Hi all! Frank Coleman here. Thanks for poppin’ in.
I may ramble; I may wax eloquent; I may surprise even me.
What ever transpires here, is meant to stir thought.
“UBU” is my mantra.
I’ll let You-Be-You as long as you let Me-Be-Me.

‘Nuff said.


IRS freezes its fraud prevention contract with Equifax

The suspension came after the discovery of an adware installer in Equifax’s website.

The IRS got a lot of flak from both ordinary citizens and lawmakers when it awarded Equifax a fraud prevention contract earlier this month. After all, they forged their partnership after the credit reporting agency revealed that it recently suffered a massive security breach that affected 145 million Americans. Now, after reports came out that an adware installer lived in the agency’s website, IRS has decided to temporarily suspend the $7.2 million, no-bid contract.

IRS commissioned Equifax to verify the identities of taxpayers signing up for a Secure Access account, which gives people access to online tax records and transcripts, on its website. Sign ups for Secure Access accounts have been suspended as a result, but anybody who already has one will not be affected.



Equifax breach hit 2.5 million more Americans than first believed

Elizabeth Weise and Nathan Bomey, USA TODAY

(Photo: Mike Stewart, AP)

SAN FRANCISCO — Equifax said hackers may have stolen the personal information of 2.5 million more U.S. consumers than it initially estimated, bringing the total to 145.5 million.

The company said the additional customers were not victims of a new attack but rather victims who the company had not counted before. Equifax hired the forensic security firm Mandiant to investigate the breach, and it finished its report on Sunday.

News of the new victims comes on the eve of congressional testimony to be given by Equifax’s former CEO Richard Smith, who will address a House subcommittee on Tuesday. He was forced into retirement last week in the wake of the attack.

In prepared remarks posted Monday, Smith said the hack was possible because someone in Equifax’s security department didn’t patch a flaw the company had been alerted to by the U.S. Computer Emergency Readiness Team.

A scan performed later to check that the patch had been implemented failed to detect that it hadn’t, Smith said. He gave no reason why the company’s workers failed to install the so-called Apache Struts upgrade.



Watch out! Facebook hijacking malware is spreading

By Francis Navarro,
October 1, 2017

Cybercriminals are cunning social engineers. They love exploiting our connections, relationships and our innate trust in others. They also know that when we see our circle of friends or relatives “like” or “share” something in social media, we tend to factor in their opinions and oftentimes, we get influenced by their actions too, unconsciously or otherwise.

This also works with general Facebook posts. When we see a post that has thousands of “likes” and “shares,” it’s so easy to “follow the herd” and assume that it is legitimately popular, hence authentic and vetted for.

This is why the Facebook like-farming is such a big business right now and it’s still a growing industry simply because it’s profitable.

Now, watch out! Hackers and cybercriminals are finding ways to automate Facebook “likes” at our expense.

Faceliker malware
According to security researchers from McAfee Labs, a type of malware that takes over Facebook accounts to spread “likes” is on the rise and it’s spreading fast.

Dubbed as “Faceliker,” this trojan is spread via web browser redirections to poisoned websites loaded with the malware. It accounts for 9 percent of the 52 million new malware samples detected within the first and second quarters of 2017.

According to McAfee Labs, the program doesn’t do additional tasks like steal user passwords or spread additional malware on Facebook. Its sole purpose is simply to generate “likes” for specific posts.

“It hijacks Facebook account clicks in such a way that users think they are liking one thing, but the malware is redirecting the click,” McAfee Labs stated in an official blog post. “It acts on their behalf to click another ‘like’ button without their knowledge.”

Similar to like farming scams, cybercrooks can then sell this like-padding service to Facebook Pages who want to inflate their numbers.

Note: Click here to read about the massive click farms that can artificially boost likes too.

This is troubling in this era of fake news since any post, news article or video can then be made to appear to be more popular or accepted than it actually is. Ultimately, this can be used to spread misinformation and influence opinions within Facebook.

“Faceliker leverages and manipulates the social media and app-based communications we increasingly use today,” McAfee Labs Vice President Vincent Weafer said. “By making apps or news articles appear more popular, accepted, and legitimate among friends, unknown actors can covertly influence the way we perceive value and even truth.”

Now, before we all bring our pitchforks and blame Facebook for this rising malware, McAfee Labs stresses that “Faceliker is not the fault of Facebook. Rather, it is something users bring to Facebook.”


IDShield is the answer!