Phishing attacks on Iranian Gmail users jump before Iranian election

Google researchers have detected phishing attacks originating inside Iran that target tens of thousands of Gmail users from that country, a company official said in a blog post published Wednesday. The attacks appear to come from the same group that pulled off a much more sophisticated attack in 2011 involving a forged secure sockets layer certificate for the Google domain name.

“The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday,” wrote Eric Grosse, Google's VP of Security Engineering.

He said the attacks were aimed at Iran-based account holders who were sent an e-mail, purporting to be from Google, asking the user to add an alternative e-mail address to their accounts. When users clicked on a URL provided in the e-mail, they were taken to a fake Google sign-in page that collected the victim’s username and password.

Read 2 remaining paragraphs | Comments

Wired’s Threat Level Blog Running Outdated and Insecure Version of WordPress

Keeping software running on a website up to date is an important part of keeping it secure, but, as we have been focusing on a lot lately, organizations that you would expect to be up to task of handling their security are failing to do that. Whether it is web security companies, a web security organization, or major government websites (the DHS did finally get their website up to date, though) they are all failing to taking this easy security step. We can now add to this recent list, web security journalism.

Here is the WordPress version powering Wired’s Threat Level blog, which covers “Privacy, Crime and Security Online”:

Wired's Threat Level blog is Running WordPress 3.4.2

Since they are running 3.4.2 they failed to update WordPress for seven months and more importantly they failed to update when a security release was put out back in January. If an important source of security information isn’t aware they need to keep their website up to date, it isn’t a good sign that others will be getting that information either.

Being a Modern Fan

Friedrich Nietzsche, a German philosopher, once said that, “without music, life would be a mistake.” This resonates with me, as someone with a profound love and appreciation for music. Like many fans, I’m an avid concert and festival attendee. Just last year, I attended a number of music festivals, from Coachella to Rock The Bells.

Last year’s Coachella music festival sold out quickly. While my friends and I managed to secure tickets, not everyone was so lucky. Shortly after ticket sales ended, I observed a Facebook fan page offering “free tickets” to users who liked the page. It had close to 10,000 likes but contained little information. I started warning friends that the page was a scam. The page was eventually taken down, with no free tickets awarded after all.

These types of online ticket scams may not seem common, but that perception is precisely why an offer like this—whether through social networking or email—may not arouse suspicions.  

Symantec recently conducted a global survey to explore fans’ online and digital behaviors associated with concerts, festivals, and sporting events. We found that nearly one in five people personally purchased, or know someone who purchased, a ticket that did not provide all the access it promised. More than half (58 percent) of problematic tickets originated from online marketplaces.

Smartphones also play an important role in a fan’s overall festival and event experience. Some festivals offer mobile applications with event information, such as a map of the festival grounds and set times for various artists. Our survey also found that 78 percent of fans use their smartphones to take photos and videos.

At last year’s Coachella festival, my friend had her purse stolen. In addition to losing her credit cards and identification, she lost her iPhone. She reached out to me, as someone she can count on for advice on security and technology. Unfortunately, she had not turned on the Find My iPhone app, so we called her service provider to report her phone as stolen and deactivate it. She was without a phone for the rest of the festival, which was a bit frustrating for her. When asked what upset her most about having her phone stolen, she didn’t hesitate to respond, “Losing all of the photos I had taken this weekend.”

They say a picture is worth a thousand words. But ask my friend, and she’ll tell you those pictures were priceless.

Upon receiving her replacement iPhone, my friend immediately set up the Find My iPhone app. She started backing up her photos regularly and made sure the password on her phone was strong.

Symantec recommends password protecting your phone with a strong password and, if your phone supports it, enable remote tracking to locate a lost phone. Otherwise, install security software that offers remote tracking and wiping functionality. Back up your data regularly and be wary of free ticket scams on social networks.

These are just a few of the easy yet important steps you should take before heading out to a concert or a festival. In the event that your smartphone is lost or stolen, this can help prevent unauthorized access, give you the ability to remotely wipe your device, and ensure the memories you captured at the event won’t be lost forever.

iPhones can auto-connect to rogue Wi-Fi networks, researchers warn


Security researchers say they've uncovered a weakness in some iPhones that makes it easier to force nearby users to connect to Wi-Fi networks that steal passwords or perform other nefarious deeds.

The weakness is contained in configuration settings installed by AT&T, Vodafone, and more than a dozen other carriers that give the phones voice and Internet services, according to a blog post published Wednesday. Settings for AT&T iPhones, for instance, frequently instruct the devices to automatically connect to a Wi-Fi network called attwifi when the signal becomes available. Carriers make the Wi-Fi signals available in public places as a service to help subscribers get Internet connections that are fast and reliable. Attackers can take advantage of this behavior by setting up their own rogue Wi-Fi networks with the same names and then collecting sensitive data as it passes through their routers.

"The takeaway is clear," the researchers from mobile phone security provider Skycure wrote. "Setting up such Wi-Fi networks would initiate an automatic attack on nearby customers of the carrier, even if they are using an out-of-the-box iOS device that never connected to any Wi-Fi network."

Read 7 remaining paragraphs | Comments