Spyware, Viruses, & Security forum

Alert

NEWS - October 23, 2013

by Carol~ Forum moderator / October 23, 2013 5:10 AM PDT
Google Project Shield to Protect Sensitive Sites from DDoS Attacks

DDoS attacks have been a problem for nearly as long as the Internet has been a thing, but they're difficult to visualize and understand on a practical level. A whole bunch of traffic is going to a Web site. So what? Now, Google and Arbor Networks are collaborating on a project that shows exactly how large and damaging some of these attacks are, and who's attacking who at any given moment.

The Digital Attack Map, launched Monday at the Google Ideas Summit, gives users a clear picture of ongoing DDoS attacks on a world map, and also enables them to dig into the details of a given attack. Users can see the origin country and destination of each attack, the maximum volume of traffic, which ports are being attacked, how long the attack has been going on and what kind of attack it is. The data is coming from Arbor's ATLAS monitoring system, and is updated every day.

"What our ATLAS data highlights is just how commonplace DDoS attacks have become - both in terms of frequency but also in terms of how many Internet users are impacted by DDoS. It's not just a problem for large, global organizations and service providers, but anyone with an Internet connection can be caught in the crossfire of an attack. The 'collateral damage' of an attack against a large organization or service provider are the people that rely on those networks every single day," Dan Holden of Arbor said.

Continued : http://threatpost.com/google-project-shield-to-protect-sensitive-sites-from-ddos-attacks/102645

Related:
Google launches new service to protect against censorship, cyber-attacks
Google Launches Anti-DDoS Service 'Project Shield'
Google launches new anti-DDoS service called 'Project Shield'
Post a reply
Discussion is locked
You are posting a reply to: NEWS - October 23, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - October 23, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Apple releases iOS 7.0.3 - fixes yet more lockscreen holes,
by Carol~ Forum moderator / October 23, 2013 6:43 AM PDT
.. including a call-anybody bug

Soon after iOS 7 came out, a pair of holes in the lockscreen were outed and then quickly fixed in iOS 7.0.2.

It turns out that Apple didn't fix future problems of this sort proactively, because the just-announced iOS 7.0.3 closes three more locked-phone holes.

The three bugs this time deal with similar problems to those patched in 7.0.2:

• Another flaw in the emergency call feature, where hitting the call button at a carefully-planned moment lets you call any number, not just 911 or your local equivalent.
• A passcode lockout bypass, so that crackers can continue trying passcodes even after the phone decides they've had too many goes and locks them out.
• Access to the Contacts pane even when the phone is locked.

Interestingly, the bug fix for the emergency call problem is described as follows:

Continued: http://nakedsecurity.sophos.com/2013/10/23/apple-releases-ios-7-0-3-fixes-yet-more-lockscreen-holes-including-a-call-anybody-bug/

[Apple-related: Mac OS X 10.9 Mavericks is out. It's free. And I'm not installing it]
Collapse -
Tenda Wireless Routers Feature Backdoor
by Carol~ Forum moderator / October 23, 2013 6:43 AM PDT

Bitdefenders' "HOT for Security" Blog:

Some wireless router models produced by Chinese company Tenda Technology are vulnerable to remote attacks, says Craig Heffner, the researcher who also spotted the backdoor in D-Link routers.

Unpacking the firmware update for the Tenda networking kit, Heffner found "suspicious code" that enables an unauthorized person to highjack the router "by sending a UDP packet with a special string."

Apparently the bug is in the httpd component, where the MfgThread() function deploys a backdoor that can execute commands from remote C&C centers. Basically, once a remote attacker gets into the local network, he can send commands with root privileges to the device.

"The backdoor only listens on the LAN, thus it is not exploitable from the WAN. However, it is exploitable over the wireless network, which has WPS enabled by default with no brute force rate limiting," Heffner writes in an advisory.

Continued: http://www.hotforsecurity.com/blog/tenda-wireless-routers-feature-backdoor-7246.html

Related:
D-Link hole-prober finds 'backdoor' in Chinese wireless routers
Backdoor found in Chinese Tenda Wireless Routers, allows Root access to Hackers

Collapse -
NETGEAR ReadyNAS Storage Vulnerable to Serious Flaw
by Carol~ Forum moderator / October 23, 2013 6:43 AM PDT
NETGEAR ReadyNAS Storage Vulnerable to Serious Command-Injection Flaw

A popular NETGEAR network-attached storage product used primarily in medium-sized organizations has a gaping vulnerability that puts any data moving through a network in jeopardy.

The flaw in ReadyNAS, specifically its Frontview front end, was patched via a firmware update three months ago. But according to Tripwire researcher Craig Young who discovered the issue and reported it to NETGEAR, only a fraction of Internet-facing boxes have been patched. An attacker exploiting the vulnerability could gain root access to the box.

Young said very little information has been released about the severity of the bug, from NETGEAR in particular. The advisory on the NETGEAR website makes little reference to security except in fine print at the end of the notice with a bullet-point about a Frontview update that addresses security issues. Young said he doesn't believe customers are incentivized enough to apply the 4.2.24 update when a previous update, 4.2.23, included new features and bug fixes.

Continued : http://threatpost.com/netgear-readynas-storage-vulnerable-to-serious-command-injection-flaw/102657

Related: Experts Warn of Critical Flaws in Netgear ReadyNAS Storage Devices
Collapse -
Phone Scammers Take A Move From The Ransomer's Playbook
by Carol~ Forum moderator / October 23, 2013 6:43 AM PDT

From the "Malwarebytes Unpacked" Blog:

It didn't seem too long ago everyone was aware of common scams, from Phone Scammers trying to sell you premium Microsoft support to Ransomers who claim to be from the FBI and lock down your desktop. While these are still common problems, at least we say we can identify obvious scams...until now that is.

An article by Emily Patterson of the Better Business Bureau describes a new phone scam attempting to steal unsuspecting people's hard earned cash and, this time, they are posing as the police.

The scam works like this:

1. You get a call, if you have caller ID it informs you that it's coming from your local sheriff's office.
2. You pick it up and the "Sheriff" tells you that there is a warrant out for your arrest.
3. You can avoid being arrested by paying a fine and everything will be cleared.
4. To pay the fine, you need to either use a Money Order or pre-paid debit card, like MoneyPak.
5. ...
6. Bad Guys Profit

The goal of the scammers is obviously to steal money from you, by employing similar practices as recent Ransomware that pretend to be from the FBI or other law enforcement agencies. They employ software that spoofs the caller ID to make the call seem more legitimate.

Continued : http://blog.malwarebytes.org/fraud-scam/2013/10/phone-scammers-take-a-move-from-the-ransomers-playbook/

Collapse -
Adobe Flash Player now sandboxed on OS X Safari
by Carol~ Forum moderator / October 23, 2013 7:59 AM PDT

"When run on OS X 10.9 Mavericks, Adobe Flash Player will run in a sandbox, with limited capacity for mischief if compromised."

Having released protected versions of Flash Player for Google Chrome, Microsoft Internet Explorer and Mozilla Firefox, Adobe has announced that Flash Player will be sandboxed on Apple Safari when run on OS X 10.9 Mavericks.

Specifically, Adobe has created a sandbox profile for the Flash plugin and included it in the Webkit project. Webkit is the browser engine used in Safari.

The sandbox profile tells Safari/Webkit to limit the ability of the plugin to read or write files to only the specified items. The goal of a sandbox such as this is to limit the damage that an attacker can do if he takes control of Flash through a vulnerability. The sandbox should prevent attackers from attacking other programs or creating a persistent infection.

Adobe has also sandboxed the major versions of their Reader program and Acrobat. These programs used to be leading targets for malicious attack on the web, but years of security work on them have induced attackers to look elsewhere.

http://www.zdnet.com/adobe-flash-player-now-sandboxed-on-os-x-safari-7000022368/

Collapse -
UN Nuclear Agency Computers Infected with Malware
by Carol~ Forum moderator / October 23, 2013 7:59 AM PDT

The International Atomic Energy Agency (IAEA) has admitted that some of its computers have been infected with malware for at least the last few months, but denies that any sensitive data regarding its nuclear inspections has been compromised.

The IAEA was established in 1957 as the world's 'Atoms for Peace' organization within the United Nations. It works with the member states to promote safe, secure and peaceful nuclear technologies - but is currently better known for its role in investigating Iran's disputed nuclear intentions.

At the end of last year the organization was breached by an anti-Israel hacking group calling itself Parastoo. 'Parastoo' is Farsi for 'swallow' and also an Iranian girl's name. The clear implication, then, is that Parastoo is an Iranian hacking group; and there seems a similar likelihood that it or another Iranian group is behind the latest hack against the IAEA.

Continued : http://www.infosecurity-magazine.com/view/35214/un-nuclear-agency-computers-infected-with-malware/

Collapse -
Study: Internet users older than 50 years are vulnerable
by Carol~ Forum moderator / October 23, 2013 7:59 AM PDT
Internet users older than 50 years are vulnerable, according to study Shocked

Despite the reputation social networks have for attracting younger users, McAfee's Fifty Plus Booms Online study has revealed that people aged 50 to 75 years are also connected via social media - and they are more vulnerable than they believe.

According to the study, 97 percent of respondents go online daily for an average of five hours, and 80 percent are using social networks, such as Facebook and Twitter. Even though more than half say they share personal information online with strangers, 88 percent consider themselves tech-savvy.

"The fact that some 88 percent of participants say they consider themselves equally or more tech-savvy compared to others their age, frankly, is laughable," Robert Siciliano, an online security and safety evangelist to McAfee, who also posted the study, told SCMagazine.com on Wednesday.

He added, "The ability to connect to the internet and login doesn't make you tech-savvy. I speak to these groups all the time. They ask remedial questions with regard to hardware, software and security, telling me they need to reevaluate what they consider tech-savvy."

Continued : http://www.scmagazine.com/internet-users-older-than-50-years-are-vulnerable-according-to-study/article/317618/
Popular Forums
icon
Computer Help 51,224 discussions
icon
Computer Newbies 10,453 discussions
icon
Laptops 20,090 discussions
icon
Security 30,722 discussions
icon
TVs & Home Theaters 20,937 discussions
icon
Windows 10 1,295 discussions
icon
Phones 16,252 discussions
icon
Windows 7 7,684 discussions
icon
Networking & Wireless 15,215 discussions

CNET EDITORS' CHOICE

Roku Streaming Stick 2016

Roku has the most apps, the simplest interface and the best search, making it CNET's favorite way to stream Netflix, Amazon, Hulu, HBO and all the rest.