Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - March 24, 2016

Mar 24, 2016 11:58AM PDT
Crooks Steal, Sell Verizon Enterprise Customer Data

Verizon Enterprise Solutions, a B2B unit of the telecommunications giant that gets called in to help Fortune 500’s respond to some of the world’s largest data breaches, is reeling from its own data breach involving the theft and resale of customer data, KrebsOnSecurity has learned.

Earlier this week, a prominent member of a closely guarded underground cybercrime forum posted a new thread advertising the sale of a database containing the contact information on some 1.5 million customers of Verizon Enterprise.

The seller priced the entire package at $100,000, but also offered to sell it off in chunks of 100,000 records for $10,000 apiece. Buyers also were offered the option to purchase information about security vulnerabilities in Verizon’s Web site.

Continued: http://krebsonsecurity.com/2016/03/crooks-steal-sell-verizon-enterprise-customer-data/

Discussion is locked

- Collapse -
MS Deploys Macro Blocking Feature in Office to Curb Malware
Mar 24, 2016 12:03PM PDT

If it ain’t broke, don’t fix it. If there’s one thing the recent surge in threats using macros to spread malware has shown, it’s that the vector is clearly working for attackers.

Developers at Microsoft hope a feature in the latest version of Microsoft Office will reduce the frequency of those attacks by giving administrators the ability to block macros from running on machines on their network.

While macros – a series of commands stored in documents – are disabled by default on most networks, duplicitous hackers have taken to using email subject lines having to do with invoices and HR as phishing lures to get victims to open documents and enable them.

Continued : https://threatpost.com/microsoft-deploys-macro-blocking-feature-in-office-to-curb-malware/116960/

Related:
New feature in Office 2016 can block macros and help prevent infection
https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/

- Collapse -
Opening a PDF on your iPhone could infect it with malware
Mar 24, 2016 12:04PM PDT

"... unless you've updated to iOS 9.3"

There is a lot of attention being focused today on a flaw in Apple iMessages, which could allow an attacker to intercept your supposedly private messages and extract links to images and videos that you were trying to share securely with your contacts.

The security hole, discovered by researchers from Johns Hopkins University, is an important one to fix - and should be a good reason for you to update your iDevices to the newly-released iOS 9.3, which patches the problem.

However, it's not the only security fix released by Apple today as you can see in the chart below.

Continued: https://www.grahamcluley.com/2016/03/opening-pdf-iphone-infect-malware-unless-youve-updated-ios-9-3/

- Collapse -
Oracle Reissues Patch for Two-Year-Old Java Flaw
Mar 24, 2016 12:07PM PDT

Oracle announced on Wednesday that it has released an update for Java SE to address a serious vulnerability.

While the technology giant’s advisory doesn’t include many details, SecurityWeek has learned that the latest Java update is actually another attempt by Oracle to patch CVE-2013-5838, a sandbox escape flaw reported by Poland-based Security Explorations in 2012.

Security Explorations reported a total of 69 Java SE vulnerabilities to Oracle, many of which were patched in 2012 and 2013. The bug tracked as CVE-2013-5838 was supposedly patched by Oracle with its October 2013 CPU, but Security Explorations revealed earlier this month that the fix was inefficient and it could be easily bypassed.

Continued: http://www.securityweek.com/oracle-reissues-patch-two-year-old-java-flaw

Related:
Emergency Java Patch Re-Issued for 2013 Vulnerability
https://threatpost.com/emergency-java-patch-re-issued-for-2013-vulnerability/116967/
Oracle Issues Emergency Java Security Update to Fix 2.5-Year-Old Flaw
http://news.softpedia.com/news/oracle-issues-emergency-java-security-update-to-fix-2-5-year-old-flaw-502123.shtml

See:
Oracle Security Alert for CVE-2016-0636
http://www.cnet.com/forums/discussions/oracle-security-alert-for-cve-2016-0636/

- Collapse -
Hype Around the Mysterious ‘Badlock’ Bug Raises Criticism
Mar 24, 2016 12:30PM PDT

Brand-name software bugs with flashy public relations campaigns are commonplace since the Heartbleed vulnerability was announced in 2014 with a media-friendly name, logo, and web site.

But another bug is on the horizon that is setting a new bar for brand-name bug disclosures. It’s called Badlock and it’s already receiving a lot of controversial attention, even though the exact nature of the bug—and most importantly, the patches to fix it—won’t be disclosed for another three weeks.

The bug affects unknown versions of the Windows operating system and Samba, free open-source software that integrates Linux or Unix servers and Windows computers across a network. A pre-patch marketing campaign about the security hole includes a web site and logo that SerNet, the German company behind the bug discovery, says is meant to inform system administrators that patches are coming April 12 so they can prepare to update systems that day.

Continued: http://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-criticism/

Related:
Badlock Bug Looms Large as April Deadline Nears
http://www.eweek.com/security/badlock-bug-looms-large-as-april-deadline-nears.html
Clear April 12: Windows, Samba to splat curious 'crucial' Badlock bug
http://www.theregister.co.uk/2016/03/22/badlock_bug/

- Collapse -
New self-protecting USB trojan able to avoid detection
Mar 24, 2016 12:52PM PDT

@ ESET's "We Live Security" blog:

A unique data-stealing trojan has been spotted on USB devices in the wild – and it is different from typical data-stealing malware. Each instance of this trojan relies on the particular USB device on which it is installed and it leaves no evidence on the compromised system. Moreover, it uses a very special mechanism to protect itself from being reproduced or copied, which makes it even harder to detect.

In this article we will examine the technical details of this interesting malware.

Where other malware uses ‘good old-fashioned approaches’ like Autorun files or crafted shortcuts in order to get users to run it, USB Thief uses also another technique. This method depends on the increasingly common practice of storing portable versions of popular applications such as Firefox, NotePad++ and TrueCrypt on USB drives.

Continued: http://www.welivesecurity.com/2016/03/23/new-self-protecting-usb-trojan-able-to-avoid-detection/

Related:
Stealthy USB Trojan hides in portable applications, targets air-gapped systems
http://www.pcworld.com/article/3047682/security/stealthy-usb-trojan-hides-in-portable-applications-targets-air-gapped-systems.html