Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - March 13, 2015

Mar 13, 2015 2:14AM PDT
Epic Google snafu leaks hidden whois data for 280,000 domains

Google Apps has leaked hidden names, phone numbers, and more since mid-2013. - [Screenshot]

Google leaked the complete hidden whois data attached to more than 282,000 domains registered through the company's Google Apps for Work service, a breach that could bite good and bad guys alike.

The 282,867 domains counted by Cisco Systems' researchers account for 94 percent of the addresses Google Apps has registered through a partnership with registrar eNom. Among the services is one that charges an additional $6 per year to shield from public view all personal information included in domain name whois records. Rather than being published publicly, the information is promised to remain in the hands of eNom except when it receives a court order to turn it over.

Continued : http://arstechnica.com/security/2015/03/epic-google-snafu-leaks-hidden-whois-data-for-280000-domains/

Related:
Google Apps Bug Exposed Registration Data for 280,000 Domains
Google Apps 'Defect' Leaks Private WHOIS Data Of 280,000
Google Leaks Whois Data for Over 282,000 Protected Domains

Discussion is locked

- Collapse -
Achievement Locked: New Crypto-Ransomware Pwns Video Gamers
Mar 13, 2015 3:00AM PDT

The Bromium Labs blog:

Gamers may be used to paying to unlock downloadable content in their favorite games, but a new crypto-ransomware variant aims to make gamers pay to unlock what they already own. Data files for more than 20 games can be affected by the threat, increasing what is already a large target for cybercriminals. Another file type that hasn't been targeted before is iTunes related. But first, let's have a look at the initial infection.

This crypto-ransomware variant has been getting distributed from a compromised web site that was redirecting the visitors to the Angler exploit kit by using a Flash clip. Bromium Labs notified the owner of the web site, but they haven't responded. At the time of writing this blog, the website was still serving malware. The web site is based on WordPress and could have been compromised by any one of the numerous WP exploits. Additionally, the URL where the malicious Flash file is hosted keeps changing.

Continued : http://labs.bromium.com/2015/03/12/achievement-locked-new-crypto-ransomware-pwns-video-gamers/

Related:
New crypto-ransomware encrypts video games files
CryptoLocker look-alike searches for and encrypts PC game files
CryptoLocker Variant Coming After Gamers

- Collapse -
Facebook worm spreads by leveraging cloud services
Mar 13, 2015 3:00AM PDT

Facebook users are in danger of having their computers turned in a bot by a worm that spreads via the social network.

The worm, identified as belonging to the Kilim malware family, ends on the victims' computer after a series of links and redirection. According to Malwarebytes researcher Jerome Segura, it all starts with a message on Facebook linking to scandalous sex photos of teenagers.

The shortened ow. ly link leads to another one, which leads to an Amazon Web Services (AWS) page, which leads to a malicious site (videomasars.healthcare), which checks whether the victim is using a computer or mobile phone. If it's the latter, they are redirected to affiliate pages for various offers.

Continued : http://www.net-security.org/malware_news.php?id=2990

Related : Facebook Worm Lures with Promise of Smut Content, Delivered via Box Cloud Storage

- Collapse -
SQL Injection Bug Fixed in Popular WordPress SEO Plug-In
Mar 13, 2015 4:28AM PDT

SEO by Yoast, a popular search engine optimization plug-in for WordPress, has fixed a pair of blind SQL injection vulnerabilities that could have allowed an attacker to take complete control of affected sites.

It's not clear how many WordPress sites have SEO by Yoast installed, but the maker of the popular plugin claims it has been downloaded more than 14 million times.

Vulnerable versions of the service are susceptible to arbitrarily executed SQL queries, in part because it lacks proper cross-site request forgery protections. If the attacker were able to trick an authenticated administrator, editor or author into following a link to a malicious page, the attacker could then create an admin role for himself and totally compromise affected sites.

Continued: https://threatpost.com/sql-injection-bug-fixed-in-popular-wordpress-seo-plug-in/111601

Related: Critical hole in popular WordPress SEO plugin allows SQLi, site hijacking

- Collapse -
Adobe Flash Update Plugs 11 Security Holes
Mar 13, 2015 4:28AM PDT
Adobe has released an update for its Flash Player software that fixes at least 11 separate, critical security vulnerabilities in the program. If you have Flash installed, please take a moment to ensure your systems are updated.

Not sure whether your browser has Flash installed or what version it may be running? Browse to this link. The newest, patched version is 17.0.0.134 for Windows and Mac users. Adobe Flash Player installed with Google Chrome, as well as Internet Explorer on Windows 8.x, should automatically update to version 17.0.0.134.

The most recent versions of Flash should be available from the Flash home page, but beware potentially unwanted add-ons, like McAfee Security Scan. To avoid this, uncheck the pre-checked box before downloading, or grab your OS-specific Flash download from here. Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).

Continued : http://krebsonsecurity.com/2015/03/adobe-flash-update-plugs-11-security-holes/

See : Security Updates for Adobe Flash Player (APSB15-05)