Forum Thread: Daily CYBERCLIPS December

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Open Discussions

This thread has been marked as locked.
mogs Daily CYBERCLIPS December
Member 1st Dec, 2011 19:41
Ranking:
Posts: 6,279
User Since: 22nd Apr, 2009
System Score: N/A
Location: UK

Fifteenth Edition.
Thankyou for the support thro' the last month. Hope you find something of value/interest in the new thread. The new INDEX thread will follow shortly.
Please refrain from scoring on both threads.
Security is the mainstay of the thread with some related and varied topics.
Scroll down for the latest posts !!
Note; that no entry/post should be taken as a personal recommendation, unless otherwise stated.
Please continue to keep CYBERCLIPS free of junk and unattractive to any contentious individuals..
* Keep patching : up to date : be Cybersafe ! *

--

mogs CClip 1
Member 1st Dec, 2011 19:50
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Duqu hackers scrub evidence from command servers, shut down spying op
Delete all files and logs just days after researchers revealed botnet's existence

By Gregg Keizer

Computerworld - The hackers behind the Duqu botnet have shut down their snooping operation, a security researcher said today.

The 12 known command-and-control (C&C) servers for Duqu were scrubbed of all files on Oct. 20, 2011, according to Moscow-based Kaspersky Lab.

That was just two days after rival antivirus firm Symantec went public with its analysis of Duqu, a Trojan horse-based botnet that many security experts believe shared common code and characteristics with Stuxnet, the super-sophisticated worm that last year sabotaged Iran's nuclear program.

More to read at :-
http://www.computerworld.com/s/article/9222293/Duq...

--
Was this reply relevant?
+0
-0
mogs CClip 2
Member 1st Dec, 2011 19:53
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Finding Attack Patterns at the Digital Crime Scene

Using scientific methods, Symantec researchers aim to profile the IT threat landscape.

By Sean Michael Kerner

In the physical world of criminal investigation, police investigators aim to build a profile of the criminal in an effort to help catch the guilty party. The same basic idea is now being applied in the cyber world.

Symantec Labs has been working on a number of different research efforts under the project names WOMBAT (Worldwide Observatory of Malicious Behaviors and Attack Threats) and VIS-SENSE to try and help profile and detect online criminal activity. Marc Dacier, senior director at Symantec told InternetNews.com that the WOMBAT project was a joint project funded by the European Union that led to some practical use at Symantec.

"The idea behind WOMBAT was to evaluate from a rigorous scientific point of view what is going on in the online threat landscape," Dacier said.

More to read at :-
http://www.esecurityplanet.com/network-security/fi...

--
Was this reply relevant?
+0
-0
mogs CClip 3
Member 1st Dec, 2011 19:58
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Lessons from the 'water plant hack' that never happened
FBI found no evidence of a cyber intrusion at an Illinois utility, but questions remain -- along with lessons for preventing future attacks

By Robert Lemos | InfoWorld
Two weeks ago, the Internet was abuzz with news of a network intrusion into a utility's operation and control system that caused months of glitches and the eventual failure of a water pump. Details of the alleged intrusion came from a leaked alert issued earlier in November by Illinois's fusion center, the Illinois Statewide Terrorism and Intelligence Center that is supported by the U.S. Department of Homeland Security. The alert suggested that an intrusion from a Russian Internet address was to blame.

While many media reports touted the attack as potentially the first known intrusion to damage critical infrastructure, the DHS soon refuted details of the initial alert, following an investigation by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT).

"After detailed analysis of all available data, ICS-CERT and the FBI found no evidence of a cyber intrusion into the SCADA system of the Curran-Gardner Public Water District in Springfield, Illinois," stated a statement (PDF) issued last week.

More at :-
http://www.infoworld.com/t/network-security/lesson...

--
Was this reply relevant?
+0
-0
mogs CClip 4
Member 1st Dec, 2011 20:02
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Apple loads Carrier IQ's trackerware onto IOS devices

But refrains from keylogging
By Lawrence Latif
Thu Dec 01 2011, 13:49
FLOGGER OF SHINY TOYS Apple has been fingered for loading Carrier IQ's tracking software on Iphones through IOS.
Last week Carrier IQ, a mobile analytics firm, was at the centre of a privacy storm as a security researcher claimed that many smartphones run its tracking and debugging software. Initially Google's Android was identified but now it seems that Apple has been including Carrier IQ's software in several versions of IOS, including the latest IOS 5.
Although Apple ships Carrier IQ's software, the researchers claim it is relatively easy to turn off from the Settings menu in IOS. However it is interesting to see that Apple has engineered the software to run from a number of different daemons.
Carrier IQ said its software does not log keystrokes, though that has been called into question after researchers claimed to have proof that the firm's software can log keystrokes and does so in some installations. In the case of Apple's IOS, the version of Carrier IQ's software doesn't seem to log keystrokes, but it still can send back information on the device's phone number, mobile operator and location.

More at :-
http://www.theinquirer.net/inquirer/news/2129353/a...

--
Was this reply relevant?
+0
-0
mogs CClip 5
Member 1st Dec, 2011 20:10
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Medical data breaches soar, according to study
By George V. Hulme

Security breaches among healthcare organizations are soaring. That's the conclusion of the Second Annual Benchmark Study on Patient Privacy and Data Security conducted by the Ponemon Institute and sponsored by ID Experts.

A total of 72 healthcare organizations where surveyed, and, on average, the cost of data breaches to these organizations rose $183,526 to $2,243,700 from 2010. The absolute number of breaches are also increasing: up 32 percent year over year, with 96 percent of those providers surveyed reporting at least one data breach in the past 24 months.

More at :-
http://www.pcadvisor.co.uk/news/security/3322306/m...

--
Was this reply relevant?
+0
-0
mogs CClip 6
Member 1st Dec, 2011 20:15
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 1st Dec, 2011 20:16


--
Was this reply relevant?
+0
-0
mogs CClip 7
Member 1st Dec, 2011 20:22
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 8
Member 1st Dec, 2011 22:13
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 9
Member 2nd Dec, 2011 08:17
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Chrome Beta Channel Update
Thursday, December 1, 2011 | 17:54
Labels: Beta updates
The Beta channel has been updated to 16.0.912.59 for Windows, Mac, Linux, and Chrome Frame.

For an overview of key features in this release check out the Google Chrome Blog. Interested in switching to the Beta or Stable channels? You can also take a look at the changelog to see what happened in this release since .41.

Find out how. If you find a new issue, please let us know by filing a bug.

Anthony Laforge
Google Chrome

--
Was this reply relevant?
+0
-0
mogs CClip 10
Member 2nd Dec, 2011 08:22
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 11
Member 2nd Dec, 2011 08:26
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Does your smartphone run Carrier IQ? Find out here

Apple, AT&T, Sprint confirm; Nokia, RIM, Verizon deny
By Dan Goodin in San Francisco

Posted in Security, 1st December 2011 22:56 GMT

The roster of confirmed smartphone manufacturers and network providers using the controversial Carrier IQ tracking software has grown to include Apple, AT&T, Sprint, HTC, and Samsung. Verizon, Nokia, and Research in Motion, meanwhile, have denied reports saying they employ it.

In a statement that was widely reported on Thursday, Apple confirmed that some undisclosed products use the software, which an independent researcher has documented secretly monitors users' key presses even when they're entered into webpages protected by the SSL protocol.

Apple didn't say which devices still use the diagnostic software or how long the company has relied on it. But according to a report published on Thursday by Ars Technica, the only iOS 5 device that runs Carrier IQ is the iPhone 4. "Other devices running iOS 5, such as the iPad, the new iPhone 4S, and older iPhone models updated to iOS 5 have had Carrier IQ stripped out," the report said, citing Apple.

Read more at :-
http://www.theregister.co.uk/2011/12/01/apple_spri...

--
Was this reply relevant?
+0
-0
mogs CClip 12
Member 2nd Dec, 2011 08:47
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 13
Member 2nd Dec, 2011 10:23
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Adobe Patches Flex Security Vulnerability

The company has released an update to patch a flaw that could enable cross-site scripting attacks.

December 01,
Adobe has released a patch for a flaw in the Flex SDK that could enable cross-site scripting attacks.

"Adobe is recommending that Flex users update their vulnerable versions of the framework as soon as possible and then go through the process of determining whether any apps built with those Flex releases are vulnerable," writes Threatpost's Dennis Fisher.

"The company has produced a technical note that explains how to check whether apps built with Flex include vulnerable SWF files," Fisher writes. "Once a user has determined that an app is vulnerable she has two options: repair the app or patch Flex and then rebuild the app."

Go to "Adobe Fixes Flaw in Flex SDK Framework" to read the details.

http://www.esecurityplanet.com/patches/adobe-patch...

--
Was this reply relevant?
+0
-0
mogs CClip 14
Member 2nd Dec, 2011 22:45
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 2nd Dec, 2011 22:47
Skype flaw reveals users' location, file-downloading habits
A team of researchers has uncovered an issue that threatens Skype users' privacy by putting their location and identity up for grabs

By Joan Goodchild | CSO


Researchers have found a flaw in Skype, the popular Voice-over-Internet-Protocol service which allows users to make video phone calls and internet chat with their computers. The vulnerability can expose your location, identity and the content you're downloading. Microsoft, which owns Skype, says they are working on the problem.

The issue was uncovered earlier this year by a team of researchers from Polytechnic Institute of New York University (NYU-Poly), MPI-SWS in Germany and INRIA in France and included Keith Ross, Stevens Le Blond, Chao Zhang, Arnaud Legout, and Walid Dabbous. The team presented the research in Berlin recently at the Internet Measurement Conference 2011 in a paper titled "I know where you are and what you are sharing."

The researchers found several properties of Skype that can track not only users' locations over time, but also their peer-to-peer (P2P) file-sharing activity, according to a summary of the findings on the NYU-Poly web site. Earlier this year, a German researcher found a cross-site scripting flaw in Skype that could allow someone to change an account password without the user' consent.

"Even when a user blocks callers or connects from behind a Network Address Translation (NAT) -- a common type of firewall -- it does not prevent the privacy risk," according to a release from NYU-Poly.

More at :-
http://www.infoworld.com/d/security/skype-flaw-rev...

--
Was this reply relevant?
+0
-0
mogs CClip 15
Member 2nd Dec, 2011 22:50
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Yahoo Messenger flaw enables spamming through other people's status messages
The unpatched vulnerability in Yahoo Messenger allows attackers to change other people's status messages automatically

By Lucian Constantin | IDG News Service


An unpatched Yahoo Messenger vulnerability that allows attackers to change people's status messages and possibly perform other unauthorized actions can be exploited to spam malicious links to a large number of users.

The vulnerability was discovered in the wild by security researchers from antivirus vendor BitDefender while investigating a customer's report about unusual Yahoo Messenger behavior.

The flaw appears to be located in the application's file transfer API (application programming interface) and allows attackers to send malformed requests that result in the execution of commands without any interaction from victims.

"An attacker can write a script in less than 50 lines of code to malform the message sent via the YIM protocol to the attacker," said Bogdan Botezatu, an e-threats analysis & communication specialist at BitDefender.

"Status changing appears to be only one of the things the attacker can abuse. We're currently investigating what other things they may achieve," he added.

More at :-
http://www.infoworld.com/d/security/yahoo-messenge...

--
Was this reply relevant?
+0
-0
mogs CClip 16
Member 2nd Dec, 2011 22:54
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft's Internet Explorer 9 finally overtakes Chrome and Firefox on Windows 7

Thanks to Windows Update
By Lawrence Latif
Fri Dec 02 2011, 15:29
SOFTWARE REDEVELOPER Microsoft's Internet Explorer 9 (IE9) web browser has finally overtaken Mozilla's Firefox and Google's Chrome on Windows 7, Microsoft claims.
Microsoft's Internet Explorer 9 was the firm's first web browser in years that actually had something going for it, and is widely acknowledged as having improved standards compliance and performance. However even with a persuasive brand, only now has IE9 overtaken its open source rivals Firefox and Chrome on Windows 7.
Citing Net Applications' figures, Microsoft's said its latest web browser has just edged above Google Chrome to take top spot among what Microsoft terms 'modern browsers' on Windows 7. While Internet Explorer 9 has surpassed its contemporary rivals, Microsoft concedes that Internet Explorer 8 is still the most popular web browser among Windows 7 users.

More at :-
http://www.theinquirer.net/inquirer/news/2129802/m...

--
Was this reply relevant?
+0
-0
mogs CClip 17
Member 2nd Dec, 2011 22:56
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Chrome overtakes Firefox in the web browser race

And next up, Internet Explorer
By Chris Martin
Fri Dec 02 2011, 12:46
BEANCOUNTERS at Statcounter have revealed that Google's Chrome web browser has leap-frogged Mozilla's Firefox in global market share.
The latest figures from the firm show that Chrome has taken a slightly higher percentage of market share to take second place behind Microsoft's Internet Explorer. Globally, Chrome now has 25.69 per cent usage compared to Firefox at 25.23 per cent, according to Statcounter.
Aodhan Cullen, CEO of Statcounter said, "We can look forward to a fascinating battle between Microsoft and Google as the pace of growth of Chrome suggests that it will become a real rival to Internet Explorer globally."
"Our stats measure actual browser usage, not downloads, so while Chrome has been highly effective in ensuring downloads our stats show that people are actually using it to access the web also."

http://www.theinquirer.net/inquirer/news/2129700/c...

--
Was this reply relevant?
+0
-0
mogs CClip 18
Member 2nd Dec, 2011 23:04
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 19
Member 3rd Dec, 2011 18:08
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Malware writers launch 'Electronic Payment' malware attack A newly-discovered malware attack is targeting users with the promise of an electronic money transfer to lure victims.
Researchers with Solera Networks have reported that the attack uses web-based exploits to perform an 'drive-by' malware download. Additionally, the attackers make use of Google's goo.gl link-shortening service to hide the location of the attack site.
The attacks claim to originate from the "Electronic Payments Association" and notify users of a failed direct deposit attempt. When users click on the link included with the message they are redirected to a site which attempts to perform a number of exploits including attacks on vulnerabilities in Flash and Java.
Andrew Brandt, director of threat research for Solera Networks Labs told V3 that the attacks are part of a much larger trend of cyber criminals targeting browser plug-ins and third party components.
"I am seeing non-stop examples of this every day now and it is becoming a really big deal," Brandt said.
"Even with an older browser you can be relatively safe if you update things like Flash, Adobe Reader and Java."
The attacks also highlight the migration of malware writers to third-party link-shortening services. Other malware and spam operations have made similar use of link-shortening tools to insulate targets from the actual attack site.

For Brandt, the attacks show just how varied cyber criminals have become in their methods for attacking users with malware.
"They are switching gears from sending the malware as an attachment to drive-by downloads," he said.
"Next week it will be different, but I keep seeing these attacks over and over again."

http://www.v3.co.uk/v3-uk/news/2129904/malware-wri...




--
Was this reply relevant?
+0
-0
mogs CClip 20
Member 3rd Dec, 2011 18:12
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
ITU-IMPACT drill tests international cyber defences
by Shaun Nichols

03 Dec 2011
The United Nations International Telecommunications Unit (ITU) has launched a security exercise aimed at simulating an online attack against four countries in Southeast Asia.
The agency said its one-day exercise is designed to test the readiness of computer emergency response team (CERT) organisations in Vietnam, Cambodia, Laos and Myanmar. Among the situations simulated in the drill were web site defacements, malware infections and massive spam attacks.

The ITU said the drill was part of its International Multilateral Partnership Against Cyber Threats (IMPACT) project. The aim of the operation was to test the ability of underdeveloped and developing nations to handle cyber attack scenarios.

More at :-
http://www.v3.co.uk/v3-uk/news/2129903/itu-impact-...

--
Was this reply relevant?
+0
-0
mogs CClip 21
Member 3rd Dec, 2011 18:29
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Spending on security companies booming, PwC finds
Everyone wants a piece of the industry
By John E Dunn | Techworld | 03 December 11

The $60 billion global computer security industry has become a hot sector for a range of investors, including mainstream IT companies, aerospace, defence giants and private equity, a PricewaterhouseCoopers (PwC) analysis has reported.

With the exception of the recessionary year of 2009, the last three years has seen an M&A mini-boom with spending on security companies rising every year to reach record heights in 2011, which has already recorded $10.1 billion of deals.

This figure was exaggerated by the huge $7.8 billion Intel paid for McAfee in February, but there have been other notable deals in the current year including the $612 million Dell paid for SecureWorks, and Raytheon's $490 buy of Applied Signal Technology.

The rationale for buying security companies varies from sector to sector. Defence contractors want to diversify as military spending is constrained by financial deficits in many NATO countries, while rival tech companies simply see security as a lucrative element to add to their portfolios.

More at :-
http://www.pcadvisor.co.uk/news/security/3322674/s...

--
Was this reply relevant?
+0
-0
mogs CClip 22
Member 3rd Dec, 2011 18:33
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 23
Member 3rd Dec, 2011 18:39
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 3rd Dec, 2011 18:40


--
Was this reply relevant?
+0
-0
mogs CClip 24
Member 5th Dec, 2011 19:35
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Browsing history can be stolen despite current defenses, expert demonstrates
Security expert demonstrates reliable way of stealing browsing history using cache timings
By Lucian Constantin | 05 December 11

Stealing browsing history is still possible despite defenses currently implemented in browsers, according to Google security engineer and vulnerability researcher Michal Zalewski.
History theft is a type of attack that can expose what websites users have visited in the past by determining how their browsers display links to them. By default, all browsers display previously visited links differently than non-visited links, due to definitions in their internal Cascading Style Sheets (CSS).

CSS-based history theft not only violates the privacy of the victims, but can actually assist hackers in performing other, more serious, attacks. For example, a phisher could use this method to determine what banking websites victims have visited and then pose as those institutions.

"In the past few years, browser vendors have severely crippled CSS :visited selectors in order to prevent CSS-based history snooping that made the headlines not long ago," Zalewski said in a blog post. However, other methods of extracting browsing history information without relying on CSS exist.

One such technique is to calculate how fast certain websites are rendered by the user's browser and using the results to determine if they were loaded from the cache. In order to be in the browser's cache, a page needs to have been visited at some point.

While possible in theory, cache timing attacks were considered impractical because they were slow, visible to the victim, and impossible to execute more than once. However, that's no longer the case, according to Zalewski, who devised a proof-of-concept, cache-based history stealing attack that overcomes most of those limitations.

Read more at :-
http://www.pcadvisor.co.uk/news/security/3322893/b...

--
Was this reply relevant?
+0
-0
mogs CClip 25
Member 5th Dec, 2011 19:43
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Lookout releases free Carrier IQ detection app
Sniffs out controversial software on Android smartphones, but doesn't delete it
By Gregg Keizer | Computerworld US | 05 December 11

A mobile security software company last Friday released a tool that detects Carrier IQ, the software embedded in numerous smartphones that has raised questions from users, privacy advocates and even Congress.

Lookout, best known for the Android security software by the same name, launched the free Carrier IQ Detector last week. It can be downloaded from the Android Market .

The tool only detects the presence of Carrier IQ on Android handsets: It does not scrub the software from the smartphone .

More at :-
http://www.pcadvisor.co.uk/news/mobile-phone/33228...

--
Was this reply relevant?
+0
-0
mogs CClip 26
Member 6th Dec, 2011 06:33
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Amazon Expiration Emails Lead to Phishing
Emails that alert recipients their Amazon online accounts are about to be deactivated turn out to be part of a cleverly designed phishing campaign that targets users with the purpose of stealing their credentials.

The message provided by Graham Cluley reads:

Dear customer,
Your online account is about to expire and will be deactivated.
Please confirm wether you want to continue using Amazon or not.
If the answer is yes, download and complete the attached form.
If the answer is no, please ignore this e-mail.
Best wishes,
Amazon Team
Note - Do not reply to this e-mail.

The message comes with an HTML attachment that represents a form which requires the user to provide loads of sensitive information that will allow a hacker to steal his account.

Sophos detected the attached file as Troj/Phish-AZ which means that a good antivirus solution can keep you safe in case you might believe the warning to be true.

I will take this opportunity to remind you how to avoid phishing campaigns and how to identify malicious emails.

Read more at :-
http://news.softpedia.com/news/Amazon-Expiration-E...

--
Was this reply relevant?
+0
-0
mogs CClip 27
Member 6th Dec, 2011 21:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 28
Member 6th Dec, 2011 21:37
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 29
Member 6th Dec, 2011 21:42
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Google struggling to meet cookie law requirements
by Dan Worth

Google has admitted that it is struggling to create a system of processes that will allow the firm to abide by new cookie laws owing to the sheer number of its products that are affected by the rules.
The cookie law is an amendment to the ePrivacy Directive which came into force on 26 May, and requires web site owners using cookies to achieve explicit consent from visitors to install and run cookies on their systems.

Anthony House, public policy manager at Google, said the company's work on compliance is "in progress" but is taking longer than the firm had hoped.
"One of the things that has made us move more slowly than we would like is that we have to cover it from all the angles," he said at an event to discuss the issue hosted by law firm Field Fisher Waterhouse and attended by V3.

More at :-
http://www.v3.co.uk/v3-uk/news/2130520/google-stru...

--
Was this reply relevant?
+0
-0
mogs CClip 30
Member 6th Dec, 2011 21:48
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Cyber-thieves using DDoS to distract banks and victims from spotting fraud
Fraudsters launch DDoS attacks against banks after they steal money from their customers

By Lucian Constantin | IDG News Service

Cyber-thieves are using DDoS (distributed denial-of-service) attacks in order to distract banks from spotting and reversing fraudulent wire transfers initiated on behalf of their customers.

The FBI has recently issued an alert about fake emails that purport to come from the NACHA (National Automated Clearing House Association) and distribute a variant of the Zeus banking trojan.

According to the bureau, after infecting computers with this notorious piece of malware, the fraudsters steal online banking credentials and launch DDoS attacks against the financial institutions used by the victims.

The attacks serve as a diversion, said Neal Quinn, vice president of operations at DDoS mitigation provider Prolexic, in a phone interview. Cyber-thieves believe that this will distract the bank's personnel and prevent them from spotting the fraudulent activity, he explained.

DDoS attacks against financial institutions are not new and Prolexic has observed them for a long time, said Quinn. In the past such attacks were launched by phishers to add credibility to their claims that banks are having technical difficulties.

More at :-
http://www.infoworld.com/d/security/cyber-thieves-...

--
Was this reply relevant?
+0
-0
mogs CClip 31
Member 7th Dec, 2011 10:06
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 32
Member 7th Dec, 2011 11:10
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Computerworld - Adobe today confirmed that an unpatched, or zero-day, vulnerability in Adobe Reader is being exploited by criminals.

Those attacks may have been aimed at defense contractors.

Adobe promised to patch the bug in the Windows edition of Reader and Acrobat 9 no later than the end of next week. Tuesday, Dec. 12 is also Microsoft's regularly-scheduled Patch Tuesday for the month.

The upcoming patch will be Adobe's sixth for Reader and Acrobat this year.

"A critical vulnerability has been [found] in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, Adobe Reader 9.4.6 and earlier 9.x versions for Unix, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh," Adobe said in an early-warning email. "This vulnerability could cause a crash and potentially allow an attacker to take control of the affected system."

The company issued a security advisory with what information it was willing to share.

Read more at :-
http://www.computerworld.com/s/article/9222454/Hac...

--
Was this reply relevant?
+0
-0
mogs CClip 33
Member 7th Dec, 2011 11:15
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Opera Update Patches Three Security Flaws

The vulnerabilities are fixed in version 11.60.

December 06, 2011
Version 11.60 of the Opera Web browser was recently released.

"Code-named 'Tunny,' the update addresses a vulnerability affecting some two- and three-letter top-level domains (TLD) that could allow cookies to be set for the TLD itself; these cookies could then be read by other sites using that TLD," The H Security reports.

"A problem related to a weakness in the SSL v3.0 and TLS 1.0 specifications which could be used for eavesdropping attacks against some applications, and a cross-domain information leakage problem in the JavaScript 'in' operator, have also been fixed," the article states.

Go to "Opera 11.60 fixes security bugs" to read the details.

http://www.esecurityplanet.com/browser-security/op...

--
Was this reply relevant?
+0
-0
mogs CClip 34
Member 7th Dec, 2011 11:20
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Intel patches flaw that allows hardware-based security feature bypass
Patching the elevation of privilege vulnerability in the SINIT Authenticated Code Modules required considerable effort from Intel

By Lucian Constantin | IDG News Service

Intel underwent a complex patching process in order to fix a recently discovered flaw in the SINIT ACMs (Authenticated Code Modules) that allowed for the TXT (Trusted Execution Technology) implemented in its microprocessors and chipsets to be bypassed.

The elevation of privilege vulnerability was discovered by security firm Invisible Things Lab, whose researchers found a similar flaw in SINIT ACM two years ago. In fact, according to Joanna Rutkowska, the company's founder and CEO, the issue discovered in 2009 was a subset of this newly found vulnerability.

The researcher said that she was surprised to see Intel rate the severity of this flaw as important, while the 2009 was rated as critical. "What is really interesting about the attack are the consequences of SINIT mode hijacking, which include ability to bypass Intel TXT, LCP, and also compromise system SMRAM [System Management RAM]," Rutkowska said in a blog post.

This vulnerability is significant because Intel's Trusted Execution Technology is a hardware extension to the company's microprocessors and chipsets that is meant to provide a protection mechanism against software-based attacks. TXT can be used by companies to control how information is stored, processed, and exchanged on their systems.

Read more at :-
http://www.infoworld.com/d/security/intel-patches-...

--
Was this reply relevant?
+0
-0
mogs CClip 35
Member 7th Dec, 2011 11:26
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Yahoo Messenger Bug Lets Hackers Hijack Status Updates

Written by
Ravi Mandalia

07 December, 2011bug/vulnerability yahoo messenger yahoo! hackers

Security researchers have come across an exploit in Yahoo Instant Messenger that has not been patched yet, which would allow a wave of malware to enter enterprise networks across the globe.

A researcher with BitDefender, a security firm, Bogdan Botezatu, on the company's blog wrote that the new patched version of the Yahoo Messenger has a vulnerability which lets a remote attacker to change the status message on the victim's account.

Even though this type of attack seems harmless but, according to the researcher the hacker can exploit this accessibility and encourage the friends and other online connections of the user to click on various malicious links, which will eventually infect their machines.

"The victim's status message [could be] swapped with an attention-getting text that points to a page hosting a zero-day exploit targeting the IE browser, the locally installed Java or Flash environments, or even a PDF bug", reads the Company blog, malwarecity.com.

Botezatu also commented that such accessibility to the status message is important and valuable for the hackers because online connections of the victim are most likely to check and also click on such links as compared to other malicious spam sent via email.

At present the users of Yahoo Messengers who can receive messages from people outside their contact list are exposed to this attack.



Read more: http://www.itproportal.com/2011/12/07/yahoo-messen...

--
Was this reply relevant?
+0
-0
mogs CClip 36
Member 7th Dec, 2011 11:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 37
Member 7th Dec, 2011 11:39
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 38
Member 7th Dec, 2011 11:43
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
ICM Registry has begun accepting general registrations for the .xxx top level domain (TLD), allowing site owners and businesses to lay claim to the new adult-only addresses.
The domains went on sale officially at 16:00 GMT, and can be claimed through partnering registries or the buy.xxx portal.

The general availability follows the 'sunrise period' during which companies were allowed to claim addresses related to owned trademarks.
ICM Registry said that it has yet to compile detailed figures of the first day of domain availability, but demand for .xxx domains has been strong. The sunrise period was extended through late October following higher than expected interest.
Designed primarily for adult sites, .xxx seeks to create a clear and verified system for identifying and isolating adult content. All sites within the domain will be scanned with anti-malware tools from McAfee to guard against attack sites commonly associated with adult services.

More at :-
http://www.v3.co.uk/v3-uk/news/2130634/registratio...

--
Was this reply relevant?
+0
-0
mogs CClip 39
Member 7th Dec, 2011 13:28
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft slates Windows 8 beta for late February 2012
Company's app store to launch simultaneously, free apps only

By Gregg Keizer
December 7, 2011 06:38 AM ET
Computerworld - Microsoft on Tuesday confirmed that it will release a public beta of Windows 8 in late February, 2012.

The company broke the news at a San Francisco developers event Tuesday, where Antoine Leblond, vice president of Windows Web services, touted Windows Store, the app market that will be the sole distribution channel for applications designed to run in Windows 8's new "Metro" interface.

Windows Store will open to the public at the same time Windows 8's beta ships, a Microsoft spokeswoman said.

While Microsoft has yet to talk about an official launch date for Windows 8, the beta's timing hints at a fall 2012 debut, assuming the company paces Windows 8's final development and testing as it did Windows 7's.

More at :-
http://www.computerworld.com/s/article/9222470/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 40
Member 7th Dec, 2011 19:54
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Cross-site scripting flaws plague web apps, report says
Code-scanning vendor Veracode found nearly a third of Web applications had SQL injection flaws

By Jeremy Kirk
December 7, 2011 08:32 AM ET
IDG News Service - Cross-site scripting flaws are the most prevalent vulnerabilities found in Web applications, posing a risk to data and intellectual property, according to a study of thousands of applications by vendor Veracode.

Veracode, a company that specializes in finding vulnerabilities in code, analyzed more than 9,900 applications that were submitted to its cloud-based scanning service over the last 18 months.

For Web applications, 68% contained cross-site scripting flaws, Veracode found in its study. Cross-site scripting is an attack in which a script drawn from another website is allowed to run even though it shouldn't and it can be used to steal information or potentially cause other malicious code to run.

Veracode also found that 32% of Web applications contained a SQL injection problem, a type of issue where commands entered into Web-based forms are executed, potentially returning sensitive data.

Other prevalent flaws Veracode found were CRLF (Carriage Return Line Feed) injection issues, which can allow an attacker to control a Web application or steal information, the report said.

Veracode said it tightened its risk-evaluation methodology for its latest report and adopted a zero-tolerance policy for applications found to have a cross-site scripting or SQL injection flaw.

"The result of this new policy on application performance was drastic," the report said. "Over eight in 10 applications across all supplier types failed to pass when first tested."

More at :-
http://www.computerworld.com/s/article/9222474/Cro...

--
Was this reply relevant?
+0
-0
mogs CClip 41
Member 7th Dec, 2011 19:59
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 42
Member 8th Dec, 2011 21:56
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 43
Member 8th Dec, 2011 22:02
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Digital certificate authority suspends ops following breach

Hackers access database, gain control over website
By Dan Goodin in San Francisco

Posted in Enterprise Security, 8th December 2011 17:44 GMT
Websites belonging to a Netherlands-based issuer of digital certificates were unavailable following reports hackers penetrated their security and accessed databases that should have been off limits.

Dutch telecommunications giant KPN issued a statement (translation here) that said it temporarily shut the website of it's Gemnet subsidiary while it investigated the hack. A second website belonging to a KPN subsidiary that issues digital certificates to the Dutch government was also taken down.

The breach, which was first reported by Webwereld journalist Brenno de Winter, is the latest to compromise one of the several hundred online businesses authorized to mint digital certificates millions of websites and government and corporate networks rely on to shield communications from eavesdroppers. In August, another Netherlands-based certificate authority also suspended operations after it issued a fraudulent secure sockets layer certificate for Google.

More at :-
http://www.theregister.co.uk/2011/12/08/certificat...

--
Was this reply relevant?
+0
-0
mogs CClip 44
Member 10th Dec, 2011 18:44
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
- Released for Windows Mac and Linux, stability and feature improvements
Google Chrome has updated the Dev channel to build 17.0.963.2 for all supported platforms Windows, Mac and Linux. This is also the branch for future beta and stable releases.

The effect is that this build of the browser adds no new features and the development team will focus on readying for beta and stable stages from now on.

One of the most important improvements touches on the background mode manager. The problem with the component was that it would not display the name of the profile in the status icon.

The applied fix now makes it show the correct name from the profile info cache. By doing this, any changes in the profile info cache ensure that the correct details are displayed at all times.

http://news.softpedia.com/news/Google-Chrome-Dev-F...

--
Was this reply relevant?
+0
-0
mogs CClip 45
Member 10th Dec, 2011 18:47
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft Silverlight 5 Now Available for Download

The gold version of Silverlight 5 was just made available for download, after being expected to make an official appearance in November.

Microsoft has just announced that the plug-in was released to manufacturers. The software is available for download on the web as well.

Released on December 9th, the new Silverlight 5 is available as a free download that weighs in at 7 MB, and which should be easily installed on Windows and Mac machines.

The technology is available with support for web browsers like Internet Explorer, Firefox, Google Chrome and Safari.

The new version of Silverlight 5 comes with features such as Hardware Decode of H.264 media, along with improved graphics stack with 3D support, and more.

More at :-
http://news.softpedia.com/news/Microsoft-Silverlig...

--
Was this reply relevant?
+0
-0
mogs CClip 46
Member 10th Dec, 2011 18:50
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 47
Member 10th Dec, 2011 18:59
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Foxit Reader 5 Gets Security Update

Version 5.1.3 patches a highly critical vulnerability.

December 09, 2011 Share
Version 5.1.3 of Foxit Software's PDF Reader was recently released.

"According to the company, previous versions of Foxit Reader contained a vulnerability, rated as 'highly critical' by security specialist Secunia, is said to be caused by the 'cross-border assignment of an array' which results in memory corruption," The H Security reports.

"The issue was reported to the company early last month and versions up to and including Foxit Reader 5.1.0.1021 are affected; users are advised to upgrade to 5.1.3 to fix the issue," the article states.

Go to "Foxit Reader 5 update close security hole" to read the details.

http://www.esecurityplanet.com/patches/foxit-reade...

--
Was this reply relevant?
+0
-0
mogs CClip 48
Member 10th Dec, 2011 19:05
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft plans 20 patches next week
The final Patch Tuesday of the year will deliver 14 security updates and is likely to fix the Duqu and BEAST bugs

By Gregg Keizer | Computerworld

Microsoft announced Thursday it will issue 14 security bulletins next week to patch 20 vulnerabilities in Windows, Internet Explorer (IE), Office, and Windows Media Player.

Among the patches will likely be ones to plug the hole used by the Duqu intelligence-gathering Trojan, and to fix the SSL (secure socket layer) 3.0 and TLS (transport layer security) 1.0 bug popularized three months ago by the BEAST, for "Browser Exploit Against SSL/TLS," hacking tool, security experts said.

"They're all over the map," said Andrew Storms, director of security operations at nCircle Security, describing the wide range of Microsoft products slated for patching. "It looks like a big cleanup, where they're trying to get as much as they can off their plate before the end of the year."

Three of the 14 updates were tagged with Microsoft's "critical" label, the highest threat ranking in its four-step system, while the remaining 11 were marked "important," the second-highest rating.

Bugs in 10 of the updates could be exploited by attackers to remotely plant attack code on unpatched PCs, Microsoft said in its monthly advance notification that precedes each Patch Tuesday. A number of those bulletins were pegged as important, a move Microsoft makes when the bugs cannot easily be exploited because the pertinent components are not switched on by default or because defensive technologies like ASLR and DEP help protect users.

Storms pointed to the IE update as the one that users should apply as soon as possible, advice he -- and other researchers outside Microsoft -- regularly give when Microsoft patches its browser

Read more at :-
http://www.infoworld.com/d/security/microsoft-plan...

--
Was this reply relevant?
+0
-0
mogs CClip 49
Member 10th Dec, 2011 19:11
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Two zero-day vulnerabilities found in Flash Player
Researchers release exploit for two zero-day remote code execution vulnerabilities in Flash Player

By Lucian Constantin | IDG News Service


Two newly discovered vulnerabilities in Adobe's Flash Player can be exploited to execute arbitrary code remotely, according to advisories from the U.S. Computer Emergency Readiness Team (US-CERT) and various security research companies.

The security flaws were discovered by Russian vulnerability research firm Intevydis, which integrated exploits for them in its Vulndisco module for Immunity Canvas, a popular penetration-testing application.

Intevydis has no plans to notify Adobe about these vulnerabilities, company founder and CEO Evgeny Legerov said. Two years ago, Legerov announced that his company will no longer notify vendors about the vulnerabilities it discovers.

Intevydis is not the only security company that adopted the "no more free bugs" approach. French vulnerability research firm Vupen is also an adept of this philosophy and only shares information about the security issues it discovers with its paying customers.

The exploits developed by Intevydis for the two zero-day Flash Player vulnerabilities can bypass Windows anti-exploitation features including DEP and ASLR, and can escape the Internet Explorer sandbox, Legerov wrote on the Immunity mailing list on Tuesday.

Read more at :-
http://www.infoworld.com/d/security/two-zero-day-v...

--
Was this reply relevant?
+0
-0
mogs CClip 50
Member 10th Dec, 2011 19:15
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft has a kill-switch in Windows 8 app store

To mitigate Windows 8 security woes
By Lawrence Latif

SOFTWARE REDEVELOPER Microsoft has revealed that it will be able to kill apps bought from the Windows 8 app store.
Microsoft's Windows 8 app store will showcase applications that make use of its Windows 8 Metro user interface. As Microsoft readies the production Windows 8 app store, it has updated its Windows Store terms of use to state that applications could be shut down remotely.
Microsoft said, "We may change or discontinue certain apps or content offered in the Windows Store at any time, for any reason. Sometimes, we do so to respond to legal or contractual requirements." The Redmond firm also cited possible security risks as a reason why it might pull the plug on a purchased app.
Microsoft isn't the first company to install a kill-switch on apps bought through an app store. Both Apple and Google have similar mechanisms to kill apps when they have been identified as being malware or pose serious security threats.

Read more at :-
http://www.theinquirer.net/inquirer/news/2131525/m...

--
Was this reply relevant?
+0
-0
mogs CClip 51
Member 10th Dec, 2011 19:22
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Chrome is the most secured browser - new study

Firefox finishes last in 3 browser security race
By Dan Goodin in San Francisco

Posted in Malware, 9th December 2011 13:45 GMT
Google Chrome offers more protection against online attacks than any other mainstream browser, according to an evaluation that compares exploit mitigations, malicious link detection, and other safety features offered in Chrome, Internet Explorer, and Firefox.

The 102-page report, prepared by researchers from security firm Accuvant, started with the premise that buffer overflow bugs and other security vulnerabilities were inevitable in any complex piece of software. Rather than relying on metrics such as the number of flaws fixed or the amount of time it took to release updates, the authors examined the practical effect protections included by default in each browser had on a wide class of exploits.

Their conclusion: Chrome is the most secured browser, followed closely by Microsoft IE. Mozilla's open-source Firefox came in third, largely because of its omission of a security sandbox that shields vital parts of the Windows operating system from functions that parse JavaScript, images and other web content.

"We found that Google Chrome did the most sandboxing," Chris Valasek, who is a senior research scientist for Accuvant, told The Register. "It restricted the movements more than any other browser. Internet Explorer came up a close second because it implemented a sandbox where you could do certain things but you were allowed to do more things than you could in Chrome. Lastly, Firefox came in last because it didn't implement a sandbox yet."

Read more at :-
http://www.theregister.co.uk/2011/12/09/chrome_ie_...

--
Was this reply relevant?
+0
-0
mogs CClip 52
Member 10th Dec, 2011 19:27
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 10th Dec, 2011 21:46
Attackers take aim at Adobe flaw as wait for patch continues
by Shaun Nichols

10 Dec 2011


Malware writers are continuing to actively exploit a high-profile zero-day flaw in the Adobe Acrobat and Reader platforms.
A report from security firm Sophos has detailed a new spam attack which is being used to spread the remote code execution vulnerability in the wild.

The attack presents itself as an unsolicited financial report. Sophos reported a message claiming to be from Barclay's Capital.
When the user launches the supposed financial report, the attached PDF file launches the Reader and Acrobat attack. Specially-crafted code within the file targets the vulnerability than attempts to download malware-serving trojans.
"We have started seeing a small number of targeted samples in Sophos Labs of attackers trying to use this vulnerability in email attachments," Sophos senior security advisor Chester Wisniewski said in a company blog post.
"The emails are well crafted and look very believable."
The report comes as user anxiously await a fix for the vulnerability from Adobe. The company has been working to address the flaw with an out-of-band security fix scheduled to arrive some time in the coming week.

Read more at :-
http://www.v3.co.uk/v3-uk/news/2131601/attackers-a...

--
Was this reply relevant?
+0
-0
mogs CClip 53
Member 11th Dec, 2011 14:00
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Security roundup: Lockheed Martin sounds alarm on Adobe Reader zero-day; Microsoft patchfest coming
By Ellen Messmer
When Adobe last week issued an advisory about a dangerous zero-day attack based on an unpatched Adobe Reader vulnerability that was being exploited in the wild to try and seize control of both PCs and Macs, it credited Lockheed Martin for sounding the alarm about it.
It's not the first time Lockheed Martin has been known to have come under cyberattack, as happened in May in connection with the RSA SecurID-related advanced persistent threat as we've learned this year. But this week, Lockheed Martin -- perhaps not unlike a modern-day version of Paul Revere -- has done a huge public good in coming forward with reliable information. Once again, U.S. defense contractors are being targeted.

"This vulnerability (CVE-2011-2462) could cause a crash and potentially allow an attacker to take control of the affected system," Adobe states in its Dec. 6 advisory.

However, Adobe said it might be into the week of Dec. 12 in which it can issue all the necessary version patches for Adobe Reader 9.x and Acrobat 9x for Windows for this zero-day. Addressing the issue in Adobe Reader X and Adobe Reader X for Windows, Adobe states, "Adobe Reader X Protected Mode and Adobe Acrobat X Protected Mode would prevent an exploit of this kind from executing," and thus Adobe is currently planning to address the issue in the next quarterly security update for Adobe Reader and Acrobat, currently scheduled for Jan. 10, 2012. The Mac versions, as well as Acrobat Reader 9.x for Unix, would also be part of the Jan. 10, 2012, scheduled update, according to the Adobe advisory.

"This is the changing face of what we're seeing. Adobe is not a security company. They're not built to release the patches right away," says Bradley Anstis, vice president of technical strategy at M86 Security. "But this is clearly a targeted attack as a zero-day."

Symantec, in its analysis of the threat, which it links to so-called Sykipot malware, says "the attacks have been long-running, persistent, and targeted, which leads us to believe what whoever is behind the attacks is after data that includes design, financial, manufacturing or strategic planning information. The use of multiple zero-day vulnerabilities over time and the long list of command and control servers also leads us to the conclusion that an organized, skilled group of attackers, not just a single individual, is behind the attacks."

Read more at :-
http://www.pcadvisor.co.uk/news/security/3324242/s...

--
Was this reply relevant?
+0
-0
mogs CClip 54
Member 12th Dec, 2011 10:50
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 55
Member 12th Dec, 2011 15:26
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Security pros slam Cnet Download.com's bundling
Prominent members of the security community criticize Cnet's Download.com for pairing bloatware with popular free security tools

By Robert Lemos | InfoWorldFollow @infoworld

Programmers have a strong sense of ownership for the software they create. No wonder then that CBS Interactive subsidiary Cnet ran into problems when security researchers found that unwanted toolbars and thinly veiled marketing utilities were being pushed on people who downloaded popular open-source tools and other software.

Last week, well-known security researcher Gordon "Fyodor" Lyon, creator of the popular NMap port-scanning tool, took Cnet to task for wrapping the installation of the tool in an installer that would also place a sponsored utility on the user's systems. During the week, security professionals found that other open-source security tools received similar treatment, including the wireless scanning tool Wireshark and the penetration testing tool Metasploit.

"Many people assumed that a major site like this wouldn't resort to unethical monetization schemes like adding spyware and other malware to their downloads," Lyon wrote in a blog post. "Unfortunately, those people were wrong."

For security professionals, Cnet's bundling of software is particularly egregious because privacy is highly valued and the addition of third-party software can undermine the security of system. Moreover, Cnet did not give adequate notice, argues HD Moore, chief security officer for Rapid7 and the creator of the Metasploit Framework, an open-source security tool.

Read more at :-
http://www.infoworld.com/t/anti-spyware/security-p...

--
Was this reply relevant?
+0
-0
mogs CClip 56
Member 12th Dec, 2011 16:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Web scam-busting trio thwarted by mystery DDoS rocket

Backhanded compliment for fraud alert sites
By John Leyden

Posted in ID, 12th December 2011 12:03 GMT
A bunch of anti-scam sites were knocked offline last week by fierce and apparently well-organised distributed denial of service attacks.

The sites - 419eater.com, scamwarners.com and aa419.org (Artists Against 419) - were swamped with junk traffic for several days. During the attack the sites' administrators turned to blogs, Facebook and other alternative channels to distribute news of newly detected fake payment sites and other urgent anti-fraud information.

"These websites and their users provide excellent exposure for online fraud activities and have been responsible for allowing thousands of prospective victims to detect a scam in play, and get out before losses are incurred," an anonymous reader who was among those who told us about the attacks explained. "They also work actively to kill fake bank sites, fake freight forwarding sites and other criminal resources."

Both 419eater.com and scamwarners.com were back operating normally by Monday morning while aa419.org remains sluggish the load.

Read more at :-
http://www.theregister.co.uk/2011/12/12/anti_scam_...

--
Was this reply relevant?
+0
-0
mogs CClip 57
Member 12th Dec, 2011 16:51
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Clickjacking attacks possible despite framebusting protection
Security researcher demonstrates that clickjacking protection implemented in browsers does not stop all such attacks
By Lucian Constantin | 12 December 11

The so-called framebusting mechanism implemented in browsers to help websites prevent clickjacking attacks doesn't live up to expectations, according to Google security engineer and Web security researcher Michal Zalewski, who released proof-of-concept code to demonstrate it.

"JavaScript allows you to exploit human cognitive abilities to a remarkable extent; tools such as window positioning, history.forward() and history.back() open some scary possibilities that we are completely unprepared to deal with," Zalewski said on his website.

"I wanted to showcase another crude proof-of-concept illustrating why our response to clickjacking -- and the treatment of it as a very narrow challenge specific to mouse clicks and <iframe> tags -- is somewhat short-sighted," he added.

Clickjacking, also known as user interface (UI) redressing, is a type of attack whose purpose is to trick users into performing unauthorized actions by misrepresenting the content displayed in their browsers.

Read more at :-
http://www.pcadvisor.co.uk/news/security/3324495/c...

--
Was this reply relevant?
+0
-0
mogs CClip 58
Member 12th Dec, 2011 17:47
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft releases old recovery software in new wrapper
The free Windows Defender Offline tool looks to be Standalone System Sweeper with a new name and support for Windows 8

By Woody Leonhard | InfoWorldFollow @infoworld

Last week Microsoft released (or perhaps I should say re-released) a beta version of Windows Defender Offline, a seriously useful tool for recovering dead Windows XP (SP3), Vista (RTM, SP1, SP2), Windows 7 (RTM, SP1), or Windows 8 (Developer Preview) systems. Yes, it even works on Windows 8.

Curiously, except for the Windows 8 support, it's almost identical to the old Microsoft Standalone System Sweeper.

Windows Defender Offline is designed to be used when you can't boot an infected PC. You create a Windows Defender Offline USB drive, CD or DVD, or ISO file, then boot from the Windows Defender Offline device. Windows Defender Offline performs a scan based on its stored signature files. Since you're not booting to the copy of Windows installed on your PC, Windows Defender Offline stands a fighting chance at identifying rootkits and other malware that fly underneath the operating system radar.

More at :-
http://www.infoworld.com/t/security-tools/microsof...

--
Was this reply relevant?
+0
-0
mogs CClip 59
Member 13th Dec, 2011 20:14
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Chrome Stable Channel Update
Tuesday, December 13, 2011 | 08:00
Labels: Stable updates

The Google Chrome team is happy to announce the arrival of Chrome 16.0.912.63 to the Stable Channel for Windows, Mac, Linux, and Chrome Frame. Chrome 16 contains some really great improvements including enhancements to Sync and the ability to create multiple profiles on a single instance of Chrome. You can read about it more on the Google Chome blog.

Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix
[81753] Medium CVE-2011-3903: Out-of-bounds read in regex matching. Credit to David Holloway of the Chromium development community.
[95465] Low CVE-2011-3905: Out-of-bounds reads in libxml. Credit to Google Chrome Security Team (Inferno).
[$500] [98809] Medium CVE-2011-3906: Out-of-bounds read in PDF parser. Credit to Aki Helin of OUSPG.
[$1000] [99016] High CVE-2011-3907: URL bar spoofing with view-source. Credit to Mitja Kolsek of ACROS Security.
[100863] Low CVE-2011-3908: Out-of-bounds read in SVG parsing. Credit to Aki Helin of OUSPG.
[101010] Medium CVE-2011-3909: [64-bit only] Memory corruption in CSS property array. Credit to Google Chrome Security Team (scarybeasts) and Chu.
[101494] Medium CVE-2011-3910: Out-of-bounds read in YUV video frame handling. Credit to Google Chrome Security Team (Cris Neckar).
[101779] Medium CVE-2011-3911: Out-of-bounds read in PDF. Credit to Google Chrome Security Team (scarybeasts) and Robert Swiecki of the Google Security Team.
[$1000] [102359] High CVE-2011-3912: Use-after-free in SVG filters. Credit to Arthur Gerkis.
[$1000] [103921] High CVE-2011-3913: Use-after-free in Range handling. Credit to Arthur Gerkis.
[$1000] [104011] High CVE-2011-3914: Out-of-bounds write in v8 i18n handling. Credit to S&#322;awomir B&#322;a&#380;ek.
[$1000] [104529] High CVE-2011-3915: Buffer overflow in PDF font handling. Credit to Atte Kettunen of OUSPG.
[$500] [104959] Medium CVE-2011-3916: Out-of-bounds reads in PDF cross references. Credit to Atte Kettunen of OUSPG.
[105162] Medium CVE-2011-3917: Stack-buffer-overflow in FileWatcher. Credit to Google Chrome Security Team (Marty Barbella).
[107258] High CVE-2011-3904: Use-after-free in bidi handling. Credit to Google Chrome Security Team (Inferno) and miaubiz.


The bugs [95465], [100863], [101494], [102359], [103921] and [105162] were detected using AddressSanitizer.

In addition, we would like to thank miaubiz, Eric Bidelman, and S&#322;awomir B&#322;a&#380;ek for working with us in the development cycle and preventing bugs from ever reaching the stable channel. Various rewards were issued.

Thanks for using Chrome! If you find a new issue, please let us know by filing a bug.

Have a happy holiday season!

Anthony Laforge
Google Chrome

--
Was this reply relevant?
+0
-0
mogs CClip 60
Member 13th Dec, 2011 20:23
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Microsoft quietly launches $99/hr. paid support service
Answer Desk debuts with so little fanfare that Microsoft even deletes blog post announcement

By Gregg Keizer
December 13, 2011 10:28 AM ET
Computerworld - Microsoft has quietly launched a support website where experts charge $99 for one- or two-hour sessions designed to rid PCs of malware, speed up a machine or solve problems with Windows or Office.

Answer Desk debuted with no fanfare from Microsoft, which has not deigned to mention the new service in a press release or promote it on the front page of its domain, or even, surprisingly, on its consumer-slanted Windows website.

One of the few places the service does appear is on the Microsoft Store site, where Microsoft sells its own software, the Xbox game system and select OEM's Windows desktops, notebooks, tablets and smartphones.

The new support option is so low-key that Microsoft apparently scrubbed a Dec. 9 blog announcing Answer Desk. The blog, penned by Blake Morrison -- listed on LinkedIn as a Microsoft senior support escalation engineer -- no longer exists on Microsoft's TechNet blog network, although a cached edition was still available Tuesday morning.

According to Fusible.com, Answer Desk launched last Wednesday. Previously, the same site had reported that Microsoft had acquired the domain last September from a firm called NameRally, a Los Angeles, Calif. "domain parking" company.

The name of the site is clearly a reference to the Answer Desks at Microsoft's 14 brick-and-mortar stores that the company has modeled after rival Apple's "Genius Bar" in-store tech support.

Rates range from $49 for an hour of personalized training to $99 for one- or two-hour tech sessions that focus on cleaning a PC of malware, tuning up a system for maximum performance, or answering questions about Office, connecting to the Internet, and managing files and photos.


Microsoft launched Answer Desk, a new paid support service, in stealth mode last week.
The first chat with an Answer Tech is free, according to the site's FAQ, but additional sessions must be billed to a credit card.

Read more at :-
http://www.computerworld.com/s/article/9222626/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 61
Member 13th Dec, 2011 20:33
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Winamp update addresses three remote code execution vulnerabilities
Winamp 5.623 fixes vulnerabilities that can be exploited via maliciously-crafted AVI files
By Lucian Constantin | 13 December 11

Nullsoft has released Winamp 5.623, a new version of its popular media player application, in order to address three vulnerabilities that could allow remote attackers to execute arbitrary code on people's computers.

The security flaws were discovered by Dmitriy Pletnev from vulnerability management firm Secunia and an independent researcher named Hossein Lotfi, who reported his finding through the company's vulnerability coordination reward program (SVCRP).

All three vulnerabilities were confirmed in Winamp 5.622, but older versions could also be affected. They are located in the application's in_avi.dll and in_mod.dll libraries and can trigger heap-based buffer overflows.

An attacker could exploit these vulnerabilities by tricking victims into opening specially crafted AVI or Impulse Tracker (IT) files. The remote attack vectors include malicious files stored on network shares and WebDAV resources, but also rogue playlists hosted on the Web.

"The vulnerabilities can be remotely exploited by e.g. on a website hosting a .m3u playlist, which is automatically opened and played by Winamp when viewed," said Carsten Eiram, Secunia's chief security specialist.

Winamp 5.623 also fixes other non-security-related bugs in MP3, MP4, AAC and FLAC encoding and decoding components. In addition, it contains miscellaneous tweaks, improvements and optimizations.

http://www.pcadvisor.co.uk/news/security/3324888/w...

--
Was this reply relevant?
+0
-0
mogs CClip 62
Member 13th Dec, 2011 20:39
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
ICO tells firms they 'must try harder' to meet cookie obligations
by Dan Worth

The Information Commissioner's Office (ICO) has told companies that they "must try harder" to meet their obligations under the new cookie law, as the watchdog reaches the half-way stage in the one-year grace period before enforcing the law.
The amendment to the ePrivacy Directive came into force on 26 May and requires firms using cookies that gather data on visitors' behaviour and remember their preferences to achieve "prior consent" before installing and running the technology.

The ICO said that it will wait for 12 months while solutions are proposed and created for businesses to use before taking any action, but warned on Tuesday that they must double their efforts.

More at :-
http://www.v3.co.uk/v3-uk/news/2132088/ico-tells-f...

--
Was this reply relevant?
+0
-0
mogs CClip 63
Member 14th Dec, 2011 10:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft scratches BEAST patch at last minute, but fixes Duqu bug
Admits Duqu-like browser-based attacks possible

By Gregg Keizer

Computerworld - Microsoft today issued 13 security updates, one less than expected, that patched 19 vulnerabilities in Windows, Internet Explorer (IE), Office, and Windows Media Player.

The company punted on one bulletin it had planned to deliver today after SAP told it that the patch broke some of its software.

"The bulletin scheduled to address Security Advisory 2588513 was postponed due to a third-party application compatibility issue that will be addressed by the vendor, with whom we're working directly," Jerry Bryant, group manager in Microsoft's Trustworthy Computing team, said in a statement.

The scrubbed security update was to fix the SSL (secure socket layer) 3.0 and TLS (transport layer security) 1.0 bug demonstrated in September 2011 by researchers who crafted a hacking tool dubbed BEAST, for "Browser Exploit Against SSL/TLS."

Read more at :-
http://www.computerworld.com/s/article/9222639/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 64
Member 14th Dec, 2011 17:08
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

DECEMBER 14, 2011
Google fixes 15 vulnerabilities in Chrome browser
The company releases Chrome 16 and pays researchers $6,000 for high and medium-risk security flaws found and fixed in the new Web browser

By Lucian Constantin

Google has released Chrome 16, a new stable version of its Web browser that addresses 15 high- and medium-risk vulnerabilities.

Four of the security flaws patched in this release stem from errors in Chrome's built-in PDF parser, which is based on Foxit's PDF SDK (software development kit).

Two of them have a medium severity rating and allow attackers to access parts of the system memory that weren't allocated to the program. This can result in the exposure of sensitive information.

The other two allow attackers to execute arbitrary code by tricking victims into opening maliciously crafted PDF files and have a high severity rating.

Other high-risk arbitrary code execution vulnerabilities were identified and fixed in the SVG, range, bidi and internationalized JavaScript handling components. One bug in the view-source feature allows for the address displayed in the URL bar to be spoofed.

In total, there were six high-risk, seven medium-risk and two low-risk vulnerabilities patched in Chrome 16. Seven of them were discovered by Chromium developers and members of the Chrome and Google Security Teams, while the rest were found by external researchers who earned $6,000 through the Chromium Security Reward program for their reports.

Six vulnerabilities were discovered with the help of an open-source tool called AddressSanitizer, Google Chrome engineer Anthony Laforge said in a blog post.

However, while the arbitrary code execution and unauthorized memory access flaws pose a serious risk in theory, their actual impact is severely reduced by Google Chrome's sandbox.

Sandboxing is an anti-exploitation technology that isolates potentially vulnerable components, like those used for content parsing, from the operating system. These components gain access to system resources through a special brokering process that's easier to keep free of bugs.

As a result, if an attacker exploits, for example, a Chrome PDF handling vulnerability, their actions are restricted to the sandboxed environment and they can't execute arbitrary code on the actual system.

A recent Google-funded study conducted by security consultancy firm Accuvant, determined that Chrome is the most secure browser when compared to Internet Explorer and Firefox. Accuvant's researchers analyzed the anti-exploitation technologies implemented in the three browsers, including process sandboxing, plug-in security, JIT hardening techniques, ASLR, DEP and stack cookies (GS).

http://www.infoworld.com/d/applications/google-fix...

--
Was this reply relevant?
+0
-0
mogs CClip 65
Member 14th Dec, 2011 17:13
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
CERTIFICATION AUTHORITY Globalsign has admitted that it was the target of a recent attack, but added that its systems and certificates were not compromised.
The threat of exposure followed the efforts of the Comodohacker, who in early September hacked certificate authority Diginotar and issued bogus certificates as a result. At the time it was suggested that Globalsign had also been affected, but if it was, apparently it was not severely affected.
In a security incident report just released by the firm, it said that despite earlier suggestions it had found no evidence of any rogue certificates having been issued, that no customer data was exposed, and that no harm was done to its infrastructure or systems.
It did confirm that a peripheral web server, which is not part of its certificate issuance infrastructure and hosted a public facing web property, had been breached, however. This means that some data could have been exposed, including publicly available HTML pages, publicly available PDFs, and the SSL certificate and keys issued to www.globalsign.com. According to its statement these were deemed compromised and revoked.
Source:

More at :-
http://www.theinquirer.net/inquirer/news/2132668/g...

--
Was this reply relevant?
+0
-0
mogs CClip 66
Member 14th Dec, 2011 17:18
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 67
Member 14th Dec, 2011 18:38
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Credit card details not at risk
Final Fantasy developer and publisher Square Enix has announced that its member services have been hacked - though the company claims that credit card details have not been compromised.
The hack occurred on 12th of December, with details including usernames potentially stolen by the hackers. However, Square has stated that because the member services servers handled free accounts only, no credit card details had been compromised.
"While some personal information may have been accessed, we can confirm that there is no possibility of any credit card information leak from this incident, since the server in question stores no credit card information."
MCVUK has it that Square announced it had taken down the hacked server - American and Japanese versions of the member websites - for a few days in order to revamp security on the platform and investigate the incident.
"We are assessing the full extent of this potential breach to determine what data, if any, was compromised and will provide more details as soon as possible," the statement read.

This just adds to the number of game companies that have been hacked over the past year, though at least Square has announced it early, unlike companies like Sony that took over a week to let users know their information had been compromised.


Read more: http://www.itproportal.com/2011/12/14/square-enix-...

--
Was this reply relevant?
+0
-0
mogs CClip 68
Member 15th Dec, 2011 22:20
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Adobe promises Reader zero-day patch on Friday
Clues in code point to Chinese hackers behind attacks against defense contractors

By Gregg Keizer

Computerworld - Adobe today said it will release a patch Friday for an older version of the Reader PDF viewer to stymie attacks like those aimed at major defense contractors earlier this month.

Nine days ago, the company confirmed a critical bug in Reader and promised to fix the flaw in Reader and Acrobat 9.x this week.

The exploits uncovered by security researchers were aimed specifically at Reader 9.x using malformed PDF documents attached to bogus emails.

A day after Adobe acknowledged the vulnerability, researchers at Symantec confirmed that attacks had targeted defense contractors, as well as individuals working in the telecommunications, manufacturing, computer hardware and chemical sectors. The attacks spiked Dec. 1, Symantec said.

The attackers may have been hoping to steal confidential information from the targeted firms.

If opened by the recipient, the malicious PDF hijacked the Windows PC, then infected those machines with "Sykipot," a general-purpose backdoor Trojan that was first spotted being used in March 2010 as the payload in attacks exploiting a then-unpatched bug in Microsoft's IE6 and IE7.

More at :-
http://www.computerworld.com/s/article/9222712/Ado...

--
Was this reply relevant?
+0
-0
mogs CClip 69
Member 15th Dec, 2011 22:25
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft gets silent upgrade religion, will push IE auto-updates
Copies Chrome and follows Firefox to get users onto the newest browser without asking permission

By Gregg Keizer

Computerworld - Microsoft today said it will silently upgrade Internet Explorer (IE) starting next month, arguing that taking the responsibility out of the hands of users will keep the Web safer.

The move is an acknowledgement by Microsoft that Google's model -- its Chrome browser has updated in the background without user involvement since it debuted more than three years ago -- is the right one.

"It's the future ... for all software," said Andrew Storms, director of security operations at nCircle Security. "At this point, at least in the consumer space, people are expecting software to be up to date, and for it to do it itself."

Microsoft must agree. Beginning in January it will roll out automatic upgrades of IE to the newest version suitable for a user's version of Windows. Windows XP users still on IE6 or IE7, for example, will be updated to IE8; Windows Vista or Windows 7 users running IE7 or IE8 will be pushed to IE9.
Previously, Microsoft has asked for user permission before upgrading IE from one version to the next, even if Windows' automatic updates are enabled.

More at :-
http://www.computerworld.com/s/article/9222690/Mic...

--
Was this reply relevant?
+0
-0
mogs CClip 70
Member 16th Dec, 2011 23:19
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Adobe patches two vulnerabilities in Reader and Acrobat
Adobe releases out-of-band patch for Adobe Reader and Acrobat 9.x in order to address actively exploited vulnerabilities

By Lucian Constantin | IDG News Service


Adobe Systems has released Adobe Reader and Acrobat 9.4.7 in order to patch two vulnerabilities that are being actively exploited in attacks against companies from the defense industry.

One of the security flaws, identified as CVE-2011-2462, was announced on Dec. 6 after Lockheed Martin's Computer Incident Response Team and members of the Defense Security Information Exchange reported it to Adobe.

Symantec confirmed a few days later that the vulnerability had been exploited since the beginning of November in email-based attacks that targeted companies from the telecommunications, manufacturing, computer hardware, chemical and defense industries.

Since the original advisory was published last week, Adobe has learned of a second vulnerability that was also being exploited in the wild. The company assigned an identifier of CVE-2011-4369 to the new flaw, but it's not clear if it's related to the same attacks as the first one.

"The Adobe Reader and Acrobat team was able to provide a fix for this new issue as part of today's update. Note also that at this time, we are only aware of one instance of CVE-2011-4369 being used," said Wiebke Lips, Adobe's senior manager of corporate communications.

Even though the vulnerabilities also affect the Adobe Reader and Acrobat X (10.x) branch, Adobe decided to postpone updates for these versions until the next scheduled update cycle on Jan. 10.

"Because Adobe Reader X Protected Mode and Adobe Acrobat X Protected View would prevent an exploit of the type currently targeting these vulnerabilities (CVE-2011-2462 and CVE-2011-4369) from executing, we are planning to address these issues in Adobe Reader and Acrobat X for Windows with the next quarterly security update," the company said in a security bulletin published today.

Read more at :-
http://www.infoworld.com/d/security/adobe-patches-...

--
Was this reply relevant?
+0
-0
mogs CClip 71
Member 17th Dec, 2011 21:29
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
It's nothing official, but Mozilla is definitely ready to move to Firefox 9 as they uploaded a candidate for the stable release of this version. You can download it straight from their FTP server.

Officially still in beta channel, Firefox 9 is scheduled to become stable on December 20, when the code migration for all editions is executed.

Among the new features of this version is Type Inference for the JavaScript engine, which should basically bring a huge speed improvement. The speed bump recorded in benchmarks show a 30% faster Firefox in Kraken and V8.

Another important feature is Do Not Track (DNT), which puts the users in control of the way information is collected by the websites they visit. The feature basically informs a page that you do not want your surfing behavior to be recorded by third-party content.

A more detailed list of new features is here. The current Firefox 9 build is still not a final product and may not be ready for official release.[/b]

http://news.softpedia.com/news/Firefox-9-Stable-Ca...

--
Was this reply relevant?
+0
-0
mogs CClip 72
Member 17th Dec, 2011 21:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 73
Member 18th Dec, 2011 13:07
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 18th Dec, 2011 13:08
Pidgin 2.10.1 Patches Security Vulnerabilities

The new version addresses four denial of service flaws.
Version 2.10.1 of the Pidgin open source IM client was recently released, patching several security flaws.

"The maintenance and security update addresses a total of four denial-of-service (DoS) vulnerabilities that could be exploited by an attacker to cause the application to be terminated," The H Security reports.

"According to the developers, three of these issues were caused by incoming strings not being validated as UTF-8, while the fourth was due to a bug in the XMPP protocol plug-in that made it fail if certain required fields were missing in an incoming message," the article states.

Go to "Pidgin IM client 2.10.1 fixes crashing vulnerabilities" to read the details.

http://www.esecurityplanet.com/patches/pidgin-2.10...

--
Was this reply relevant?
+0
-0
mogs CClip 74
Member 18th Dec, 2011 13:12
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 75
Member 18th Dec, 2011 13:17
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 76
Member 18th Dec, 2011 13:23
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Security mandates aim to shore up shattered SSL system

Too little, too late
By Dan Goodin in San Francisco

A consortium of companies has published a set of security practices they want all web authentication authorities to follow for their secure sockets layer certificates to be trusted by browsers and other software.

The baseline requirements (PDF), published this week by the Certification Authority/Browser Forum, are designed to prevent security breaches that compromise the tangled web of trust that forms the underpinning of the SSL certificate system. Its release follows years of mismanagement by individual certificate authorities permitted to issue credentials that are trusted by web browsers. Most notable is this year's breach of DigiNotar, which led to the issuance of a fraudulent certificate used to snoop on 300,000 Gmail users in Iran.

The four dozen or so members of the CAB Forum still have a way to go, since their requirements are meaningless unless they are mandated by the software makers who place their trust in the authorities.

And it's not yet clear that will come to pass. Of the five browser makers queried for this article, only Opera has committed to make compliance with the requirements a condition for including an authority's root certificate in its software. A Mozilla official, meanwhile, said only that the requirements would be discussed among developers in online forums.

A Microsoft statement said the company "will work with the industry Auditors and Certificate authorities to get the new guidelines factored into the Microsoft Root Program." Company representatives didn't respond to an email asking what that means. A Google spokesman said Chrome trusts whatever CAs are trusted by the underlying operating system. Representatives from Apple didn't respond to emails seeking comment.

Read more at :-
http://www.theregister.co.uk/2011/12/17/ssl_certif...

--
Was this reply relevant?
+0
-0
mogs CClip 77
Member 19th Dec, 2011 09:34
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 78
Member 19th Dec, 2011 19:54
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
FAQ: Microsoft's new IE auto-upgrade scheme explained
Who gets what, how to block the upgrade, and more

By Gregg Keizer
December 19, 2011
Computerworld - Last week Microsoft announced it is changing how Internet Explorer upgrades on Windows users' PCs in 2012. Taking users out of the equation, Microsoft said, will make the Web, and them, safer.

The move is a major departure from past practice, which required users to explicitly approve IE upgrades.

While experts have applauded the change, users aren't so sure: Most of the comments appended to Computerworld's story of last week were negative. Maybe they're not sure if it affects them, or when it will reach their PCs.

Or they just don't like Microsoft monkeying with their machines.

We've assembled some of the most pressing questions -- and answers, naturally -- about IE's auto-upgrade to help readers sort it out for themselves.

Read more at :-
http://www.computerworld.com/s/article/9222811/FAQ...

--
Was this reply relevant?
+0
-0
mogs CClip 79
Member 19th Dec, 2011 20:06
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 19th Dec, 2011 20:07
Written by
Jon Martindale
19 December, 2011microsoft picture password windows windows 8

Faster than touch screen typing

Windows 8 will offer a different way to keep your personal account secure beyond the traditionally typed password: picture passwords that let you login by selecting certain sections of an image.

A similar technology has been used in mobile devices sporting the Apple iOS and Android operating systems, so it seems logical that Microsoft would bring the technology to its next gen operating system that has tablets and other mobile devices in-mind.

"At its core, the picture password feature is designed to highlight the parts of an image that are important to you," said a Microsoft spokesperson in a blog post. "It requires a set of gestures that allow you to accomplish this quickly and confidently."

Explaining the process, Microsoft's Zach Pace says that when creating the picture password, Windows 8 remembers the direction used when drawing. This means that should the user circle a person's face, or a specific feature of the image, it will recall whether they went clockwise or anti-clockwise. Similarly, if they draw a straight line, whether it goes left to right, right to left or any other combination, it will be remembered



Read more: http://www.itproportal.com/2011/12/19/windows-8-in...

--
Was this reply relevant?
+0
-0
mogs CClip 80
Member 20th Dec, 2011 11:51
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
IBM, HP, Microsoft lead patching laggards, says bug buyer
ZDI's six-month disclosure deadline results in 21 'zero-day' advisories for those firms' software

By Gregg Keizer

Computerworld - IBM, Hewlett-Packard (HP) and Microsoft led the list of companies that failed to patch vulnerabilities within six months of being notified by the world's biggest bug bounty program, according to HP TippingPoint's Zero-Day Initiative (ZDI).

During 2011, TippingPoint -- a division of HP -- released 29 "zero-day" advisories that provided information on vulnerabilities it had reported to vendors six or more months earlier. Ten of the 29 were bugs in IBM software, six in HP's own software and five were in Microsoft products.

Other companies on the list of late-to-patch vendors included CA, Cisco and EMC.

TippingPoint, which may be best known as the sponsor of the annual Pwn2Own hacking contest, buys vulnerabilities from independent security researchers, privately reports them to vendors and then uses the information to craft defenses for its own line of security appliances.

More at :-
http://www.computerworld.com/s/article/9222829/IBM...

--
Was this reply relevant?
+0
-0
mogs CClip 81
Member 20th Dec, 2011 12:04
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 82
Member 20th Dec, 2011 12:17
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 83
Member 20th Dec, 2011 13:20
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Apache forges ahead with OpenOffice.org suite
Developer release planned; open source organization asserts trademark protection

By Paul Krill

InfoWorld - In its new role as steward of the OpenOffice.org open source office suite, the Apache Software Foundation expects to offer an Apache-branded version of the package for developers in 2012. Apache also is carefully guarding its trademarks.

Apache on Tuesday is releasing a statement about its OpenOffice efforts, entitled "Open Letter to the Open Document Format Ecosystem," which notes the planned 3.4 release, tentatively slated for early 2012. Adobe has just about completed with code clearance stage of the effort, said Don Harbison of the Apache OpenOffice project management committee in an interview.

Built for testing and debugging, version 3.4 is not intended to be a feature release but is geared to comply with Apache IP clearance policies. New end-user releases of OpenOffice.org eventually will follow. Improvements are eyed in areas such as digital signatures and metadata, with the suite adopting technologies from the OASIS ODF 1.2 specification. ODF is leveraged by OpenOffice.org.

More at :-
http://www.computerworld.com/s/article/9222862/Apa...

--
Was this reply relevant?
+0
-0
mogs CClip 84
Member 20th Dec, 2011 13:34
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Is anyone really using Windows 8's preview?
With a download count larger than Windows 7 beta's, Microsoft's Windows 8 preview is being used by just a fourth as many people

By Gregg Keizer
Computerworld - Although millions have downloaded Microsoft's Windows 8 developer preview, relatively few are actually using it, Web measurements show.

During November, Windows 8 powered 0.03% of the computers -- or three out of every 10,000 -- that connected to the Internet, according to data from California-based Net Applications.

That's a small increase from the 0.02% Windows 8 garnered in October, the first full month after Microsoft released a developer preview of the still-under-construction OS to the public.

But Windows 8's current numbers pale in comparison to Windows 7's very early returns three years ago.

Microsoft released the first beta of Windows 7 on January 9, 2009 -- it never offered a developer preview to the general public -- and after a server-side overload, restarted downloads the next day. Three weeks later, Windows 7 accounted for 0.13% of all operating systems, or more than four times what Windows 8 has accrued in two-and-a-half months.

More at :-
http://www.computerworld.com/s/article/9222859/Is_...

--
Was this reply relevant?
+0
-0
mogs CClip 85
Member 20th Dec, 2011 14:48
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Parental Advisory logo expanded to cover digital downloads
Online retailers and streaming sites will now include logo
By Carrie-Ann Skinner | PC Advisor | 20 December 11

The Parental Advisory logo which is displayed on CDs and DVDs and alerts Brits to content that contains explicit lyrics or scenes, has been expanded to cover digital downloads.

Online retailers Amazon, HMV, Napster UK, eMusic, 7digital and Tesco, along with music-video site Vevo, are among those that have agreed to display the logo and a link to the official Parental Advisory website, which offers information for parents about preventing kids from accessing content considered offensive or unbsuitable. Apple's iTunes has been using the logo for some time already.

Geoff Taylor, chief executive of the BPI, told the Telegraph: "We know that the parental advisory logo on CDs and DVDs has been a useful tool for parents, offering them a simple means of identifying music content that may not be suitable for their children".

"We believe that parents need the same guidance when their children are downloading or streaming songs or videos online, so we have extended the logo to digital music services. Our new website gives parents the details they need."

http://www.pcadvisor.co.uk/news/security/3326296/p...

--
Was this reply relevant?
+0
-0
mogs CClip 86
Member 20th Dec, 2011 20:49
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
PC users unlikely to embrace Windows 8
By Gregg Keizer,

Computerworld - Research firm IDC expects to see few Windows 8 upgrades on desktops and laptops, and it even predicts that users of conventional PCs won't show much interest in Microsoft's upcoming operating system.

Microsoft is facing a tough sell with the new operating system, IDC said, because it's trying to span two worlds by offering one platform for tablets and conventional PCs.

"Windows 8 will be largely irrelevant to the users of traditional PCs," said IDC. "We expect effectively no upgrade activity from Windows 7 to Windows 8 in that form factor."

Explaining the dour forecast, IDC analyst Al Gillen said, "Customers will be asking, What value does Windows 8 bring to my desktops and laptops?' And the only real value I can see is it provides access to the Windows app store."

Microsoft first confirmed in August that Windows 8 will feature access to a store; the store will open when the Windows 8 beta ships.

Gillen said that application compatibility issues, and the recent flurry of enterprise adoptions of Windows 7, will also hamper Windows 8 acceptance on PCs.

More at :-
http://www.computerworld.com/s/article/9222747/PC_...

--
Was this reply relevant?
+0
-0
mogs CClip 87
Member 20th Dec, 2011 20:57
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 88
Member 21st Dec, 2011 18:09
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Google keeps the pole position on Firefox searches

Google remains the default at Mozilla
By Dave Neal
Wed Dec 21 2011,
INTERNET SEARCH FIRM Google has retained its search engine as the default in Mozilla's Firefox web browser.
The deal will keep Google as the default search engine on Firefox for at least another three years and the organisations said it is also "significant and mutually beneficial" in terms of revenue.
"Under this multi-year agreement, Google Search will continue to be the default search provider for hundreds of millions of Firefox users around the world," said Gary Kovacs, CEO of Mozilla.
The firms did not announce any details of the deal, other than that they are both pleased about it. Google has its own stripped down web browser, Chrome, while recently Mozilla revealed in its financial reports that it makes 84 per cent of its revenue from the agreement.
"Mozilla has been a valuable partner to Google over the years and we look forward to continuing this great partnership in the years to come," added Alan Eustace, SVP of search at Google in a brief statement.

http://www.theinquirer.net/inquirer/news/2134075/g...

--
Was this reply relevant?
+0
-0
mogs CClip 89
Member 21st Dec, 2011 18:15
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 21st Dec, 2011 18:16
Apple Safari used to exploit zero-day security hole in Windows 7
The vulnerability lets hackers inject malicious code on victim PCs through overly large Web page iFrames

By Ted Samson
Security company Secunia today announced a highly critical zero-day vulnerability affecting Windows 7, exploitable via Apple's Safari browser, of all things. Secunia confirmed that the vulnerability affects fully patched Windows 7 Professional 64-bit and cautioned that other versions may be affected.

The remotely exploitable vulnerability, caused by an error in win32k.sys, enables a hacker to run arbitrary code -- such as malware -- on a victim's machine when he or she visits a specially crafted Web page using Safari. Specifically, the Web page would simply need to contain an iFrame -- an HTML element that is typically used to pull content from other sources onto a Web page -- with an overly large "height" attribute.

The vulnerability was first made public via Twitter user "w3bd3vil," who tweeted on Sunday, "<iframe height='18082563'></iframe> causes a BSoD [blue screen of death] on win 7 x64 via Safari. Lol!"

More at :-
http://www.infoworld.com/t/security/apple-safari-u...

--
Was this reply relevant?
+0
-0
mogs CClip 90
Member 21st Dec, 2011 18:25
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Microsoft Warns of Malware Posing as Police Alerts

The ransomware imitates messages from local police, including the UK Metropolitan Police, the Spanish police, Dutch police, and many others.

Researchers at Microsoft have uncovered a new strain of malware that poses as a message from local police.

"The 'ransomware' -- malware that takes control of a user's device and demands payment to unlock the computer -- was detailed by Microsoft on Monday," writes ZDNet's Jack Clark.

"The malware imitates local country's police forces and, so far, poses as the UK's Metropolitan Police; the Spanish Police; the Dutch Police; Switzerland's Federal Department of Justice and Police; and Germany's GEMA and the German Federal Police," Clark writes.

Go to "Microsoft flags malware that poses as police" to read the details.

http://www.esecurityplanet.com/malware/microsoft-w...

--
Was this reply relevant?
+0
-0
mogs CClip 91
Member 21st Dec, 2011 18:30
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Mozilla launches Firefox 9, speeds up JavaScript
Also ships new Android edition designed for tablets

By Gregg Keizer
December 21, 2011 12:18 PM ET
Computerworld - Mozilla on Tuesday shipped Firefox 9, claiming that the new browser processes JavaScript up to 36% faster than its predecessor.

The company also patched six Firefox vulnerabilities, and released a security update to the nearly-two-year-old Firefox 3.6 to quash a single bug there.

Firefox 9, released six weeks after November's Firefox 8, uses a technology called "type inference" in its SpiderMonkey JavaScript engine to generate native code more efficiently using the JaegerMonkey JIT (just-in-time) compiler Mozilla first added to Firefox last March.

The result: Firefox 9 renders JavaScript -- the backbone of many online games, content-rich websites and advanced Web apps -- between 16% and 36% faster than Firefox 8, according to results Mozilla posted from Mozilla's Kraken, Google's V8 and the widely-cited SunSpider JavaScript benchmark test suites.

More at :-
http://www.computerworld.com/s/article/9222925/Moz...


--
Was this reply relevant?
+0
-0
mogs CClip 92
Member 22nd Dec, 2011 09:28
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 93
Member 22nd Dec, 2011 09:33
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 94
Member 22nd Dec, 2011 19:20
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Mozilla re-releases Firefox 9, backs out fix causing crashes
Macs crash most, says Mozilla, but problem also affected Linux and Windows editions

By Gregg Keizer
December 22, 2011 12:33 PM ET
Computerworld - A day after it shipped Firefox 9, Mozilla quickly released an update after backing out a bug fix that was causing some Mac, Linux and Windows browsers to crash.

Mozilla issued Firefox 9.0.1 Wednesday, making one user wondering if it was bogus because it appeared hard on the heels of version 9.

"Seeing links for [Firefox 9.0.1], why is it being released? Or is it a hoax?" asked a user identified as "hclarkjr" on a Mozilla support forum.

Other support discussion threads also included messages from users asking why Mozilla updated Firefox.

Although Mozilla did not specify in 9.0.1's release notes why it needed to re-release the browser, developers said that the update was prompted by crash reports, primarily from Mac users, although the Linux and Windows versions were also affected.

"We built Firefox 9.0.1 with bug 708572 backed out," said Alex Keybl, an engineering project manager on Mozilla's release team, on Bugzilla yesterday, "We've pushed Firefox 9.0.1 for all platforms. Although we think Windows is mostly unaffected, we still decided to move forward with Windows->9.0.1."

More at :-
http://www.computerworld.com/s/article/9222972/Moz...

--
Was this reply relevant?
+0
-0
mogs CClip 95
Member 22nd Dec, 2011 19:28
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Remote authentication bypass vulnerability exposed for Siemens SCADA software
A security researcher upset with Siemens exposes the vulnerability in its SIMATIC SCADA software

By Lucian Constantin | IDG News Service


Google security engineer Billy Rios has publicly disclosed a remote authentication vulnerability in the Siemens Simatic software, which is used to control critical infrastructure systems worldwide.

The vulnerability was discovered back in May and was responsibly reported to Siemens, Rios said. However, according to the researcher, who found the bug in his spare time, Siemens recently denied its existence to the press.

[ The Web browser is your portal to the world -- as well as the conduit that lets in many security threats. InfoWorld's expert contributors show you how to secure your Web browsers in this "Web Browser Security Deep Dive" PDF guide. ]

"Since Siemens has 'no open issues regarding authentication bypass bugs,' I guess it's OK to talk about the issues we reported in May," Rios said on his blog on Tuesday. "Siemens just blatantly lied to the press about the existence of security issues that could be used to damage critical infrastructure, but Siemens wouldn't lie, so I guess there is no authentication bypass."

More at :-
http://www.infoworld.com/d/security/remote-authent...

--
Was this reply relevant?
+0
-0
mogs CClip 96
Member 22nd Dec, 2011 19:42
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Kaspersky Anti-Virus and Internet Security 2012 Vulnerable to Hackers

Medium severity vulnerabilities are found in Kaspersky Anti-Virus and Kaspersky Internet Security 2011/2012 which can allow an attacker to crash the complete software process.


Researchers from Vulnerability Laboratory found a flaw caused by an invalid pointer corruption when processing a corrupt .cfg file through the Kaspersky exception filters. The bug seems to be located in basegui.ppl and basegui.dll when a cfg file import is processed.

A proof of concept vide was also published along with the disclosure.

Read more at :-
http://news.softpedia.com/news/Kaspersky-Anti-Viru...

--
Was this reply relevant?
+0
-0
mogs CClip 97
Member 22nd Dec, 2011 19:47
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 98
Member 22nd Dec, 2011 20:50
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Anonymous vows internet blackout if Stop Online Piracy Act is passed
by Dave Neal

Hacktivist group Anonymous has promised to strike back with an internet blackout if the controversial Stop Online Piracy Act (SOPA) is approved.
A vote on the legislation was delayed this week and is not likely to be held until the new year. However, Anonymous suggested that this delay is a smokescreen, and that the law "further proves the reality of corporate rule and totalitarianism".
"SOPA tramples civil rights laws, fair use, freedom of press and freedom of speech. Under SOPA an average person could be arrested, fined, sued and spend time in a federal prison for as little as uploading a video to YouTube or even linking to one," Anonymous said in a statement.
The group has vowed to strike back in a big way if the legislation becomes law, and has called on its members to deface web sites with protest messages in a bid to get the anti-Act message to as many people as possible.

More at :-
http://www.v3.co.uk/v3-uk/news/2134323/anonymous-v...

--
Was this reply relevant?
+0
-0
mogs CClip 99
Member 23rd Dec, 2011 09:07
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 100
Member 23rd Dec, 2011 10:39
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 101
Member 23rd Dec, 2011 12:01
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Windows 8 picture password is 'Fisher-Price toy,' says father of 2-factor authentication
'I don't think it's serious security,' says Kenneth Weiss of next Microsoft OS security feature

By Tim Greene

The Windows 8 feature that logs users in if they touch certain points in a photo in the right order might be fun, but it's not very good security, according to the inventor of RSA's SecurID token.

"I think it's cute," says Kenneth Weiss, who now runs a three-factor authentication business called Universal Secure Registry. "I don't think it's serious security."

The major downside of the picture password is that drawing a finger across a photo on a touch screen is easy to video record from a distance -- making it relatively easy to compromise, he says. Designers of alpha-numeric passwords recognize this danger and have responded to it by having password characters appear as dots on the screen so the password can't be copied down.

Designers of Windows 8's picture login have made a traditional password an alternative, perhaps in acknowledgement of this shortcoming, he says.

Other problems include backing up the touch pattern that is the login. "To put down a description of the sequence is possible, but that's a lot of writing," he says.

All in all, "It's more like a Fisher-Price toy than a serious choice for secure computer access," he says.

Still, it's better than nothing, he says, and it is raising awareness of login security.

Windows 8 (See also: "8 hot features in Windows 8") is the next version of the Windows operating system, now due for beta release in February. It's expected to be generally available later next year featuring touchscreen navigation and commands as well as support for tablets. Not all apps that run on Windows 7 will be compatible with the touchscreen capabilities, but mouse and keyboard devices will enable all apps that ran on Windows 7.

The new operating system shoots for power efficiency, better security and compatibility with ARM-based chips (read tablets and next-generation PCs), all of which could make Windows 8 attractive to businesses.

http://www.infoworld.com/d/security/windows-8-pict...

--
Was this reply relevant?
+0
-0
mogs CClip 102
Member 23rd Dec, 2011 17:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 103
Member 23rd Dec, 2011 17:41
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Rift Developer Trion Worlds Hacked

Written by
Jon Martindale

Trion Worlds, the developer behind the massive multiplayer online (MMO) game Rift, has had its servers hacked, losing information that includes user names, passwords, email addresses, billing addresses and credit card information.

This announcement was made on the official Trion website and through an email sent to subscribers and anyone who's previously held an account with the firm. It describes that almost every piece of stored information about the company's users was taken, including: "user names, encrypted passwords, dates of birth, email addresses, billing addresses, and the first and last four digits and expiration dates of customer credit cards."

Trion was quick to point out that "There is no evidence, and we have no reason to believe, that full credit card information was accessed or compromised in any way." Well that's good at least right? At least Trion didn't let the hackers take everything, they only took almost everything.

The tone of the entire email is equally unattached, describing the hack as "recent" but not providing a time frame of when it might have occurred or how long Trion has known about it. Don't worry though, the developer saw fit to highlight in bold the following section of text which is obviously the most important part about the hack:


"You should have continued, uninterrupted access to RIFT, and we do not anticipate any disruptions to your playing time."

Throughout the communication there is only one apology and it's for the inconvenience, not for entrusting our information to an unsecured server.



Read more: http://www.itproportal.com/2011/12/23/rift-develop...

--
Was this reply relevant?
+0
-0
mogs CClip 104
Member 28th Dec, 2011 01:08
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 105
Member 28th Dec, 2011 01:13
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Opera 11.61 to Be Released in January The exact date for a new stable build of Opera 11 to pop up has not been set yet, but Opera 11.61 is planned for release in the first month of 2012. In the meantime, the development team of the browser pushed out a test snapshot for the next stable version.

The set of modifications available in this Opera 11.61 release includes mending of crashes occurring in specific scenarios, such as closing feeds tab while dialog is open or when closing a tab that has the Star menu opened. Also, NFL.com no longer crashes on systems equipped with Ad Muncher.

Some repairs to the mail module have also been operated, permitting updating the mail from version 9.27 without crashing the browser. Additionally, new mails are no longer sorted by date behind old messages.

Note that Opera 11.61 snapshot defaults to installing over the stable version. Check out the full changelog on this page.

http://news.softpedia.com/news/Opera-11-61-To-Be-R...

--
Was this reply relevant?
+0
-0
mogs CClip 106
Member 28th Dec, 2011 01:20
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Your browser can only protect you so much from phishing attacks; Here are three common problems caused by phishing, and how to solve them

By Bill Snyder | CIO.com


Figures don't lie, the old aphorism goes, but liars can figure. And after nearly 20 years covering technology, I've realized that you could update that saying to: Benchmarks don't lie, but liars can benchmark.

What brings this to mind is a nasty war of words between Microsoft and Mozilla, the publishers of Firefox, over whose browser is more secure. Both are pointing fingers at the other, claiming that their benchmarks really tell the tale.

I'm not saying any of these folks are actually lying, but they're using benchmarks and other statistics to prove a point they want to make and make themselves look as good as possible. My advice is to ignore the argument; the only people who really care about it are the people who work for one side or the other, and tech writers who love nothing more than conflict. As it happens, all three of the major browsers -- Microsoft's Internet Explorer, Mozilla's Firefox, and Google's Chrome -- are more than secure enough for most consumers and businesses.

That's not to say you can forget about security on the Web. The browser is part of your defense, but a bigger part is your brain. That's right, the smart user who pays attention to what he or she sees on the screen is always safer, particularly against a very nasty tactic called "phishing."

By now you've probably heard of phishing. It's an email or Tweet or Facebook message that appears to come from someone you know or an institution you do business with, like your bank or credit card company. It will contain a link that might do something as harmless, though annoying, as taking you to a site to look at advertising you don't want to see, or in the worst case, download malware onto your computer.

Browsers and your basic security software will detect many phishing attacks, but not all. So, I'll repeat what you should already know. If a message looks odd, look carefully at the address. If you see something from say Chase, that comes from chase@online.com (that came to me the other day), delete it. In fact, never click on a link in an email unless you know for sure who sent it.

Read more at :-
http://www.infoworld.com/d/security/3-ways-save-yo...

--
Was this reply relevant?
+0
-0
mogs CClip 107
Member 28th Dec, 2011 01:26
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Report: Phishing attack targets Apple customers
By Jason Snell
December 26, 2011 02:40 PM ET
Macworld - A "vast phishing attack" that attempts to capture the credit card information of Apple customers was launched on Christmas day, according to a report from Mac security-software company Intego.

In a posting on its Mac Security blog, Intego says that the attack is an attempt to fool Apple customers into clicking on a link under the guise of updating the billing information of their Apple accounts.

If you click on the link in the message, you will be taken to a realistic looking sign-in page, then, after entering your Apple ID and password, you'll be taken to a page asking you to update your account profile, notably entering your credit card information. Again, this page looks realistic, and many of the elements it contains are taken from Apple's own webpages.

Intego reports that the messages are being sent with the subject "Apple update your Billing Information" from a spoofed email address of "appleid@id.apple.com," though of course future emails from the same source might vary somewhat.

If you hover your mouse over the hyperlink in the (impressively forged) email address, you'll see a floating box that reveals the real destination of that link: the telltale chain of four numbers that specifies a numeric IP address, rather than a link to somewhere within the apple.com domain. As Intego rightly points out, "if it's not something.apple.com (it could be www.apple.com, store.apple.com, or something else), then it's bogus."

More at :-
http://www.computerworld.com/s/article/9223023/Rep...

--
Was this reply relevant?
+0
-0
mogs CClip 108
Member 28th Dec, 2011 10:08
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 109
Member 28th Dec, 2011 10:12
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
phpMyAdmin Update Patches Two Security Flaws

Version 3.4.9 patches vulnerabilities that could be exploited for XSS attacks.

December 26
Version 3.4.9 of phpMyAdmin was recently released.

"The update fixes vulnerabilities in the phpMyAdmin setup interface and the export panels in the server, database and table sections that could be exploited for cross-site scripting (XSS) attacks," The H Security reports.

"All 3.4.x versions up to and including 3.4.8 are affected -- upgrading to 3.4.9 corrects the issues," the article states.

Go to "phpMyAdmin 3.4.9 fixes XSS vulnerabilities" to read the details.

http://www.esecurityplanet.com/patches/phpmyadmin-...

--
Was this reply relevant?
+0
-0
mogs CClip 110
Member 28th Dec, 2011 10:16
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
FreeBSD Releases Five Security Advisories

One of the flaws was being actively exploited in wild, according to FreeBSD security officer Colin Percival.

December 27
FreeBSD security officer Colin Percival recently announced the release of five security advisories, just in time for Christmas.

"According to Percival, the developers had to do it because one of the flaws, a remote root vulnerability in telnetd, was being actively exploited in the wild and that, while 'most people have moved past telnet and on to SSH by now,' the security problem was not 'an issue we could postpone until a more convenient time,'" The H Security reports.

"The telnetd advisory notes that the daemon has been disabled by default in FreeBSD since August 2001 and that, although there is no workaround, just disabling the telnetd daemon will eliminate the possibility of an attacker using it to run arbitrary code with with daemon's privileges," the article states.

Go to "FreeBSD issues five security advisories for Christmas" to read the details.

http://www.esecurityplanet.com/open-source-securit...

--
Was this reply relevant?
+0
-0
mogs CClip 111
Member 28th Dec, 2011 10:21
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Embedded attacks and emerging targets to dominate 2012 security landscape McAfee has painted a gloomy security picture for 2012 in which enterprises and criminals shift to new platforms and tactics for securing and infiltrating networks.
The company's 2012 Threat Predictions Report said that attacks on industrial systems and embedded hardware will continue as utility companies increasingly use network-connected systems to control infrastructure.

Dave Marcus, head of research and communications at McAfee Labs, told V3 that the danger of attack on industrial systems could be compounded as hacktivist groups such as Anonymous shift to political protests.
"The embedded attacks have been talked about for a while, but it was only in 2011 that it started taking off. There is a lot more discussion going on than ever before," he said.
McAfee also predicts an increase in the use of phoney or compromised digital certificates, such as the Diginotar breach, to spread malware and launch targeted attacks.

Read more at :-
http://www.v3.co.uk/v3-uk/news/2134518/embedded-at...

--
Was this reply relevant?
+0
-0
mogs CClip 112
Member 28th Dec, 2011 17:03
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Security headlines you'll never read
News about successful hacks isn't news at all because no one is doing security right and everyone's been breached
Whenever I read another article about how Company X or University Y or Governmental Organization Z was "recently" hacked -- usually "by the Chinese" -- I can't help but chuckle. Those headlines -- the most recent about the U.S. Chamber of Commerce -- shouldn't read, "Company X was hacked!" They should read, "Company X has been hacked for years but just now noticed!"

Headlines that, to me, would truly be newsworthy include:

"Company fully patches Java and Adobe products"
"Organization trains end-users to recognize basic social engineering attacks"
"IT department reviews all its event logs"
"Company runs SQL database app without SQL injection exploits"
"Prominent corporate website not subject to XSS exploits"
"Company knows where all of its data is"

Stories about successful attacks are old news because everyone's already been hacked. You won't find a decent computer security expert who'll tell you otherwise. I'm dumbfounded by the fact that, despite the severity of the problem, we still aren't doing anything differently to protect ourselves.

How do these "uber" hackers pull off the types of attacks that make headlines? By exploiting unpatched software, taking advantage of poor passwords, targeting an application vulnerability, or duping one or more users into running something they shouldn't. It's a short and simple list, but apparently no one is taking the simple steps needed to protect themselves.

On a broader level, how bad does it have to be before we, as a society, demand that our leaders get together to fix the Internet already -- before a catastrophe occurs?

http://www.infoworld.com/d/security/security-headl...

--
Was this reply relevant?
+0
-0
mogs CClip 113
Member 28th Dec, 2011 18:29
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 114
Member 29th Dec, 2011 04:47
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 29th Dec, 2011 05:04


--
Was this reply relevant?
+0
-0
mogs CClip 115
Member 29th Dec, 2011 10:10
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Written by
Ravi Mandalia

29 December, 2011hackers data breach csdn china

Last week unknown hackers invaded Chinese cyberspace and stole personal credentials belonging to millions of the country's netizens. And, to make things worse for the victims, now it seems like all the stolen information including their names, email ID, password etc. have been posted online.

According to reports, the Chinese Software Developer Network (CSDN) was breached in the incident and its user database has been made available for public download. The database reportedly contains the emails and passwords of all its 6 million registered users.

The Chinese Software Developer Network happens to be the most popular website in the country for programmers.



Read more: http://www.itproportal.com/2011/12/29/hackers-stri...

--
Was this reply relevant?
+0
-0
mogs CClip 116
Member 29th Dec, 2011 10:19
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 117
Member 29th Dec, 2011 12:32
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 118
Member 29th Dec, 2011 12:36
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 119
Member 29th Dec, 2011 12:43
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
McAfee Predicts High Profile Industrial Attacks in 2012

Written by
Ravi Mandalia..
29 December, 2011data breach mcafee cyber attack cyber war

Security software provider McAfee has claimed that the coming year could witness more sophisticated and organised cyber attacks on high-profile targets all across the globe and more hacktivist groups are likely to emerge in 2012.

McAfee claimed that there will be an increase in threat from spam attacks targeting digital wallets and virtual currencies. The possibilities of many world governments engaging one-another in cyber wars can't be ruled out, McAfee stated.

The McAfee 2012 Threat Prediction report also highlighted on the point that industries and corporates are likely to be on the priority lists of hackers throughout the world.


Most of the organised hack attacks carried out during the current running year were primarily targeted at global corporations as well as government offices and financial hubs. And, if we are to believe McAfee's report, the trend will not only sustain, but will significantly rise.



Read more: http://www.itproportal.com/2011/12/29/mcafee-predi...

--
Was this reply relevant?
+0
-0
mogs CClip 120
Member 29th Dec, 2011 16:13
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
IPv6 doomsday won't hit in 2012, experts say
As old addresses disappear, most enterprises can spend the year preparing for the new protocol

By Stephen Lawson
December 29, 2011 06:07 AM ET
IDG News Service - Next year will see one more regional Internet registry run out of IPv4 addresses, but 2012 will be more of a year to prepare for the inevitable shift to IPv6 than an Internet doomsday, according to networking experts.

By midyear, Europe's RIPE NCC (Rseaux IP Europens Network Coordination Centre) is expected to allocate the last of its addresses under the version of Internet Protocol used by most consumers and enterprises now. That event will follow the depletion in April of addresses controlled by APNIC (Asia-Pacific Network Information Centre), the first of the five regional registries to run out of addresses for enterprises and service providers.

Read more at :-
http://www.computerworld.com/s/article/9223064/IPv...

--
Was this reply relevant?
+0
-0
mogs CClip 121
Member 29th Dec, 2011 16:27
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Hacked Stratfor security think tank keeps site offline

Participants in the hacktivist group Anonymous are using Twitter to provide more detail about the attack

Hacked US security firm Stratfor has told its subscribers that it may take a week or even longer to restore its website.

The site went offline on 24 December.

Hackers have posted credit card details, email addresses, phone numbers and encrypted passwords which they said were taken during the attack.

Stratfor has said it will pay for a credit card fraud protection service for members whose payment details might have been compromised by the breach.

Tweets posted on accounts linked to the hacktivist group Anonymous said that the US Department of Defense, the defence firm Lockheed Martin and Bank of America were among Stratfor's clients.

A recent message posted by @YourAnonNews added that other parties affected by the hack included Google, American Express, Coca-Cola, Boeing, Sony, Microsoft and the mining group BHP Billiton.

More at :-
http://www.bbc.co.uk/news/technology-16352891

--
Was this reply relevant?
+0
-0
mogs CClip 122
Member 29th Dec, 2011 17:12
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
The wait for VLC 1.2.0 is close to an end as the development team just launched a pre-release for this version.

It is a major version, so changes abound; they affect packagers, codecs, demuxers, audio filters and output and video filters. Additionally, a hefty set of modules has been removed.

One important note for Windows users is that this version works only with Windows XP SP2 or later. Earlier Windows editions (Windows 2000 SP4, Windows XP < SP2, Windows 2003 SP0) are no longer supported.

Also important is the fact that almost every video filter can now be transcoded and it can be ported to mobile operating systems (Android and iOS) as well as 64-bit Windows.

Blu-ray support relies on the VideoLAN project libbluray and it can currently open unencrypted disks and backup folders; for commercially encrypted media a special setup is required.

Download VLC for Windows
http://news.softpedia.com/news/VLC-1-2-0-Pre-relea...

--
Was this reply relevant?
+0
-0
mogs CClip 123
Member 29th Dec, 2011 20:15
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

Websites, apps vulnerable to low-bandwidth, bot-free takedown, say researchers
Microsoft rushes out emergency update for ASP .Net, first 'out-of-band' in 2011

By Gregg Keizer
December 29,
Computerworld - Hackers armed with a single machine and a minimal broadband connection can cripple Web servers, researchers disclosed Wednesday, putting uncounted websites and Web apps at risk from denial-of-service attacks.

In a security advisory issued the same day, Microsoft, whose ASP .Net programming language is one of several affected by the flaw, promised to patch the vulnerability and offered customers ways to protect their servers until it releases an update.

In a follow-up message, Microsoft announced it was shipping an "out-of-band," or emergency update today. The update was released at 1 p.m. ET. Designated MS11-100, it also fixed three other bugs in ASP .Net, one tagged "critical." None of those three had been disclosed publicly prior to today.

The problem that caused a stir in the security community exists in many of the Web's most popular application and site programming languages, including ASP .Net, the open-source PHP and Ruby, Oracle's Java and Google's V8 JavaScript, according to two German researchers, Alexander Klink and Julian Walde.

Klink and Walde, who presented their findings at the Chaos Communication Congress (CCC) conference in Berlin on Wednesday, traced the flaw to those languages' -- and others' -- handling of hash tables, a programming structure used to quickly store and retrieve data.

More at :-
http://www.computerworld.com/s/article/9223069/Web...

--
Was this reply relevant?
+0
-0
mogs CClip 124
Member 30th Dec, 2011 09:21
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 125
Member 30th Dec, 2011 09:38
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 126
Member 30th Dec, 2011 09:41
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK


--
Was this reply relevant?
+0
-0
mogs CClip 127
Member 30th Dec, 2011 17:49
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK

RoboForm 7.6.8 Released There are plenty of fixes available in RoboForm 7.6.8, some of them addressing problems with various web browsers (Firefox, Google Chrome, Opera, Avant, Internet Explorer and Maxthon).

Issues repaired range from failure to fill in the data on some websites, trouble closing RoboForm toolbar at the bottom of the browser or preventing sending mail on Outlook Web Access sites to synchronization malfunctioning.

Mending process also put the password generator in the crosshairs, as some minor bugs have been eliminated. Other fixes refer to AutoSave bar with password request, which would close without saving when pressing Enter.

RoboForm 7.6.8 switched to version 9 of Gecko SDK, as it is the official engine in the latest stable release of Firefox.

As for the new abilities, RoboForm 7.6.8 comes with the possibility to import database from SplashID, a password manager designed for mobile devices.

You can download RoboForm from this page

http://news.softpedia.com/news/RoboForm-7-6-8-Rele...

--
Was this reply relevant?
+0
-0
mogs CClip 128
Member 30th Dec, 2011 17:54
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
China seeks to combat hi-tech crimewave

The Chinese government is cracking down on home-grown cyber thieves seeking to steal online banking details.

The crackdown combats phishing by ensuring that the websites of legitimate banks appear at the top of search results.

The move comes as the personal details of more than 45 million Chinese people were stolen in separate attacks.

The government is investigating the thefts and said that the wave of attacks "threatened internet safety".

Crime spree
The 10 biggest search engines in China have signed up to the anti-phishing scheme to ensure that users looking for bank websites go to the right place.

More at :-
http://www.bbc.co.uk/news/technology-16357238

--
Was this reply relevant?
+0
-0
mogs CClip 129
Member 30th Dec, 2011 18:04
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 30th Dec, 2011 18:05
Find and remove malicious software with Mcafee Stinger
Mcafee Stinger is an antivirus scanner intended to be used if you think a computer has been infected.
It doesn't provide any active protection like a full anti-virus program but is a useful tool to copy onto a USB memory key or CD so that you can scan a computer that is acting strangely.
There is no installation required for Stinger: simply run the downloaded file.
There are some preferences that can be set although the defaults are quite acceptable. Stinger can be set to scan for suspicious processes, registry entries, boot sectors and rootkits. It can merely report on viruses although it is set to repair them by default.


Read more: http://www.computeractive.co.uk/ca/download-review...


--
Was this reply relevant?
+0
-0
mogs CClip 130
Member 31st Dec, 2011 00:18
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
2012 tech predictions: From IDG's editors worldwide
Consumerization of IT is the consensus choice of the new year's major technology force, one that will manifest itself in several forms

By David Bromley | InfoWorld

What is 2012 likely to bring to the tech industry and its users? IDG -- the publisher of InfoWorld, Computerworld, Network World, CIO, CSO, ITworld, PC World, Macworld, and other tech publications throughout the globe -- surveyed its editors to gaze into their crystal balls and predict a key trend or development for 2012, as well as select their key story for 2011. The death of Apple CEO Steve Jobs and the rise of social media as a tool of protest topped a diverse roundup of nominees.

Here are the editors' individual preductions for 2012 and their pick for 2011's top story, in no particular order.
http://www.infoworld.com/t/technology-business/201...

--
Was this reply relevant?
+0
-0
mogs CClip 131
Member 31st Dec, 2011 12:19
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 31st Dec, 2011 12:20
Getting Involved
Chrome Release Channels

Contents
1 Channels
1.1 Windows
1.2 Mac
1.3 Linux
2 How do I choose which channel to use?
3 What should I do before I change my channel?
3.1 Back up your data!
3.2 Enable anonymous usage statistics
4 Reporting Dev channel and Canary build problems
5 Going back to a more stable channel
Chrome supports a number of different release channels. We use these channels to slowly roll out updates to users, starting with our close to daily Canary channel builds, all the way up to our Stable channel releases that happen every 6 weeks roughly.
Channels

Windows

Stable channel for Windows
Beta channel for Windows
Dev channel for Windows
Canary build for Windows (Note, this will run in parallel to any other Chrome channel you have installed, it will not use the same profile)

Read more at :-
http://www.chromium.org/getting-involved/dev-chann...

--
Was this reply relevant?
+0
-0
mogs CClip 132
Member 31st Dec, 2011 13:55
Score:
Posts: 6,279
User Since: 22nd Apr 2009
System Score: N/A
Location: UK
Last edited on 1st Jan, 2012 08:14


--
Was this reply relevant?
+0
-0

This thread has been marked as locked.