Information Security Links Feb 2 - Feb 9, 2014

·         Android Malware posing as Adobe Flash: http://securitywatch.pcmag.com/mobile-security/320339-mobile-threat-monday-fake-flash-app-targets-android

{C}o   If you have download apps from a third-party Android marketplace be wary of an app or text message that asks you to update the flash on your phone. Unlike your desktop, Adobe will not send you a notice via an app or text message that you need to update the Flash on your phone.

·         Fake AV still being distributed on Dailymotion: http://threatpost.com/dailymotion-still-infected-serving-fake-av-malware/

{C}o   The 96th most popular site on the internet is installing Fake AV software on computers that visit the site. The issue was first reported on Jan 7, 2014, but remains unresolved by the sites administrators. If you’ve visited the site in the last month on your work machine please contact DoITSecurity@dew.sc.gov to have the machine checked out. Malwarebytes is a free utility you can download and scan your home machine with.

·         The Super Bowl wifi username and password reaches the internet: http://grahamcluley.com/2014/02/superbowl-wifi-password/

{C}o   There are so many things wrong here. The biggest takeaways, though, are to be aware of your surroundings when other people are around and don’t put your password somewhere for the world to see. Hiding it under your keyboard is not an acceptable way to store your password.