Spyware, Viruses, & Security forum


NEWS - August 08, 2013

by Carol~ Forum moderator / August 8, 2013 1:24 AM PDT
'Fort Disco' Botnet Behind Attack Campaign Against Thousands Of Sites

"A 25,000-PC strong botnet is behind a brute force campaign that has compromised more than 6,000 websites "

Researchers at Arbor Networks have uncovered a crafty attack campaign that has compromised thousands of sites powered by Joomla, WordPress, and Datalife Engine.

According to Arbor Networks, more than 6,000 sites have been compromised in a spate of brute force attacks launched by a botnet dubbed Fort Disco. Made up of more than 25,000 PCs, the botnet receives a list of sites to attack from a central command and control server. On some of the sites, a variant of the "FilesMan" PHP backdoor is installed by the attackers.

"By uploading a PHP shell to compromised sites, an attacker can easily issue commands to thousands of compromised sites in seconds," Matt Bing, a research analyst at Arbor Networks' ASERT team, notes in a blog post. "Blogs and CMSs tend to be hosted in data centers with immense network bandwidth. Compromising multiple sites gives the attacker access to their combined bandwidth, much more powerful than a similarly sized botnet of home computers with limited network access by comparison."

Continued : http://www.darkreading.com/attacks-breaches/fort-disco-botnet-behind-attack-campaign/240159627

Analyzing the Fort Disco bruteforce campaign
Fort Disco: The new brute-force botnet
Blogs with 'weakest of the weak' passwords hijacked for bot army
Large Botnets Attack WordPress And Joomla

@ Arbor Networks : Fort Disco Bruteforce Campaign
Post a reply
Discussion is locked
You are posting a reply to: NEWS - August 08, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - August 08, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
HP plugs password-leaking printer flaw
by Carol~ Forum moderator / August 8, 2013 1:44 AM PDT
In reply to: NEWS - August 08, 2013

Security flaws in a range of HP printers create a way for hackers to lift administrator's passwords and other potentially sensitive information from vulnerable devices, infosec experts have warned.

HP has released patches for the affected LaserJet Pro printers to defend against the vulnerability (CVE-2013-4807), which was discovered by Michal Sajdak of Securitum.pl. Sajdak discovered it was possible to extract plaintext versions of users' passwords via hidden URLs hardcoded into the printers' firmware. A hex representation of the admin password is stored in a plaintext URL, though it looks encrypted to a casual observer.

Sajdak also discovered Wi-Fi-enabled printers leaked Wi-Fi settings and Wi-Fi Protected Setup PIN codes, as an advisory from the Polish security researcher explains.

HP has released firmware updates for the following affected printers:

Continued: http://www.theregister.co.uk/2013/08/08/hp_plug_password_leaking_printer_vuln/

Collapse -
Android app malware rates jump 40 percent
by Carol~ Forum moderator / August 8, 2013 1:44 AM PDT
In reply to: NEWS - August 08, 2013

Mobile malware in the Android ecosystem has grown by over 40 percent in the past few months, researchers say.

A new report issued by Trend Micro (.pdf) says that high-risk, malicious app rates on the Google Android operating system rose to 718,000 at the end of the second quarter in comparison to 509,000 in the first quarter of this year.

The number of malicious Android apps in circulation surged by over 350,000 in this time period -- which originally took three years to reach when Google's Android operating system became established. [Screenshot]

The majority of malware discovered was packaged as fake, spoof or trojan-laden versions of popular applications. Almost half -- 44 percent -- were designed to subscribe unwitting downloaders to expensive services, and 24 percent were created to steal data. Adware-laden applications came in third at 17 percent. [Screenshot]

Continued: http://www.zdnet.com/android-app-malware-rates-jump-40-percent-7000019093/

Related: Expect more Android security issues in 2013

Collapse -
Young Android Users At Risk, Won't Someone Think ..
by Carol~ Forum moderator / August 8, 2013 1:44 AM PDT
In reply to: NEWS - August 08, 2013
... of the Children?

I got my first cellphone when I was 16, but if the latest report from Bitdefender is to be believed, I'd be way behind the curve of the modern cellphone-using populace. According to their report, children as young as five are getting phones—and are at risk for malware and fraud.

Skewing Younger
Bitdefender used survey data from over 2,000 parents in the US, Spain, France, Germany, Romania, Brazil, Portugal, Italy, and Russia. They found that worldwide, the average age kids get their first Android phone is 10 to 13 years old. In the US, however, they've seen an increase in phone users aged seven to nine years, and even some as young as five years old.

While the Bitdefender report also sounds a warning about younger Android users seeking out adult content (read: porn), becoming victims to sexual predators, and being targeted for cyber bullying, the big concern here is apps. The Google Play store has scores of free apps—particularly games—that are sure to pique a kid's interest. But as we've talked about so many times before, free is never really free.

Continued : http://securitywatch.pcmag.com/mobile-security/314492-young-android-users-at-risk-won-t-someone-think-of-the-children
Collapse -
Facebook launches Graph Search to all English-speaking ..
by Carol~ Forum moderator / August 8, 2013 1:44 AM PDT
In reply to: NEWS - August 08, 2013
... users, acknowledges privacy concerns

Facebook is rolling out Graph Search, its newfangled social search engine, to everyone who uses the U.S. English language, the company announced Wednesday.

Graph Search provides a way for users to search for various topics and interests across the site based on their existing connections and friends. Graph Search lets users submit their queries in plain English, so people can search for things like, "Friends who live in my city," or "Hotels in San Francisco visited by my friends," or even, "Music liked by people who like the music that I like," Facebook notes.

The company began rolling out the tool to a limited number of people in January. At an introductory press conference at Facebook's headquarters in Menlo Park, California, CEO Mark Zuckerberg described Graph Search as an early stage feature that is still years away from being complete.

Continued : http://www.techhive.com/article/2046139/facebook-launches-graph-search-to-all-englishspeaking-users-acknowledges-privacy-concerns.html
Collapse -
"Facebook Hacking Site" Leads to Costly SMS Scam
by Carol~ Forum moderator / August 8, 2013 7:44 AM PDT
In reply to: NEWS - August 08, 2013

The Mac Security Blog:

Spammers have a tendency to attempt to exploit any medium in order to drive traffic to their sites.

Everyone who has an e-mail account is acquainted with e-mail spam. If you use social networks like Facebook, Twitter, or Pinterest, chances are you've also seen spam posted by spammers or hacked accounts on those sites.

Anyone who manages a fairly popular blog or news site is also aware that spammers try to leave comments as well.

I find it somewhat amusing when spammers attempt to leave comments on articles at my own security blog, the JoshMeister on Security. Typically these attempted spam comments aren't noteworthy enough to bother writing about.

But this time, someone attempted to link to a site that supposedly allows you to "hack a Facebook account." [Screenshot]

Following is a rough translation of part of the site (based on translation attempts by Google and Bing):

Continued : http://www.intego.com/mac-security-blog/facebook-hacking-site-leads-to-costly-sms-scam/

Collapse -
New security scheme whacks text spammers in hours
by Carol~ Forum moderator / August 8, 2013 7:44 AM PDT
In reply to: NEWS - August 08, 2013

A new way to track the source of spam text messages can detect culprits within two hours, helping reduce the illicit traffic that can clog cell towers and disconnect legitimate calls, researchers say.

Called Greystar, the scheme invokes the use of phone numbers assigned to laptops, tablets and the like, which don't typically receive any SMS messages, according to the research to be presented at the 22nd USENIX Security conference next week.

Since these so-called gray numbers aren't likely to receive legitimate SMS messages, the source of texts sent to them yields likely spammer accounts, say the researchers, who are led by Nan Jiang, a Ph.D. student at the University of Minnesota.

The algorithm developed by the researchers has not been made into a commercial product but could be incorporated in software within carrier networks that taps real-time call data to pinpoint where SMS spam comes from. The carriers could then take steps to shut down the offending traffic.

Continued : http://www.networkworld.com/news/2013/080813-text-spammers-272668.html

Collapse -
DEF CON 21: Where We Learn That Good Security Is Hard
by Carol~ Forum moderator / August 8, 2013 7:44 AM PDT
In reply to: NEWS - August 08, 2013

The TrendLabs Security Intelligence Blog:

The annual gathering in the Las Vegas heat known as DEF CON is always... interesting. Newly discovered potential threats that are talked about in DEF CON are always intriguing, to say the least. There were plenty of good talks, but there were several common threads that piqued my interest.

Unconventional Threats

By "unconventional" I mean threats against devices that people outside of the security community - and even some inside it - would not consider to be targets. Charlie Miller and Chris Valasek talked about how cars could be "hacked" if an attacker gained access to the car's internal networks. Another talk, smartly called "Home Invasion 2.0", discussed how many networked devices - like home automation systems, baby monitors, and even toilets - are insecure. This has been discussed by our researchers before, as well as by our CTO in our 2013 predictions. The insights they've shared then are similar to the concerns raised in the talks I mentioned earlier: the fact that these systems were not designed with attacks in mind.

Designing secure systems - as opposed to systems that "just work" - is hard. It takes more time, it takes more resources, and it takes more money. It also requires awareness on the vendor's part that their system needs to be secured in the first place.

Continued: http://blog.trendmicro.com/trendlabs-security-intelligence/def-con-21-where-we-learn-that-good-security-is-hard/

Popular Forums
Computer Help 51,224 discussions
Computer Newbies 10,453 discussions
Laptops 20,090 discussions
Security 30,722 discussions
TVs & Home Theaters 20,937 discussions
Windows 10 1,295 discussions
Phones 16,252 discussions
Windows 7 7,684 discussions
Networking & Wireless 15,215 discussions

Finding the best 360 camera

GoPro, Pixpro, or Ricoh?

You can spend hundreds or even thousands of dollars on a 360-degree camera. We tested three of them to find out what kind of quality and ease of use you can expect at each price point.