Wednesday, May 8, 2013

Scammers Impersonate Bank Exec on LinkedIn to Target Corporate Bank Accounts | HOTforSecurity

Imagine you receive an e-mail from an unknown prince / political refugee – the classic Nigerian scam of the past 10 years. You wouldn’t fall for that, would you?
Imagine now a legit business proposal from a bank manager with all the credentials, work experience and peers. It’s not even disguised as a Nigerian operation – it’s a business proposition. And it’s on LinkedIn.

We got such a message from an individual impersonating Aziz Mohammad, a manager at a highly popular bank in Malaysia. A brief look at his profile revealed it was built using the visual identity and profile information of the real Aziz Mohammad, a third-degree connection.

The scam message is crafted generically, as it lays the ground for the con: a business proposal for people who have full control of the company, including the possibility to initiate money transfers. The contact information is, of course, an e-mail address that does not belong to the banking institution the impersonator claims to be affiliated with, but rather a disposable account set up with Yahoo.

Hackers gain access to all .edu domains | H-Online

The hacker collective "Hack the Planet" (HTP) has claimed responsibility for an attack on MIT (Massachusetts Institute of Technology) computer systems in late January, in which it claims to have briefly taken control of the university's domain, redirected email traffic, and obtained administrator access to all .edu domains. HTP also claims to have compromised web servers for other sites, including security tool Nmap, network security service Sucuri, IT security company Trend Micro, and network analysis tool Wireshark.

Some of the hacks made use of a zero-day exploit, which the group has now taken the opportunity to disclose, against a vulnerability in the MoinMoin wiki system. Hack the Planet has also released information about an exploit against web servers running ColdFusion 9 or 10. The group claims to have used a variant of this exploit for their April attack on hosting company Linode.

Kali Linux Tutorial - Websploit Framework |

Websploit is an automatic vulnerability assessment, web crawler and exploiter tool. It is an open source command line utility that composed on modular structure. At the time of writing, there are 16 modules are available on Websploit, it can be downloaded from sourceforge project website but it is available on Kali Linux by default.

Websploit can be synchronize with Metasploit WMAP project for web vulnerability scanning, there are four categories of modular are available and they are:

Web Modules
Network Modules
Exploit Modules
Wireless Modules

Phishers target eBay customers via live chat support | Help Net Security

U.K.-based ISP Netcraft is warning users about phishers impersonating eBay's live chat support feature in the hopes of getting their hands on eBay users' login, personal and financial information.

The ISP blocked the bogus site offering the fraudulent service, but says that others might easily pop up.

In this particular case, the phishers were using a third-party live chat service provided by Volusion, and the fraudulent chat window was, at first, showing the eBay logo.

The eBay branding later disappeared from the site, and was replaced by a place-holder company logo, which means that the phishers can easily impersonate any of the other companies that outsource their live chat support. The fact that Volusion's services have a valid SSL certificate could also make many victims believe that they are dealing with a legitimate service.