Attention: The forums will be placed on read only mode this Saturday (Oct. 20, 2018)

During this outage (6:30 AM to 8 PM PDT) the forums will be placed on read only mode. We apologize for this inconvenience. Click here to read details

Spyware, Viruses, & Security forum

Alert

NEWS - March 10, 2015

by Carol~ Moderator / March 10, 2015 6:24 AM PDT
Cutting-edge hack gives super user status by exploiting DRAM weakness

""Rowhammer" attack goes where few exploits have gone before, into silicon itself."

In one of more impressive hacks in recent memory, researchers have devised an attack that exploits physical weaknesses in certain types of DDR memory chips to elevate the system rights of untrusted users of Intel-compatible PCs running Linux.

The technique, outlined in a blog post published Monday by Google's Project Zero security initiative, works by reversing individual bits of data stored in DDR3 chip modules known as DIMMs. Last year, scientists proved that such "bit flipping" could be accomplished by repeatedly accessing small regions of memory, a feat that—like a magician who transforms a horse into a rabbit—allowed them to change the value of contents stored in computer memory. The research unveiled Monday showed how to fold such bit flipping into an actual attack.

Continued : http://arstechnica.com/security/2015/03/cutting-edge-hack-gives-super-user-status-by-exploiting-dram-weakness/

Related:
"Rowhammer" Flaw in DRAM Allows Privilege Escalation: Researchers
Ouch! Google crocks capacitors and deviates DRAM to root Linux
Rowhammer Hardware Exploit Poses Threat to DRAM Memory in Many Laptops, PCs
Discussion is locked
You are posting a reply to: NEWS - March 10, 2015
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - March 10, 2015
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Stuxnet Flaw Finally Gets Patched After More Than 4 Years
by Carol~ Moderator / March 10, 2015 6:43 AM PDT
In reply to: NEWS - March 10, 2015

Microsoft today issued a patch for a critical vulnerability thought to have been fixed more than four years ago. The flaw had enabled the notorious Stuxnet attack back in 2010.

The Stuxnet worm was an exploit that was used against a nuclear facility in Iran back in 2010, in part by taking advantage of a vulnerability in Windows. The vulnerability that enabled Stuxnet was identified as CVE-2010-2568, which was thought to have been patched by Microsoft in October 2010. More than four years later, Hewlett-Packard's (HP) Zero Day Initiative (ZDI) has discovered that the CVE-2010-2568 fix was not, in fact, complete and the underlying vulnerability has remained exploitable the whole time.

Continued : http://www.eweek.com/security/stuxnet-flaw-finally-gets-patched-after-more-than-4-years.html

Related :
Microsoft Fixes Stuxnet Bug, Again
Patched Windows PC remained vulnerable to Stuxnet USB exploits since 2010

Collapse -
Apple issued update for FREAK flaw in OS X and iOS
by Carol~ Moderator / March 10, 2015 6:43 AM PDT
In reply to: NEWS - March 10, 2015

Apple has released security updates for OS X and iOS which, among other things, fix the FREAK flaw that may allow an attacker to decrypt secure communications between vulnerable clients and servers.

"Secure Transport [the Mac OS X and iPhone implementation of SSL and TLS] accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites. This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys," the company explained in the documents accompanying the updates.

In the case of OS X, the update solves several other serious flaws, most of which can allow arbitrary code execution. The patch for Secure Transport is available for OS X Mountain Lion (v10.8.5), OS X Mavericks (v10.9.5), and OS X Yosemite (v10.10.2).

Continued : http://www.net-security.org/secworld.php?id=18063

Also See:
Apple Fixes FREAK Bug, iCloud Flaw in iOS 8.2
iOS 8.2 stops attackers being able to restart your iPhone with a malicious Flash SMS

Collapse -
Spoofing the Boss Turns Thieves a Tidy Profit
by Carol~ Moderator / March 10, 2015 6:44 AM PDT
In reply to: NEWS - March 10, 2015

Judy came within a whisker of losing $315,000 in cash belonging to her employer, a mid-sized manufacturing company in northeast Ohio. Judy's boss had emailed her, asking her to wire the money to China to pay for some raw materials. The boss, who was traveling abroad at the time, had requested such transfers before — at even higher amounts to manufacturers in China and elsewhere — so the request didn't seem unusual or suspicious.

Until it did. After Judy sent the wire instructions on to the finance department, something about the email stuck in her head: The message was far more formal-sounding than the tone of voice her boss normally used to express himself via email.

By the time she went back to review the missive and found she'd been scammed by an imposter, it was too late — the employee in charge of initiating wires at her company had already sent it on to the bank. Luckily, Judy's employer's bank hadn't yet processed the wire, and they were able to claw back the funds.

Continued: http://krebsonsecurity.com/2015/03/spoofing-the-boss-turns-thieves-a-tidy-profit/

Collapse -
Cryptowall Makes a Comeback Via Malicious Help Files (CHM)
by Carol~ Moderator / March 10, 2015 6:44 AM PDT
In reply to: NEWS - March 10, 2015

Bitdefender's "HOT for Security" blog:

A new spam wave has hit hundreds of mailboxes with malicious .chm attachments to spread the infamous Cryptowall ransomware, malware researchers from Bitdefender Labs found.

Interestingly, hackers have resorted to a less "fashionable," yet highly effective trick to automatically execute malware on a victim's machine and encrypt its contents - malicious .chm attachments.

Chm is an extension for the Compiled HTML file format, a type of file used to deliver user manuals along with software applications. HTML files are compressed and delivered as a binary file with the .chm extension. This format is made of compressed HTML documents, images and JavaScript files, along with a hyperlinked table of contents, an index and full text searching. [Screenshot]

Continued : http://www.hotforsecurity.com/blog/cryptowall-makes-a-comeback-via-malicious-help-files-chm-11540.html

Collapse -
Beware of fake invites for WhatsApp's Free Voice Calling
by Carol~ Moderator / March 10, 2015 6:44 AM PDT
In reply to: NEWS - March 10, 2015
.. feature!

Fake WhatsApp invites are actively luring users to sites where they are urged to fill out surveys and download unknown applications, warns The Hacker News' Mohit Kumar.

WhatsApp quietly began to roll out the long awaited Free Voice Calling feature to some Android users in January, and it can be turned on only if you are directly invited to do so by another user. The feature is activated when a user answers a WhatsApp voice call from a friend.

Unfortunately, not many people known that, and scammers and malware peddlers are taking advantage of this situation by sending out fake invites via email, social media and WhatsApp messages from compromised accounts.

Continued : http://www.net-security.org/malware_news.php?id=2985
Collapse -
(NT) glad all mine are AMD
by James Denison / March 10, 2015 2:19 PM PDT
In reply to: NEWS - March 10, 2015

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!