Monthly Archives: April 2015

US-CERT

Nepal Earthquake Disaster Email Scams

Original release date: April 30, 2015

US-CERT warns users of potential email scams citing the earthquake in Nepal. The scam emails may contain links or attachments that may direct users to phishing or malware infected websites. Phishing emails and websites requesting donations for fraudulent charitable organizations commonly appear after these types of natural disasters.

US-CERT encourages users to take the following measures to protect themselves:

  • Do not follow unsolicited web links or attachments in email messages.
  • Maintain up-to-date antivirus software.
  • Review the Federal Trade Commission’s Charity Checklist.
  • Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact    information can be found on the Better Business Bureau National Charity Report Index.
  • Refer to the Security Tip (ST04-014) on Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.

This product is provided subject to this Notification and this Privacy & Use policy.

Avira

Social Networks: How Their Privacy Settings Compare

Particularly Facebook has often been the in the media when it comes to privacy issues and concerns. But do you really know what can and cannot be set in the sometimes rather confusing options? And what about all the other social networks likes Twitter, LinkedIn, and Google+?

ITWorld decided to check out the top social networks and compare their privacy setting – in one handy chart. The list of things they checked out for you is rather extensive and includes the following points:

  • Profile visibility limits upon sign-up
  • Control how people can search for you
  • Control who can connect with you
  • Control whether people can message you
  • Control who can see your connections
  • Prevent users from tagging you in posts
  • Choose who can see your photos
  • Block users
  • Opt out of photo tagging
  • Disable facial recognition
  • Opt out of search engine indexing
  • Review recent logins
  • Set login alerts
  • Enable two-factor authentication
  • Automatically supports a secure connection
  • Control connected applications
  • Limit data sharing with third-party apps
  • Turn off location tracking
  • Delete location information
  • Manage advertising
  • Opt out of all advertising
  • Request an archive of your data
  • Delete your account

Just head over to ITWorld to read the whole article which also includes instructions for finding and updating these options in the different social networks.

The post Social Networks: How Their Privacy Settings Compare appeared first on Avira Blog.

Panda Security

Cyber-attacks made it into the Global Risks TOP 10

computer office
Almost every day, we hear news about cybercriminals leaking confidential information, cyber-attacks to the media, massive cases of phishing or WhatsApp scams.

That’s why for the first time risks from cyber-attacks are part of the TOP 10 Global Risks, ranked ninth according to Aon Risk Solutions, Aon plc global division of risks management.

The participants in this survey pointed out that brand damaging and maintaining the company’s reputation is what organizations fear the most. The online risks’ “increasing importance” is linked to the consequences a company may face when its sensitive information has been compromised.

This survey confirms what the Global Risks Report 2015, elaborated by the WEF, had already reported, including cyber-attacks within the most pressing dangers of the future. Stating that companies should consider cyber security as priority.

This is confirmed by experts and data. If PandaLabs described the year 2014 as the year of massive cyber-attacks, we are sure we will see an increase of this types of threats during this year and the ones to come. That’s why if you want to protect your company’s servers and endpoints try our solutions for business and you will sleep a little more soundly at night.

The post Cyber-attacks made it into the Global Risks TOP 10 appeared first on MediaCenter Panda Security.

Mandriva

[ MDVSA-2015:218 ] glibc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:218
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : glibc
 Date    : April 30, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in glibc:
 
 It was discovered that, under certain circumstances, glibc's
 getaddrinfo() function would send DNS queries to random file
 descriptors. An attacker could potentially use this flaw to send DNS
 queries to unintended recipients, resulting in information disclosure
 or data loss due to the application encountering corrupted data
 (CVE-2013-7423).
 
 A buffer overflow flaw was found in the way glibc's gethostbyname_r()
 and other rela