Language Selection

English French German Italian Portuguese Spanish

Bogus blogs snare fresh victims

Filed under
Security

The bogus web journals are being used as traps that infect visitor's machines with keylogging software or viruses.

Filtering firm Websense said it had found hundreds of bogus blogs baited with all kinds of malicious software to snare the unwary.
Websense warned that the baited blogs could get past traditional security measures that try to protect people from malicious programs.

The company said blogs were being used because they inadvertently offered lots of help to computer criminals.

Blogs are free and simple to use, offer users lots of storage space, can be used anonymously and most do not scan stored files for viruses and other malicious programs.

Websense said it had seen examples of some computer criminals creating a legitimate looking weblog, loading it with keylogging software or viral code, and then sending out the address of it through instant messenger or spam e-mail.

"These aren't the kind of blog websites that someone would stumble upon and infect their machine accidentally," said Dan Hubbard, Websense's research director. "The success of these attacks relies upon a certain level of social engineering to persuade the individual to click on the link."

Estimates indicate that there could be more than 200 bogus blogs in existence that are being used to attack net users.

Full Story.

More in Tux Machines

More on Canonical and Kubernetes

Docker 1.12.2 Linux App Container Engine Enters Development, Improves Swarm Mode

Docker's Victor Vieux announced the other day the release and immediate availability for download of the first RC (Release Candidate) snapshot of the upcoming Docker 1.12.2 open-source application container engine. The first point release of Docker 1.12, a major branch that introduced built-in orchestration and routing mesh, a brand new Swarm Mode, as well as numerous networking security improvements, Docker 1.12.1, was announced last month on the 18th, and since then the development team never stopped improving the software. Read more

FreeBSD Delaaays and OpenBSD Founder Theo de Raadt Upset

  • FreeBSD 11.0-RELEASE Needs To Be Respun Due To Security Issues
    The delayed FreeBSD 11.0 release just suffered another last-minute set-back. While "FreeBSD 11.0-RELEASE images" were distributed to FTP mirrors and the official announcement expected today, these images need to be re-spun to contain some security fixes and thus pushing back the official release. Glen Barber noted today on the mailing list, "Although the FreeBSD 11.0-RELEASE has not yet been officially announced, many have found images on the Project FTP mirrors. However, please be aware the final 11.0-RELEASE will be rebuilt and republished on the Project mirrors as a result of a few last-minute security fixes we feel are imperative to include in the final release."
  • FreeBSD 11.0 Operating System Lands October 5 Due to Last-Minute Security Issues
    A few minutes ago, Glen Barber informed the FreeBSD community that they should not hurry and install the ISO images of the FreeBSD 11.0 operating system made available a few days ago on the official FTP mirrors. These images aren't safe to use and contain various security vulnerabilities that need to be fixed before the FreeBSD Project will officially unveil the final release of the FreeBSD 11.0 operating system in the coming days. According to the release schedule, FreeBSD 11.0 should hit the streets later today, September 29, 2016. However, until then the FreeBSD development team is hard at work patching those nasty security issues and rebuilding the final ISO images, which will be made available on the respective FTP mirrors later today as FreeBSD 11.0-RELEASE-p1. If you're already running FreeBSD 11.0-RELEASE, you will soon be provided with instructions to safely update your system
  • OpenBSD Founder Calling For LLVM To Face A Cataclysm Over Its Re-Licensing
    For over one year there's been talk of LLVM pursuing a mass relicensing from its University of Illinois/NCSA Open Source License, which is similar to the three-clause BSD license, to the Apache 2.0 license with explicit mention of GPLv2 compatibility. As mentioned in that aforelinked article, this re-licensing is moving ahead.