Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

Alert

NEWS - July 11, 2012

by Carol~ Moderator / July 11, 2012 12:07 AM PDT
Java-based Web Attack Installs Backdoors on Windows, Linux, Mac Computers

A new Web-based social engineering attack that relies on malicious Java applets attempts to install backdoors on Windows, Linux and Mac computers, according to security researchers from antivirus vendors F-Secure and Kaspersky Lab.

The attack was detected on a compromised website in Colombia, F-Secure senior analyst Karmina Aquino, said in a blog post on Monday. When users visit the site, they are prompted to run a Java applet that hasn't been signed by a trusted certificate authority.

If allowed to run, the applet checks which operating system is running on the user's computer -- Windows, Mac OS X or Linux -- and drops a malicious binary file for the corresponding platform.

Continued : http://www.pcworld.com/businesscenter/article/259030/javabased_web_attack_installs_backdoors_on_windows_linux_mac_computers.html

Related to: Multi-platform Backdoor Lurks in Colombian Transport Site

Also: Malware sniffs for Windows, Mac OS X or Linux
Discussion is locked
You are posting a reply to: NEWS - July 11, 2012
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - July 11, 2012
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
More malware found in Google's official Android market
by Carol~ Moderator / July 11, 2012 12:43 AM PDT
In reply to: NEWS - July 11, 2012
More malware found hosted in Google's official Android market

[Screenshot]

Security researchers have found more malware hosted in Google's official Android market, a discovery that once again demonstrates the limitations of a recently deployed scanning service designed to flag malicious apps before they can be downloaded by end users.

Android.Dropdialer, a trojan that racks up costly charges from forced calls made to premium phone numbers, was found in two separate titles that weren't caught for weeks, according to a blog post published Tuesday by Irfan Asrar, a researcher with antivirus provider Symantec. "Super Mario Bros." and "GTA 3 Moscow City," as the malicious apps were packaged, generated as many as 100,000 downloads, although Asrar didn't say if that figure was for each separate title or in aggregate.

"What is most interesting about this Trojan is the fact that the threat managed to stay on Google Play for such a long time, clocking up some serious download figures before being discovered," Asrar wrote. "Our suspicion is that this was probably due to the remote payload employed by this Trojan."

Continued : http://arstechnica.com/security/2012/07/more-malware-found-hosted-in-google-android-market/

Also:
New Android Malware Discovered in Google Play
More Malware Using a Remote Payload Discovered on Google Play
Trojan found being offered on Google Play for weeks
Trojan Hides on Google Play as "Super Mario" and "GTA 3 Moscow City"

@ Symantec's Security Response Blog:
Android.Dropdialer Identified on Google Play
Android Apps Get Hit with the Evil Twin Routine Part 2: Play It Again Spam
Collapse -
Cyberoam generates fix for 'nullified' vulnerability
by Carol~ Moderator / July 11, 2012 12:44 AM PDT
In reply to: NEWS - July 11, 2012

Security vendor Cyberoam has issued a hotfix for a interception vulnerability it downplayed this week.

The fix replaces generic certificates within Cyberoam Unified Threat Management (UTM) devices with unique ones.This squashes the possibility that the Deep Packet Inspection (DPI) modules could intercept traffic from users assigned to different Cyberoam UTM boxes.

Tor security researcher Runa Sandvik and OpenDNS' Ben Laurie discovered the that units used shared certificates which users must accept to have their encrypted traffic scanned, ostensibly for security threats.

Users accepting the certificates could be scanned by any Cyberoam DPI unit, researchers said.

Cyberoam refuted the allegations along with suggestions by the researchers that private keys could be extracted from the devices.

Continued : http://www.scmagazine.com.au/News/308300,cyberoam-generates-fix-for-nullified-vulnerability.aspx

Also:
Cyberoam appliances private key exposed
Cyberoam Fixes SSL Snooping Hole in Network Security Appliances
Cyberoam fixes security hole caused by use of default certificates

See Vulnerabilities & Fixes: Cyberoam UTM Self-Signed Certificate Vulnerability

Collapse -
Microsoft Issues Kill Fix For Windows Gadgets
by Carol~ Moderator / July 11, 2012 9:26 AM PDT
In reply to: NEWS - July 11, 2012

A scheduled talk at the Black Hat Briefings security conference in Las Vegas later this month may have dealt a fatal blow to the once ballyhooed Windows Sidebar and Windows Gadgets. Redmond, Washington-based Microsoft, on Tuesday, issued a software "fix" that disables gadgets and the Windows sidebar on Vista and Windows 7 entirely.

The "Fix it" update marks an inglorious end for Windows Sidebar and the plug-able Gadgets which, just six years ago, were seen as a way to make Microsoft's stodgy OS hipper and happier, like Mac's popular OS X. But in a security advisory issued Tuesday, Microsoft warned that the Gadgets posed a security risk to Windows Vista and Windows 7 systems and provided a tool to disable them altogether.

"Disabling the Windows Sidebar and Gadgets can help protect customers from vulnerabilities that involve the execution of arbitrary code by the Windows Sidebar when running insecure Gadgets," the company wrote in its Advisory. "Customers who are concerned about vulnerable or malicious Gadgets should apply the automated Fix It solution as soon as possible."

Gadgets were already on the road to obsolescence. Microsoft announced in October that it was shutting down Windows Live Gallery, the company's Gadget application store. Though supported in early versions of the upcoming Windows 8 operating system, the Sidebar and Gadgets and were dropped from later Windows 8 builds and won't be supported in the new Windows Metro user interface. Microsoft's Gadgets download Web site now warns users that gadgets "installed form untrusted sources can harm your computer" and links to the most recent advisory.

Continued : http://threatpost.com/en_us/blogs/microsoft-issues-kill-fix-windows-gadgets-071112

Related : Microsoft advises disabling Windows Gadgets amid vulnerability fears

Collapse -
Google Patches Three High-Priority Flaws in Chrome 20
by Carol~ Moderator / July 11, 2012 9:26 AM PDT
In reply to: NEWS - July 11, 2012

Google has released an updated version of Chrome 20, fixing three high-risk security vulnerabilities. The update comes just two weeks after Google released Chrome 20, which included patches for 20 bugs.

Google's release schedule for Chrome is the most frequent of any of the major browser vendors, and the company already is preparing to relase its next major version, Chrome 21. Google unveiled a beta version of Chrome 21 on Tuesday and the major addition in that release will be the fully sandboxed version of Adobe Flash.

In this interim release, Google has patched three security flaws, all of which are rated as high risks. Chrome users should upgrade their browsers as soon as possible.

The security bugs the company fixed in Chrome 20 are:

Continued: http://threatpost.com/en_us/blogs/google-patches-three-high-priority-flaws-chrome-20-071112

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!