis

• Latest industry vulnerability disclosure trends and analysis
• Latest data and analysis of global vulnerability exploit activity
• Latest trends and analysis on global malware and potentially unwanted software
• Latest analysis of threat trends in more than 100 countries/regions around the world
• Latest data and insights on how attackers are using spam and other email threats
• Latest global and regional data on malicious websites including phishing sites, malware hosting sites and drive-by download sites

In addition, we have included a section in the report focused on how the threat called Conficker continues to propagate.

http://blogs.technet.com/b/security/archive/2012/04/25/microsoft-security-intelligence-report-volume-12.aspx

Certifiedbug.com

Microsoft Security Intelligence Report Volume 12 Released

Fixed in Firefox version 12.
MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds
MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors
MFSA 2012-31 Off-by-one error in OpenType Sanitizer
MFSA 2012-30 Crash with WebGL content using textImage2D
MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
MFSA 2012-27 Page load short-circuit can lead to XSS
MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite
MFSA 2012-24 Potential XSS via multibyte content processing errors
MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface
MFSA 2012-22 use-after-free in IDBKeyRange
MFSA 2012-21 Multiple security flaws fixed in FreeType v2.4.9
MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)

If you do not receive an update notice when using the application, select “Check for Updates” from the Help menu.

https://www.mozilla.org/firefox/12.0/releasenotes/

Download: https://www.mozilla.org/en-US/firefox/all.html

Certifiedbug.com

Firefox 12.0 released

Graham Cluley
Sophos

“The Sabpab Trojan horse exploits the same drive-by Java vulnerability used to create the Flashback botnet.”
http://nakedsecurity.sophos.com/2012/04/13/sabpab-new-mac-os-x-backdoor-trojan-horse-discovered/

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

Certifiedbug.com

Sabpab Mac OS X backdoor Trojan

Apple

8 views…

http://support.apple.com/kb/HT5244

Forbes
4/06/2012

For anyone who doubted that Apple’s long grace period with cybercriminals is over, doubt no more: On Friday, researchers at Russian antivirus firm Kaspersky confirmed findings from another security firm earlier this week that more than 600,000 computers running Mac’s OSX are infected with the Flashback botnet, and half of those machines are in the United States.

http://www.forbes.com/sites/andygreenberg/2012/04/06/researchers-confirm-flashback-trojan-infects-600000-macs-being-used-for-clickfraud/

Krebs On Security

The current custodian of Java – Oracle Corp. – first issued an update to plug this flaw and others back on Feb. 17. I suppose Apple’s performance on this front has improved, but its lackadaisical (and often plain puzzling) response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware attacks.

http://krebsonsecurity.com/2012/04/urgent-fix-for-zero-day-mac-java-flaw/

Forbes
4/09/2012
http://www.forbes.com/sites/andygreenberg/2012/04/09/apple-snubs-firm-who-discovered-mac-botnet-tries-to-cut-off-its-server-monitoring-infections/

Kaspersky Lab

“The three month delay in sending a security update was a bad decision on Apple’s part,” said Kaspersky Lab’s Chief Security Expert, Alexander Gostev. “There are a few reasons for this. First, Apple doesn’t allow Oracle to patch Java for Mac. They do it themselves, usually several months later. This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard AV update is a rudimentary affair which only adds new signatures when a threat is deemed large enough. Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time! The problem is exacerbated because – up to now – Apple has enjoyed a mythical reputation for being ‘malware free’. Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security.”

http://www.kaspersky.com/about/news/virus?time=1333224000

Certifiedbug.com

Researchers Estimate 600,000 Macs infected by Flashback Trojan

The Microsoft Security Response Center (MSRC)

Today we’re releasing our advance notification for the April security bulletin release, which is scheduled for Tuesday, April 10. This month’s release includes 6 bulletins addressing 11 vulnerabilities in Microsoft Windows, Microsoft Office, Internet Explorer, Forefront UAG, and .NET Framework. All 6 bulletins will be released on Tuesday, April 10 at approximately 10 a.m. PDT. Revisit this blog on Tuesday for our official risk and impact analysis, along with deployment guidance and a video overview of the release.

As always, we recommend that customers review the ANS summary page for more information and prepare for the testing and deployment of these bulletins as soon as possible.

Microsoft Security Bulletin Summary for April 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

Certifiedbug.com

Microsoft Security Bulletin Summary for April 2012

Krebs on Security

VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.

http://krebsonsecurity.com/2012/03/mastercard-visa-warn-of-processor-breach/

Certifiedbug.com

MasterCard and VISA Warn of Processor Breach