Spyware, Viruses, & Security forum


NEWS - April 15, 2016

Microsoft issues security patches for 31 separate vulnerabilities

"Critical bugs fixed, but Badlock fails to live up to the hype."

It was the second Tuesday of the month yesterday, and you know what that means... Patch Tuesday!

Microsoft has issued a bundle of security bulletins, detailing fixes for 31 vulnerabilities, including critical remote code execution flaws in Internet Explorer and Microsoft Edge.

And this Patch Tuesday update includes a fix for the Badlock bug - a vulnerability that was pre-announced three weeks ago, with a cutesy name, its own website and (of course) logo.

Continued: https://www.grahamcluley.com/2016/04/microsoft-security-patches-2/

‘Badlock’ Bug Tops Microsoft Patch Batch
Microsoft Unleashes 13 Bulletins, Six Critical
Discussion is locked
You are posting a reply to: NEWS - April 15, 2016
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - April 15, 2016
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Uninstall QuickTime for Windows today!

In reply to: NEWS - April 15, 2016

The time has come to deinstall QuickTime from your Windows machine.

Trend Micro’s Zero Day Initiative has just released advisories (ZDI-16-241 and ZDI-16-242) detailing two new, critical, remote code execution vulnerabilities affecting QuickTime for Windows, but Apple is not going to fix them.

Apple has decided to deprecate the popular multimedia framework for Microsoft Windows, and will no longer be issuing security updates for it. Their advice to users: uninstall it.

Continued: https://www.helpnetsecurity.com/2016/04/15/uninstall-quicktime-for-windows-today/

Got QuickTime on Windows? Uninstall It Right Now
Apple Deprecates QuickTime For Windows, Won’t Patch New Flaws
U.S. government tells Windows customers to delete QuickTime due to hacking dangers

Collapse -
Mac Users Attacked Again by Fake Adobe Flash Update

In reply to: NEWS - April 15, 2016

Mac users are once again being urged to exercise caution when installing updates to Adobe Flash Player, after a fake update was discovered infecting computers.

Intego security experts have identified the rogue package installer as a variant of OSX/InstallCore, and have updated Intego VirusBarrier definitions to provide protection. [...]

The in-the-wild attack has been spread in the form of a Mac Package installer .pkg file, also known a flat package, and has been signed with a legitimate Developer ID certificate — effectively tricking OS X's built-in Gatekeeper security to believe that the files can be trusted and are not malicious.

Continued: https://www.intego.com/mac-security-blog/mac-users-attacked-fake-adobe-update/

Collapse -
Short URLs Big Problem for Cloud Collaboration, Stored Data

In reply to: NEWS - April 15, 2016

URL shorteners are convenient, but for a long time gave security practitioners anxiety because it was difficult to determine where the shortened address was taking you.

Two researchers have now given you new reasons to fear URL shorteners, especially for those storing and sharing data on cloud-based services.

Independent researcher Martin Georgiev and Cornell University professor Vitaly Shmatikov yesterday published a paper called “Gone in Six Seconds: Short URLs Considered Harmful for Cloud Services” in which they describe weaknesses in services such as bit.ly and goo.gl that can be exploited to find supposedly private documents stored on Microsoft OneDrive accounts, and location information via Google Maps.

Continued: https://threatpost.com/short-urls-a-big-problem-for-cloud-collaboration-stored-data/117447/

Short URLs plus cloud services equal bad security
Microsoft's OneDrive short URLs pointed attackers right at your private files

Collapse -
‘Blackhole’ Exploit Kit Author Gets 7 Years

In reply to: NEWS - April 15, 2016

A Moscow court this week convicted and sentenced seven hackers for breaking into countless online bank accounts — including “Paunch,” the nickname used by the author of the infamous “Blackhole” exploit kit. Once an extremely popular crimeware-as-a-service offering, Blackhole was for several years responsible for a large percentage of malware infections and stolen banking credentials, and likely contributed to tens of millions of dollars stolen from small to mid-sized businesses over several years.

According to Russia’s ITAR-TASS news network, Dmitry “Paunch” Fedotov was sentenced on April 12 to seven years in a Russian penal colony. In October 2013, the then 27-year-old Fedotov was arrested along with an entire team of other cybercriminals who worked to sell, develop and profit from Blackhole.

Continued: http://krebsonsecurity.com/2016/04/blackhole-exploit-kit-author-gets-8-years/

Blackhole exploit kit creator Paunch sent behind bars

Collapse -
Out-of-date apps put 3 million servers at risk of ransomware

In reply to: NEWS - April 15, 2016

Out-of-date apps put 3 million servers at risk of crypto ransomware infections

"1,600 schools, governments, and aviation companies already backdoored. "

More than 3 million Internet-accessible servers are at risk of being infected with crypto ransomware because they're running vulnerable software, including out-of-date versions of Red Hat's JBoss enterprise application, researchers from Cisco Systems said Friday.

About 2,100 of those servers have already been compromised by webshells that give attackers persistent control over the machines, making it possible for them to be infected at any time, the Cisco researchers reported in a blog post. The compromised servers are connected to about 1,600 different IP addresses belonging to schools, governments, aviation companies, and other types of organizations.

Continued: http://arstechnica.com/security/2016/04/3-million-servers-are-sitting-ducks-for-crypto-ransomware-infection/
Collapse -
Hybrid GozNym malware targets customers of 24 financial ..

In reply to: NEWS - April 15, 2016

.. institutions

A group of cybercriminals have combined two powerful malware programs to create a new online banking Trojan that has already stolen millions of dollars from customers of 24 U.S. and Canadian banks.

The new threat has been dubbed GozNym by researchers from IBM X-Force because it combines the stealthy Nymaim malware and the Gozi banking Trojan.

The new computer Trojan targets 22 websites that belong to banks, credit unions and e-commerce platforms based in the U.S., and two that belong to financial institutions from Canada. Business banking services appear to be a top target for GozNym's creators, according to the IBM researchers.

Continued: http://www.pcworld.com/article/3056784/hybrid-goznym-malware-targets-customers-of-24-financial-institutions.html

Halfbreed trojan targets US banks
GozNym: The double-headed malware monster targeting US banks
Crooks Combine Gozi and Nymaim Trojans to Steal Money from 24 Banks

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Sublime suburban chariot

High on style and technology, the 2019 Volvo XC90 is an incredibly satisfying everyday crossover.