YouTube Spam Links to Pharmacy Website

Did you receive an email – or four – claiming that you were sent a message on YouTube saying that “your video [is] on the TOP of YouTube”?

We certainly have.

Cybercrooks are doing their best to drive traffic to an illegal Russian pharmacy site by widely spamming out fake YouTube emails claiming that your video has been approved or is featured at the “top of YouTube.”

All of the bogus YouTube emails come from a spoofed sender’s address (service@youtube.com) and carry the same misleading message:

Subject: YouTube Service sent you a message: Your video on the TOP of YouTube
From: YouTube Service (service@youtube.com)

YouTube              help center | e-mail options | report spam

 YouTube

Service has sent you a message:

Your video on the TOP of YouTube

To: [YOUR EMAIL]

http://www.youtube.com/watch?v=ION1oSbD&feature=topvideos_mp

You can reply to this message by visiting your inbox.

© 2011 YouTube, LLC
901 Cherry Ave, San Bruno, CA 94066

The only exception would be the initial email we got on Friday, which read:

Subject: YouTube Service sent you a message: Your video has been approved
From: YouTube Service (service@youtube.com)

YouTube              help center | e-mail options | report spam

 YouTube

Service has sent you a message:

Your video has been approved

To: [YOUR EMAIL]

http://www.youtube.com/watch?v=dWuTRULa3&feature=topvideos_mp

You can reply to this message by visiting your inbox.

© 2011 YouTube, LLC
901 Cherry Ave, San Bruno, CA 94066

Of course, none of the links within the spam messages pointed to YouTube and ultimately redirected to pharmaceutical websites.

If you receive an email similar to the ones outlined above, it’s strongly advised that you delete the messages without clicking any embedded links.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Time to Update Flash: Adobe Patches 2 Critical Vulnerabilities

Were you prompted to update Flash this morning?

Yesterday Adobe released an early update for Flash player that addresses two critical vulnerabilities.

The update patches a memory corruption vulnerability in Matrix3D that could result in malicious code execution and integer errors that could lead to information disclosure.

Although there haven’t been any reports of the vulnerabilities being exploited in-the-wild, Adobe recommends that Windows, Mac, Linux, Solaris & Android users who have Adobe Flash Player 11.1.102.62 or earlier versions installed apply this update.

Adobe Flash vulnerabilities are often exploited by cybercriminals in drive-by-downloads and other malicious attacks, so it’s better to update and be safe rather than to drag your feet and be sorry.

To update Flash to version 11.1.102.63 (newest version), users can do one of the following:

• Download the update directly from the Adobe.com website.


• Run the built-in Adobe Flash update tool (Android users can download the update from the Android Marketplace).


• Wait for Flash to prompt you to download and install the updates.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Buy of the Week: Cisco SD208P 8-port Fast Ethernet Switch with PoE for $120!

This offer has expired. Please check the top banner ad for the current deal.

The Cisco SD208P 8-Port 10/100 Switch offers the performance and ease of use you need to get your business connected quickly and easily.

Designed and priced for small businesses that want a simple network solution, the switch works right out of the box with no software to configure and features PoE to power network attached devices. You can use this switch to connect computers, printers, IP telephones, wireless access points, and servers to create a reliable network.

Until March 9th, you can order a Cisco SD208P 8-port Fast Ethernet Switch with PoE from Hyphenet for only $120 (plus taxes & shipping)! Call 619-325-0990 to order.

Cisco Small Business SD208P Switch Specs

• Fast Ethernet enhances the performance of business applications and uses network bandwidth more efficiently


• Power over Ethernet on four ports powers network-attached devices such as IP telephones, wireless access points, or video surveillance cameras directly over the connection, simplifying installation and eliminating the need for separate power supplies or an AC power outlet


• Automatic medium dependent interface (MDI) and MDI crossover (MDI-X) detection on all ports ensures that the correct cable type is selected


• Auto speed negotiation allows each port to independently and automatically negotiate for the best speed and half- or full-duplex model


• Efficient self-learning address recognition mechanism performs forwarding and filtering at non-blocking full wire speed


• Fast store-and-forward switching prevents damaged packets from being passed onto the network


• Integrated port-based QoS on all eight ports prioritizes networking traffic such as voice, video, and data to help optimize network performance


• No-fan design helps ensure silent switch operation


• Compact size provides multiple placement options


• Cisco reliability and a limited lifetime warranty help provide peace of mind

Don’t miss out on this Buy of the Week! Call (619) 325-0990 to order your Cisco SD208P Ethernet Switch!

Buy of the Week offer valid through March 9th, 2012.

* Shipping and taxes apply.

This offer has expired. Please check the top banner ad for the current deal.

Attacker Tricks Anonymous Supporters into Downloading Zeus Trojan

Supports of Anonymous who opted to download software in order to participate in DDoS attacks may have inadvertently infected their machines with the ZeuS Trojan.

Security researchers at Symantec discovered that following the MegaUpload raid on January 20th, an unknown attacker copied the text from a guide Anonymous shared with their followers to download and use a DoS tool named Slowloris, swapped out the download link and re-posted it on PasteBin.

The modified Slowloris link pointed toward a tainted version of the DoS attack tool that contained the infamous ZeuS/Zbot Trojan, which is best-known for its ability to steal online banking information.

On the very same day that the attacker posted the modified guide, a separate Anonymous DoS guide containing links to a variety of DoS tools was posted on PasteBin. The new guide also contained the tainted Slowloris download link.

According to Symantec, the new guide – commonly referred to as “Tools of the DDoS trade” and “Idiot’s Guide to be Anonymous” – is quite popular among the Anonymous movement and has more than 26,000 page views and 400+ tweets related to it on Twitter.

Timeline Credit: Symantec

What happens when an Anonymous supporter downloads the Trojanized copy of Slowloris?

“When the Trojanized Slowloris tool is downloaded and executed by an Anonymous supporter, a Zeus (also known as Zbot) botnet client is installed.” Symantec explained, “After installation of the Zeus botnet client, the malware dropper attempts to conceal the infection by replacing itself with the real Slowloris DoS tool.”

So, as the user willingly participated in DDoS attacks against Anonymous targets, they also had all of their confidential login information recorded and uploaded to a remote server.

Remember, folks, it is illegal to participate in a DDoS attack, no matter what the cause! Keep your PC – and the information stored on it – safe by steering clear of these attack programs, making sure your OS is updated and running antivirus software.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Don't fall for 'Is it really you in this picture?' spam

“Is it really you in this picture?”

That was the subject line for one of three “bad photo” spam messages that we’ve encountered over the last few days.

For months, cybercriminals have been launching an assortment of phishing attacks and scams that lure victims in by claiming they’ve found a funny picture or bad blog about them. Typically the scams have been conducted on Twitter, but it was only a matter of time before cybercrooks decided to give email a try.

Although, when delivered via email, the goal is not necessarily to hijack your social media accounts, but infect your computer with malware that’s capable of doing much more damage.

Here are the two variants of the 'Is it really you in this picture?' spam campaign that we received:

From: CecilAgredano(at)mail.com
Subject: Is it really you in this picture?

Cheers [EMAIL], what the hell is this photo supposed to mean? Who's that b*tch with you???

From: TheclaVescovi(at)mail.com
Subject: Is it really you in this picture?
What's up [EMAIL], O boy you look so funny naked! Don't share your naked photos again : )

Both emails had a file archive named “Photos.zip” attached to it. Of course, the archive was housing malware, which was identified as the Gamarue.B worm. (If the name seems familiar to you, it’s because Gamarue is the exact same malware being pushed in the USPS and “parking violation” spam messages we recently warned you about.)

Remember, it’s never a good idea to download and open files attached to unsolicited emails as the chances are high that it contains malware.

If you receive an email from an unfamiliar email address asking if it’s really you in a picture, claim they were sent a photo of you from your ex or that they “can’t believe what they see in this picture,” it’s recommended that you either delete the message or scan the file before downloading it.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Windows 8 Consumer Preview is Out: Download, Poke Around & Share Your Thoughts!

If you haven’t heard so already, Microsoft has released the Windows 8 Consumer Preview for fans, skeptics and neutral parties to download, play with and [hopefully] enjoy.

Recommended Hardware for Windows 8 Consumer Preview

According to Microsoft, the Windows 8 Consumer Preview should run fine on the very same hardware that Windows 7 functions on, but the following specs are recommended:

• 1 GHz or faster processor


• 1 GB RAM (32-bit) or 2 GB RAM (64-bit)


• 16 GB available hard disk space (32-bit) or 20 GB (64-bit)


• DirectX 9 graphics device with WDDM 1.0 or higher driver


• 1024 x 768 minimum screen resolution

Where to Download Windows 8 Consumer Preview

You can take one of two paths to download the Windows 8 Consumer Preview:

• Download Windows 8 Consumer Preview Setup – includes a compatibility report, upgrade assistance & built-in tool for converting an ISO image into installation media (such as a DVD or USB flash drive).


• Download Windows 8 Consumer Preview ISO images – alternative to the Windows 8 Consumer Preview Setup; you will need to use a third-party program to convert the ISO to a DVD or USB thumb drive. Available in English, Chinese, French, German and Japanese in:
  
  
  
  • 64-bit (x64) ~3.3GB
  
  
  • 32-bit (x86) ~2.5GB
  
  
  
  

Where to Get Help with Windows 8 Consumer Preview

If you do happen to download the Windows 8 Consumer Preview, keep in mind that it is beta software, so hiccups and bugs are to be expected. No official support is available; however, you can get help by visiting the:

• Windows 8 Consumer Preview forum


• Windows 8 Consumer Preview FAQ

Additionally, Microsoft will be publishing a series of posts focused on Windows 8 on the Windows Experience Blog, so you may want to periodically check in there as well.

Have fun exploring the new Windows OS!

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

Shylock Malware Launches Fake Chat Window to Steal Banking Details in Real-Time

Would you feel better if malware (and the cybercriminals behind it) took the time to actually have a conversation with you while stealing all of your banking information?

It can be done.

Security researchers over at Trusteer have come across yet another configuration of the Shylock malware using clever man-in-the-browser (MitB) tactics to dupe business/commercial users of an unnamed “leading financial institution.”

“When the victim logs in to the online banking application, the session stalls for few minutes and the user is told that security checks are being performed.” Amit Kleen wrote, “This is where things get, for lack of a better word, interesting.”

Though a series of fake HTML page injections and complex JavaScript code, the victim is presented with a LIVE chat window that is being operated by the cybercriminal.

Obviously the goal of the fraudster is to collect additional personal information from the victim and the suspicion is that the cybercrook will use words of persuasion to get the victim to verify fraudulent transactions as Shylock silently initiates them in the background.

Screenshot Credit: Trusteer

“This is yet another example of the ingenuity of fraudsters and their ability to exploit the trust relationship between users and applications provided by their online service providers.” Klein warned, “This attack could conceivably be used against enterprises and their employees, with the attacker posing as an IT help desk technician.”

Shylock, which Trusteer has been monitoring since last September, gets its nickname from the tendency to quote random excerpts from Shakespeare’s “The Merchant of Venice” in every new build. Citation quirks aside, Shylock boasts incredible anti-detection features that allow the malware to monitor symptoms of an antivirus system scan, delete its own files and registry entries when a scan is underway (remaining active only in memory) and hook itself into the Windows shutdown procedure to reinstate its infection upon system restart.

With these types of threats frolicking about, it’s more important than ever for users to not only keep their computer systems patched, up-to-date and protected by a comprehensive antivirus solution, but always remain vigilant when conducting business online.

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.