Spyware, Viruses, & Security forum


NEWS - January 06, 2014

by Carol~ Moderator / January 6, 2014 1:43 AM PST
Malware attacks thousands of Yahoo.com visitors through Java exploit (Update)

"Washington Post reports US users are likely safe; malware targeted European PC users."

On Friday, Netherlands-based security firm Fox IT reported that Yahoo.com's advertising network (ads.yahoo.com) was hacked and serving up malware to thousands of visitors during the last week. Fox IT believes Yahoo users were compromised as early as December 30, and the company estimates as of Friday that malicious materials were being delivered to roughly 300,000 visitors per hour—with nine percent (27,000) thought to be infected.

While infected, Yahoo's ad servers were reportedly sending visitors an "exploit kit." According to Fox IT, this would zero-in on vulnerabilities in Java to install various malware components on host computers. Fox IT has not yet identified a specific culprit, but the firm is confident the attack is financially motivated (with control of victim's machines possibly being sold to others).

The Washington Post spoke to two security researchers who confirmed the situation. Researcher and WaPo contributor Ashkan Soltani said it's possible the attack came from a direct hack, but the attackers may have also disguised the malware as regular ads that evaded Yahoo's filtering system. Either way, The Post noted the situation is just the most recent case of Java exploits in a year that was filled with them.

Continued: http://arstechnica.com/security/2014/01/malware-attacks-thousands-of-yahoo-com-visitors-through-java-exploit/

Yahoo Removes Malicious Ads Redirecting to Magnitude Exploit Kit
Malware from Yahoo ads did not affect US and Mac and mobile users
Malware delivered to thousands via ads on Yahoo.com
Bad Yahoo Ads Infect Visitors' Computers With Malware
Discussion is locked
You are posting a reply to: NEWS - January 06, 2014
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - January 06, 2014
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Snapchat makes no apology for breach, announces app update
by Carol~ Moderator / January 6, 2014 3:31 AM PST

One good thing to come from the leak of usernames and phone numbers of some 4.6 million Snapchat users is that the company is now forced to patch the exploited vulnerabilities.

As a reminder, the group behind the breach and the leak have (mis)used the Snapchat API to look up a seemingly unlimited number of phone numbers and usernames, and have been able to do so because of Snapchat's Find Friends function and the practically non-existent rate-limiting.

"We were able to query for the information as fast as our connection allowed us to," the group explained to NYT reporters, and that was after Snapchat claimed to have "implemented various safeguards to make [bulk phone number recovery and matching with usernames] more difficult to do" and that the attack described by Gibson Security was "theoretical."

Continued: http://www.net-security.org/secworld.php?id=16157

Related :
No apology, but Snapchat responds to leak of 4.6 million users' phone numbers
Greyhats expose 4.5 million Snapchat phone numbers using "theoretical" hack (updated)

Collapse -
OpenSSL Hackers Used Weak Password at Web Host to Deface
by Carol~ Moderator / January 6, 2014 3:31 AM PST
.. Site

The OpenSSL Project blames a weak password used at its hosting provider for its recent site defacement.

The organization that hosts the ubiquitous open source encryption implementation updated a notice on its website yesterday informing users that attackers used the weak credential to gain control of a hypervisor management console. The update says the OpenSSL server is a virtual server sharing a hypervisor with other customers at its service provider.

The attackers were able to get in on Dec. 29 and manipulate the organization's virtual server, the notice said.

Continued : http://threatpost.com/openssl-hackers-used-weak-password-at-web-host-to-deface-site/103418

OpenSSL site hack wasn't the result of vulnerability exploitation
OpenSSL site defacement involving hypervisor hack rattles nerves (updated)
How did OpenSSL's home page get defaced?
Collapse -
Deconstructing the $9.84 Credit Card Hustle
by Carol~ Moderator / January 6, 2014 3:32 AM PST

Over the holidays, I heard from a number of readers who were seeing strange, unauthorized charges showing up on their credit and debit cards for $9.84. Many wondered whether this was the result of the Target breach; I suppose I asked for this, having repeatedly advised readers to keep a close eye on their bank statements for bogus transactions. It's still not clear how consumers' card numbers are being stolen here, but the fraud appears to stem from an elaborate network of affiliate schemes that stretch from Cyprus to India and the United Kingdom.

One reader said the $9.84 charge on her card came with a notation stating the site responsible was eetsac.com. I soon discovered that there are dozens of sites complaining about similar charges from similarly-constructed domains; for example, this 30-page thread at Amazon's customer help forums includes gripes from hundreds of people taken by this scam.

I did a bit of digging into that eetsac.com domain, ordering a historic WHOIS report from domaintools.com. The report shows that the domain eetsac.com was originally registered using the email address walter.kosevo@ymail.com. Domaintools also reports that this email address was used to register more than 230 other sites; a full list is available here (CSV).

Continued: http://krebsonsecurity.com/2014/01/deconstructing-the-9-84-credit-card-hustle/

Collapse -
Bruce Schneier: I've Joined Co3 Systems
by Carol~ Moderator / January 6, 2014 3:32 AM PST

For decades, I've said that good security is a combination of protection, detection, and response. In 1999, when I formed Counterpane Internet Security, I focused the company on what was then the nascent area of detection. Since then, there have been many products and services that focus on detection, and it's a huge part of the information security industry. Now, it's time for response. While there are many companies that offer services to aid in incident response -- mitigation, forensics, recovery, compliance -- there are no comprehensive products in this area.

Well, almost none. Co3 Systems provides a coordination system for incident response. I think of it as a social networking site for incident response, though the company doesn't use this term. The idea is that the system generates your incident response plan on installation, and when something happens, automatically executes it. It collects information about the incident, assigns and tracks tasks, and logs everything you do. It links you with information you might need, companies you might want to talk to, and regulations you might be required to comply with. And it logs everything, so you can demonstrate that you followed your response plan and thus the law -- or see how and where you fell short.

Continued : https://www.schneier.com/blog/archives/2014/01/ive_joined_co3.html

Bruce Schneier Departs BT For Startup Co3 Systems
Bruce Schneier becomes CTO of Co3 Systems
Bruce Schneier Joins Startup Co3 Systems

Collapse -
Cybercrooks developing dangerous file-encrypting ransomware,
by Carol~ Moderator / January 6, 2014 5:25 AM PST
.. researchers warn

"The new threat might be even more difficult to remove than CryptoLocker, which plagued users in recent months"

A team of malware developers is preparing to sell a new ransomware program that encrypts files on infected computers and asks victims for money to recover them, according to a volunteer group of security researchers who tracked the development of the threat on underground forums in recent weeks.

The new malware is called PowerLocker and its development was most likely inspired by the success of the CryptoLocker ransomware Trojan program that infected more than 250,000 computers since September.

Like CryptoLocker, PowerLocker allegedly uses strong encryption that cannot be cracked to recover the files without paying, but it's also more sophisticated and potentially more dangerous because its developers reportedly intend to sell it to other cybercriminals.

Continued : http://news.techworld.com/security/3495759/cybercrooks-developing-dangerous-new-file-encrypting-ransomware-researchers-warn/
Collapse -
Woman Falls from 220 feet Roller Coaster video scam spreads
by Carol~ Moderator / January 6, 2014 5:25 AM PST
.. on Facebook

It's clearly not 220 feet up, and it's definitely not a roller coaster!

But that's not stopping Facebook users being tricked into clicking on what appears, at first, to be a YouTube video link shared by their (already duped) Facebook friends.

MOST TERRIFYING ACCIDENT EVER!! Woman Falls from 220feet Roller Coaster

Click on the Picture to see the Most Terrifying accident ever!

The image mimics the normal thumbnail for a YouTube video, but you're not going anywhere near YouTube if you click on the link.

Instead you are taking to a webpage that is trying very hard to present itself as though it is still on Facebook, but is - in reality - hosted on a third-party site. [Screenshot]

Continued : http://grahamcluley.com/2014/01/woman-falls-roller-coaster-video-facebook-scam/
Popular Forums
Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?