Spyware, viruses, & security forum: NEWS - October 10, 2012

Following the recent Firefox 16 release, Mozilla has now detailed all of the security fixes in the new version of its open source web browser as well as in the Thunderbird news and email client. Version 2.13 of the SeaMonkey "all-in-one internet application suite" has also received fixes. In addition to adding new features, version 16.0 of Firefox closes a total of 14 security holes, 11 of which are rated as "Critical" by the project.

These critical vulnerabilities include several memory handling and corruption issues, buffer overflows and the possibility of arbitrary code execution through bypassing security checks for the cross-origin properties. Another vulnerability could lead to JavaScript crashing the browser when using an invalid cast with the instanceof operator.

According to Mozilla, many of these vulnerabilities could be exploited remotely by an attacker to, for example, execute malicious code on a victim's system.

Additionally, the desktop Firefox update corrects three high-risk vulnerabilities including a spoofing and script injection bug, and cross-site scripting (XSS) problems. The majority of these same vulnerabilities have been addressed in version 10.0.8 of Mozilla's "enterprise" Extended Support Releases (ESR) of Firefox ESR and Thunderbird ESR. The developers have also fixed a critical issue in Reader Mode on Firefox for Android.

Continued : http://www.h-online.com/security/news/item/Mozilla-closes-numerous-critical-holes-in-Firefox-16-1726884.html

Canada said Tuesday it had invoked a "national security exception" that could exclude China's Huawei Technologies from a role in helping build its new super secure government network.

Ottawa announced the move after the US House Intelligence Committee on Monday warned in Washington that equipment supplied by two Chinese firms, Huawei Technologies and ZTE Inc., could be used for spying.

"The government is going to be choosing carefully in the building of this network and it has invoked a national security exception," said Andrew MacDougall, spokesman for Prime Minister Stephen Harper.

Ottawa invoked its "national security exception" to trade agreements in the building of its massive data and telecommunications network.

Huawei is already providing high-speed networks for private Canadian firms Bell Canada, Telus, SaskTel and Wind Mobile.

Continued : http://www.securityweek.com/canada-may-bar-china-telecoms-project

Also: Canada Throws "National Security Exception" in Building Communication Network

If you and your co-workers are looking forward to Friday, you are not alone - phishers are looking forward to it as well.

In an analysis of phishing schemes between July and August, researchers at Websense found that 38.5 percent of the phishing attacks they detected were conducted on Friday, with Monday (30 percent) and Sunday (10.9 percent) coming in at second and third, respectively.

"The bad guys know potential victim's behavioral patterns," blogged Patrik Runald, director of research for Websense Security Labs. "They know worker's minds can stray on Fridays in a more relaxed setting. Relaxation and anticipation of the weekend can lead to more web browsing and an increased likelihood to click on links in emails. Similarly, stricken by a case of the Monday Blues, workers are also more likely to wander. By studying these behavioral elements, phishers know that they can increase their success rate. These guys are masters of lures and understanding their subjects."

The United States leads the way as far as countries hosting the most phishing URLs between Sept. 30, 2011, and Oct. 1, 2012. According to Websense, all but one of the top five phishing email subject lines are related to security. Between July and September, the most common subject line used by phishers was "Your account has been accessed by a third party," the firm said.

Continued : http://www.securityweek.com/phishers-favor-friday-attacks-websense-finds

From the Kaspersky Lab Weblog:

Many things have been told already about the latest Skype malware spread via instant messages. However I just wanted to add something not mentioned yet. The first thing is about when the attack was launched first. According to Google Short URL service it first surfaced on Oct 6th : [Screenshot]

To be exact it happened at 8:00 PM Ecuadorian time (7:00 PM ET). In just 2 hours the number of clicks grew up to 484,111 clicks. I'd say most of the people who clicked got infected since the initial Virus Total (https://www.virustotal.com/) detection for the malware was only from 2 of the 44 AV engines. The actual detection now is 27/43 engines and the actual number of clicks is more than 1 million!

Despite the fact that the original Hotfile malicious URL is already dead, people are still clicking on it. It means the malicious campaign is maintaining a low level of activity and where most of the victims are in Russia. It's a controversial situation because one of the payloads is the stealing of credit card information from one of the Ecuadorian banks!

Continued : http://www.securelist.com/en/blog/208193882/Hidden_details_about_the_last_Skype_spread_malware

"Peter Sunde and Fredrik Neij were due to speak at Hack in the Box but never arrived"

Get your conspiracy theories ready: Two founders of The Pirate Bay were due to speak at the Hack in the Box security conference in Kuala Lumpur on Wednesday, but didn't show up.

The 3 p.m. speaking slot for Peter "brokep" Sunde and Fredrik "tiamo" Neij was cancelled. Their talk was titled "Data is Political."

A popular tweet by F-Secure's Mikko Hypponen written around the time their talk was to commence read: "The Pirate Bay founders Peter 'brokep' Sunde and Fredrik 'tiamo' Neij were stopped in Bangkok on their way to #HITB2012KUL. Talk cancelled."

"All we know is they didn't show up," said Mei Ling Foo, a Hack in the Box coordinator. Foo said she didn't have contact details for the two, joking they're both "invisible." She said she wasn't sure what city they were departing from.

Continued: http://www.computerworld.com/s/article/9232223/Pirate_Bay_founders_due_to_speak_go_missing_in_action

Also:
The Pirate Bay founders go 'missing' en route to Hack in the Box security conference
Hack In The Box: Pirate Bay MIA, Chrome vulnerability found

.. Advertising Surveys

[Screenshot]

If you're ever contacted by a company called One Direction Giveaway (1D Giveaway) on Twitter, you should refrain from clicking on any of their links since they're part of the latest survey scam campaign.

The spammers send out tweets such as "You Won! Grab a prize", "Congratulations Fan! You Won", or "Lucky You! You won a prize." All the tweets contain the Twitter handles of targeted users, but they don't contain any links.

Instead, the crooks are relying on the fact that those curious enough to see what they've won will visit their profile and click on the URL that's listed in its description.

Internauts who fall for it and click on the link - onedgiveaway.com - are taken to a website where they're told that they've won a free gift card worth over $500 (385 EUR), experts from GFI Labs report.

However, in order to actually win the prize, users must complete a number of surveys, which earn the fraudsters a certain amount of money for each individual they can trick into completing them.

Continued : http://news.softpedia.com/news/One-Direction-Giveaway-Scam-Making-the-Rounds-on-Twitter-Advertising-Surveys-298385.shtml