Spyware, Viruses, & Security forum


NEWS - October 15, 2012

by Carol~ Forum moderator / October 15, 2012 12:21 AM PDT
LulzSec hacker pleads guilty to Sony Pictures attack, faces prison sentence

Raynaldo Rivera, from Tempe, Arizona, has admitted hacking into computer systems belonging to Sony Pictures, and stealing the personal information and passwords of thousands of innocent internet users

The attack, which [url-http://nakedsecurity.sophos.com/2011/06/02/sony-pictures-attacked-again-4-5-million-records-exposed/]took place in May last year, was part of a concerted attack against Sony websites by LulzSec and Anonymous hackers during 2011.

Rivera, who was arrested by the FBI in August, admitted his guilt in the form of a plea agreement filed with Los Angeles Federal Court.

Rivera - who used online nicknames including "neuron", "royal", and "wildicv" - admitted launching an SQL injection attack against the Sony Pictures website, extracting confidential and personal user information - such as the names, birth dates, addresses, emails, phone numbers and passwords of people who had entered Sony contests.

Continued : http://nakedsecurity.sophos.com/2012/10/15/lulzsec-hacker-sony-pictures/

LulzSec hacker "neuron" pleads guilty to Sony Pictures security breach
Lulzsec hacker pleads guilty over Sony attack
LulzSec Hacker Pleads Guilty to Sony Pictures Attack
Post a reply
Discussion is locked
You are posting a reply to: NEWS - October 15, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - October 15, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
The Scrap Value of a Hacked PC, Revisited
by Carol~ Forum moderator / October 15, 2012 12:30 AM PDT

A few years back, when I was a reporter at The Washington Post, I put together a chart listing the various ways that miscreants can monetize hacked PCs. The project was designed to explain simply and visually to the sort of computer user who can't begin to fathom why miscreants would want to hack into his PC. "I don't bank online, I don't store sensitive information on my machine! I only use it to check email. What could hackers possibly want with this hunk of junk?," are all common refrains from this type of user.

I recently updated the graphic (below) to include some of increasingly prevalent malicious uses for hacked PCs, including hostage attacks — such as ransomware — and reputation hijacking on social networking forums. [Screenshot]

One of the ideas I tried to get across with this image is that nearly every aspect of a hacked computer and a user's online life can be and has been commoditized. If it has value and can be resold, you can be sure there is a service or product offered in the cybercriminal underground to monetize it. I haven't yet found an exception to this rule.

By way of example, consider the point-and-click tools pictured below, which are offered on several fraud forums by one enterprising young miscreant. This guy makes and markets dozens of account checking tools that are used to test the validity and status of many popular online stores and services, including Amazon, American Express, eBay, Facebook, iTunes, PayPal and Skype, to name a few.

Continued : http://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/

Collapse -
eBay phishers quickly react to branding change
by Carol~ Forum moderator / October 15, 2012 12:30 AM PDT

eBay has recently redesigned its logo, and it didn't take long for some phishers to modify their attempts to match the change: [Screenshot]

"It probably won't be long before most (if not all) phishers start using the new logo, but for the time being at least some phish attempts will be a little easier to spot for the average end-user," says GFI's Chris Boyd.

On the other hand, the phishing attempts displaying the old logo might still be very successful, as regular low-level users don't usually keep abreast of changes such as these. They might consider the pages with the new logo "obviously fake" and not fall for the scheme.

Continued : http://www.net-security.org/secworld.php?id=13767

Collapse -
The bottom falls out of Facebook email malware
by Carol~ Forum moderator / October 15, 2012 12:30 AM PDT

SophosLabs has intercepted a malware attack that has been spammed out, pretending to be a notification about a Facebook friend's sexy video.

Although you may think that as the emails are written in Spanish, they are unlikely to trick many non-speakers to click on the malicious link contained within.

However, an embedded thumbnail of a semi-naked young woman may be enough for many to venture further without thinking of the possible consequences.

I've edited the screenshot below because even after blurring and pixellating, it still looked really rather rude. Anyway, you can still see enough of the email to get the gist of what to look out for in your inbox. [Screenshot: Malicious Facebook Email]

Continued : http://nakedsecurity.sophos.com/2012/10/15/facebook-email-malware-bottom/

Collapse -
US Military Prepares New Rules for Cyber War: Panetta
by Carol~ Forum moderator / October 15, 2012 2:09 AM PDT

The United States faces a growing threat of a "cyber-Pearl Harbor" and has drafted new rules for the military that would enable it to move aggressively against digital attacks, Defense Secretary Leon Panetta said late Thursday.

The amended rules of engagement underline the need to defend Defense Department computer networks, "but also to be prepared to defend the nation and our national interests against an attack in or through cyberspace," he said.

Citing a mounting cyber danger that could cripple the country's vital infrastructure, Panetta told an audience in New York: "We won't succeed in preventing a cyber attack through improved defenses alone."

"If we detect an imminent threat of attack that will cause significant physical destruction or kill American citizens, we need to have the option to take action to defend the nation when directed by the president," he said.

"For these kinds of scenarios, the department has developed the capability to conduct effective operations to counter threats to our national interests."

Continued : http://www.securityweek.com/us-military-prepares-new-rules-cyber-war-panetta

U.S. Secretary of Defense Warns of Devastating Cyber Attack
US Promises Retaliation in Case of Iran-Triggered Cyberwar

Collapse -
State-Sponsored Malware 'Flame' Has Smaller, More Devious
by Carol~ Forum moderator / October 15, 2012 2:09 AM PDT
.. Cousin

[Screenshot: miniFlame Infection Stats]

Researchers have uncovered new nation-state espionage malware that has ties to two previous espionage tools known as Flame and Gauss, and that appears to be a "high-precision, surgical attack tool" targeting victims in Lebanon, Iran and elsewhere.

Researchers at Kaspersky Lab, who discovered the malware, are calling the new malware miniFlame, although the attackers who designed it called it by two other names - "SPE" and "John." MiniFlame seems to be used to gain control of and obtain increased spying capability over select computers originally infected by the Flame and Gauss spyware.

It is the fourth piece of nation-state malware discovered in the last year that appears to have been created by the same group behind Stuxnet, the groundbreaking cyberweapon that sabotaged Iran's nuclear program and is believed to have been created by the U.S. and Israeli governments. The others - all designed for espionage rather than destruction - are DuQu, Flame, and Gauss.

Continued : http://www.wired.com/threatlevel/2012/10/miniflame-espionage-tool/

Also: Precision Espionage miniFlame Malware Tied to Flame, Gauss
Collapse -
Oracle Patch Update to Include 109 Patches
by Carol~ Forum moderator / October 15, 2012 6:40 AM PDT

Buckle up Oracle administrators for 109 patches coming your way tomorrow. Oracle's quarterly Critical Patch Update is due, and the company is releasing fixes for security vulnerabilities across most of its enterprise products, addressing a host of remotely exploitable flaws. This comes a little more than a month after exploits of a serious zero-day vulnerability in Java were reported, as well as a critical zero-day vulnerability in Java SE.

Seemingly, no product line is spared. Five patches will be released addressing security problems in Oracle Database Server, including one that is remotely exploitable over a network without the need for a username and password, Oracle said. Two of the patches address client-only installations.

Two of these vulnerabilities were reported by Application Security Inc.'s TeamSHATTER research outfit, including a remotely exploitable password cracking flaw in Oracle 11g explained in CVE 2012-3137.

"Even though Oracle closed the issue more than a year ago, they are now providing a more complete and easy-to-implement fix. According to information they have provided us, the new fix will address the vulnerability in all supported releases (, and and will not require a Client software upgrade," said Esteban Martinez Fayo, researcher with TeamSHATTER. "The original fix that they provided one year ago was just for and requires that all client software be upgraded to"

Continued : https://threatpost.com/en_us/blogs/oracle-patch-update-include-109-patches-101512

Collapse -
FBI issues mobile malware warning, specifically discusses..
by Carol~ Forum moderator / October 15, 2012 6:41 AM PDT
FBI issues mobile malware warning, specifically discusses Android, and offers safety tips

The Internet Crime Complaint Center (IC3), a task force that includes the Federal Bureau of Investigation (FBI), the National White Collar Crime Center (NW3C), and the Bureau of Justice Assistance (BJA) has issued a mobile malware warning late last week. The group also outlined a bunch of steps that mobile users should follow to stay protected.

The warning is a poor one for a few reasons. First of all, it came out on a Friday, and doesn't follow any particular threat outbreak. Secondly, the title doesn't list Android specifically (Smartphone Users Should Be Aware of Malware Targeting Mobile Devices and Safety Measures to Help Avoid Compromise) and yet the introduction states "The IC3 has been made aware of various malware attacking Android operating systems for mobile devices."

The poor choice of examples doesn't help. "Some of the latest known versions of this type of malware are Loozfon and FinFisher," the IC3 goes on to say. The first pick is odd because it is hardly a big threat and the second is even weirder because it doesn't just target Android.

Continued : http://thenextweb.com/google/2012/10/15/fbi-issues-mobile-malware-warning-specifically-discusses-android-and-offers-safety-tips/
Collapse -
Reading someone's Gmail doesn't violate federal statute,
by Carol~ Forum moderator / October 15, 2012 6:41 AM PDT
.. court finds

"SC court says Gmail not "electronic storage" by Stored Communications Act."

In a case decided on Wednesday, the South Carolina Supreme Court ruled that accessing someone's online e-mail without their permission doesn't violate the 1986-era Stored Communications Act (SCA). Though they differed in their reasoning, the justices were unanimous in ruling that e-mail stored in the cloud (like Gmail or Yahoo Mail) does not meet the definition of electronic storage as written in the statute.

This new decision creates a split with existing case law (Theofel v. Farey-Jones) as decided in a 2004 case decided by the Ninth Circuit Court of Appeals. That decision found that an e-mail message that was received, read, and left on a server (rather than being deleted) did constitute storage "for purposes of backup protection," and therefore was also defined as being kept in "electronic storage."

Legal scholars point to this judicial split as yet another reason why the Supreme Court (and/or Congress) should take up the issue of the Stored Communications Act.

"This [South Carolina] decision is more evidence of how intractable and inconsistent our statutory electronic surveillance regime has become," Woodrow Hartzog, a professor at the Cumberland School of Law at Samford University, told Ars.

Continued : http://arstechnica.com/tech-policy/2012/10/reading-someones-gmail-doesnt-violate-federal-statute-court-finds/
Collapse -
Hackers Claim to Have "Trolled" Oprah Winfrey, Hacked Site
by Carol~ Forum moderator / October 15, 2012 6:41 AM PDT

A group of hackers calling itself Goatse Security claims to have breached Oprah Winfrey's official website (oprah.com). They haven't leaked any sensitive data, but that's because they claim they're not hackers, but "sophisticated trolls."

"Hello citizens of this sophisticated software known as 'internet' we're GoatseSec and we're here to tell you that we are not gone, and we are not washed up," the group introduced itself.

"Just know, we're still here, and always have been and will be, our false arrests have taken place our Domain password has been changed though, we cannot change the websites template or code into it," they added.

"Also, we're not not 'mastermind' hackers we aren't hackers period we're just adults with a weird thrill and dosage of 'lulz' in other words, we love to troll the [expletive] out of websites and their security. So with that being said we give you some parts of Oprah Winfrey's database."

The information they have published consists of database names, table names and the columns they contain.

On their Twitter account, Goatse Security have highlighted the fact that they're "not hackers." On the other hand, they have admitted to be occasionally working with Anonymous.

"As we have said before, we're not Hackers. We're sophisticated trolls therefore we do not leak we speak. Understood? #GoatseSec," they wrote.

Continued : http://news.softpedia.com/news/Hackers-Claim-to-Have-Trolled-Oprah-Winfrey-Hacked-Website-299288.shtml

Collapse -
Beware! DHL Express malware attack appearing in inboxes
by Carol~ Forum moderator / October 15, 2012 10:09 AM PDT

Take care folks if you're returning to your inbox today, after a weekend away. A malicious email could be lurking there - waiting to infect your computers.

SophosLabs has intercepted a widespread malware campaign that has been spammed out, disguised as a communication from DHL Express.

The emails have the subject line "Processing complete successfully", and claim to be a DHL Express Tracking Notification.

The emails look like the following (click on the image for a larger version): [Screenshot]

Attached to each of the emails is a file, DHL_Express_Processing_complete.pdf.zip, which contains malware that Sophos products detect as Troj/BredoZp-S.

If you unzip the file, and open its contents, you will be putting your Windows computer at risk of infection.

Malicious emails claiming to come from the likes of DHL, FedEx and UPS are nothing new. The reason why we continue to see malware attacks using this kind of disguise though is easy to understand - it works.

Continued : http://nakedsecurity.sophos.com/2012/10/15/dhl-express-malware/

Popular Forums
Computer Help 51,224 discussions
Computer Newbies 10,453 discussions
Laptops 20,090 discussions
Security 30,722 discussions
TVs & Home Theaters 20,937 discussions
Windows 10 1,295 discussions
Phones 16,252 discussions
Windows 7 7,684 discussions
Networking & Wireless 15,215 discussions


What do the color stripes mean on your tires?

Brian Cooley tells you why you might see various color lines on the wheels of your automobile.