January 30, 2013

Facebook Application Can Shame You

It is well known that Facebook applications required user's permissions to do specific actions. In some cases, people are not aware of the consequences.

I would like to demonstrate it on the "MakoConnect" Facebook application... This application required the following permissions:

Looks innocent? Not exactly.... See the result below:

For those of you who don't understand Hebrew, this Facebook application shares the article that someone read, which its title has something with exposing hooters. 

January 20, 2013

Nigerian 419 scam

Yesterday I received SMS from unknown number with very tempting message:
I decided to ask Google about this message.. I found that someone tried to collect information about me, or even worse, to do a big scam. This scam called "Nigerian 419", which is a group of upfront payment or money transfer scam. See more details in scamwatch.

January 8, 2013

Application whitelist - the good, bad and evil

We know that...

The common way to protect operating systems from malicious attacks is by installing endpoint protection system to prevent malwares, zero-day attacks and all the cool stuff we know.
However, there is additional concept of white listing all operating system's files and not allowing any other applications to run, e.g. Bit9 Parity product. 

The good

It can prevent from unauthorized applications to execute.

The bad

If the operating system is already infected, the malicious activity will continue to operate.

The evil

- If the protection is based on MD5 hash, it can be bypassed using MD5 collision attack.
- Sometimes runtime environments might be used for malicious software execution, e.g. if Java Runtime Environment (JRE) is installed on the operating system, then malicious java code can run (currently still work on Bit9 Parity).