The company finallyfast and mycleanpc are scamming people into being scared and installing and buying there software. I have received numerous calls about an email being sent out that says something to the effect of "URGENT SPAM DETECTED" or something similar, they go as far as to say that your pc has been found sending spam and they want you to scan your computer at the bottom… of the email or they will shut off your service. THIS IS FAKE!!!! do not click on the scan. To verify this you will notice that there is no RETURN ADDRESS or it wont show who its from. Unless its from your provider of your internet such as centurylink or comcast and you can call them to verify its from them dont trust it.
The latest release of the Flash Player plugin, version 11.3, is causing frequent crashes in Firefox 13 on Windows. The problem seems to be related to the recently introduced Protection Mode, which is supposed to make the plugin run in a sandbox to isolate it from the rest of the system. The number of users experiencing this problem is now so large that Mozilla and Adobe are both offering differing solutions for a fix.
Many of the crashes appear to be the result of interactions between Flash Player and other plugins, particularly plugins which offer the ability to record Flash video streams. Mozilla specifically mentions a Firefox extension called RealPlayer Browser Record and recommends deactivating this plugin. The Firefox developers have also added this plugin to its blacklist which comprises add-ons known to be insecure or unstable. Firefox automatically disables extensions on this list, but allows users to reactivate them manually.
A further option for remedying the problem is to deactivate Protected Mode. Under Windows 7 or Vista, this requires the addition of the line ProtectedMode=0 to the configuration file mms.cfg. Since Protected Mode is not used under Windows XP, this step is not necessary on that platform.
<%windir%\syswow64\macromed\flash itxtharvested="0" itxtnodeid="301">%windir%\syswow64\macromed\flash>
Computer users are being warned by the FBI of another new scam involving scareware. A piece of malware called Citadel is redirecting users to a scam site that installs the scareware on their machines and then demands a $100 payment to unlock them. This scareware uses a new twist in that it threatens prosecution by the Department of Justice as a prompt to get users to pay.
The malware is a drive-by download attack. The attack is the same as others in the past few years in that it first sends the user to a malicious site. Typically, the site then uses an exploit in the users browser which then installs the scareware.
In a few cases, the scareware will tell the user that their system is infected with some sort of malware and offers to remove it for a fee. In this case, the malware locks the victims computer and tells the user that they have violated U.S. law and faces potential criminal prosecution.
"The message further declares the user's IP address was identified by the Computer Crime & Intellectual Property Section as visiting child pornography and other illegal content," the FBI warning says.
"To unlock their computer the user is instructed to pay a $100 fine to the US Department of Justice, using prepaid money card services. The geographic location of the user's IP address determines what payment services are offered. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud."
Scareware is one of the more common attack vectors on the Web these days, and it's been surprisingly effective for several years now. Adding in the element of a threat of prosecution by the federal government only brings that up a level or two.
According to a new survey from McAfee, malware has increased significantly across all platforms. At an all-time four year high, malware that targets PC's has drastically increased with such threats as rootkits, password-stealing trojans as well as the ZeroAccess rootkit and others.
McAfee, now a part of Intel, says the total number of malware samples it has collected rose by 8 million to 83 million, up from 75 million at the end of the fourth quarter of 2011. PC's are not alone. Mac's have been affected by the likes of the Flashback trojan, with 250 new malware samples and 150 new fake anti-virus samples being added to the quarter. Vincent Weafer, McAfee Labs Senior VP, says that, "malware authors are continuing their unrelenting development of new malware," adding that, "The same skills and techniques that were sharpened on the PC platform are increasingly being extended to other platforms, such as mobile".
Mobile devices have also seen an increase. Mobile malware, including new adware and mobile backdoors, has seen a huge jump. McAfee says that this malware was "targeted almost solely at the Android platform" and saw a 1,200% increase compared to the last quarter, with nearly 7,000 threats collected and identified in Q1 2012, up from 600 samples at the end of Q4 2011. Third party applications originating from China and Russia are the majority of the threats.
Botnets saw growth in the first quarter, approaching almost 5 million infections at the highest point, with new infections rising in the US, Colombia, Japan, Poland and Spain. Global spam levels, however, saw a decline, falling to just over 1 trillion monthly spam messages in the quarter.
check out this amazing video about the new way of surfing on your pc's
Hackers are now targeting more social media. Rogue rebate offers are now showing up in Facebook, Gmail, Yahoo and Hotmail. Rebate offers and secure payment options are aimed at getting users to part with their debit card information.
Each attack appears slightly different on each site, but as Amit Klein, CTO of Trusteer announced, it is a peer to peer variant of the Zeus platform that leverages trusted relationships and well-known brands to convince users to sign up for services and better secure debit card transactions. "In the first attack against Facebook, the malware uses a web inject to present the victim with a fraudulent 20% cash back offer by linking their Visa or MasterCard debit card to their Facebook account," Klein wrote in a blog post. "The scam claims that after registering their card information, the victim will earn cash back when they purchase Facebook points. The fake web form prompts the victim to enter their debit card number, expiration date, security code and PIN" Even more misleading is the fact that it gives a fraudulent footnote explaining that the debit card PIN is for verification purposes only and should never be disclosed to anyone, including friends and family. In attacks against Gmail, Hotmail and Yahoo users, the malware offers a new authentication service from Verified by Visa and MasterCard Secure. Although many merchants require a 3D Secure password to complete online transactions, Klein notes this attack doesn't compromise 3D Secure but instead uses the Visa and Mastercard brands to add credibility.
The scam that targets Google Mail and Yahoo users claims that by linking their debit card to their web mail accounts all future 3D Secure authentication will be performed through Google Checkout and Yahoo Checkout respectively. It also maintains Hotmail users lacking the 3D Secure code won't be able to use Hotmail to make online purchases. The fraudulent site also claims participation in the program protects against future fraud. Trusteer believes this is the first time a web injection attack has targeted 3D Secure. They do not know how many users have fallen victim to this scam, but the numbers could be huge considering the clever social engineering and popularity of the targeted providers.
Since the first reports that more than 600,000 Macs were infected by the Flashback malware, Intego has been monitoring this situation closely. Not only has Intego found new variants of Flashback that can install with no password request, but Intego has been using a sinkhole to analyse how many Macs are infected.
Sinkhole: a server set up to intercept data sent to and from infected computers in a botnet.
The way this works is simple. Flashback uses a number of domain names for its command and control servers. Intego knows how these domain names are formed; there is a complex algorithm used to generate what looks like a random 12-character string, plus a top-level domain, such as .com, .net or .info. A specific domain name is used each day, and the creators of the malware have not reserved all of these domains, allowing Intego and other security companies to reserve them in advance.
Command and control servers: these are the computers that send instructions to infected Macs, and that may remotely install new malware, or copy documents and files from these Macs.
Intego reserved some of these domains, and has been analyzing traffic from infected Macs. The numbers we have seen over the past week are interesting:
•04/30/2012 – 102,769 infected Macs
•05/01/2012 – 96,948 infected Macs
•05/02/2012 – 103,779 infected Macs
•05/03/2012 – 121,826 infected Macs
•05/04/2012 – 102,375 infected macs
•05/05/2012 – 118,593 infected macs
•05/06/2012 – 113,909 infected macs
This is not the total number of infected Macs, as Intego is only one company that is using a sinkhole. In addition, Intego is only trapping those Macs infected by the most recent versions of the Flashback malware.
Infected Macs contact the command and control servers every hour, if they are on, and if the infected user is logged in. And this number of Macs means that the servers get a lot of connections. Intego’s sinkhole got more than 300,000 connections on May 3, or 13,000 per hour. A command and control server managing the total number of infected Macs – more than 600,000 – would need to be very powerful to accept the number of connections it would receive.
What stands out in the above numbers is the variations. While on May 1 the number of infected Macs that contacted the server that Intego is sinkholing dropped a bit, this is likely because May 1 is a holiday in many parts of the world, and many users did not turn on their Macs.
What is troubling though is that the number of infected Macs is not decreasing, but is actually increasing. Even though Apple has provided an update which patches the Java vulnerability that this malware is exploiting, it seems that many Mac users are simply not updating their Macs. The numbers on May 5 and 6, Saturday and Sunday, might be expected to be lower, as fewer people use their Macs, but that is not the case.
So, what can you do? Make sure you have applied all the security updates available for Mac OS X. Click on the Apple menu, then choose Software Update and, if any updates are available, install them. Also, given the silent nature of this malware, it is a good idea to use antivirus software on your Mac, such as Intego’s Mac antivirus, VirusBarrier X6. VirusBarrier X6 has been able to block new variants of this malware through its behavioral analysis features, protecting you even if new variants are distributed.
A patch has just been released for Adobe that fixes a serious flash vulnerability used in targeted attacks. The update will fix the vulnerability in Windows, Mac, Linux and Android systems.
Adobe is urging customers to update their systems as soon as possible as there is an exploit in the wild right now that targets Flash on Windows Explorer.
"These updates address an object confusion vulnerability (CVE-2012-0779) that could cause the application to crash and potentially allow an attacker to take control of the affected system.
There are reports that the vulnerability is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious file delivered in an email message. The exploit targets Flash Player on Internet Explorer for Windows only," Adobe said in its advisory.
Flash has become one of the preferred targets for hackers these days, thanks in part to its presence on hundreds of millions of machines around the world. With an exploit already circulating for IE on Windows, it may not be long before exploits for Flash on other platforms surface, as well. The time to patch is now.
You can get Adobe Flash player HERE.
If you like us on facebook, refer a friend/ family member, or leave us a review at we are giving 10% off your next service. Help us spread the word about the great work we do!
We have been working to bring a new and innovative website for our valued clients. Feel free to look around and get involved with us in the blog and on facebook. We are looking for new ways to help and educate our clients so feel free to email or call us with comments or concerns.