8 total posts
The iPhone WireLurker malware: What you need to know
There's a scary new piece of malware that collects call logs, phonebook contacts and other sensitive information from Apple iPhones and iPads. Should you be worried?
The malware was first discovered by researchers at Palo Alto Networks who dubbed it WireLurker and said it exhibited behavior that had never been seen before in malicious software targeting Apple's platforms.
Once infected, the malware appears to collect data from the user but, to date, no other malicious activity has been discovered, said Palo Alto Networks.
For hundreds of millions of Apple iOS users, malware is a scary prospect. The platform has seen so few attacks that many users don't run antivirus software.
Continued : http://www.computerworld.com/article/2844700/the-iphone-wirelurker-malware-what-you-need-to-know.html
Staying Safe from Wirelurker: the Combined Mac/iOS Threat
TrendLabs Security Intelligence Blog:
The newly discovered Wirelurker malware affecting both OS X and iOS devices has been covered extensively in the media. While this is a significant incident, some of the coverage appears to have been exaggerated, and might lead users to unnecessary panic. Several points would be useful in helping calm down the worst fears of users and distilling what we need to learn from all this.
First of all, Wirelurker is currently not an active threat. Known variants have already been blocked by OS X, and the command-and-control servers are offline as well. This significantly reduces the threat that this malware poses to users. The stolen certificate that enabled this attack has also been revoked by Apple, mitigating the most novel aspect of this threat (pushing apps onto non-jailbroken devices).
Continued : http://blog.trendmicro.com/trendlabs-security-intelligence/staying-safe-from-wirelurker-the-combined-macios-threat/
Belkin flings out patch after Metasploit module turns ..
... guests to admins
"Open guest networks turned on by default"
Belkin has patched a vulnerability in a dual band router that allowed attackers on guest networks to gain root access using an automated tool.
The flaw reported overnight targeted the Belkin N750 dual-band router - which was launched in 2011 and is still sold by the company and other commerce sites.
IntegrityPT consultant Marco Vaz published a Metasploit module allowing guests to attack vulnerable routers.
"A vulnerability in the guest network web interface of the [router] allows an unauthenticated remote attacker to gain root access to the operating system of the affected device," Vaz said.
Continued : http://www.theregister.co.uk/2014/11/07/belkin_flings_patch_after_metasploit_module_turns_guests_to_admins/
Linksys Patches (Most) Routers Running SMART Wi-Fi Firmware
Two versions of popular consumer and small office Linksys routers remain vulnerable to a pair of vulnerabilities recently patched in other models of the Belkin-owned networking gear.
Linksys EA2700 and EA3500 routers running Linksys SMART Wi-Fi firmware have yet to be patched against vulnerabilities that put user credentials at risk, thus allowing outside access to the router.
Researcher Kyle Lovett reported the vulnerabilities in July; Linksys patched the bugs on Oct. 23 in E4200v2, EA4500, EA6200, EA6300, EA6400, EA6500, EA6700, and EA6900 models. Public exploits for the vulnerabilities in the EA3500 and EA6500 models were available on a Turkish hacker site in mid-September.
Related: Linksys SOHO router owners urged to patch multiple vulnerabilities
Android Browser: Metasploit Module Released for New UXSS
A universal cross-site scripting (UXSS) vulnerability has been identified in the Android browser that's installed by default on many Android smartphones, researchers reported on Thursday.
The flaw was identified and reported to Google by Pakistani security researcher Rafay Baloch. The expert coordinated the disclosure of the bug with the security firm Rapid7, which released a Metasploit module for it.
One in three Americans don't use basic malware protection
One in three US-based computer users don't use an antivirus solution, according to a survey carried by Bitdefender in September. Only 67.3 percent of respondents are protected by an antivirus solution.
The study also finds that young females (aged 18 to 29) are the least interested in securing their computers or smart devices. In contrast, adult male computer users (aged 30 to 44) are extremely concerned about their online security and complement their antivirus solution with extra technologies such as a VPN or data backup.
The number of malware incidents reported by the interviewed subjects reflects the poor state of security on their devices - 46.9 percent said their home devices have been infected with malware, while 7 percent encountered malware infections at work. 19.2 percent of the study respondents don't know if their devices have ever been infected.
Not Just Silk Road 2: Feds Seize Two Other Drug Markets ..
.. and Counting
A full-blown dark web drug crackdown is in the works, and it's not stopping with the Silk Road.
On Thursday the FBI along with other law enforcement agencies including the Department of Homeland Security and Europol announced that it had seized the Silk Road 2, perhaps the most well-known drug market to appear on the Dark Web since the takedown of the original Silk Road last year.
What it didn't announce is that at least two other drug market sites have also been busted, and more takedowns are likely coming. The drug markets Hydra and Cloud 9 now both display the same "This Hidden Site Has Been Seized" notices as the Silk Road 2, emblazoned with the logos of the FBI and Europol. Several other popular dark net markets were down Thursday morning, as well, though they didn't display that banner. An FBI spokesperson tells WIRED that there will be more than three market seizures in total, with the full extent of the operation set to be revealed by Friday.
Continued : http://www.wired.com/2014/11/dark-web-seizures/