[Plantsci] FW: ua.InfoSec Monthly Update - April 2012
Mario Marquez
mmarquez at ag.arizona.edu
Tue Apr 3 14:45:31 MST 2012
<http://security.arizona.edu/monthlyupdate> Description: Description: UA
Information Security Office
April 2012
If you have trouble reading this newsletter, please click
<http://www.security.arizona.edu/monthlyupdate> here.
Trojan Android Games Send Expensive SMS Messages
New Android malware seems to continue to roll off the criminal assembly
lines. Criminals continue to target the Android mobile platform churning out
different variations of scams every day. The most recent is from China in
which downloading an innocent game can get you into trouble. The latest
example pretends to be a legitimate Chinese game called "The Roar of the
Pharaoh" (the real version is not made for Android) which has a Trojan
attached. Once installed the malicious application gathers sensitive
information (IMEI, IMSI, phone model, screen size, platform, phone number,
and OS version) and sends it off to the malware's authors. Like many other
mobile Trojans, this one sends SMS messages to premium rate SMS numbers. The
mobile phone companies provide the payment processing and you receive the
phone bill with the fraudulent charges. To read the full story, go to
http://nakedsecurity.sophos.com/2012/03/29/trojan-android-games-send-expensi
ve-smss/
Description:
http://cdn.aarp.net/content/dam/aarp/money/scams_fraud/2011-10/200-cell-phon
e-smishing-scammers-identity-theft.imgcache.rev1317407009096.jpg
BBB Warns of Text Scam Offering Walmart Gift Cards
The Better Business Bureau is warning of a new scam coming to your
cellphone. The BBB is fielding complaints across the country about texts
claiming to offer a $1,000 Walmart gift card. A link in the text takes the
unwary recipient to a website asking for personal information. Such a
message is called "smishing", similar to phishing, only geared to texts, or
SMS. If the smisher gains enough information about you they can hack your
phone or computer gaining access to everything from banking to personal
photo albums. For the BBB's advice on how to avoid smishing, go to:
<http://www.bizjournals.com/sacramento/news/2012/03/21/bbb-text-scam-walmart
-giftcards.html>
http://www.bizjournals.com/sacramento/news/2012/03/21/bbb-text-scam-walmart-
giftcards.html
Mac Backdoor Trojan Embedded Inside Booby-Trapped Word Documents
An interesting new Mac malware attack was discovered this week. A backdoor
Trojan horse, which would allow a remote hacker to access your Mac computer
without your knowledge and potentially snoop on your files and activity, has
been discovered hidden inside a booby-trapped Word document due to a
critical security vulnerability in Microsoft Word. If you open the Word
document, a Trojan horse gets dropped onto your Mac opening a backdoor for
remote hackers. Don't be fooled into thinking that you are protected by Mac
OS X itself, which will ask for an administrator's username and password to
install software. You won't see any prompt for credentials when this malware
installs, as it is a userland Trojan meaning that software applications can
run in userland with no difficulties, and even open up network sockets to
transfer data. For more on the story visit:
http://nakedsecurity.sophos.com/2012/03/30/mac-malware-backdoor/
For additional tips and updates on mobile security, check out our page!
Like Us!!!
Description: facebookpic.jpgGo to
<https://www.facebook.com/uainfosec?sk=wall>
https://www.facebook.com/uainfosec?sk=wall, and you'll come across our key
lock symbolDescription: UA Information Security.
Want more information on how to protect your device?
Check out our new Mobile Device page!
Description:
http://meship.com/Blog/wp-content/uploads/2011/03/mobile-security-cloud-comp
uting.jpg
Your mobile devices keep you connected with your life, all while fitting
nicely in your hands. As handheld mobile devices become ever more
sophisticated, more of our work, personal information, and sensitive data is
stored on them. As people have become so accustomed to having their devices
at an arm's reach, they tend to not think about the consequences of what
could happen to all of the information on it if it's lost, stolen, or even
hacked. People's casualness with these devices is making it easier and
easier for this to happen.
For the top tips on how to secure and protect your mobile devices as well as
information on Anti-Virus and Anti-Malware visit the Mobile Device Security
page at http://security.arizona.edu/mobiledevice. Check back often for
additional information.
*Security Tip*
Mobile Apps: How To Use Them Safely
The use of mobile applications (apps) is increasing in parallel with the
increased use in mobile devices. The continued growth of mobile apps
requires a spotlight on security. The risks include access to information
such as physical location or contacts lists, as well as the ability for the
apps to download malware, such as keyloggers or programs that eavesdrop on
phone calls and text messages. Hackers are quickly learning how to harvest
legitimate applications and repackage them with malicious code before
selling/offering them on various channels. It is predicted that 2012 will
see an upsurge in cell phone hacking through the use of mobile applications
on smartphones. Find out what you can do to protect against mobile hacking
by reading our full security tip at
<http://www.security.arizona.edu/sites/default/files/april2012securitytip.pd
f>
http://www.security.arizona.edu/sites/default/files/april2012securitytip.pdf
.
<http://security.arizona.edu> InfoSec Web Site |
<mailto:CIO-ISO at email.arizona.edu> Contact Us
InfoSec Monthly Update is distributed by
Information Security Liaisons for the
University Information Security Office
1077 N. Highland Avenue, Tucson, Arizona 85721
C2012 Arizona Board of Regents
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 277 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 19901 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 4230 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.png
Type: image/png
Size: 51718 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.png
Type: image/png
Size: 110960 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 130255 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.png
Type: image/png
Size: 59398 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0006.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.jpg
Type: image/jpeg
Size: 9618 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image012.jpg
Type: image/jpeg
Size: 742 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0001.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image013.jpg
Type: image/jpeg
Size: 34991 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 663 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 6226 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0003.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image015.jpg
Type: image/jpeg
Size: 4992 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0004.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image016.jpg
Type: image/jpeg
Size: 15288 bytes
Desc: not available
URL: <https://list.cals.arizona.edu/pipermail/plantsci/attachments/20120403/85455307/attachment-0005.jpg>
More information about the Plantsci
mailing list