SWAT – not just for old reruns anymore

SWAT – the Strategic Weapons and Tactical force

The SWAT force is called in when there is a highly volatile situation needing immediate, tactical force to deal with the situation.

However, Internet trolls have taken to using the SWAT teams around the country as their very own revenge squad.  If you are active on the internet, especially in the gamer community, you need to prepare yourself for possibly being SWATted (having the SWAT team dispatched to your home to deal with a falsely reported violent encounter).

Digg.com has a very good article explaining this, and what you should know.

Food Porn?

Jamie Oliver – The Naked Chef probably never intended his tongue in cheek title to foreshadow the use of his website to distribute malware the way that porn sites are notorious for doing.

You might remember the post earlier in the month when I warned you of how his website was infected with malware.  Well, less than a month later, the bad guys have reinfected his site, this time with a better grade of malware.  The arms race is real, and you must be vigilant.

Malwarebytes Blog

What would you do if you got a purchase confirmation from the Apple Store…

for a purchase that you never authorized?

Would you report it on the included Transaction Cancellation form on the email?

Fake Transaction Cancellation Form – by filling this out, you give your account information and credit card information to the bad guys

 

If you have an Apple ID and have made purchases in the past, you should know that there is no Transaction Cancellation Form on your receipts.

But it looks so real!

That is the point of phishing – it makes it hard to tell when it is fake.  You have to think twice before putting your credit card information in anything you have received without your request.

Source: Malwarebytes Blog

Panda antivirus mistakenly flags itself as malware, bricks PCs

In the OOOPS department:

Panda Software – the makers of Panda Antivirus released an update that detected itself as malware, and quarantined itself – resulting in users being unable to start their machines.  Panda released a new definitions file immediately, but users have been warned that the problem might recur.

from ZDNet

Is your router using the default password? CHANGE IT NOW

Is your router using the factory default credentials (username/password)?  If it is it is important that you change them immediately.  There is a new attack that focuses on your router.  It will change the DNS on the router, and supply their own versions of pages that you think are trustworthy.

If you don’t know your router password, there is a good chance that you are vulnerable.  If the router password is Admin or password or blank – you are at risk.

If you are lost by this post, and want me to check it out for you, drop me an email at help@claytonrandall.com

Source: Krebs on Security

WordPress plugin found vulnerable to SQL Injection attacks

If you are a wordpress user, you need to be aware that there is a newly discovered vulnerability in a popular plugin.

The Slimstat web analytics plugin needs to be updated immediately.

What should I do?

If you don’t run a wordpress blog, go back to your day.  If you run a wordpress blog, immediately go log into your admin page, and run updates for all plugins.

Source: SC Magazine

Android Users – so you think your phone is off…..

The latest Android malware tricks users into thinking that their phone is off – then goes and makes calls, sends pictures, etc while it is in fake sleep.

Discovered by the researchers at AVG it fakes the user by hijacking the system shutdown command, so it can carry out its nefarious deeds without detection.