People who bought a Hama-manufactured slide scanner from popular German retailer chain Tchibo in the weeks leading to Christmas are being warned about taking home more than they have bargained for.
The appliances in question, which "reads" film negatives and reproduces the photos on a computer, have been found to contain the Conficker.B variant.
According to H-Online, the virus is contained in the DCIM.exe and autorun.inf files, but since Microsoft has disabled the AutoRun function on writeable media, the only way for users to get infected is to run the executable themselves.
Both Hama and Tchibo have confirmed the incident and the retailer advised users to remove the malware via paid and free AV products, or to alternatively bring the device in for a refund.
It has not been explained how the devices came to be infected in the first place, but my bet is that it happened inadvertently during manufacturing when they came in contact with an infected computer involved in the production process.
Continued : http://www.net-security.org/malware_news.php?id=2368
Also:
Conficker Worm Now Shipping With German Film Scanner
This photo slide scanner costs €60... The bundled malware? That's free
See Vulnerabilities & Fixes: Facebook Camera for iOS Certificate Verification Security Issue
 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
Alert
NEWS - January 04, 2013
Adobe will release a round of patches on Tuesday for its Reader and Acrobat products, and also has issued a separate advisory that it is working on a update for a vulnerability in ColdFusion that the company said is currently being exploited.
"We are currently evaluating the reports and plan to issue a security advisory as soon as we have determined mitigation guidance for ColdFusion customers and a timeline for a fix," Adobe's Wendy Poland said in an advisory.
The vulnerabilities affect ColdFusion 10, 9.0.2, 9.0.1 and 9.0 for Windows, Mac and Unix.
A ColdFusion hotfix was included in Adobe's December patch release. ColdFusion 10 and earlier versions for Windows, Mac and Unix were patched for a sandbox permissions vulnerability in shared hosting environments.
Adobe spokesperson Wiebke Lips said none of the vulnerabilities being patched on Tuesday are being actively exploited in the wild.
Continued : https://threatpost.com/en_us/blogs/adobe-patch-reader-acrobat-warns-coldfusion-exploit-010413
Also: Microsoft and Adobe to patch critical holes next Tuesday
See: Prenotification Security Advisory for Adobe Reader / Acrobat
Discussion is locked
8 Posts
- Collapse
- Collapse -
- Collapse -
I've warned plenty of times via the pages of Naked Security about the dangers of sharing too much information about your private life on Facebook.
One person who clearly isn't a regular reader of our site is Jacob Cox-Brown of Astoria, Oregon, who was making his way around town at approximately 1am on New Year's Day when his car crashed into another vehicle causing significant damage to its taillight, bumper and further damage to another car parked in front.
18-year-old Cox-Brown was clearly in a rush to get home, as he didn't stop his car - but went home to post the following message on Facebook instead: [Screenshot]
Drivin drunk... classsic ; ) but to whoever's vehicle i hit i am sorry. 
1am on New Year's Day, and Jacob Cox-Brown may already have made the dumbest Facebook post of the year. That must surely be some kind of record?
Continued : http://nakedsecurity.sophos.com/2013/01/04/drink-drive-facebook/
- Collapse -
Security company Imperva released a grim study last month suggesting that costly security suites may not be worth the price tag and that all anti-virus programs suffer from huge blind spots. Doom-and-gloom research like this always requires a hefty grain of salt, but after speaking with numerous industry experts an entire shaker might be necessary.
Imperva looked at a variety of security solutions (pdf) from such vendors as Kaspersky, Avast, AVG, Microsoft, and McAfee, to name a few. They pitted these sentinels against 82 randomly collected malware samples, examining how successful the security software was in detecting the rogue software.
From their work, Imperva asserts that anti-malware software is not fast or responsive enough to combat modern threats. Security software, writes Imperva, is "much better at detecting malware that spreads rapidly in massive quantities of identical samples, while variants that are of limited distribution (such as government sponsored attacks) usually leave a large window of opportunity."
Continued : http://securitywatch.pcmag.com/none/306552-experts-slam-imperva-antivirus-study
- Collapse -
David Harley @ the ESET Threat Blog:
Introduction
I kind of hoped that the fuss about Imperva's somewhat discredited quasi-test, first publicized in Novermber, claiming that anti-virus detects less than 5% of new malware, would have died away by now. After all, there was enough criticism at the time to cause Imperva itself to modify its position both in the version of its report that it eventually made public (the version originally released to journalists seems to have been substantially different) and in a subsequent blog, However, it seems that some sectors of the media, notably the New York Times and The Register, haven't quite kept up with the plot. A second wave of reports ignores the methodological holes in Imperva's report and recycles its dubious statistics uncritically. Why dubious? Because, despite the protests of the AV community and of VirusTotal itself, the study by Imperva and the Israeli Institute of Technology was founded on the myth that VirusTotal reports provide a reliable way of ascertaining whether an AV product does or doesn't detect a given sample of malicious software.
Executive Summary
Imperva's study frustrated not only the AV research community, but anyone who cares about accurate testing and evaluation of security products and strategies. VirusTotal is a great service, but it's intended to give some idea of whether a given file is likely to be malicious. ...
Continued : http://blog.eset.com/2013/01/03/imperva-virustotal-and-whether-av-is-useful
- Collapse -
According to reports, the Japanese Agriculture, Forestry, and Fisheries Ministry has been the victim of a cyber-attack in which over 3,000 classified documents were stolen.
The attack on the Japanese Ministry apparently involved a remotely operated trojan along with a connection bouncer called "HTran." Dell's SecureWorks has looked at HTran before, and believe it was originally created by a Chinese hacker to conceal the location of command and control servers and "redirect TCP traffic destined for one host to an alternate host."
While the Ministry involved might sound exceptionally benign, the documents reportedly relate to the Trans-Pacific Partnership multilateral trade pact negotiations. According to the Japan Daily Press, draft statements from former Japanese Prime Minister Yoshihiko Noda and President Barack Obama were among those taken, along with Japanese analysis of the pact and a plan for participating in negotiations. The documents are believed to be between six months and a year old.
Continued : http://securitywatch.pcmag.com/none/306565-cyber-attackers-steal-3-000-documents-from-japanese-ministry
Also:
Japan ministry information reportedly stolen in cyberattack
Over 3,000 Confidential Documents Stolen by Hackers from Japan's Agriculture Ministry
- Collapse -
The leader of the in-theater camcording gang known as the IMAGiNE Group was handed a 60-month prison term Thursday in what is the nation's longest sentence in a file-sharing case.
The sentence handed to Jeramiah Perkins, 40, of Portsmouth, Virginia, surpassed one of largest file-sharing terms handed to IMAGiNE co-defendant Gregory A. Cherwonik, 53, of New York, who received 40 months in November for his role in the operation.
In all, five IMAGiNE members have pleaded guilty to conspiracy to commit copyright infringement for operating what prosecutors described as the world's most prolific piracy release group between 2009 and 2011.
The Motion Picture Association of America said IMAGiNE was more successful than any other illegal internet release group because of its "short latency periods between the theatrical release and their pirated release, their consistently good quality of audio captures, their high volume of releases, and their connection to international suppliers."
Continued : http://www.wired.com/threatlevel/2013/01/record-filing-sharing-term/
Also: IMAGiNE BitTorrent Group Leader Sentenced To Five Years in Prison
- Collapse -
Samsung has started to push software updates to some users of its Galaxy branded phones this week, fixing a flaw that was found affecting devices containing Exynos processors shortly before Christmas.
The update addresses a root exploit developed by XDA Developers forum member Alephzain two and a half weeks ago that allows malicious application installation and kernel code injection. The exploit also can also grant applications the ability to read the device's RAM and physical memory among other things.
According to SamMobile, a Samsung community fan site, Samsung customers in the UK reportedly began receiving the 19300XXELLA update over-the-air and via Kies, the company's PC-to-phone software, on Wednesday. The bug had previously affected Samsung devices powered by the Exynos 4210 and 4412 processors.
Phandroid notes the fix also updates the phone's bootloader, suggesting it may remedy a recent "sudden death" problem that's plagued phones like the Galaxy S III, causing them to shut off for no apparent reason.
Continued : https://threatpost.com/en_us/blogs/samsung-pushes-exynos-flaw-fix-galaxy-phones-010413
- Collapse -
SANS ISC:
Over the holidays, a friend of mine was busy trying to repossess her online accounts that had been hacked and taken over. While her experience wasn't quite as bad as Mat Honan's, it still was a mess to untangle. Initially, we had suspected spyware, and spent some time looking through her PC for the presence of a keylogger. None was found. Once the first few accounts were returned to her, including an email account, we were able to (partially) reconstruct what had happened. Like in Mat Honan's case, it wasn't the password, but rather the "I forgot my password" functionality that had been breached. Duh-oh.
We took this as incentive to analyze the password reset options of some of her accounts, and what we found was not pretty. It seems that "I forgot my password" comes in (at least) three variants:
(1) New password is sent to the email address on file
(2) New password can be set after answering a couple of "Secret Questions"
(3) New password is set after "authenticating" out-of-band (via phone or fax)
Let's start with (2). Not only since the Sarah Palin attack do we know that password reset functions can be dangerous. Having a 10-character complex password with >60 bits of entropy is of little use if same password can be reset by answering what the color of your first car was - about 3 bits of entropy, or roughly equivalent to having a one digit password between 0 and 9! Still, call centers are expensive, and the economic incentive is strong for companies to provide a password reset function that is trivially EASY. And since the corresponding fallout is on the user and rarely on them, they don't care much.
Continued : https://isc.sans.edu/diary.html?storyid=14815
CNET Forums
Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Roadshow Autos
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic