Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - January 29, 2015

Jan 29, 2015 3:42AM PST
The Internet of Dangerous Things

Distributed denial-of-service (DDoS) attacks designed to silence end users and sideline Web sites grew with alarming frequency and size last year, according to new data released this week. Those findings dovetail quite closely with the attack patterns seen against this Web site over the past year.

Arbor Networks, a major provider of services to help block DDoS assaults, surveyed nearly 300 companies and found that 38% of respondents saw more than 21 DDoS attacks per month. That's up from a quarter of all respondents reporting 21 or more DDoS attacks the year prior.

KrebsOnSecurity is squarely within that 38 percent camp: In the month of December 2014 alone, Prolexic (the Akamai-owned company that protects my site from DDoS attacks) logged 26 distinct attacks on my site. That's almost one attack per day, but since many of the attacks spanned multiple days, the site was virtually under constant assault all month. [Screenshot]

Continued : http://krebsonsecurity.com/2015/01/the-internet-of-dangerous-things/

Related:
DDoS-For-Hire Services Market Leads to Boom in DDoS Attacks: Akamai
World's largest DDoS attack reached 400Gbps, says Arbor Networks

Discussion is locked

- Collapse -
YouTube flushes Flash for future flicks
Jan 29, 2015 3:49AM PST

YouTube has decided it's had enough of Adobe's perenially-p0wned Flash and will therefore now default to delivering video with the HTML5 <video> tag.

A post by the video vault's engineering and development team says the move is now possible, and sensible, because the industry has invented useful things like adaptive bitrates, encryption, new codecs and WebRTC that make the <video> usable work in the real world.

Those additions mean HTML5 is at least as functional - or more so - than Flash, and if YouTube detects you are running Chrome, IE 11, Safari 8 and beta versions of Firefox, it'll now deliver video using <video> and flush Flash.

Continued : http://www.theregister.co.uk/2015/01/28/youtube_flushes_flash_for_future_flicks/

Related : Flash is DEAD! YouTube goes all-in with HTML5

- Collapse -
ZeroAccess Botnet Returns, Resumes Click-Fraud Activity
Jan 29, 2015 4:16AM PST

Long thought dead, the peer-to-peer (P2P) ZeroAccess botnet has resurfaced, and as of just a few weeks ago, has returned to propagating click-fraud scams.

Researchers with Dell's SecureWorks revealed Wednesday that they witnessed the botnet restart itself from March 21 to July 2, 2014 and that halfway through this month - six months after it was last seen - the botnet has apparently gone back to its old ways and is again doling out click-fraud templates.

Click-fraud, one of the easier techniques cybercriminals use to monetize malware, is essentially the embezzling of ad revenue from clicks that don't come from legitimate customers.

Continued : http://threatpost.com/zeroaccess-botnet-returns-resumes-click-fraud-activity/110736

- Collapse -
iTunes Connect bug logs developers in to other developers'..
Jan 29, 2015 4:23AM PST
... accounts at random

"The service is down while Apple straightens it out."

This morning, a number of developers signed in to Apple's iTunes Connect service only to be greeted by a list of apps that didn't belong to them. TechCrunch has a good roundup of tweets from affected developers—it seems that whenever developers signed in with their credentials, they were being granted access to other developers' accounts at random.

As of about noon Eastern today, Apple took the service down to resolve the problem. It also looks like developers won't be able to submit new apps or invite new testers to TestFlight while iTunes Connect is down. Affected developers can check Apple's System Status page for developers for updates while they wait for the problems to be resolved (no other developer services appear to be affected by the outage).

Continued : http://arstechnica.com/apple/2015/01/itunes-connect-bug-logs-developers-into-other-developers-accounts-at-random/
- Collapse -
Of Ghost glibc Vulnerability Patching and Exploits
Jan 29, 2015 5:18AM PST

There are some silver linings in the wake of yesterday's disclosure of the Ghost vulnerability in the Gnu C library, glibc, which affects all Linux systems and seemed to harken yet another Internet-wide vulnerability.

First, the 15-year-old bug isn't the showstopper that the Shellshock vulnerability in Bash (Bourne Again Shell) or Heartbleed were. But that doesn't mean it won't require immediate patching. Perhaps most importantly, it seems to be fairly challenging to exploit, experts say. For now, only one major software package dependent on glibc, the Exim mail transfer agent, is in the direct line of fire. Researchers at Qualys who found the Ghost vulnerability have a proof-of-concept developed specifically for the MTA, while other experts caution that it could be a matter of time before other bugs swim to the surface.

Continued : http://threatpost.com/of-ghost-glibc-vulnerability-patching-and-exploits/110719

Related:
FAQ: The GHOST vulnerability
The GHOST vulnerability - what you need to know

- Collapse -
Hijacking drones with malware
Jan 29, 2015 5:18AM PST

A recent incident at the White House showed that small aerial vehicles (drones) present a specific security problem.

While in this particular case the actual danger turned out to be non-existent, the fact that these devices can be hijacked and misused for malicious purposes is something that the manufacturers will have to think about very soon.

"There are over 70 nations building remotely controllable drones. Most of these drones are capable of making autonomous decisions," says Rahul Sasi, a security engineer at Citrix R&D, who's scheduled to talk about drone security and demonstrate possible methods for drone hijacking, including an attack with MalDrone (a.k.a. Malware Drone), at the Nullcon conference in February.

Continued: http://www.net-security.org/malware_news.php?id=2949