Spyware, Viruses, & Security forum

Alert

NEWS - December 11, 2012

by Carol~ Forum moderator / December 11, 2012 3:04 AM PST
Adobe Patches Memory Flaws in Flash Player and Sandbox Vulnerability in ColdFusion

Adobe's second set of security updates coinciding with Microsoft's monthly patch releases were made available today. The two bulletins include patches for vulnerabilities in Adobe Flash Player and Adobe ColdFusion.

The Flash vulnerabilities for Windows are rated most severe by Adobe and successful exploits could result in crashes, or an attacker being able to remotely execute code.

The three updates fix a buffer overflow vulnerability, integer overflow vulnerability and a memory corruption vulnerability, all three of which could lead to code execution, Adobe said.

The updates are for Adobe Flash Player 11.5.502.110 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.251 and earlier versions for Linux, Adobe Flash Player 11.1.115.27 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.24 and earlier versions for Android 3.x and 2.x, the company said.

Adobe added there are no active exploits in the wild for any of these flaws.

The security hotfix for ColdFusion 10, meanwhile, takes care of a sandbox permissions violation in a shared hosting environment, Adobe said in its advisory. ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh and UNIX, are vulnerable.

Less than a month ago, Adobe issued an out-of-band patch for ColdFusion that patched a denial-of-service vulnerability for the platform running on Microsoft's IIS Web server.

https://threatpost.com/en_us/blogs/adobe-patches-memory-flaws-flash-player-and-sandbox-vulnerability-coldfusion-121112
Post a reply
Discussion is locked
You are posting a reply to: NEWS - December 11, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - December 11, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Outlook.com gets anti-phishing and scam-deterrent support
by Carol~ Forum moderator / December 11, 2012 3:12 AM PST

Microsoft has given Outlook.com protection against phishing emails and scam sites with the introduction of two new security features.

Microsoft said on Tuesday Outlook.com now has support for the DMARC (domain-based message authentication, reporting & conformance) standard, which governs how email systems authenticate incoming messages. [Screenshot]

DMARC is already supported by Facebook, Paypal and LinkedIn, and aims to make it harder for individuals to deliver phishing or spam emails.

"Our DMARC implementation helps protect you by making it easier to visually identify mail from senders as legitimate, and helps keep spam and phishing messages from ever reaching your inbox. If a sender supports DMARC, we put a trusted sender logo next to their email indicating it is legitimate. The effect is cumulative; the more the email sending services that use DMARC, the broader the protection offered against phishing," Krish Vitadevara, Outlook.com's principal group program manager, wrote in a blog post on Monday.

The second security feature to be announced this week is support for extended validation (EV) certificates, which aim to prevent websites imitating or pretending to be other sites - for example, when a scammer puts up a fake version of a retailer's website.

Continued : http://www.zdnet.com/outlook-com-gets-extra-anti-phishing-and-scam-deterrent-support-7000008612/

Related: Outlook.com given security boost by Microsoft

Collapse -
Malicious QR codes pop up on traffic-heavy locations
by Carol~ Forum moderator / December 11, 2012 3:12 AM PST

QR codes - those matrix barcodes that you can now find almost anywhere - are very handy for directing users to specific sites by simply scanning them with their smartphones.

But the ease with which this technology works has made it also a favorite of malware peddlers and online crooks, which have taken to including QR codes that lead to malicious sites in spam emails.

They have also begun using the same tactic in the physical world, by printing out the malicious QR codes on stickers and affixing them on prominent places in locations where there is a lot of foot traffic, The Register reports.

According to Symantec Hosted Services director Warren Sealey, these locations include airports and city centers, where the crooks stick them over genuine QR codes included in advertisements and notices, and most likely anywhere a person might look and be tempted to scan them.

Continued : http://www.net-security.org/secworld.php?id=14099

Collapse -
Kelihos Update Includes New TLD & USB Infection Capabilities
by Carol~ Forum moderator / December 11, 2012 3:12 AM PST

There's a little Michael Myers in the Kelihos botnet; maim it, kill it and it keeps on coming back to wreak more havoc. The 2011 takedown of the Kelihos botnet was one of Microsoft's high-profile success stories against spambots and the like, yet Kelihos was back for more at the start of 2012 using dynamic fast-flux techniques to avoid detection and further shutdowns.

As 2012 winds down, Kelihos is still going strong, now relying on double fast-flux domains to spread spam and malware. According to an analysis from a researcher at abuse.ch, Kelihos has also switched top-level domains, moving to .ru from .eu. More insidious, however, is that it now has the ability to spread via removable drives such as USB storage devices.

Once this latest update of Kelihos infects a computer, it connects with a .ru domain hosting its command and control looking for updates. The .ru domain is double fast-flux hosted, the researcher, who preferred to not be identified, said. Once an updated version of Kelihos is sent to the infected machine, it will infect any removable drives attached to the computer by exploiting the same vulnerability as Stuxnet. CVE-2010-2568 is a Windows Shell vulnerability that would give an attacker remote access via a malicious .LNK or .PIF shortcut file that is not properly handled by Windows Explorer during icon display. Malware exploiting this vulnerability and CVE-2010-2772 in Siemens WinCC SCADA systems was found in July 2010.

Continued : https://threatpost.com/en_us/blogs/kelihos-update-includes-new-tld-and-usb-infection-capabilities-121112

Collapse -
A Closer Look at Two Bigtime Botmasters
by Carol~ Forum moderator / December 11, 2012 3:12 AM PST

Over the past 18 months, I've published a series of posts that provide clues about the possible real-life identities of the men responsible for building some of the largest and most disruptive spam botnets on the planet. I've since done a bit more digging into the backgrounds of the individuals thought to be responsible for the Rustock and Waledac spam botnets, which has produced some additional fascinating and corroborating details about these two characters.

n March 2011, KrebsOnSecurity featured never-before-published details about the financial accounts and nicknames used by the Rustock botmaster. That story was based on information leaked from SpamIt, a cybercrime business that paid spammers to promote rogue Internet pharmacies (think Viagra spam). In a follow-up post , I wrote that the Rustock botmaster's personal email account was tied to a domain name ger-mes.ru, which at one time featured a resume of a young man named Dmitri A. Sergeev.

Continued: http://krebsonsecurity.com/2012/12/a-closer-look-at-two-bigtime-botmasters/

Collapse -
New Research on GPS Reveals Major DoS Vulnerability
by Carol~ Forum moderator / December 11, 2012 3:15 AM PST

From Bitdefender's "HOTforSecurity" Blog:

In a world where global positioning is key in a wide range of critical operations such as missile launches, space missions, or rescue operations, attacks against the GPS system can have unforeseen consequences. In a joint paper, security researchers from the Carnegie Mellon University and GPS specialists from Coherent Navigation have described new attack mechanisms that can paralyze GPS devices and take them out of order.

Since the GPS positioning systems rely on radio waves to communicate with satellites, they are known to be vulnerable to jamming (by sending strong white noise to mask the satellite signal) or to spoofing (receiving forged signals that result in mapping a bogus location). New research however shows that sending specific signals can cause the GPS receiver to lock or malfunction, taking it completely out of business.

To achieve the denial of service condition, researchers spoofed the signal a satellite usually sends, but, rather than encoding the position of the satellite on the orbit, they made it look as if the satellite was located in the center of the Earth. The wrong satellite position caused an exception in the GPS software that leads to restarts. Since the distance between the satellite and the Earth rarely changes, the information becomes persistant in the device's memory, which results in endless reboots.

Continued : http://www.hotforsecurity.com/blog/new-research-on-gps-reveals-major-dos-vulnerability-4778.html

Collapse -
FTC Launches Investigations into Mobile Apps for Kids
by Carol~ Forum moderator / December 11, 2012 3:15 AM PST

The Federal Trade Commission on Monday said it's launching "non-public investigations" to determine if mobile application providers are violating federal laws by collecting information on children without their parents' permission.

A report (pdf) indicates almost 60 percent (235) of the children-centric mobile apps the agency reviewed from Google and Apple app stores collected device IDs and other private data often shared with an advertising network, analytics company or other third party. More than half also displayed advertising, such as one children's app that showed an advertisement for an adult singles club. Only 20 percent disclosed their privacy policy.

That sample represents a fraction of the apps available. As of September 2012, when the survey was conducted, there were over 700,000 apps available in Apple's App Store -- a 40 percent increase since December 2011. Google Play also has some 700,000 apps available, which represents an 80 percent hike since early 2012.

Continued : https://threatpost.com/en_us/blogs/ftc-launches-investigations-mobile-apps-kids-121012

Collapse -
10 security stories that shaped 2012
by Carol~ Forum moderator / December 11, 2012 3:15 AM PST

"From a major malware attack on the Mac OS X to state-sponsored cyber-espionage attacks, IT security in 2012 will be remembered as the year that piqued the imagination."

At the end of last year, I wrote the The Top 10 Security Stories of 2011, an article that summarized 2011 in one word: "explosive." Back then, the biggest challenge was how to narrow down all the incidents, stories, facts, new trends and intriguing actors into just 10 top stories.

Based on the events and the actors who defined the top security stories of 2011, I made a number of predictions regarding 2012:

• The continued rise of hacktivist groups.
• The growth of Advanced Persistent Threat (APT) incidents
• The dawn of cyber-warfare and more powerful nation states jostling for dominance through cyber-espionage campaigns.
• Attacks on software and gaming developers such as Adobe, Microsoft, Oracle and Sony.
• More aggressive actions from law enforcement agencies against traditional cybercriminals.
• An explosion of Android threats.
• Attacks on Apple's Mac OS X platform.

How did these predictions work out? Let's take a look at the top 10 security incidents that shaped 2012...

Continued : http://www.zdnet.com/10-security-stories-that-shaped-2012-7000008576/

Collapse -
Vote ends on Facebook privacy changes, for good
by Carol~ Forum moderator / December 11, 2012 5:19 AM PST

"Apathetic users mean vote falls far short of forcing Facebook to keep old rules"

The user vote over Facebook's latest proposed privacy policy change is over and the results showed two things: Facebook overwhelmingly got the go-ahead to make its policy changes and it showed just how apathetic the site's users are about online privacy.

The vote, which ended Monday at 3 p.m. ET, showed 589,141 users opposed to the change and 79,731 in favor. At first glance, you'd think that means Facebook won't be able to move ahead. That's just not the case, though.

According to Facebook's standing rules, if more than 30% of all active registered users vote, the results are binding. If the voting turnout is less than 30%, the vote is nothing more than advisory. Since Facebook has more than 1 billion active users, more than 300 million people needed to vote for the decision to count.

As a result Facebook will be able to push through its policy change, which means users' comments will be less important and they'll no longer get a say on upcoming changes.

Continued : http://www.computerworld.com/s/article/9234561/Vote_ends_on_Facebook_privacy_changes_for_good

Popular Forums
icon
Computer Help 49,613 discussions
icon
Computer Newbies 10,349 discussions
icon
Laptops 19,436 discussions
icon
Security 30,426 discussions
icon
TVs & Home Theaters 20,308 discussions
icon
Windows 10 360 discussions
icon
Phones 15,802 discussions
icon
Windows 7 7,351 discussions
icon
Networking & Wireless 14,641 discussions

Tech explained

Do you know what an OLED TV is?

CNET explains how OLED technology differs from regular TVs, and what you need to know to make the right shopping decision.