Microsoft's Malware Protection Centre has warned of a Trojan that is hijacking Facebook accounts through web browser extensions.
Reporting the malware in its Technet blog, Microsoft revealed that the threat detected as Trojan:JS/Febipos.A originates from Brazil and has been targeting the Chrome and Firefox web browsers specifically.
When installed, Microsoft said the malware attempts to update itself using the URLS: "du-pont.info/updates/ < removed>/BL-chromebrasil.crx" in Chrome and "du-pont.info/updates/ < removed>/BL-mozillabrasil.xpi" in Firefox.
Last Updated on Monday, 13 May 2013 13:48
Microsoft has said it will address a vulnerability in its May 2013 Patch Tuesday next week that could potentially expose systems to zero-day attacks on Internet Explorer (IE) 8 if not patched.
The vulnerability has already been exploited in a watering hole attack targeting the US Department of Labor (DoL) website, where, as Alienvault warned earlier this month, it could have lead to a Chinese hacking group installing malware to extract information.
Security researchers are advising users of IE8 that this patch, which is rated as Critical, should be applied first. Qualys' Wolfgang Kendek warned in his blog that the patch "should be on the top of your list if you are on IE8".
Last Updated on Friday, 10 May 2013 19:14
The massive heist unfolded "in a matter of hours," said the US prosecutor's office for Brooklyn, New York.
Prosecutors unveiled charges against eight people accused of forming the New York cell of the plot, which stretched across 26 countries. In their case, they allegedly lifted $2.8 million in cash and now face charges of conspiracy to commit access device fraud and money laundering.
Seven of the eight have been arrested, the US attorney's office said. The eighth, Alberto Yusi Lajud-Pena, nicknamed "Prime" and "Albertico," is "reported to have been murdered on April 27," the office said.
Last Updated on Thursday, 09 May 2013 20:31
Bitcoins are nominally worth $113 as of this very moment. That means very little in the real world. As Forbes writer Kasmir Hill notes, it’s pretty difficult to go up to the McDonald’s cashier and offer an invisible cryptocurrency that resides entirely on the Internet in exchange for a Big Mac. She’s survived a week using nothing but Bitcoins and, although she’s still alive, her experience wasn’t friction-free.
That’s changing. While I find most announcements that so-and-so website is now accepting Bitcoins to be little more than PR stunts, the fact that Gyft, a gift card site, is now accepting BTC is important. In essence, it allows Bitcoin users to turn their value into store credit and, more importantly, this credit can be spent at places you actually want to spend it.
Last Updated on Thursday, 09 May 2013 20:30
Microsoft is preparing to reverse course over key elements of its Windows 8 operating system, marking one of the most prominent admissions of failure for a new mass-market consumer product since Coca-Cola's New Coke fiasco nearly 30 years ago.
"Key aspects" of how the software is used will be changed when Microsoft releases an updated version of the operating system this year, Tammy Reller, head of marketing and finance for the Windows business, said in an interview with the Financial Times. Referring to difficulties many users have had with mastering the software, she added: "The learning curve is definitely real."
Last Updated on Tuesday, 07 May 2013 08:11
Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least nine other websites, including those run by a big European company operating in the aerospace, defense, and security industries as well as non-profit groups and institutes, security researchers said.
The revelation, from a blog post published Sunday by security firm AlienVault, means an attack campaign that surreptitiously installed malware on the computers of federal government workers involved in nuclear weapons research was broader and more ambitious than previously thought. Earlier reports identified only a website belonging to the US Department of Labor as redirecting to servers that exploited the zero-day remote-code vulnerability in IE version 8.
Last Updated on Monday, 06 May 2013 18:33