Security Alerts & News
by Tymoteusz A. Góral

History
#1731 Small Business Information Security: The Fundamentals (PDF)
NIST developed this interagency report as a reference guideline about cybersecurity for small businesses. This document is intended to present the fundamentals of a small business information security program in non-technical language.
#1730 Malicious images on Facebook lead to Locky ransomware
Researchers have discovered an attack that uses Facebook Messenger to spread Locky, a family of malware that has quickly become a favorite among criminals.

The Ransomware is delivered via a downloader, which is able to bypass whitelisting on Facebook by pretending to be an image file.

The attack was discovered on Sunday by malware researcher Bart Blaze, and confirmed later in the day by Peter Kruse, another researcher that specializes in internet-based crime and malware.
GET YOUR DAILY SECURITY NEWS: Sign up for CSO's security newsletters

The attack leverages a downloader called Nemucod, which is delivered via Facebook Messenger as a .svg file.
#1729 Symantec buys anti-ID fraud firm LifeLock for $2.3 billion
Symantec, one of the biggest consumer computer security firms in the world, is about to become even bigger with plans to buy LifeLock—an identity-theft protection service.

The proposed $2.3 billion (£1.86 billion) deal has been okayed by the boards of directors of both companies, and is expected to close in the first quarter of 2017, pending regulatory approval.

LifeLock's shareholders will receive $24 (£19.45) per share—a 16 percent premium to its closing price on Friday of $20.75.

Symantec, which owns the Norton suite of cybersecurity software, claimed that the deal will make it the world's largest consumer-facing online protection outfit.
#1728 Here’s a secret: ɢoogle.com is not google.com
In fact, the letter ‘G’ is a Latin Letter Small Capital, Unicode 0262. Compared side by side with a real capital G, they would look like ‘ɢ G’ — see the difference? Notice how the ‘G’ in the image is the same size as the lowercase letter ‘o’? It’s not the G you thought it was.
#1727 The odd, 8-year legacy of the Conficker worm
Eight years ago, on November 21st, 2008, Conficker reared its ugly head. And since then, the “worm that roared” – as ESET’s distinguished researcher Aryeh Goretsky puts it – has remained stubbornly active.

Targeting Microsoft Windows, it has compromised home, business and government computers across 190 countries, leading experts to call it the most notorious and widespread worm since the emergence of Welchia some five years earlier.

Conficker, as we’ll go onto explore, spawned numerous versions, each promising different attack methods (from injecting malicious code to phishing emails and copying itself to the ADMIN part of a Windows machine). Ultimately though, the worm leveraged – and indeed, continues to leverage – an old, unpatched vulnerability to crack passwords and hijack Windows computers into a botnet. These botnets would then be used to distribute spam or install scareware (again, as they are today).
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12