Malware which opens pictures of attractive women to entice its victims has been around for some time. Last month there were more than usual, so I decided to research malware that pretends to be a regular picture, and the results are pretty interesting. We looked for executable samples with two distinct characteristics: 1. .jpg in […]
Microsoft 社は 3 月 25 日、Microsoft Word に影響するパッチ未公開の脆弱性が新たに見つかったというセキュリティアドバイザリを公開しました。攻撃者は、Microsoft Word に存在するメモリ破損の脆弱性(CVE-2014-1761)を悪用して、標的となるコンピュータにリモートでアクセスできるようになります。アドバイザリでは、この脆弱性は限定的な標的型攻撃で悪用されていたと報告されています。
不明な RTF 文書を開かないように注意するだけでなく、このようなファイルを Outlook でプレビューすることも避けてください。攻撃者にこの脆弱性を悪用される恐れがあります。Outlook の一部のバージョンでは、電子メールに添付されている RTF 文書のデフォルトビューアが Microsoft Word に設定されていることに注意してください。
まだパッチは公開されていませんが、悪用のリスクを最小限に抑えるためにいくつかの回避策があります。Microsoft 社は、Microsoft Word で RTF コンテンツを開けないようにする Fix it 修正ソリューションを提供しています。また、Outlook で電子メール表示をプレーンテキストに限定するように設定して、この問題の影響を軽減することもできます。
Microsoft 社は、Enhanced Mitigation Experience Toolkit(EMET)を使えばこの悪用を適切に遮断できるとしていますが、これは他の回避策を適用できない場合の代替策と考えてください。
Microsoft 社からパッチが公開されたら、できるだけ速やかに適用することをお勧めします。
シマンテックセキュリティレスポンスは、CVE-2014-1761 の悪用からお客様を保護するために、以下の検出定義を提供しています。
ウイルス対策
侵入防止システム
シマンテックは現在、追加の確認に取り組んでおり、詳しいことがわかり次第このブログでお伝えする予定です。
* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/ja にアクセスしてください。
In any line of business – and I guess this is not only common sense but also part of any basic “marketing 101” class – you will learn that it’s important to know WHO your customers are. So I’m surprised that in the spam-sending business the spammers haven’t figured that one out yet. And I […]
‘The attacker still has the upper hand,’ says the Dutch government’s most recent Cyber Security Report. The report continues: attackers are getting smarter, more devices are being connected to the internet and yet many incidents could have been prevented by implementing basic security measures.
The human and business consequences are high. In 2011, for example, internet banking fraud alone resulted in Dutch losses of €35 million, according to the report. Over 3 million Dutch citizens in 2013 said that they have been victims of cybercrime in the last 12 months according the Norton Cybercrime Report.
In 2012, one in eight Dutch adults were the victim of cybercrime, according to government research. Young people, who are more active online, were more likely to be victimised, with one in five being affected. Worryingly, in an increasingly social online world – 30% of social network users say they share passwords with others whilst 35% are happy to connect with people they do not know online. (Source: Norton Cybercrime Report).
The threat is not going away. Citizens and businesses need to be proactive in their own defence against cybercrime; particularly as we all transact more online and mobile devices multiply. And while nine out of ten victims of phishing and skimming do report the incident to the authorities, prevention is the preferred option.
The Nationaal Cyber Security Centrum’s website offers advice and security alerts in Dutch. For more information about Symantec Website Security Solutions in the Netherlands, visit our website or call us to find out how we can help your organisation stay safe online.
New initiatives help organizations fully leverage AWS advantages while addressing their shared security responsibility
They might look like funny characters from an animated movie, but the avast! GrimeFighter minions are a deadly force against the grime that accumulates in your computer over time. This crack team of animated minions brings AVAST users new technology that speeds, tunes up, and extends the lifespans of PCs. avast! GrimeFighter is being launched […]
If you are a smartphone user and take pride in the phone brand you are using (yes, most users do…) you have for sure noticed the 5-day media frenzy over president Barack Obama’s alleged switching from Blackberry to Samsung… that was promptly denied by the White House and of course by Blackberry, as well. Here’s […]
In late January this year, eager fans purchased tickets for Coachella, an annual two-weekend, three-day music festival but were later targeted by scammers in a phishing campaign that persisted up till the end of February.
Front Gate Tickets, the company responsible for handling the festival’s ticketing had sent an email to ticket buyers at the end of February warning users on the phishing campaign stating:
“The phishing involved a fraudulent website designed to look like the login page for Coachella ticket buyers to access their Front Gate accounts, built in an attempt to capture username and password information.”
The email went on to explain that the phishing links were circulated on message boards and email campaigns, and that the perpetrators had harvested the email addresses of ticket buyers who posted them publicly on message boards.
The timing of this campaign happened right before the wristbands used for entry into Coachella were shipped out to attendees. Based on this, it’s clear that the perpetrators of the campaigns had intended to access accounts of ticket buyers to modify the mailing address, phone number and email on file in order to have the wristbands shipped to them. One user on the Coachella message board confirmed this to be the case:
“I was able to get my information put back on the account yet they changed the address, phone and email on file. Glad I double checked and didn’t lose my tickets!”
This incident is an important lesson for the modern music fan. In just two years, scammers have gone from merely creating fake Facebook pages offering tickets to Coachella to directly targeting attendees with phishing emails to steal their wristbands.
Coachella is not the only music festival happening this year. In the coming months, festivals like Sasquatch, Bonnaroo, Outside Lands, Lollapalooza and others will be taking place throughout the United States and even more festivals happening in other parts of the world.
Symantec Security Response encourages festival attendees to not share their email addresses on message board threads. If sharing is necessary, use the board’s built-in private messaging function.
If you’re a ticket buyer and you receive an email with a link asking you to log in to find out more information about your upcoming event, do not click on it blindly. Instead, open up a new browser or tab to visit the official website to log in. If the email seems suspicious, find a contact number or email address on the ticket distributor’s or music festival’s website and seek their assistance instead.
They might look like funny characters from an animated movie, but the avast! GrimeFighter minions are a deadly force against the grime that accumulates in your computer over time. This crack team of animated minions brings AVAST users new technology that speeds, tunes up, and extends the lifespans of PCs. avast! GrimeFighter is being launched […]
They might look like funny characters from an animated movie, but the avast! GrimeFighter minions are a deadly force against the grime that accumulates in your computer over time. This crack team of animated minions brings AVAST users new technology that speeds, tunes up, and extends the lifespans of PCs. avast! GrimeFighter is being launched […]