Spyware, Viruses, & Security forum

General discussion

NEWS - July 14, 2010

by Carol~ Moderator / July 13, 2010 8:19 PM PDT
New HHS Rules Would Expand Patients' Rights To Control Data

"Proposed rules seen as a crucial step toward adoption of electronic health information exchange "

The Department of Health and Human Services has announced new rules that expand patients' rights to make decisions regarding their health records, including giving patients the ability to restrict the use of information for marketing purposes, and granting them greater control over the sale of their health information.

The proposed rules are seen as a crucial step as the Obama administration promotes the adoption of electronic health information exchange, and has set the goal of providing every citizen with an electronic medical record (EMR) by 2014.

Announced on Thursday, the policies would strengthen and expand enforcement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy, security, and enforcement rules in several ways.

Continued here: http://www.darkreading.com/security/government/showArticle.jhtml?articleID=225800030
Discussion is locked
You are posting a reply to: NEWS - July 14, 2010
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - July 14, 2010
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Firefox engine outraces self after J
by Carol~ Moderator / July 13, 2010 10:16 PM PDT
In reply to: NEWS - July 14, 2010

"SpiderMonkey amps up"

Mozilla has announced that J

Collapse -
Winamp 5.58 eliminates critical FLV vulnerabilities
by Carol~ Moderator / July 14, 2010 1:14 AM PDT
In reply to: NEWS - July 14, 2010
Nullsoft has released version 5.58 of Winamp, the popular media player, closing critical vulnerabilities that could be exploited by an attacker to compromise a user's system. According to French security services provider VUPEN, the problem is related to integer and buffer overflow issues within the VP6 decoder "vp6.w5s" used by Winamp when opening a specially crafted Flash Video (FLV) file. For an attack to be successful, a victim must first open a manipulated media file.

All versions up to and including 5.572 are reportedly affected. While version 5.58 of Winamp closed the vulnerability, version 5.581 has already been released to address bugs found in the previous version. All users are advised to upgrade to the latest release as soon as possible.

Continued here: http://www.h-online.com/security/news/item/Winamp-5-58-eliminates-critical-FLV-vulnerabilities-1037900.html

See Vulnerabilities & Fixes: Winamp VP6 Content Parsing Buffer Overflow Vulnerability
Collapse -
China's Green Dam may be ready to collapse
by Donna Buenaventura / July 14, 2010 1:46 AM PDT
In reply to: NEWS - July 14, 2010

China's Green Dam software-filtering project has been staying afloat without government funds for the past year, but the project may now be in danger of collapse, according to a story in Tuesday's Beijing Times as covered by BBC News.

The project was launched last year in response to demands from the Chinese government to block pornography and other Internet content considered objectionable. Beijing initially wanted the software to be installed on all computers sold in China, but it provided project funding only for the first year, from 2008 to 2009.

The lack of funding since then has forced the main project development team from Beijing Dazheng Human Language Technology Academy to close its doors. The installation and after-care team from Zhengzhou Jinhui Computer System Engineering is also looking at shutting down, the Beijing Times said, citing Chen Xiaomeng, general manager of the Human Language Technology Academy.

But there seems to be some confusion over Chen's actual response. A story from InformationWeek quotes Chen as saying: "We lack financial support. We already struggled to hold on for a year, but we can't do so any longer." However, China Daily says he has rebutted the Beijing Times story, claiming that reports of his company's closure are untrue and that it has simply stopped using its former office.

Whether Green Dam has a future or not, the project found its way into controversy even before it got off the ground.

CNET

Collapse -
Mozilla: Add-ons security vulnerability announcement
by Donna Buenaventura / July 14, 2010 3:03 AM PDT

One malicious add-on and another add-on with a serious security vulnerability were discovered recently on the Mozilla Add-ons site. Both issues have been dealt with, and the details are described below.

? Mozilla Sniffer

Issue

An add-on called ?Mozilla Sniffer? was uploaded on June 6th to addons.mozilla.org. It was discovered that this add-on contains code that intercepts login data submitted to any website, and sends this data to a remote location. Upon discovery on July 12th, the add-on was disabled and added to the blocklist, which will prompt the add-on to be uninstalled for all current users.

Impact to users
If a user installs this add-on and submits a login form with a password field, all form data will be submitted to a remote location. Uninstalling the add-on stops this behavior. Anybody who has installed this add-on should change their passwords as soon as possible.

Status
Mozilla Sniffer has been downloaded approximately 1,800 times since its submission and currently reports 334 active daily users. All current users should receive an uninstall notification within a day or so. The site this add-on sends data to seems to be down at the moment, so it is unknown if data is still being collected.

Mozilla Sniffer was not developed by Mozilla, and it was not reviewed by Mozilla. The add-on was in an experimental state, and all users that installed it should have seen a warning indicating it is unreviewed. Unreviewed add-ons are scanned for known viruses, trojans, and other malware, but some types of malicious behavior can only be detected in a code review.

? CoolPreviews

Issue

A security escalation vulnerability was discovered in version 3.0.1 of the CoolPreviews add-on. The vulnerability can be triggered using a specially crafted hyperlink. If the user hovers the cursor over this link, the preview function executes remote JavaScript code with local chrome privileges, giving the attacking script control over the host computer. Version 3.0.1 and all older versions have been disabled on addons.mozilla.org, and a fixed version was uploaded and reviewed within a day of the developer being notified.

Impact to users
Proof of concept code for this vulnerability was posted on this blog, but no known malicious exploits have been reported so far. If a user has a vulnerable version installed and clicks on a malicious link that targets the add-on, the code in the malicious link will run with local privileges, potentially gaining access to the file system and allowing code download and execution.

All users of CoolPreviews should update to the latest version as soon as possible in order to avoid exposure.

Status
Currently, 177,000 users have a vulnerable version installed. This is less than 25% of the current install base and it will continue to decrease as more users are prompted to update to a new version. Vulnerable versions will also be blocklisted very soon.

Mozilla Blog

Also see: Firefox User? Be Aware Of Two More Malicious Add-Ons

Collapse -
Google 'malware' sponsored advert delivers fake anti-virus
by Carol~ Moderator / July 14, 2010 5:50 AM PDT
In reply to: NEWS - July 14, 2010

From Graham Cluley at Sophos Labs :

"Be careful what you ask for - you might get it."

That's the thought running through my head today after I searched for the word "malware" on Google.

As you'll see in the following short YouTube video I made, a sponsored link right at the top of the Google search results points to a fake anti-virus website posing as a legitimate security company: [ The Video ]

If you download the fake anti-virus program promoted on the website you risk infection by malware identified by Sophos as Troj/FakeAV-AOV.

We've informed Google about this latest example of malvertising, and hopefully it will be zapped from their database of sponsored links shortly.

Continued here: http://www.sophos.com/blogs/gc/g/2010/07/14/google-malware-sponsored-advert-delivers-fake-antivirus/

Collapse -
The Case for Cybersecurity Insurance, Part II
by Carol~ Moderator / July 14, 2010 6:00 AM PDT
In reply to: NEWS - July 14, 2010

When cyber crooks stole nearly $35,000 this year from Brookeland Fresh Water Supply District in East Texas, the theft nearly drained the utility?s financial reserves. Fortunately for the 1,300 homes and businesses it serves, Brookeland had purchased cyber security insurance, and now appears on track to recoup all of the unrecovered funds in exchange for a $500 deductible.

As this attack and a related case study I wrote about last month show, cyber theft insurance can be a reasonable and effective investment in an era when ultra-sophisticated cyber thieves increasingly are defeating the security that surrounds many commercial online banking accounts.

The attack on Brookeland?s Internet banking account began on Friday, April 9, about the time that General Manager Trey Daywood had authorized the utility?s payroll transfer ? just a half hour before the 2 p.m. the bank?s cutoff time. A few minutes later, unidentified hackers went in and deleted Daywood?s payroll batch and set up their own payroll, sending sub-$10,000 payments to seven individuals across the United States who were recruited to help launder the money through work-at-home job scams.

Continued here: http://krebsonsecurity.com/2010/07/the-case-for-cybersecurity-insurance-part-ii/

Part 1: The Case for Cybersecurity Insurance, Part I

Collapse -
ZeuS Trojan attempts to exploit MasterCard, Visa security..
by Carol~ Moderator / July 14, 2010 8:17 AM PDT
In reply to: NEWS - July 14, 2010
ZeuS Trojan attempts to exploit MasterCard, Visa security programs

"Zeus tries to fool victims with fake Verified by Visa and MasterCard SecureCode"

The notorious ZeuS banking Trojan is showing off a new trick: Popping up on infected computers with a fake enrollment screen for the "Verified By Visa" or "MasterCard SecureCode Security" programs.

The real and legitimate Visa and MasterCard card-fraud prevention programs have cardholders use a password when making card-based purchases online as an additional means of security.

The Zeus Trojan, with its ever-growing capability to steal financial information and execute unauthorized funds transfers, has recently been seen attacking banking customers on infected machines by displaying a fake "Verified by Visa" enrollment screen, or its MasterCard counterpart SecureCode, trying to lure victims into a fraudulent online enrollment action that would end up giving criminals their sensitive financial data.

Continued here: http://www.networkworld.com/news/2010/071310-zues-mastercard.html

More About Zeus: Zeus baddies unleash nasty new bank Trojan
Collapse -
USA extends lead as top spamming nation as European output..
by Carol~ Moderator / July 14, 2010 8:17 AM PDT
In reply to: NEWS - July 14, 2010

"USA extends lead as top spamming nation as European output rises, Sophos reports "

"The UK jumps from ninth to fourth place in the 'Dirty Dozen' of spam-relaying countries"

IT security and control firm Sophos has published its latest report into the top twelve spam relaying countries, covering the second quarter of 2010. The USA continues to be the number one spam polluter, piping out 15.2% of all global spam messages - an increase from 13.1% in the first quarter of 2010.

The UK - a nation that last year fell out of the spam hall of shame - also saw a significant rise in the proportion of spam it relayed. With a total output of 4.6% of the world's spam, this puts the UK in fourth place overall compared with ninth earlier this year.

The top twelve spam relaying countries for April - June 2010

1. USA 15.2%
2. India 7.7%
3. Brazil 5.5%
4. UK 4.6%
5. S Korea 4.2%
6. France 4.1%
7. Germany 4.0%
8. Italy 3.5%
9. Russia 2.8%
10. Vietnam 2.7%
11. Poland 2.5%
12. Romania 2.3%
Other 40.9%

Sophos warns that spam is becoming increasingly malicious - not just advertising unwanted goods, but spreading links to malicious websites and computer-infecting malware.

"It's sad to see spam relayed via compromised European computers on the rise - the UK, France, Italy and Poland have all crept up the rankings since the start of the year," said Graham Cluley, senior technology consultant at Sophos. "Financially-motivated criminals are controlling compromised zombie computers to not just launch spam campaigns, but also to steal identity and bank account information. It's an uphill struggle educating users about the dangers of clicking on links or attachments in spam mails, and that their computers may already be under the control of cybercriminals. Businesses and computer users must take a more proactive approach to spam filtering and IT security in order to avoid adding to this global problem."

Continued here: http://www.sophos.com/pressoffice/news/articles/2010/07/dirty-dozen.html

Collapse -
Hacker wrecks 175 websites, leaves Facebook fan link
by Carol~ Moderator / July 14, 2010 8:17 AM PDT
In reply to: NEWS - July 14, 2010

An audacious hacker has defaced 175 Australian websites in an attack that links viewers to his personal website, email and Facebook fan page.

The hacker, who is described as a 26 year old male from Tunisia, launched the attacks after a Brisbane hosting provider -- whichComputerworld Australia will not name -- left a permission level too low on an Apache server.

A manager at the provider said the exploit was present in an obscure program on the provider's servers, which the hacker used in the mass defacements that included the hosting provider's websites.

The hacker provided links to his Facebook, Myspace and Blogger accounts, along with a phone number based in Romania.

Some websites appeared to still experience problems, while others were functioning normally.

Continued : http://www.networkworld.com/news/2010/071410-hacker-wrecks-175-websites-leaves.html

Collapse -
Two Major Breaches Caused By Loss Of Physical Media
by Carol~ Moderator / July 14, 2010 8:28 AM PDT
In reply to: NEWS - July 14, 2010

"AMR loses data of some 79,000 employees; California agency and Care 1st misplace CD containing data on 29,000 patients"

Online attacks might be getting more sophisticated every day, but two incidents last week are reminding the industry that the loss of physical storage media is still among the most common causes of data breaches.

AMR, the parent company of American Airlines, is in the process of notifying some 79,000 current and former employees of the loss of a hard drive containing microfiche records dating from 1960 to 1995. Some of the records included bank information.

And on July 6, the California Department of Health Care Services (DHCS) reported to federal authorities that a missing compact disc (CD) delivered to the department may not have been encrypted by the sender, Care 1st Health Plan. The CD contains personal information, including names and addresses, for 29,808 Care 1st members.

Recent studies indicate that the theft of physical media remains one of the most common causes of data breaches. Both AMR and the California DHCS have discovered this the hard way.

The lost AMR drive contained images of microfilm files, which included names, addresses, dates of birth, Social Security numbers and a "limited amount" of bank account information, the company told the Associated Press. Some health insurance information may have also been included -- mostly enrollment forms, but also details about coverage, treatment, and other administrative information.

Continued here: http://www.darkreading.com/security/privacy/showArticle.jhtml?articleID=225800186

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?