Spyware, Viruses, & Security forum


NEWS - January 29, 2013

by Carol~ Forum moderator / January 29, 2013 4:35 AM PST
50 Million Potentially Vulnerable to UPnP Flaws

In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.

A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.

Between June 1 and Nov. 17, 2012, Rapid7 conducted weekly scans that sent simple service discovery protocUPnPol (SSDP) requests to each routable IPv4 address. In all, 2.2 percent of all public IPv4 addresses responded to the standard UPnP discovery requests. So, 81 million unique IP addresses responded and, upon deeper probing, researchers determined some 17 million further systems exposed the UPnP simple object access protocol (SOAP). This level of exposure was far higher than researchers had expected, according to the report.

Continued : https://threatpost.com/en_us/blogs/50-million-potentially-vulnerable-upnp-flaws-012913

UPnP flaws expose 50 million devices to attack, researchers find
UPnP Security Holes Expose Millions of Networked Devices to Attacks
UPnP flaws expose tens of millions of networked devices to remote attacks, researchers say
Post a reply
Discussion is locked
You are posting a reply to: NEWS - January 29, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 29, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Rails developers close another "extremely critical" flaw
by Carol~ Forum moderator / January 29, 2013 5:43 AM PST

The Rails developers have released Ruby on Rails 3.0.20 and 2.3.16 which contain one, and only one, "extremely critical security fix". The problem only affects Rails 3.0.x and 2.3.x with Rails 3.1.x and 3.2.x not affected. Users of the 2.3 and 3.0 branches are advised to update as soon as possible, or to apply patches if they cannot upgrade. If they cannot do that either, a workaround of setting

ActiveSupport::JSON.backend = "JSONGem"

in the application's initialisation code will, at least, prevent the vulnerable code from being called.

The problem is related to the flaw discovered earlier this month where the XML formatted parameters could include YAML serialised data which, when deserialised, would create live objects within the server which could be used to exploit it. The exploit went wild quickly and a number of servers were compromised.

Continued : http://www.h-online.com/security/news/item/Rails-developers-close-another-extremely-critical-flaw-1793511.html

Also: Some Versions of Ruby on Rails Vulnerable to New Parsing Attack

See Vulnerabilities & Fixes: Ruby on Rails JSON Parser YAML Handling Vulnerability

Collapse -
Free Windows 8 Activator? Think Again
by Carol~ Forum moderator / January 29, 2013 5:43 AM PST

From the TrendLabs Security Intelligence Blog:

Malicious schemes promising free or discounted items are effective because everyone likes a great offer. More so, if the offered item is a much-talked about product like Windows 8.

Last year, we unraveled some [urlhttp://blog.trendmicro.com/trendlabs-security-intelligence/fake-windows-8-key-generators-surface/]fake Windows 8 generators, fake Windows 8 antivirus programs, and phishing email that surfaced right after the platform's release. Though it's been months since it was launched, we found out that certain bad guys are continuously using the brand to lure users into their ruse. This time, however, they are offering Windows 8 "activators" amidst news of Microsoft's limited offer of discounted Windows 8 upgrade.

During our research, we found several websites using Windows 8 as keywords. The first site purportedly offers free Windows 8 "activator", which is actually fake (detected by Trend Micro as HKTL_KEYGEN). [Screenshot: Site offering fake Windows 8 activator]

The other site we looked into also offers free Windows 8 activator, dubbing it the "Windows 8 Activator Loader Extreme Edition 2013". [Screenshot: Site offering rogue Windows 8 activator]

Continued : http://blog.trendmicro.com/trendlabs-security-intelligence/free-windows-8-activator-think-again/

Collapse -
Google Dangles More Than $3 Million to Crack Chrome OS
by Carol~ Forum moderator / January 29, 2013 5:43 AM PST
Google Dangles More Than $3 Million For Security Researchers To Crack Chrome OS

Google on Monday said they are offering up serious money the security research community to help them find and fix vulnerabilities in Chrome OS.

Researchers at this year's Pwn2Own contest at the CanSecWest conference in Vancouver will already be working to find vulnerabilities in web browsers and browser plug-ins, and now Google has followed up saying that it would offer up big bucks to those who can compromise its Chrome OS.

The competition, dubbed "Pwnium 3", will have a focus on Chrome OS and Google is offering up to a total of up to $3.14159 million in rewards for vulnerabilities discovered in the operating system.

Hoping that the larger rewards will incentivize hackers to step up to the challenge in cracking the security defenses of Chrome OS, Google said it would reward researchers at the following levels:

Continued : http://www.securityweek.com/google-dangles-more-3-million-security-researchers-crack-chrome-os

Google offers exploit bounties for Pwn2Own and Pwnium
Google offers $3.14159 MILLION in prizes for hacking Chrome OS
Google Offers $3.14159 Million Dollars for Any Chrome OS Hack in Pwnium 3
Collapse -
DVR Flaw Allows Attacker to Control Security Cameras
by Carol~ Forum moderator / January 29, 2013 5:49 AM PST

From Bitdefender's "HOTforSecurity" Blog:

Security researchers revealed vulnerabilities in the digital video recorders of CCTV video cameras that would allow an attacker to seize control of the buggy devices to watch the recorded video streams, copy, delete or turn them on and off.

Apart from enabling illegal access to the security camera systems, the buggy devices also transform the machine into a jumping-off point of access to computers in a network, behind a company's firewall, according to researchers with security firm Rapid7.

H.D. Moore, chief security officer with Rapid7, found some 58,000 unique IPs running a vulnerable DVR platform in 150 countries, of which the United States, India, and Italy took the lion's share.

"In addition to Ray Sharp, the exposures seem to affect rebranded DVR products by Swann, Lorex, URMET, KGuard, Defender, DEAPA/DSP Cop, SVAT, Zmodo, BCS, Bolide, EyeForce, Atlantis, Protectron, Greatek, Soyo, Hi-View, Cosmos, and J2000," Moore writes in his blog post.

Continued : http://www.hotforsecurity.com/blog/dvr-flaw-allows-attacker-to-control-security-cameras-5164.html

Hackers squeeze through DVR hole, break into CCTV cameras
What if your security camera were an insecurity camera?

Collapse -
Canada, Holland: WhatsApp violates privacy norms
by Carol~ Forum moderator / January 29, 2013 6:21 AM PST

Regulators in the Netherlands and Canada say the popular messaging application WhatsApp is violating internationally accepted privacy norms by stockpiling phone numbers belonging to people who don't even use the service.

Officials in both countries say WhatsApp Inc. is going through its users' address books and copying every single phone number before transmitting them to the Mountain View, California-based company's servers.

Many communications services ask for access to their customer's address books to help connect them with friends. But under Canadian and Dutch law, personal information belonging to nonusers must be destroyed once it's no longer being used.

Canada's Office of the Privacy Commissioner and the Dutch Data Protection Authority also criticized WhatsApp for weak security and sloppy encryption.

Continued: http://www.usnews.com/news/technology/articles/2013/01/29/canada-holland-whatsapp-violates-privacy-norms

WhatsApp privacy weaknesses could trigger prosecutions
Netherlands, Canada Say WhatsApp Still Violates Privacy Laws
WhatsApp's privacy investigated by joint Canadian-Dutch probe

Collapse -
86,800 network printers open to the whole internet ..
by Carol~ Forum moderator / January 29, 2013 6:22 AM PST
... - is one of them yours?

Last week we wrote about programmers uploading their private keys along with their public source code.

Hot on the heels of that "epic fail" story comes another internet insecurity meme: network printers left open on the internet.

UK blogger @skattyadz, alias Adam Howard [*], did a Google search for a URL matching the pattern you might use to connect to a nearby printer on your office network.

He reports that he got back "about 86,800 results." (Geeks will notice that's very close to 86,400 - the number of seconds in a day.)

For what it's worth, Howard built up a search term specific to HP printers. If you were to repeat his experiment with other vendors' URLs in the search mix, you'd probably get hundreds of thousands more publicly-visible printers.

Continued : http://nakedsecurity.sophos.com/2013/01/29/86800-printers-open-to-internet/

Related: Internet-facing printers remain a huge risk
Collapse -
Trojan stole over 16,000 Facebook credentials
by Carol~ Forum moderator / January 29, 2013 9:00 AM PST

ESET discovered a social engineering Trojan horse that managed to steal the login credentials of more than 16,000 Facebook users.

The 'PokerAgent' Trojan targeted Zynga Poker, the most popular online poker site in the world. Zynga Poker hosts the Texas Hold'Em Poker App for Facebook. According to APPData, the game has more than 35 million active monthly users.

Specifically, the malware was designed to steal users' Facebook login details and link them with user information for the online poker game. ESET first began studying the Trojan in early 2012. However, thanks to proactive generic detection of this threat, ESET users were protected against the Trojan as early as December 2011. [Screenshot]

Because 'PokerAgent' was most active in Israel, ESET contacted the Israeli CERT as well as the Israeli police in early 2012. Because of the ongoing investigation, ESET was not able to publicly disclose any details about the threat. However, in addition to working with the Israeli CERT team, Facebook was also notified and took immediate preventive measures to protect their members and thwart future attacks on the hijacked accounts.

Continued: http://www.net-security.org/malware_news.php?id=2388

Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions


CNET bought a house!

Take a look inside the house where we will be testing connected locks, thermostats and other smart home products so we can tell a complete story.