Posted by Stefan Kanthak on Feb 16
Hi @ll,
Fujitsu’s ScanSnap software installers WinSSInstiX500WW1.exe
and WinSSInstS1100iWW1.exe, available from
<http://www.fujitsu.com/global/support/products/computing/peripheral/scanners/scansnap/software/ix500w-installer.html>
and
<http://www.fujitsu.com/global/support/products/computing/peripheral/scanners/scansnap/software/s1100i.html>,
execute C:Program.exe multiple times near the end of the
installation process….
When talking about cybersecurity, we instantly think of viruses and malware. But advances in personal computer security have made it much harder for hackers to infect your PC through traditional channels like email.
As a result, they have developed new attack methods to get around your defences using a range of techniques, on and off-line. One of the most used and also successful is the “Technical Support Scam” that combines social engineering and technology to empty a victim’s bank account.
Social engineering relies on building trust with a victim, before tricking them into doing something that gets around their security defences. In the case of the Support Scam, criminals telephone their victims pretending to be from a reputable business, like Microsoft or your security or telephone provider – a company name you recognize.
Posing as an engineer, the hacker informs their target that they have already fallen victim to criminals, and they must take urgent action to plug the security gap. The victim is asked to visit a webpage from their computer, and to download a remote control tool that will allow the engineer to access their system to perform “repair work”.
Once in control of the computer, the “engineer” may call up the computer’s event log and show a number of scary looking (but completely harmless) alerts. They will then suggest downloading further tools that allow them to fix these errors.
Unfortunately these tools are actually malware that will steal valuable information from the victim’s computer – particularly online banking details and passwords. The victim may feel that the engineer has done them a favor, but the reality is that they have invited the hacker to steal from them.
There are several ways you can protect yourself from becoming a victim of this scam. These four tips will help keep you safe:
Microsoft or Panda (for example) never ring customers to inform them of security problems. These companies may provide assistance by telephone, but they never call you first. In fact, unless you pay for a third party technical support service, no one should call you about problems with your computer or router.
No matter how urgent the issue sounds, anyone claiming to be calling about PC security problems is lying.
Never give your account numbers or passwords to anyone over the phone or the Internet unless you are 100% sure who they are. If you are in any doubt at all, hang up. Keep in mind that fraudulent activities are profitable for the bad guys.
A good rule to follow for any incoming call: never hand over your credit card or bank details. Just don’t do it!
The Telephone Support Scam preys on people’s insecurity about their lack of tech knowledge. It is very easy to be a victim, and the best defence is sharing knowledge – telling other people about this scam, and what the criminals are doing. It is much easier to put the phone down if you know that the call is a scam.
You should also consider reporting the scam to the company being investigated. If you do, make sure you find the right details though.
Do not forget to use antivirus protection for all your devices. If your device is protected by an anti-malware toolkit, it will not be generating security errors online or anywhere else. So you know that someone claiming you have a problem is also lying.
If your computer does not have an up-to-date security toolkit installed, you must act now – download a free trial of Panda Security to get started.
Most social engineering attacks can be avoided by taking a second to think through the implications of what you are being told. You must not allow yourself to be bullied into making what could be a very costly mistake.
For more useful tips and advice about staying safe online, please check out the Panda Security knowledge base.
The post The technical support scam and how to avoid it appeared first on Panda Security Mediacenter.
Trendmicro InterScan version 6.5-SP2_Build_Linux_1548 suffers from an arbitrary file write vulnerability that can lead to remote command execution.
Ubuntu Security Notice 3197-1 – Kuang-che Wu discovered that multiple integer overflow vulnerabilities existed in libgc. An attacker could use these to cause a denial of service or possibly execute arbitrary code.
Red Hat Security Advisory 2017-0282-01 – The Oslo concurrency library has utilities for safely running multi-thread, multi-process applications using locking mechanisms, and for running external processes. OpenStack Compute launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances and controlling access through users and projects. OpenStack Image Service provides discovery, registration, and delivery services for disk and server images. The service provides the ability to copy or snapshot a server image, and immediately store it away. Stored images can be used as a template to get new servers up and running quickly and more consistently than installing a server operating system and individually configuring additional services.
Ubuntu Security Notice 3198-1 – Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes them to be used only if no non-legacy algorithms can be negotiated. It was discovered that OpenJDK accepted ECSDA signatures using non-canonical DER encoding. An attacker could use this to modify or expose sensitive data. Various other issues were also addressed.
Red Hat Security Advisory 2017-0276-01 – The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Security Fix: A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response.
Cisco Security Advisory – A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. Attackers could exploit this vulnerability by enabling Developer Mode for their user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to the profile. An exploit could allow attackers to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.