11 total posts
Fake Antivirus Renewal Email Rises from the Dead
From the Symantec Security Response blog:
Over the last few years, many reports, white papers, and blogs have been released detailing targeted attacks. For example, some attacks employ sophisticated infection methods, such as watering hole attacks, and some rely on exploit code hidden in document files mixed with social engineering schemes. Some time ago, when the malware world was still dominated by mass-mailing worms that used fake emails as the infection method, one of the schemes was a fraudulent license renewal notification from well-known antivirus vendors.
Some may think that this scheme had become extinct but we saw evidence recently that it is still alive and kicking when an email was sent to an electric power company and a major industrial company in Japan. [Screenshot]
Inside the attached .zip file there is a file with a .doc.exe extension, which smells fishy. The file name is gibberish as well. [Screenshot]
Continued : http://www.symantec.com/connect/blogs/fake-antivirus-renewal-email-rises-dead
Web code weakness allows data dump on PCs
Gigabytes of junk data could be dumped onto PCs via a loophole in web code, a developer has found.
The loophole exploits a feature of HTML 5 which defines how websites are made and what they can do.
Developer Faross Aboukhadijeh found the bug and set up a demo page that fills visitors hard drives with pictures of cartoon cats.
In one demo, Mr Aboukhadijeh managed to dump one gigabyte of data every 16 seconds onto a vulnerable Macbook.
Most major browsers, Chrome, Internet Explorer, Opera and Safari, were found to be vulnerable to the bug, said Mr Aboukhadijeh.
While most websites are currently built using version 4 of the Hyper Text Markup Language (HTML), that code is gradually being superseded by the newer version 5.
Continued : http://www.bbc.co.uk/news/technology-21628622
Exploit lets websites bombard visitors' PCs with gigabytes of data
HTML5 Web Storage loophole can be abused to fill hard disks with junk data
China Publicly Claims to Be the Victim of U.S. Cyberattacks
On Thursday the Chinese government, long considered the aggressor in highly publicized U.S. cyberattacks, publicly spoke about being the victim. Two of its military Web sites were attacked an average of 144,000 per month and two-thirds of those strikes came from the United States, according to a ministry spokesman.
"The Defense Ministry and China Military Online Web sites have faced a serious threat from hacking attacks since they were established, and the number of hacks has risen steadily in recent years," said ministry spokesman Geng Yansheng, according to a Reuters report. "According to the IP addresses, the Defense Ministry and China Military Online websites were, in 2012, hacked on average from overseas 144,000 times a month, of which attacks from the U.S. accounted for 62.9 percent," he said.
The Chinese response, said during a closed meeting and later reported on a ministry Web site, comes after U.S. security company Mandiant fingered a Shanghai-based elite military unit of the People's Liberation Army as the most likely source behind a number of advanced persistent threats against U.S. government and industries.
Continued : https://threatpost.com/en_us/blogs/china-publicly-claims-be-victim-us-cyberattacks-022813
US hackers attacked military websites, says China's defence ministry
China Says US-based Hackers Attack its Military Websites
US hackers target our websites, China's Defence Ministry complains
Cyber-Spy Hacking Gang Steals a Terabyte of Data Each Day,
... Report Shows
From Bitdefenders' "HOTforSecurity" blog:
An as-yet unknown gang of cyber-spy hackers is stealing more than a terabyte of data per day from major firms, governments and others, and security experts say cyber-war will get even worse, according to a report by Team Cymru published by The Verge. Some hackers use custom-made software to take control of computer systems.
The Florida-based security company said victims of the massive hacking operation include military and academic facilities, search engines, government agencies and embassies. The hacking group is using a network of 500 servers to nab trade secrets and sensitive details from thousands of companies worldwide.
"This is Internet theft on an industrial level," said Team Cymru director Steve Santorelli, a former detective with Scotland Yard.
One of the main countries targeted in the cyber-war is the United States. Security firm Mandiant also showed recently how a hacking group employed by China has breached the servers of hundreds of American companies in recent years in search of important data. But security experts say China isn't necessarily to blame.
Continued : http://www.hotforsecurity.com/blog/cyber-spy-hacking-gang-steals-a-terabyte-of-data-each-day-report-shows-5514.html
Avast 8 generates detection of entire malware families
At RSA Conference 2013 in San Francisco, Avast Software introduced a new version of its consumer security software line, with a number of new technologies and improvements to deliver proactive detection, vulnerability prevention, and user comfort.
Avast version 8 brings:
• Malware-similarity search technology to deliver automatic identification and blacklisting of files similar to other known infected files. These detections are pulled in real-time from the Avast cloud database.
• A new dynamic-detection engine combined with the AutoSandbox feature. The AutoSandbox allows Avast to analyze suspicious files in an isolated environment before they are allowed to run on the user's system. The new engine helps users make more intelligent decisions, whether files running in the sandbox are malicious or not, and it quarantines infected files automatically. The technology is based on an in-memory SQL database, allowing for complex queries on the file's overall execution trace.
Continued : http://www.net-security.org/secworld.php?id=14523
Facebook fixes bug that leaked users' phone numbers
Facebook has fixed a bug that was leaking users' phone numbers to application developers.
Reported in June 2012, the API (application programming interface) bug was affecting the email field in some mobile apps that accessed Facebook's API.
The original report about the glitch was reproduced in a Facebook notice in which Facebook's Alvin Sng said it should now be resolved.
Facebook said that when retrieving a user's email address via graph API, app developers were receiving a 10-digit number once for every 1,000 users, more or less, instead of the properly formatted email address the documentation states that the field should return.
But as pointed out by IDG's Zach Miners, some app developers reported significantly higher incidences.
Continued : http://nakedsecurity.sophos.com/2013/03/01/facebook-fixes-bug-that-leaked-users-phone-numbers/
Do Not Track bill is back on the table
Impatient with the glacial progress so far, Senator Jay Rockefeller is having another shot at getting a Do Not Track bill through Congress.
His bill would force the Federal Trade Commission to set out regulations covering the collection and use of personal information obtained by tracking people's online activity. It's an amended version of proposals first considered in 2011 following calls from the FTC.
The aim is to establish a set of standards and procedures through which consumers could opt out of having their web activity tracked. Until now, Do Not Track has been voluntary.
"The attitude had been, let's give self-regulation a chance," says John M. Simpson, director of Consumer Watchdog's Privacy Project. "We've spent 18 months and it's not working. Now is the time for legislative action and we welcome Sen. Rockefeller's commitment to getting Do Not Track done."