Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - March 17, 2014

Mar 17, 2014 8:55AM PDT
The Long Tail of ColdFusion Fail

Earlier this month, I published a story about a criminal hacking gang using Adobe ColdFusion vulnerabilities to build a botnet of hacked e-commerce sites that were milked for customer credit card data. Today's post examines the impact that this botnet has had on several businesses, as well as the important and costly lessons these companies learned from the intrusions.

Last Tuesday's story looked at two victims; the jam and jelly maker Smucker's, and SecurePay, a credit card processor based in Georgia. Most of the companies contacted for this story did not respond to requests for comment. The few business listed that did respond had remarkably similar stories to tell about the ordeal of trying to keep their businesses up and running in the face of such intrusions. Each of them learned important lessons that any small online business would be wise to heed going forward.

The two companies that agreed to talk with me were both lighting firms, and both first learned of their site compromises after the credit card firm Discover alerted their card processors to a pattern of fraudulent activity on cards that were recently used at the stores.

Continued : http://krebsonsecurity.com/2014/03/the-long-tail-of-coldfusion-fail/

Related: New victims inducted into botnet preying on websites running ColdFusion

Discussion is locked

- Collapse -
Bitcoin Malware Found in Leaked Mt.Gox Files
Mar 17, 2014 9:17AM PDT

"Malwarebytes Unpacked" Blog:

At one time, the Japan-based Bitcoin exchange Mt. Gox handled 70 percent of all Bitcoin transactions.

However, you've now likely heard the company has fallen into bankruptcy since losing over $400 million dollars in Bitcoins — with the company saying "there is a high possibility that the Bitcoins were stolen."

The events surrounding the missing Bitcoins have created a lot of attention in the media; there was even a fake video we blogged about claiming that traders could recover their lost coins.

Nonetheless, while all the legal matters are still underway, Mt. Gox CEO Mark Karpeles had his personal blog and Reddit account hacked last week. The hackers used the compromised sites to upload a 700mb archive, which they claim has "relevant database dumps, csv exports, specialized tools, and some highlighted summaries compiled from data".

Continued : http://blog.malwarebytes.org/cyber-crime/2014/03/bitcoin-malware-found-in-leaked-mt-gox-files/

Related:
Bitcoin-stealing malware hidden in Mt. Gox data dump, researcher says
MtGox remedy worse than the disease says Kaspersky researcher
Mt. Gox CEO doxing was a ploy to spread Bitcoin-stealing malware

- Collapse -
Google Patches Four Pwn2Own Bugs in Chrome 33
Mar 17, 2014 9:30AM PDT

Now that the dust has settled after the Pwn2Own contest, the browser manufacturers are beginning to roll out patches for the vulnerabilities exploited by contestants. Google on Monday released fixes for a number of bugs in Chrome discovered and exploited during Pwn2Own, releasing new versions of the browser for Windows, Mac and Linux.

This year's Pwn2Own, which runs in conjunction with the CanSecWest conference in Vancouver, showcased vulnerabilities and exploits in most of the major browsers, including Internet Explorer and Firefox, along with Chrome. The team from VUPEN, the French security and exploit-sales firm, took home several hundred thousand dollars in prize money from the contest, a good portion of it for demonstrating new bugs in Google Chrome. In addition to the prize money from the contest, Google also is paying its own rewards to the researchers who used new flaws in Chrome.

VUPEN earned a $100,000 reward from Google for its two Chrome vulnerabilities, and an anonymous researcher also earned $60,000 for two separate vulnerabilities. The flaws used in Pwn2Own that Google fixed in Chrome 33 are:

Continued : http://threatpost.com/google-patches-four-pwn2own-bugs-in-chrome-33/104828

- Collapse -
Google DNS briefly hijacked to Venezuela
Mar 17, 2014 10:02AM PDT

"Bad admin or some more malicious act sent requests down the wrong pipe" - [Screenshot]

For about a half hour on Saturday, some requests to one of Google's DNS servers in the US were re-routed through a network in Venezuela. A false Border Gateway Protocol (BGP) announcement from the Venezuelan network caused the diversion, which affected networks primarily in Venezuela and Brazil, as well as a university network in Florida. It all started at 5:23pm Greenwich Time (UTC).

Andree Toonk of the network monitoring service BGPmon.net told Ars that the false routing request was dropped 23 minutes later, "most likely because the network that announced this route realized what happened and rolled back the change (to their router) that caused this." During the intervening period, he said, traffic may have been re-routed back to Google, or it just may have been dropped. The result was failed DNS requests for those on the affected networks.

Continued : http://arstechnica.com/information-technology/2014/03/google-dns-briefly-hijacked-to-venezuela/

Related:
Google free public DNS services were briefly corrupted
Google's Public DNS Hijacked for 22 Minutes

- Collapse -
NATO site hit hard by DDoS attack as Crimean tension rises
Mar 17, 2014 10:03AM PDT
NATO website hit hard by denial-of-service attack as Crimean tension rises

This weekend a number of websites belonging to NATO, including its main website at www.nato.int, struggled to remain online as online criminals launched a distributed denial-of-service (DDoS) attack.

A group of pro-Russian hackers called "Cyber Berkut" claimed responsibility for the attack, which came on the eve of a controversial referendum in Crimea which saw over 90% of voters choose to quit Ukraine for Russia.

DDoS attacks manage can bring down websites by flooding them with so much web traffic that they can no longer stand up, and legitimate visitors will find the site too clogged up with visitors to work. It's the equivalent of 15,000 fat men trying to get through a revolving door at the same time.

Continued : http://grahamcluley.com/2014/03/nato-website-ddos/

Related:
DDoS attack takes out NATO websites, Ukraine connection claimed
Three NATO Websites Disrupted by Ukrainian Hackers of Cyber Berkut