Week in Geek: Fake Firefox Update Contains Trojan

This week we learned how to set up remote access for your Android device, “set up one-way file syncing, fix missing boot managers, & sync iTunes to an Android phone”, learned what Wake-on-LAN is and how to enable it, found out what your favorite brainstorming tools are, had fun customizing our desktops with a Steampunk theme, and more.

Photo by zgrredek.

Weekly News Links

• Fake Firefox update includes password-stealing trojan
  Security specialist Sophos reports that it has discovered new spam email messages that claim to be an advisory related to an update to the open source Firefox web browser. The fake advisory asks users to update their Firefox installations, “for security reasons”, and includes a download link to the supposed update.
• Malware network gains from new malvertising attack
  A malware delivery network said to be the world’s largest has tapped on Web advertisements as its latest modus operandi for fake antivirus attacks, according to Blue Coat Systems.
• Images used to break into BlackBerry servers
  RIM has issued a warning of a critical security hole in its BlackBerry Enterprise Server, which attackers can use to compromise a system remotely.
• Consumers Union: Beware when buying by cell phone
  T-Mobile USA customers who purchase digital goods online and opt to have the charge show up on their phone bill are vulnerable to fraud, according to Consumers Union.
• Hong Kong stock exchange halts trading after hack attack
  Hackers broke into the Hong Kong stock exchange news Web site this past Wednesday, forcing the exchange to suspend trading of seven companies, according to The Wall Street Journal.
• Google also passes on European data to US authorities
  Google is making data that is stored in its European data centres accessible to authorities in the United States. When asked by the German language WirtschaftsWoche magazine, a company spokesperson said that Google has passed on European user data to US intelligence services on several occasions.
• Apple updates malware definitions for fake Flash Player trojan
  With the most recent trojan threat in the fake Flash installer, Apple has again updated its XProtect definitions property list, so in the next day or two OS X systems will be updated to automatically handle this threat if exposed to it.
• 22 holes closed in Microsoft’s August Patch Tuesday
  As announced, Microsoft has issued 13 bulletins to close a total of 22 vulnerabilities on its August Patch Tuesday. Most of the holes are in Internet Explorer, as described in bulletin MS11-057.
• Adobe fixes critical vulnerabilities in four products on patch day
  On its official patch day, Adobe has released updates to fix security vulnerabilities in five products: Shockwave Player, Flash Media Server, Flash Player, Photoshop CS5 and RoboHelp.
• North Korea’s army of online game hackers
  The New York Times reports that North Korea has unleashed a squad of hackers to infiltrate South Korean gaming sites. The two countries have technically been at war for almost 60 years, and cyber-attacks are the modern-day equivalent to a slap in the face.
• Free web service cracks internet kiosks
  At the Defcon hacker conference, which ended on Sunday, New Zealand security specialist Paul Craig released version 5 of iKAT (Interactive Kiosk Attack Tool). iKAT is a free web service that tries to bypass the protective mechanisms of internet kiosk PCs and gain control of the systems.
• Firefox 8 to tell aggressive add-ons to back off
  Mozilla is taking steps to protect users from programs that install add-ons in Firefox without user permission, citing numerous reasons including security concerns and the desire to make sure that the person using Firefox has ultimate control of the add-ons installed.
• Twitpic founder says Heello to Twitter clone
  Noah Everett is looking to take out the bird with one clone. The Twitpic founder appears to be serving up a bit of revenge with his latest venture, Heello, a feature-for-feature Twitter clone, right down to the “@” symbol and the pastel tones.
• Cisco and Twitter join Linux patent protection pool
  Cisco, the networking giant and Twitter, the social networking company, have joined the Linux patent protection organization, Open Invention Network, along with a host of other companies.
• Researchers: Anonymous and LulzSec need to focus their chaos
  The online vigilante groups Anonymous and LulzSec are weakening their cause with scattershot attacks and need to get more intelligent and focused, according to a panel of computer security experts at the DefCon hacker conference in Las Vegas.

Random TinyHacker Links

• Searching for a Dropbox alternative?
  If you are, then you should give Windows Live Mesh a try. It has some pretty awesome features, all described in detail in this article.
• BitDefender – New Logo & New Versions
  To celebrate their 10 years of existence – BitDefender has launched a new version of products and changed its visual identity. Is the performance of their 2012 products worthy of the new logo? Find out from this review.
• The Evolving Geek
  A fun infographic depicting the many facets and types of geeks.
• UPenn Eyes ‘Huge’ Cancer Breakthrough
  While we don’t ordinarily aim to post current events, this may be a watershed event in finding the cure for cancer. We can only hope.
• A Lighter Shade of Green
  In lieu of Standard & Poor’s August 5th downgrade of U.S. Government debt to AA+, here is the larger world view (as of July 28th) of perceived ability to pay back sovereign bondholders. Obviously this chart does not take into account the amount of debt or whether a country is in decline or surging (see Brazil, India, etc.)

Super User Questions

If you have questions, then Super User has the answers you need.

Note: There were so many good questions available this week that it was too difficult to narrow it down to five, so we have included extra ones!

• Why does Firefox force a 3 second delay before installing add-ons?
• How to install real Firefox on Debian 6?
• How to analyze a link to figure out the actual link?
• How to quickly empty a very full recycle bin?
• Unable to delete folder in windows 7?
• Will my computer slow down if I install multiple operating systems?
• How can I explain what a computer virus is to people who are not familiar with computers and programming?
• Computer only works on its side
• Does unused thermal paste get old?
• Which Static Electricity prevention tools do actually work?

How-To Geek Weekly Article Recap

Had a busy week? Then get caught up on your weekly reading with our hottest HTG Main articles of the week.

• When Should You Properly “Eject” Your Thumb Drive?
• How To Fix the Dark Shadows that Ruin Great Photos
• How To Use an External GPS Device with Your iPad or iPhone
• How to Schedule Your Computer to Wake Up at Specific Times with DD-WRT
• My Photos Look Different on the Internet! How Can I Fix Them?

Geeky Goodness from the ETC Side

Put the fun back into your weekend with our most popular ETC posts of the week.

• Awesome Wi-Fi Network Names [Humorous Image]
• Set Up a Posthumous Password Contingency Plan
• What can You Find Lurking in Your Keyboard? [Comic]
• SuperCopier Is a Lightning Fast Alternative Windows File Copier
• The Valley of Dreams [Wallpaper]
• The Evolution of Video Games Over Time [Image]
• The Android Robot goes Backpacking [Wallpaper]
• Glass Apples [Wallpaper]
• Magnetism Trick Looks Like Anti-Gravity [Video]
• Sunset on a Lonely Alien World [Wallpaper]

One Year Ago on How-To Geek

Tweak your Windows system this weekend with these great articles from one year ago.

• What’s the Simplest Way to Minimize Applications to the System Tray?
• How to Stop Windows from Shutting Down or Rebooting
• How To Disable or Enable the Homegroup Feature in Windows 7
• Other Ways to Use Your PC When Your Internet Dies
• Create a Windows 7 Theme Pack From Scratch

How-To Geek Comics Weekly Roundup

• Carbon Life Forms
• Old School Smart Phone
• Bullet Point Presentation
• Steroids for Gaming
• Interactive Television