Monday, June 4, 2012

First Monday in June

Some interesting items from the last week:

Bogus hotel confirmation messages: Email based scam that confirms reservations to a hotel that you did not make.  With more people making summer vacation plans, it is a good time for this scam.  Generally the message looks like almost any confirmation message you would get when booking a hotel, except these tease you with only a hint of the booking information.  To get the "real" information, you need to open the attachment.  The problem is the attachment has embedded malware that infects your machine.  Just resist the urge to click links and read attachments in email.  See more info at Naked Security blog.

New videos they don't want you to see: With all the gruesome headlines over the past few weeks, scammers are taking full advantage and using the lure of "previously unseen footage" to get their marks to click links.  Lots of social networking messages floating around out there.  Resist the temptation to follow any of these links.  I'm beginning to sense a theme here.  Security News Daily article.

Citadel and Reveton ransomware: Apparently this new Citadel malware will direct you to a site that downloads the reveton ransomware.  Once it is in place, you are told you are in trouble with the U.S. Dept of Justice and you need to pay a $100 fine or the computer stays locked and you will be  prosecuted.  Even if you pay the "fine", Citadel stays resident and can be used for bank fraud and other scams.  IC3 published this announcement. More info at ThreatPost.

Roaming around VMware vSphere 5: Researchers have shown it is possible to bust out of an image running on VMware's vSphere 5 and get up into some of the host server information.  With this information and some knowledge of the server layout, it seems possible to gain access to the physical drives on the host server and possibly even parse data out of the other images running on the server.  They note this was all done on ESXi5 server with all current patches.  More detailed info at ENRW blog.

More schools tracking kids: A Texas school district has decided to start a pilot program to issue student ID cards with RFID chips.  The claim is the district is missing out on thousands of dollars in funding because of incorrect attendance figures.  The student IDs will allow administrators to track the location of students within the school buildings when taking attendance.  I guess the old fashioned way of taking roll just doesn't cut it nowadays?  So I'm sure attendance will go up using this method, since all you need to do is give your ID card to a friend to carry around.  Article from the San Antonio Express-News has more info.

Flame: I guess I should say something about Flame.  Everyone else has.  Really not sure what to say, because it seems everything possible has been said about it, over and over and over.  Right now it's too hard to figure out what is fact and what is FUD.