Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - February 05, 2015

Feb 5, 2015 12:06AM PST
Adobe rolls out patches for latest Flash flaw

"Auto-updates began Wednesday, with a manual update coming Thursday"

Adobe Systems has started distributing an update for the latest Flash security flaw, which is already being exploited in malicious advertising attacks.

The fix repairs a vulnerability, CVE-2015-0313, which could potentially allow a hacker to take complete control over a user's system. It affects Flash Player on all supported platforms including Windows, Mac OS X and Linux.

" .. Researchers from Trend Micro and Microsoft found the flaw after seeing it used in attacks. Code that takes advantage of it was in the Angler exploit kit used by hackers, Trend Micro said Monday.

Trend found that a malicious ad running on video streaming site Dailymotion.com was redirecting people to pages hosting Angler, which then attacked their computers. The Hanjuan exploit kit is also thought to use the flaw.

Websites are often unaware they're running malicious advertisements. The ads are distributed by online advertising companies that for various reasons don't detected the malicious content. "

Continued : http://www.computerworld.com/article/2879997/adobe-rolls-out-patches-for-latest-flash-flaw.html

See: UPDATE: Security Advisory for Adobe Flash Player (APSA15-02)

Related:
Adobe Begins Patching Third Flash Player Zero Day
A Closer Look at the Exploit Kit in CVE-2015-0313 Attack
As Flash 0day exploits reach new level of meanness, what are users to do?

Discussion is locked

- Collapse -
Data Breach at Health Insurer Anthem Could Impact Millions
Feb 5, 2015 12:09AM PST
Anthem Inc., the nation's second largest health insurer, disclosed Wednesday that hackers had broken into its servers and stolen Social Security numbers and other personal data from all of its business lines. Given the company's size, this breach could end up impacting tens of millions of Americans.

Anthem didn't specify how many consumer records may have been breached, but it did say all of the company's business units are affected. The figures from Anthem's Web site offer a glimpse at just how big this breach could be: "With nearly 69 million people served by its affiliated companies including more than 37 million enrolled in its family of health plans, Anthem is one of the nation's leading health benefits companies."

The company said it is conducting an extensive IT forensic investigation to determine what members are impacted.

Continued : http://krebsonsecurity.com/2015/02/data-breach-at-health-insurer-anthem-could-impact-millions/

Related:
Breach of Health Insurer Exposes Sensitive Data of Millions of Patients
US health insurer Anthem suffers massive data breach
Anthem, America's second biggest health insurer, HACKED: Millions hit by breach
- Collapse -
Serious bug in fully patched Internet Explorer puts user ..
Feb 5, 2015 12:59AM PST
.. credentials at risk

A vulnerability in fully patched versions of Internet Explorer allows attackers to steal login credentials and inject malicious content into users' browsing sessions. Microsoft officials said they're working on a fix for the bug, which works successfully on IE 11 running on both Windows 7 and 8.1.

The vulnerability is known as a universal cross-site scripting (XSS) bug. It allows attackers to bypass the same origin policy, a crucially important principle in Web application models that prevents one site from accessing or modifying browser cookies or other content set by any other site. A proof-of-concept exploit published in the past few days shows how websites can violate this rule when people use supported versions of Internet Explorer running the latest patches to visit maliciously crafted pages.

Continued: http://arstechnica.com/security/2015/02/serious-bug-in-fully-patched-internet-explorer-puts-user-credentials-at-risk/

Related:
Critical IE 11 bug can be used for effective phishing attacks
Major Internet Explorer vulnerability could lead to convincing phishing attacks
Universal XSS vulnerability discovered in Microsoft Internet Explorer
- Collapse -
Millions of Android users at risk from adware, secretly..
Feb 5, 2015 12:59AM PST
.. lurking inside Google Play apps

Every time you unlock your Android smartphone, are you greeted with messages like this? [Screenshot]

Closely followed by strong pressure to download an app onto your Android device, such as this one: [...]

If so, chances are that you have fallen foul of a spate of apps that have managed to make their way into the official Google Play store, despite secretly harbouring a malicious advertising SDK within their code.

The threat was brought to light by Andrei Mankevich, an independent game developer from Belarus, who alerted Avast's research team about the issue in a post on the security company's forum.

Continued : http://grahamcluley.com/2015/02/android-adware-risk/

Related: Malicious Google Play apps (may have) hosed millions of Android handsets
- Collapse -
Canary Watch Site Launches to Track Warrant Canaries
Feb 5, 2015 12:59AM PST

In the years since Edward Snowden began putting much of the NSA's business in the street, including its reliance on the secret FISA court and National security Letters, warrant canaries have emerged as a key method for ISPs, telecoms and other technology providers to let the public know whether they have received any secret orders. But keeping track of the various canaries scattered around the Web is difficult, so a group of legal and civil liberties organizations have come together to launch a new site to monitor the known warrant canaries.

The Canary Watch site is the work of the EFF, the Berkman Center for Internet and Society and NYU's Technology Law and Policy Center and it works on a simple concept. The site maintains a list of all of the known warrant canaries and periodically checks each organization's site to see whether the canary is still there and then lists any changes to the status.

Continued : http://threatpost.com/canary-watch-site-launches-to-track-warrant-canaries/110813

Related: Canary Watch site will keep an eye out for vanishing warrant canaries

- Collapse -
Fake Facebook Account Suspended emails lead to Trojans, ..
Feb 5, 2015 1:57AM PST
.. ransomware

Fake Facebook account suspension emails are doing rounds of inboxes around the world, trying to convince the recipients that their account has been temporarily disabled due to the social network's "Terms and Policies renewal": [Screenshot]

Seemingly coming from a Facebook email address and signed with "The Facebook Team," the email is likely to trick some of the recipients into following the offered link to the TermsPolicies.pdf.exe file hosted on what seems to be a compromised third party site (assetdigitalmarketing [dot] com).

The file is currently detected by nearly half of the AV solutions used by VirusTotal and seems to be a generic Trojan downloader.

According to My Online Security, a new version of the same email delivered today points to another TermsPolicies.pdf.exe hosted on http:// ladiezspot[.]com/, which according to VirusTotal is a crypto-ransomware variant.

Continued : http://www.net-security.org/malware_news.php?id=2954
- Collapse -
Automotive Security: Connected Cars Taking the Fast Lane
Feb 5, 2015 1:58AM PST

TrendLabs Security Intelligence Blog :

Hearing about vulnerabilities in your car's operating system might seem strange. But it's now something we all need to get used to.

Last January 30, several security loopholes in BMW's ConnectedDrive system, that could allow potential thieves to unlock doors and track car data using a mobile device, as the security gap may affect the transmission path via the mobile phone network were revealed. This was uncovered during a privacy assessment conducted by the German auto club ADAC, and is believed to affect 2.2 million BMW vehicles worldwide.

According to a statement from ADAC, the vulnerable vehicles were prone to abuse of features like Remote Services (opening doors remotely), tracking the vehicle's current location and car speed via real-time traffic information (RTTI), enabling and changing phone numbers on the emergency call function, and reading emails via the BMW Online feature in the BMW ConnectedDrive Store.

Continued: http://blog.trendmicro.com/trendlabs-security-intelligence/automotive-security-connected-cars-taking-the-fast-lane/

- Collapse -
Silk Road Mastermind Ulbricht Convicted of All 7 Charges
Feb 5, 2015 3:06AM PST

A jury has spoken, and the mask is off: Ross Ulbricht has been convicted of being the Dread Pirate Roberts, secret mastermind of the Silk Road online narcotics empire.

On Wednesday, less than a month after his trial began in a downtown Manhattan courtroom, 30-year-old Ulbricht was convicted of all seven crimes he was charged with, including narcotics and money laundering conspiracies and a "kingpin" charge usually reserved for mafia dons and drug cartel leaders. It took the jury only 3.5 hours to return a verdict. Ulbricht faces a minimum of 30 years in prison; the maximum is life. But Ulbricht's legal team has said it will appeal the decision, and cited its frequent calls for a mistrial and protests against the judge's decisions throughout the case.

Continued : http://www.wired.com/2015/02/silk-road-ross-ulbricht-verdict/

Related: Ross Ulbricht is Dread Pirate Roberts, risks life imprisonment

- Collapse -
Hackers Target iOS-Using Government Officials & Journalists
Feb 5, 2015 3:07AM PST
.. in Pawn Storm Malware Attack

Last October, security researchers released detailed reports about how a criminal hacking gang, possibly backed by a foreign state, was targeting Western governments, military and the media in an operation called "Pawn Storm."

The hackers' aim, it was claimed, was to steal information and compromise the Windows computers of targets. And, when you consider that there has been strong speculation that the attack might be being sponsored by the Russian authorities, the list of targets begins to make sense.

Through boobytrapped website attacks—which would silently exploit vulnerabilities and install malware—the hackers ingeniously only hacked likely targets by testing details of the visiting computer (operating system version, language settings, time zone, etc) before attempting infection.

These infections, you will note, were against Windows computers. So, why are we talking about it on the Intego Mac Security blog?

Continued :http://www.intego.com/mac-security-blog/hackers-target-ios-using-government-officials-and-journalists-in-pawn-storm-malware-attack/

Related:
Advanced espionage spyware targets iOS devices
iOS spyware used by Pawn Storm cyber spies