Monday, August 29, 2011

More falsely issued certs

 More certs have been falsely issued as being reported by Sophos computer security blog Naked Security. However this time the falsely issued certs are from a major online site, yes they were Google SSL certs. The sad thing was is that these certs were issues July 10th, and as many of you should know July 10th was a pretty long time ago and these fake certs have been out in the while for a while.

 Now would be a good time to set your browser to check for revoked certs to help stay safe from attacks like this. What does this mean for the Cert systems? If this keeps happening it may mean its time for some changes with how certs are done.

Review: Bitdefender SafeGo for Twitter

 Its time for a full review of BitDefender SafeGo Twitter Edition. Its just been officially released today in beta so I decided to take it for a spin on my twitter account so we shall see how it goes!



 The first thing you must do is connect your Twitter Account to BitDefender SafeGo for twitter. That is pretty simple and you have most likely done similar steps at other sites before. After that Bitdefender SafeGo for Twitter quickly imports your details and looks for social scams on your twitter account. In the screen shot above you can see it importing your account information from twitter. BitDefender SafeGo has a pretty simple UI once it loads you details. It seems to be simple enough for anyone to use in my opinion.

 BitDefender SafeGo for twitter does give you the ability to edit some settings. Its not much to control but it is something. Please note I did decide to change some of the settings and turned everything on. Not all of those settings are on by default


                        I was able to find some fun stuff around BitDefender SafeGo. As it was loading it asked me in the meantime if I knew why they chicken crossed the road. Since it was randomly there (not many computer security vendors add humor into their program) it did make me laugh a bit! Its great to see the vendors having fun while doing a good job.

 Now onto the real reason behind the product, to detect social scams. I stared by looking up to see if I could find an account that was spreading "free iphone" links. Like always it only took me a few seconds in order to find one. Gladly SafeGo already listed the account of being possibly spammy as you can see in this next screen shot. I will continue to test SafeGo for twitter as I do my daily social scam reports.

 Now since it is new it may still have its FPs. As I was testing it BitDefender SafeGo detected one of my friends (who also is a security researcher) twitter account as possibly phishing/malware spreading account. I marked them as safe, I don't see where you are to submit FPs so hopefully they go through and look through the accounts marked safe.

 Over all I think BitDefender SafeGo for twitter is a good idea. I am glad they are finally spreading it out of Facebook into different social networks. I think eventually a lot more people will start to use these types of products and I think more vendors will start to make these kinds of products. If you are looking for a twitter security product this might be a good one to try out, as far as I know its the only one of its kind at the moment. I keep it for a while to see if it ever warns me of anything, I try to keep my twitter account free of people who may be spreading these social scams.

Bitdefender SafeGo: Now on Twitter

 Those of you who use Facebook may have heard of Bitdefender SafeGo. The app that helps keep you safe from social scams and spam posts that I have blogged about a lot. Now they have expanded the app to help protect your twitter account. Check out the app, I have just now added it and will be posting a review later on. Its really great to see more services expand out to help protect again twitter spam and scams.

Sunday, August 28, 2011

Run an Apache based site? Might want to read this

 Sites running on Apache web server (up to 65% of the web according to Sophos) are impacted by a denial-of-service vulnerability according a report. This can be a pretty big deal due to the fact that most of the web is ran on Apache Web servers. Make sure if you run an Apache Web Server that it is updated and has all the latest patches installed. You don't want to make sure sites vulnerable.

Daily Social Scam report (8-28-2011)

 Time for today's daily social scam report:

 My profile views are 6442 
 Get u'r profile views at

 Extracting the URL shows it leading to a Facebook app page. Remember no app can tell you who is viewing your profule

 Yippie! Finally I Found The Only one that Works. Now i can see who views my profile and Photos
  
  As I said above no site/app/cookie can tell you who is viewing your profile.


 Get A Free iPhone 4 & iPad 2!

 I don't know how many times I am going to have to say this but none of these offers will lead you to getting a free Iphone or Free Ipad 2. 
 

Saturday, August 27, 2011

Daily Social Scam Report (8-27-2011)

 Time for today's daily social scam report.

  First off I have seen some reports of Facebook users getting personal messages on Facebook about having broken Facebook policy's and if they don't follow the link and confirm their account it will be shut down. Most of the time these are phishing scams so be on the lookout for that.

 Now lets take a look at some twitter scams:

  Hi Steve Jobs just resigned and he is giving away free stuff - its IPAD 2
 
   Doing a URLVoid 3 services were detecting that one as bad. Which is great due to the fact most of the time not one service is detecting the bad urls with social scams.

 Apple news: you can get Iphone quickly for free! 
 You've been invited to test & keep an iPhone right now for free!
 Get A Free iPhone this minute 
 Get A Free iPhone asap
  
  Doing a URLVoid no services were detecting it again. I highly doubt Apple would just give away products like this. Besides a majority of these posts were all coming from a random twitter account that really does not have any other posts other then "Free Iphone this" "Free Mac that".

  All I did was complete a five minute survey and received a totally free Macbook!!!!!!
  I CAN'T BELIEVE THIS, I recently claimed a cost-free Macbook on
  Try out a macbook air for free here 

  Doing a URLVoid once again showed that no services were detecting it as being a bad site. Gladly every once in a while I would get a URLVoid in which some services were detecting the bad sites.

 So it does not matter what social network you are on. Always been on the look out for scams and spam posts. Also never believe an offer that seems to well to be true.



 

Friday, August 26, 2011

Daily Social Scam Report (8-26-2011)

 Time for today's daily social scam report.

 First lets start off by warning you not to spread a hoax message. The message has been quickly going around the social network today:


 NEW SPYWARE HACKER
WARNING!!! If you see anyone post a "May God always bless this kind person below
with peace, love and happiness", with your profile picture picture attached
below, and sent by your friend via Bold Text, PLEASE DO NOT CLICK "like" or
"SHARE". Ìt is a spyware and all of your info at FB will be copied and reused f
or bad purposes. It opens a new link. Please share this info.
  As reported on Facecrooks their is no major outbreak spreading that message and its just a hoax message. I highly recommend not reposting it.
  Get a Free NFL Jersey!
 Much like the "I love Subway" Facebook spam posts that were going around not to long ago (and my still popup every once in a while) new NFL themed offer ones may start to pop up. Facecrooks (One of my new favorite social scam research sites) already has a page up about the scam. I highly recommend you avoid it.
  WOW! I just got 2000 Facebook Credits for Free! And it worked too! No personal info required! 100% WORKING and totally free. Check it out, i got mine from (bad blogspot link)
 Facebook credit scams are normally found on the walls of social games. Some good news however is that Web of Trust is already detecting the site to be bad.
 Get A Free Dell XPS M1530 Now! 
  This one seems to be much like the free NFL one. The domain was once again owned by "Yes Survey Media" which I have see in the past being used for "sign up for these offers in order to get this object free. Dell would not give away products for free just like that so be on the lookout for these types of scams.
Early Warning: Watch out for Hurricane themed spam/scams.
  Since the Hurricane is about to hit the east coast of the USA be on the lookout for messages trying to take advantage of that. Scammers and Spammers always try to take advantage of big news stories like this 
 

Thursday, August 25, 2011

Daily Social Scam Report (8-25-2011)

 Time for today's daily social spam report:


WOAH! my profile was viewed 53 times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours here:
 It seems people may never learn that its impossible to find out who is viewing your profile. Here is a URLVoid of the page, once again no services are detecting it.
  Get A Free iPhone 4 & iPad 2!
  Once again you will not be getting a free Iphone or Ipad 2. This scam has been going around the social network for a while now. Apple would not just give away products for free like that.
  Get 2 Free Southwest Airline Ticket
  The Free Airline tickets are back. Doing a URLVoid scan shows no sites are detecting anything bad about it. Doing a URL dump it just shows its loading a lot of ads. If they were really giving away free tickets you would most likely here about it from the SouthWest official site  and not some random Facebook page.

 
 

Wednesday, August 24, 2011

Daily Social Scam Report (8-24-2011)

 Time for today's daily social spam and scam report:

 Lets start off with some of the "Free Dell computer" offers/scams/spam posts going through the social network at the moment.

 dell is sending out XPS 1530 to test and keep for free. get one quick!
 Take the Free Dell XPS 15 Survey!
Facebook giving 1000000 free Dell Laptops. Go Grab... (though I wish they were giving away those free machine)

 Dell would not give out free machines like that, so I highly recommend you avoid these types of offers.

 As for Apple offers here are some of them I found. Most of them are still the same as the ones I posted a few days ago:

 Get a free Macbook Air (bad link)

 I am sorry for not giving URL Analysis my tools I use to check out ratings seems to be down so I can;t do much deep analysis today. 

Tuesday, August 23, 2011

Daily Social Scam Report (8-23-2011)

 Time for today's daily social scam report:


My profile views are : 8543
Girls Views : 5168
Boys Views : 3375
Check yours at - (bad link)
  Once again this themed scam message is spreading through Facebook at a quick rate. The scam URL is once again using a .info site domain. Doing a URLVoid scan it is showing no services are detecting the scam site. If only someone offered a job for hunting down Social Scam URLS :D Another wave just started of the same theme as I am doing my analysis, this time using a bit.ly short url. The domain is hosted on the same IP Range as the previous URLvoid link I posted. Once again doing a URLVoid no services are detecting the site as being bad.
  I also found event spam for BlackBerry devices. One of the spam events I found said:
25,000 Free BlackBerry® Torch™ 9800 phones..[Beta Testers Required]
 I also found a Samsung Spam post going around:
Free Samsung Galaxy Tab
  Remember if something seems to good to be true it most likely is.

 

Site News: The New Logo

For those of you who have not noticed I have pushed out the new IGL-Security logo here on the IGL-Security site and the IGL-Security Facebook page. The logo was made by a friend of mine (I am not good at art/logo making). The logo will also be used in projects later on such as a mobile phone app, something that I have actually been working on recently. I am wanting to be able to released them by the end of the year but I have no dates set on releasing mobile apps.

Facebook making Privacy simpler

 Good news for all the Facebook users. Facebook has made it simpler to control your privacy. Its great to hear Facebook has been improving the privacy controls. From what I have seen security has always been a concern with some Facebook users. If you are on Facebook (like me) I highly recommend you take some time to check out what your current privacy settings are. Its a good idea to try to keep updated with the latest Facebook security news so you know when you should go review your Facebook settings.

Monday, August 22, 2011

Reminder: Make sure you remove ClearCloud from your system by Sept. 1st!

 This is just a reminder to all my reminders. As many of you know in the past I highly recommend ClearCloud DNS service to help improve your computer security setup. Well they have decided to shut down ClearCloud and if you don't want to be without internet now would be a good time to remove is from your DNS settings before your internet is interrupted. Here is a quote from the ClearCloud Website:


 Effective September 1, 2011, GFI's ClearCloud DNS service will be discontinued and no longer available for consumer use. We would like to thank all of the beta testers for their valuable feedback throughout this last 12 month evaluation period. To discontinue using the ClearCloud DNS service, you will need to reconfigure your network connection. If this is not done prior to September 1, 2011, your Internet connectivity will be interrupted.

 Maybe soon I will try out some other DNS services and post some recommendations here on the IGL-Security blog.

Daily Social Scam report (8-22-2011)

 Time for today's daily social scam analysis

 First one is a sad topic for scammers to be taking advantage of people from.

 Red Arrow crashes during Air Show (video)

 Yes they are taking advantage of people trying to look up information about the Air Show crash. You can tale a look at this Facecrooks page which contains some info on why its a scam. In fact I have seen Facebook pages spreading this that have 12K "likes" which means a lot of people are falling for this.

 Hey (friends name) I received a Dell XPS 1530 laptop today for nothing! I think they are only sending out a limited supply of promo laptops in each area, its actually very nice :) I got it from here

 I saw this one of my friends Facebook wall this morning, gladly I know better then to click on these types of scams (and MyWOT already had the site rated red. If a deal seems to good to be true I highly recommend you research the site/offer before you click, or better yet just avoid it. If it was a real deal everyone would be talking about it (example: HP TouchPad $99 sale).

 Get a FREE 100$ KFC Gift card!!!! 

 As much as I love KFC Chicken I doubt they would really give away 100$ gift cards to everyone who clicked on a Facebook page. Doing a URL Dump of the site I see no relation to the real KFC. Doing a URLVoid no services are detecting it as bad. Doing a WhoIS say it is owned by Yes Survey Media, a company who you may remember is doing a lot of these offers.


 My profile views are : 8543
Girls Views : 5168
Boys Views : 3375 
Check yours at - (bad short url)


 This themed message continues to spread around Facebook. Doing a URLVoid no service is currently detecting the scam.


 Check out who views your profile and your TOP 10 Stalkers @ (bad short url)

 That scam is spreading via photo tagging, to be honest it just now popped up on my Facebook feed. Doing a URLVoid one service is already detecting it as bad, which is great news!

Sunday, August 21, 2011

Daily Social Scam report (8-21-2011)

 Time for today's daily social scam report:

 My profile views are :(random number)
Girls Views : (random number)
Boys Views : (random number) 
Check yours at - (bad short url)

 This continues to stay one of the more common themes for social scams. A URLVoid 
 Scan once again shows that no service is detecting it at the moment. I decided to do some URL Analysis on it and found it was some loading data from another url hosted on the same IP. However at the moment that URL was down. I was able to get a URLVoid analysis and Web of Trust was detecting the site as bad.

 Now lets look at some free Iphone scam posts. Because they are very popular at the moment. Look over at my stats its what a majority of you out there are reaching this site by.

Get a free Iphone 4 & Ipad 2 <- Wow that's a pretty awesome combo

 Doing a URLVoid  analysis no services were detecting it as spreading around on Facebook. Using URL Dump to check the page I was unable to gather more information.


 As people count down to the release of the new Iphone I highly recommend that you do not click on sites offering free Iphones or Ipad. In fact I recommend you never click on them, more often they are scams then actual free offers.

  

 

Saturday, August 20, 2011

Daily Social Scam report (8-20-2011)

 Time for today's daily social scam report:

 My profile views are :(random number)
 Girls Views : (random number)
 Boys Views :(random number)
 Check yours at - (bad short url)


 This is once again of the more common social scams. Always remember that no app can tell you who or how many people are viewing your profile. A URLVoid scan says that no services are currently detecting it.


 Free Iphone scans are also going through Facebook events. Some example events I found:
 Facebook giving 1000000 free Apple iPhone. Go Grab NOW !!!
 The first 50,000 participants Will Get An iPhone 4 for Free

  Apple would most likely never give away free Iphones like that.
  

Thursday, August 18, 2011

Daily Social Scam report (8-18-2011)

 Time for today's daily report of social scams

 First off lets start with one I found interesting. I know its a common message but they way its being run interests me:

 WOAH!!...You guys really have to see this.Finally a simple way to see who views your facebook profile :P ===>(bad short url)


 Now at a first look this looks like just the every day normal social scam I see a lot. However when I extracted the URL I ran into something I had never ran into before, it was a link to the Bath and Body works website. Now when I first extracted that it seemed very weird, but it has provided a way for the spam apps to bypass the url protection of short url services. Yes it was using the Bath&Body works email re-director to take you to the social scam. I just found that interesting.


 Other then that its pretty much the same things I have been reporting the past few days. The same Test and Get a free Iphone 5 (something that has not been announced yet) and it is still spreading over the same domain.

HP to shut down WebOS Phone and Tablet division? (Slightly off topic)

 Well this is rather surprising, according to some reports that are coming out HP has decided its time to shut down its WebOS Phone and Tablet division. So what does this mean? Well first off all the IGL-Security app that was planned to be released for WebOS has officially been put on hold till they announce if its going to be sold off or they are just done. Its going to be interesting to see what happens to WebOS. Now that Google is buying Motorola maybe this means they are just going to license out the OS? We shall wait and see for HP to officially announce it in their earnings report today.

Tuesday, August 16, 2011

Daily Social Scam Report (8-16-2011)

Time for today's daily social scam report.

 First off lets start with some twitter scams.

 Free ipad two. OMG (bad short url link)

  I was unable to get Bit.ly stats for this one because whenever I tried to get to the stats page I was redirected for some reason. However it does like to some site that on URLVoid is not detected by any service. It did however seem to try to take me to a survey site.

 OMG! just got a Free iPad 2 from this website! Get yours here:(bad link)

 I was unable to extract this like but I doubt it would give you a free Ipad :P

 Now lets move on to Facebook scams

 WOAH! my profile was viewed 140 times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours here: (bad link)


 This message seems to be the new in thing because it seems its the one being used the most. Doing a URLVoid scan no services were detecting it at the moment.


 My profile views are: (random number)
 Girls Views : (random number)
 Boys Views : (random number)
 Check yours at - (bad link)


 This themed message is also once again very popular. On URLVoid only one service is detecting it and that service is MyWot. However looking at the comments on the MyWot rating and someone rated it bad on 7/4/2011 for spreading Facebook scams. Now look today its still spreading them.

Firefox v6 released: Do you like rapid releases?

 As some of you may already know today Firefox v6 has been released. So now two browsers are getting new versions at a rapid rate (Chrome and Firefox) so I am curious. What do y'all think of the new rapid releases: Do you dislike them or do you love them? Honestly I prefer the way Firefox does it and only updates when I launch it, it drives me crazy when I am working on some large programs and Chrome decides to update in the background. Share you thoughts here in the comment section!

Monday, August 15, 2011

I am going to test the Iphone 5 and keep it!....nope just another Facebook scam

 Another large round of Apple Themed scams are going through Facebook at the moment. This times its for the "never confirmed that it actually exists" Iphone 5. So what is this round of scam saying? Here is what I have found.

 A random site is offering to let you Test&Keep the brand new Apple Iphone 5. Now their is a couple problems with this. Do you really believe Apple will just open up the testing of a brand new product to anyone? If it really was opening up testing to everyone don't you think it would be on a Apple Owned domain? Not by someone called Yes Survey Media (Who Is?). In fact to be honest the domain was just registered 5 days ago. Compared to the Apple domain registration information you can see a pretty big difference.

 Another round of these fake scams are running through Facebook events. These events are saying the first 100K people to attend will get a free Iphone 5. Do you really think Apple would give away 100K free Iphones?

 I highly recommend you stay away from the suspicious offers like this.

Daily Social Scam Report (8-15-2011)

 Its time for today's report of the latest social scams.

 WOAH!!...You guys really have to see this.Finally a simple way to see who views your facebook profile :P ===>> (bad bit.ly link)


 Nice job for the bit.ly team this link was redirecting to the Bit.ly warning page for spam/malware/bad links. Its always good to see the protection filters in place protecting people.


 My profile views are : 38543
Girls Views : 25168
Boys Views : 13375
Check yours at -(bad link) 
  This is the same bad link as yesterday and gladly bit.ly is already redirecting it to the warning page! Nice job of Bit.ly to make sure these sites were being blocked. 
  WOAH! my profile was viewed 11 times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours here (bad link)
  This one war redirecting to a .jpg image. It was on a new domain not scanned yet on URLVoid so I decided to scan it with that service. According to the URLVoid results not one service was detecting the link as bad.

Sunday, August 14, 2011

Anonymous to attack BART Website?

 Well it seems Anonymous may not be attacking Facebook but they may be attacking the Bart Website according to a report on CNET News. Now this is all happening because of a planned protest which lead to the shutting down of cell phone service in the area. Why would they shut down the cell service? Because the whole thing was being planned through mobile communication. So will they be able to take the site down? I do not have the answer for that but I do know that BART was already aware of the plans and taking actions to prepare for the attacks.

Daily Social Scam Report (8-14-2011)

 Its time for today's social scam report. Here are the bad social links/apps I have found spreading along with a little bit of data to go along with each of them.

 WOAH!!...You guys really have to see this.Finally a simple way to see who views your facebook profile :P ===>> (bad short link)


 This was the most recent one posted when I did my first search. According to some bit.ly stats it was clicked on by 1,331. That is a large amount of people clicking on this. always remember no app can tell you who is viewing your Facebook profile.


 I had no idea you could see everyone who views your profile! I just saw my ex viewed my profile the most...wow, this is crazy. you all are sick! See for yourself: (bad link)


 I saw this one has been posted a few times. No short link this time and instead openly linked to the bad site. At the moment according to URLVoid no service is detecting this as a bad app.


 My profile views are :(random number)
Girls Views :(random number)
 Boys Views : (random number)
 Check yours at - (bad short link)


 This is another "I will give you a random number of profile views" fake app. However it seems to be working because according to the Bit.ly stats (Thanks Bit.ly for the wonderful stats!) has been visited 618 times the past hour, and 5771 times over all. If only that many people were here reading the IGL-Security blog! Doing a URLVoid scan only one service was detecting it at the moment.

Webroots interesting article on ZeroAccess and TDL3

 The Webroot Security team has been doing more research into the ZeroAccess rootkit. In their latest blog post that seem to have found some more interesting information. They seem to have found that the ZeroAccess rootkit and TDL3 rootkit may be connected/related in some way. Looking into what they have found does make it seem they may be related in some sort of way.

 Now anyone who has been infected by TDL3 as it was first actively spreading in Q1 2010 knows how nasty this rootkit has been and how hard AV teams were working on improving their detection rates for this malware. ZeroAccess may be the next advancement of TDL3, as malware keeps growing quicker and quicker it has been forcing AV vendors to continue to improve their detection of their products. It continues to be a cat and mouse game, at one point the malware writers are winning then the AV vendors catch up with new tech, then the malware writers upgrade their malware and the war goes on and on.

Saturday, August 13, 2011

Be on the look out for Twitter Phishing scams

 A phishing scam is currently going through twitter attempting to get you to give away your twitter ID. You will see tweets like this with links afters.

 Pictures of Osama Bin Laden (bad link)

 or

 Found you in this funny picture lol.(bad link)

 It will then lead to you a fake twitter log-in site to attempt to grab your twitter log in details. Doing a quick look up on URLVoid only one service detects it as bad. Doing a "Who Is" on the site does not give us much more information. This however does go to show, make sure you check what domain you are entering information onto. You don't want your personal information to end up in the wrong hands. If you have already entered your information make sure you change your password asap on Twitter along with any other site you have used the same password at.

Share anyway (and anywhere) you want

 Today I have been working on improving the IGL-Security blog to make it quick to load, easy to use and such. So today I have replaced the boat load of widgets that I had setup with one simple to use one powered by AddThis. So now you can share on any site you feel like (and trust me, I have seen a lot of sites you can share on, many I have never heard of before). So I shall be watching out you all use the share feature and work on improving it to be simple and easy to use for everyone. Sharing is where IGL-Security gets a majority of our traffic so its important that you all enjoy and like the way the sharing is done.

Todays list of Facebook scams (8/13/2011)

 The IGL-Security blog has always been a place to find out about the latest Facebook scams. So since I have not written about them in a while I want to try to get more constant updates about the latest Facebooks scams again, since that is what got IGL-Security started. So for today here are the messages I have found and some research on each of them.

 WOW I cant believe that you can see who is viewing your profile!I just saw my top 10 profile peekers and I am SHOCKED from who is viewing my profile! You can also see WHO VIEWED YOUR PROFILE here: (bad url)


 That messages uses an ow.ly shortened link. The link leads to a site that is hxxp:coolam(dot)info/profilu/. According you URLVoid only one service is detecting that site to be bad. That is the community powered site rating service MyWot.

  WOW I cant believe that you can see who is viewing your profile!I just saw my top 10 profile peekers and I am SHOCKED from who is viewing my profile!You can also see WHO VIEWED YOUR PROFILE here:(bad url)


 This one is ran through a bit.ly. However it links directly to the bad social application on Facebook. Looking at some Bit.Ly stats (I am so glad they make those public) it seems 213 at the time of this writing have clicked on the bad app link. Now that is smaller then some but it still is a lot of people falling for it.


  WOAH! my profile was viewed (random number) times JUST TODAY, and I can see that I have quite a few stalkers LOL! Find out yours here (bad link)


 This was from a spam/scam app run this morning. This lead to an image while most likely said "Copy to code into your browser bar" or "go this this address" which would eventually lead them to the Facebook scam. At the time of this writing no one on Urlvoid was detecting the site as bad.

Anonymous denies the Facebook attack videos

  Some members of Anonymous have responded to the reports of the "November 5th Facebook attack" according to a Facecrooks blog post. According to them the group as a whole has not planned to attack them but since the group does not have one leader it means part of the group may try to attack it that day. So what does this mean? Well their is still a chance of part of the group attacking Facebook on that day, but it means that the whole group most likely will not be attacking it so not as large of an attack. We shall all find out November 5th what happens that day.

  I have noticed recently the media however has really picked up on the news of the possible attack. With the increased media chat about this I have noticed a lot more people coming to my blog looking for information on the attack. This just shows how quick one video can climb to being the top news story.

Nice Mobile Malware Info Graph

 Mobile malware just keeps coming and coming and coming. Today I saw an interesting info graph from Bullguard on Facecrooks. The info graph contains some great information I recommend everyone with a smartphone to read.

 So what does this mean if you own a smartphone? Now is a really good time to look for security software to install on your smartphone. No matter what OS you use you should really look into security software. Windows Machines, Mac Machines, Linux Machines, Mobile OSes, they are all open to malware attacks. Make sure you take steps to keep your personal data safe.

Wednesday, August 10, 2011

Hackers to target Facebook?

 Hackers seem to have a new target, and that target is Facebook according to reports. According to the reports November 5th is the date of the attack, this leaves a good amount of possibility of what could happen that day. Like why are they announcing it so far in advance, this gives Facebook a good amount of time to start preparing. I guess we will all find out that day what will happen, is it just going to be a joke to raise popularity or Facebook really going to go down. We shall see that day and find out what happens.

 Trend Micro has also taken a look into the video and also found is suspicious. The normal ways these things are advertised have not been used and a few other points were made that I found interesting. However everyone is picking up on the video now and talking about it.  

Friday, August 5, 2011

More new mac malware

 I have not written about Mac Malware in a while, but recently F-Secure has ran into a new Mac malware. This time the malware is in disguise as a flash player installer. This just goes to show Mac users need to make sure they are taking proper steps to stay safe from malware. Since the start of this year I have seen a lot more reports of Mac malware being spread.

Now if you have a Mac now would be a good time to go and find a antivirus for your mac if you do not have one. Also if you have one make sure the Antivirus is updated and you have the latest malware protection updates. Also make sure you Mac has the latest software version, a Mac (Just like Windows machine) has security updates that get pushed out and need to be installed.

Thursday, August 4, 2011

IGL-Security: Now with more community!

 The first IGL-Security Birthday is quickly growing near. It was in December last year that IGL-Security was created. Its hard to believe we have already got over 26k views, have a growing Facebook pages, and we continue to expand quickly. As I start writing out my plans and goals for IGL-Security for next year one of the things I was to focus on more is community. By community I mean more interaction between the blog and the readers, and readers with readers, and blog with other blogs. So today I am adding one of the new community feature: Community News

 Community News pulls in computer security articles I submit to Reddit and displays them so you can vote them up or down. The articles are only the most popular ones vote wise which means its up to you (The community) to vote on articles. It will be a wide range of computer security articles and I will try to keep it updated often. I will not guarantee it will be done very fast but quick enough I will encourage you to check every once in a while. So I hope you enjoy the new community news feature and I will be working and sharing more IGL-Security goals as we continue near our 1st Birthday!

IE users have a lower IQ?

 Hey did you all here that a study was done and it says that IE users have a lower IQ then other browser users? Well I did (I decided not to write about it) and now it has came out the test results were a joke. The tech media fell for the results as real and now everyone is reporting that is was a fake. That just goes to show why you should not believe everyone online, it was just a simple set of fake test results and even local media news stations we talking about it.

 Always remember to do your research on everything you read online. Its a good thing to remember, especially when it comes to giving out personal information.

Tuesday, August 2, 2011

Security Experts on Twitter: Who should I follow?

 Twitter is a great place to get to know people you most likely would have never gotten to meet in person. I use twitter to get updated on computer security news from computer security experts I would have most likely never get to meet in person. So I have decided to create a list of computer security experts I think you may want to follow and provide some information on who they are. So here is the list I think you will enjoy

 StopMalvertisin:

 StopMalvertsin does research of current malware trends and researches malware that is being spread through advertising networks. StopMalvertisin is a great twitter feed to follow if you want to see a wide variety of computer security related news.

 Dave Marcus:

  Dave is director of security research over at McAfee labs. You will see a lot of tweets on a wide range of topics coming from his twitter account.

 Microsoft Safer Online team

 This Microsoft Team is dedicated to tweeting out the latest internet privacy news for you to follow. This twitter account provides great information on that topic and I really enjoy reading what news they tweet.

 Marco/Eraserhw:

 Marco (better known online as eraserhw) does malware research analysis for Prevx/Webroot. Marco has put out some great articles on the ZeroAccess rootkit that provide great information. If you want to see the latest articles from Marco I highly recommend you follow this twitter account.

Eugene Kaspersky:

 Eugene Kaspersky co founded Kaspersky Lab the creator of the popular product Kaspersky Antivirus. If you want to keep up with the computer security knowledge he shares (and some of his other hobbies/things he is a fan of) I recommend you follow this twitter account.

 Billp:

 BillP is the twitter account of the creator of the popular Winpatrol security software. BillP shares parts of his personal life and shares computer security news that you most likely will want to read.

 Alexeck:

 Keep up with whats going on at the Sunbelt/GFI security labs on this twitter account. Alexeck has done a lot of the computer security community and I am sure you will want to read whats their computer security research lab is researching.

 Patrik Runald

 Patrik is a manager for security research over at Websense labs. I remember reading Patriks posts over at Wilders Security forum. I also am a regular reader of the Websense security blog.

  ScamSniper

 Much like here at the IGL-Security blog ScamSniper keeps you alert of the latest social scams and other unwanted net items. Follow them to keep up with the latest internet scam news.

 SecurityGarden:

 SecurityGarden keeps you up to date with a wide range of computer security news. Including exploits,  data leaks, new rootkits, the list goes on and on. Follow SecurityGarden to keep up to date with the latest security news.

 FireEye:

 FireEye keeps you updated with the latest new of Zero day malware, exploits, hackes, and other computer security news.

 Brian Krebs:

 Brian Krebs is the author of the computer security news blog Krebs on Security. I am also a reader of this blog and recommend you check it out if you have not.

 Jerome Segura:

 Jerome Segura is editor of the Paretologic security blog Malware Diaries, a security researcher for Paretologic, and runs the url sharing site Malware Black List. To keep up with computer security news and his articles I recommend you follow his twitter account.

 gcluely

 As many of you who have read this blog before know I have referenced the computer security blog Naked Security a few times. Well gcluley is the person behind this blog I enjoy reading and I recommend you follow his twitter account.

 Mikko Hypponen

 Mikko is CRO over at F-Secure. He does a lot of security blogging, tweeting, and retweeting and he posts a lot about current security threats and news. I highly recommend you follow his twitter account.

  Juan Santana

 Juan his CEO at Panda Security (as you may know I use the Panda Security AV program Panda Cloud) so I highly recommend you follow his twitter account.

 BartBlaze

 Bart is a Panda Security Tech. and malware researcher. He tweets a lot of different links about computer security that many people (interested in computer security) may find interesting. So I also recommend you follow him.

 Ibrad09

 So I am no way an expert like everyone else here but I figured if you want to keep up with the latest IGL-Security news you should follow my twitter account :)

Monday, August 1, 2011

Rootkits targeting those still on Windows XP

 Are you still on Windows XP? Then you are more likely to get a rootkit infection according to analysis done by Avast software. If you are running a Windows XP machine I highly recommend that you upgrade to the latest XP patches and make sure you have the latest security software installed. Windows XP lacks the extra security features of Vista/7 (UAC, Built in Windows Defender). Now I am not going to say that everyone needs to go out and buy new machines with Windows 7 because I understand not everyone has that type of cash. However everyone who has a legal version of Windows XP (Which you SHOULD have) you need to make sure you have all the latest Windows updates installed. Now would also be a good time to make sure your security software is updated and you have all the latest patches to your internet addons installed.

More info on possible Lulzsec hacker released

 It has been released that the suspected Lulzsec hacker had 750,000 passwords on his computer that the police took at his arrest. It has also been reported that the machine had the fake story that was planted on "The Sun" website when Lulzsec hacked it not to long ago.

 Rumors are still going around wondering if that person is or is not the actual Lulzsec hacker. The Lulzsec twitter account still remains silent and has been silent since the day of the arrest. However this is either a very well thought out plan by the Lulzsec team to remain hidden, or they actually did catch the right person. I guess we will just have to wait and see.