Thursday Threat Report: Anonymous social networks that aren't so anonymous, Microsoft Word's security hole, and Google's hack

Welcome to ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.

Walls have ears

Anyone who thought that recently released anonymous social networks Secret and Whisper offered a new age of privacy and unaccountability online should take a second look, according to new research. .It turns out both secrecy startups would hand over your information to the authorities at the drop of a hat.

Secret and Whisper, which claim to allow users to communicate anonymously, both have a "whistleblowing" function that can act as a mouthpiece for users wanting to reveal information and users are being advised to read the small print before sharing anything.

Point blank

Cyber thieves are increasingly using malware to steal credit and debit card information from point of sale [POS] systems by capitalising on a disparity in the level of protection employed by many companies.

A recent report stated that most malware isn't sophisticated, and if companies were more vigilant and invested more money in security they could prevent details being pilfered.

"I know that innovation gets people's attention, but the same techniques that people have been using for a long time still work. So companies need to beef up on Security 101," Curt Wilson, an Arbor analyst told eWeek.

It looks like you're trying to hack the government...

Taiwan has fallen prey to a Microsoft Word vulnerability that was identified back in March and is still being used by attackers despite the fact that it has been patched.

Trend Micro reports that a range of attacks have been carried out against both Taiwanese government bodies and educational institutions in the country even though the vulnerability was patched up during Microsoft's April Patch Tuesday release.

The first attack was in the form of a malicious email attachment that was sent to a government employee and it had a title linked to a national poll that made it look legitimate.

Taiwan has fallen prey to a Microsoft Word vulnerability that was identified back in March and is still being used by attackers despite the fact that it has been patched.

Google phishing attack

Finally, Google account holders are warned to be vigilant after an enhanced phishing attack was spotted that can give hackers full access to any user's account.

Bitdefender, the antivirus security firm, detailed that a hard to spot email is sent out to customers explaining that they need to increase the email storage quota of the account involved and the threat has so far bypassed Google Chrome's uniform resource identifiers [URIs]

"What is interesting about this phishing attack is that users end up having the "data:" in their browser's address bar, which indicates the use of a data URI scheme," stated Catalin Cosoi, chief security strategist at Bitdefender.

orthole Ad

404

Sorry! Page not found.

The article you requested has either been moved or removed from the site.