Spyware, Viruses, & Security forum


NEWS - November 12, 2013

by Carol~ Forum moderator 2 / November 12, 2013 12:38 AM PST
British Spies Hacked Telecom Network by Luring Engineers to Fake LinkedIn Pages

British spies hacked into the routers and networks of a Belgian telecommunications company by tricking telecom engineers into clicking on malicious LinkedIn and Slashdot pages, according to documents released by NSA whistleblower Edward Snowden.

Once engineers with Belgacom clicked on the fake pages, malware was installed surreptitiously onto their machines, giving the spooks with Britain's GCHQ the ability to penetrate the internal networks of Belgacom and its subsidiary BICS.

The primary aim, reports the German newspaper der Spiegel, which obtained the documents, was to compromise the GRX router system that BICS controlled, in order to intercept mobile phone traffic that got transmitted by the router.

Continued: http://www.wired.com/threatlevel/2013/11/british-spies-hacked-telecom/

GCHQ "created fake LinkedIn, Slashdot webpages" to infect targets with malware
UK spies continue "quantum insert" attack via LinkedIn, Slashdot pages
GCHQ hacks GRX providers to mount MitM attacks on smartphone users
GCHQ hijacked LinkedIn profiles to hack Belgian telecoms network - report
Post a reply
Discussion is locked
You are posting a reply to: NEWS - November 12, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - November 12, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Operation Waking Shark II: UK banks play cyber war games
by Carol~ Forum moderator 2 / November 12, 2013 1:23 AM PST

Financial organisations in London will be simulating a massive internet attack today, as thousands of IT and security staff play out a series of digital disasters to test their ability to respond and work together in a crisis.

As Reuters reports, the event is dubbed "Waking Shark II" (not to be confused with "Jaws IV: The Revenge") and will involve banks and stock exchanges seeing how they might respond to major attacks on stock exchange computer systems, and how banks might cope with cashless ATM machines (rather than how Michael Caine might drum up some cash to buy a new house.)

Similar "cyber war games" have been run in the past by Wall Street - who dubbed their stress test "Quantum Dawn".

Continued : http://grahamcluley.com/2013/11/operation-waking-shark-ii-uk-banks-play-cyber-war-games/

Banks Testing Cyber Attack Communications Resilience
Cyber war games dubbed 'Waking Shark II' begin for London's financial institutions
Operation Waking Shark 2 is good, but is it enough?

Collapse -
Apple-related phishing and online banking malware increase
by Carol~ Forum moderator 2 / November 12, 2013 1:24 AM PST

As the holiday season approaches, Trend Micro is raising concern about the ongoing proliferation of Apple iOS phishing sites, as well as a sizable uptick in online banking malware.

Findings suggest consumers should be alert and cautious during the holiday shopping season to protect personal and financial data from being compromised.

"As consumers gravitate to the convenience of online banking, criminals are developing tools at an exceedingly rapid pace to exploit a general lack of awareness," said JD Sherry, vice president of technology and solutions, Trend Micro.

"In addition, Apple has been traditionally perceived as a safe-haven against threats, but our findings reveal that personal information can be jeopardized as phishing scams that target the platform continue to gain momentum. This evidence suggests a potential perfect storm looming in the holiday season as busy commercial and consumer users leverage mobile platforms," Sherry added.

Continued : http://www.net-security.org/malware_news.php?id=2624

Related:Trend Micro Highlights Concerns for Q4 and Holiday Shopping Season

Collapse -
San Diego quietly slips facial recognition into the hands ..
by Carol~ Forum moderator 2 / November 12, 2013 5:33 AM PST
.. of law enforcers

The US immigration agent had a hunch.

So while he was taking part in a warrant sweep in the Oceanside neighborhood of the US city of San Diego, in California, he whipped out his Android smartphone and snapped a quick photo.

He didn't have to ask his subject's name. He didn't need to check the man's identification. And he certainly didn't need a warrant.

The facial recognition software on the mobile phone confirmed the agent's suspicion about the immigration status of a neighbor of the person he was pursuing: the neighbor was in the country illegally and had been convicted in 2003 of driving under the influence in San Diego.

Continued : http://nakedsecurity.sophos.com/2013/11/12/san-diego-quietly-slips-facial-recognition-into-the-hands-of-law-enforcers/
Collapse -
Zero-Days Rule November's Patch Tuesday
by Carol~ Forum moderator 2 / November 12, 2013 8:06 AM PST
Microsoft today issued security updates to fix at least 19 vulnerabilities in its software, including a zero-day flaw in Internet Explorer browser that is already being actively exploited. Separately, Adobe has released a critical update that plugs at least two security holes in its Flash Player software.

Three of the eight patches that Microsoft released earned its most dire "critical" label, meaning the vulnerabilities fixed in them can be exploited by malware or miscreants remotely without any help from Windows users. Among the critical patches is an update for Internet Explorer (MS13-088) that mends at least two holes in the default Windows browser (including IE 11). MS13-089 is a critical file handling flaw present in virtually every supported version of Windows.

The final critical patch - MS13-090 — fixes essentially another IE flaw (ActiveX) that showed up in targeted attacks late last week. Microsoft says attackers used a second, "information disclosure" vulnerability in tandem with the ActiveX flaw, but that the company is still investigating that one. It noted that its Enhanced Mitigation Experience Toolkit (EMET) tool successfully blocked the ActiveX exploit.

Continued : http://krebsonsecurity.com/2013/11/zero-days-rule-novembers-patch-tuesday/

Microsoft Updates November 2013 - Burning the 0day
Microsoft patches 19 flaws, including IE zero day
Adobe Patches Flash, ColdFusion Flaws Unrelated to Breach
Collapse -
A nefarious use of Google Drive to load malicious redirects
by Carol~ Forum moderator 2 / November 12, 2013 8:06 AM PST

Malwarebytes Unpacked Blog:

A lesser known aspect of the popular cloud storage Google Drive is its built-in site publishing feature that allows you to upload an entire directory containing static web files (HTML, JavaScript, CSS, etc.) and to publish your own website.

Bad guys are uploading malicious scripts and using them as part of a well thought chain of attacks that infects legitimate websites and redirects their traffic to drive-by download landing pages.

Since Google Drive uses HTTPS, the traffic packets are encrypted, making it harder to detect anomalies with traditional Intrusion Detection Systems (IDS). [...]

Before analyzing the above code, let's rewind and see how this attack is being spread in the wild.

Intriguing references to https: //googledrive.com/host/{uniqueID} are being injected in websites' source code:

Continued : http://blog.malwarebytes.org/cyber-crime/2013/11/a-nefarious-use-of-google-drive-to-load-malicious-redirects/

Collapse -
Chinese bitcoin exchange vanishes with $4.1m in bitcoins
by Carol~ Forum moderator 2 / November 12, 2013 8:06 AM PST

Another bitcoin exchange has shut down, taking approximately $4.1 million worth of its clients' bitcoins with it and, according to CoinDesk, foul play from its operator is suspected.

The name of the exchange is Global Bond Limited (GBL), and it was launched in May 2013. Despite being registered in Hong Kong, its server was located in Beijing - a fact that made some users suspicious (justifiably, as it turns out).

When it first started functioning, GBL was promoted as having received a licence to operate a digital currency exchange from the Hong Kong authorities. This also turned out to be a lie.

But, despite this and other suspicious things (evasive contact information on the site, information copy-pasted from other similar sites), it apparently managed to attract over 1000 users - mostly from mainland China - who have now lost their money, and likely have no legal recourse for getting it back.

Continued : http://www.net-security.org/secworld.php?id=15932

Selfish Miners Could Exploit P2P Nature of Bitcoin Network
Chinese Bitcoin exchange DISAPPEARS, along with £2.5 MEEELLION
Fraud at this Chinese bitcoin exchange cost clients $4.1M.

Collapse -
Software piracy group MeGaHeRTz spies on users, mines data,
by Carol~ Forum moderator 2 / November 12, 2013 8:07 AM PST
.. IP addresses

Like it or not, torrents and software piracy are facts of life. However, sometimes those freebies aren't as appetizing as they seem to be. Occasionally, torrent downloads are laced with malware and other stuff designed to ruin the day for you and your PC. Usually, these incidents appear to be isolated incidents, but a piracy group by the name of MeGaHeRTz have been engaging in similar activities that appear to be relatively large in size and scope.

One user who drank from the MeGaHeRTz downloads pool noticed that something was up with his/her internet activity through their firewall. After downloading a MeGaHeRTz-released version of Malwarebyes Anti-Malware Pro, they noticed that after applying the MeGaHeRTz crack that came with the download, the crack began to send traffic out of the user's machine. The user found that the information being collected includes user's IP address. IP addresses are unique identifiers that basically act as your computer's name on the internet. The information is then sent to three e-mail addresses, whose names include a variant of the MeGaHeRTz name.

Continued : http://www.digitaltrends.com/computing/software-piracy-group-found-spying-users-megahertz/
Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions

CNET Holiday Gift Guide

Looking for great gifts under $100?

Trendy tech gifts don't require a hefty price tag. Choose from these CNET-recommended useful and high-quality gadgets.