Tag Archive for: spoof

Hackers Spoof Post Office Notices To Spread Notorious Trickbot Malware

/in


Keep an eye on your email for messages from the U.S. Postal Service claiming that you’ve missed an important delivery. Cybercriminals are abusing the public’s trust in the USPS to trick victims into installing the resurgent Trickbot malware.

Researchers at Cofense have been tracking a new Trickbot phishing campaign which began earlier this month. The “lure” the attackers are using is one that most of us have encountered during the pandemic: a missed parcel delivery.

The messages claim that no one was available to provide a signature and that the recipient will have to reschedule the delivery. The criminals “helpfully” note that you can simply print out the linked shipping invoice and present it at a nearby post office to set up a new time.

It’s easy enough to see why someone would hurriedly click the button to view the purported invoice. No one wants to miss a delivery, and it can be incredibly frustrating when you do miss one.

There have been enough delays to deal with over the past couple of years . To then have to endure yet another one because of a bit of bad timing is just the sort of thing that might make people click first and ask questions later.

Those who do click through to see what this “invoice” is all about are pushed to a .ZIP file that hides a boobytrapped Excel workbook. When it’s opened, a large screen attempts to coax users into turning off Excel’s built-in defenses via the yellow Protected View bar.

If the instructions are followed, a script is triggered that tells the victim’s computer to download the real malicious payload and Trickbot infects the system.

Trickbot has been circulating since 2016. It started out as a banking Trojan, but has since evolved into fully modular malware that can provide remote access to infected systems, steal Active Directory credentials from enterprise environments and distribute ransomware.

Throughout the first year of the pandemic, Trickbot’s controllers used COVID-19 lures to phish for victims. Then, late in 2020, a collaborative effort involving Microsoft’s Digital Crimes Unit, numerous law enforcement agencies, security and hosting providers struck a major…

Source…

LibreOffice, OpenOffice bug allows hackers to spoof signed docs

/in


LibreOffice

LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. 

Although the severity of the flaw is classified as moderate, the implications could be dire. The digital signatures used in document macros are meant to help the user verify that the document hasn’t been altered and can be trusted. 

“Allowing anyone to sign macro-ridden documents themselves, and make them appear as trustworthy, is an excellent way to trick users into running malicious code.

The discovery of the flaw, which is tracked as CVE-2021-41832 for OpenOffice, was the work of four researchers at the Ruhr University Bochum. 

The same flaw impacts LibreOffice, which is a fork of OpenOffice spawned from the main project over a decade ago, and for their project is tracked as CVE-2021-25635. 

Addressing the risk

If you’re using either of the open-source office suites, you’re advised to upgrade to the latest available version immediately. For OpenOffice, that would be 4.1.10 and later, and for LibreOffice, 7.0.5 or 7.1.1 and later. 

Since neither of these two applications offer auto-updating, you should do it manually by downloading the latest version from the respective download centers – LibreOffice, OpenOffice. 

If you’re using Linux and the aforementioned versions aren’t available on your distribution’s package manager yet, you are advised to download the “deb”, or “rpm” package from the Download center or build LibreOffice from source. 

If updating to the latest version is not possible for any reason, you can always opt to completely disable the macro features on your office suite, or avoid trusting any documents containing macros. 

To set macro security on LibreOffice, go to Tools → Options → LibreOffice → Security, and click on ‘Macro Security’. 

Menu to set macros to disabled on LibreOffice
LibreOffice settings menu to disable macros

In the new dialog, you may select among four distinct levels of security, with High or Very High being the recommended options. 

If you’re still running an old and vulnerable version, you shouldn’t rely on the “trusted list” functionality as an invalid…

Source…

‘Jeffpardy’ spoof of Jeopardy is amusing, defies explanation

/in

Sure it’s silly, but if you don’t think this is funny, I’m sorry you’re having such a rough day. And if you have any idea why someone – presumably someone named Jeff – would do such a thing, please share.

I thought Jeff the IT manager was a shoo-in.

In a month on YouTube, “Jeffpardy” has been viewed more than 600,000 times and of those bothering to register an opinion, 4,039 give it a thumbs-up and a mere 146 are grumps.

To read this article in full or to leave a comment, please click here

Network World Paul McNamara

Apple’s iOS still more secure than Android despite spoof of App Store – ZDNet (blog)

/in

The Guardian

Apple's iOS still more secure than Android despite spoof of App Store
ZDNet (blog)
Android security concerns are: – Bitcoins, does not affect all the ecosystem. Fix issued already. – Blue Box Security alleged that they were able to compromise all apps on an HTC phone and alleged that it affects the ecosystem. Remains to be proven
Researchers slip malware onto Apple's App Store, againCNET

all 330 news articles »

“android security” – read more