Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Alert

NEWS - October 08, 2015

Oct 8, 2015 4:45PM PDT
Cisco disrupts $30 million browser plug-in hacking operation

The company said unnamed hackers used the notorious Angler Exploit Kit to take advantage of vulnerabilities in common browser plugins, such as Flash and Java. As many as 90,000 users were affected each day by the attack.

The networking company, through its security wing Talos Group, patched the vulnerabilities being used by the exploit kit, cutting off affected machines from the command-and-control infrastructure.

"This is a significant blow to the emerging hacker economy where ransomware and the black market sale of stolen [intellectual property, credit card info and personally identifiable information are generating hundreds of millions of dollars annually," said the researchers in a blog post.

Continued : http://www.zdnet.com/article/cisco-disrupts-30-million-browser-plug-in-hacking-operation/

Related: Researchers Disrupt Angler Exploit Kit Ecosystem, Derail $30M Ransomware Campaign

Discussion is locked

- Collapse -
Verizon Curbs ‘Zombie Cookies,’ But They’ll Still Stalk You
Oct 8, 2015 4:50PM PDT

Last year privacy advocates discovered that Verizon has been inserting tracking codes into most of its mobile web traffic—so-called “zombie cookies.” Now the company plans to use those codes to target personalized ads served by AOL, which Verizon acquired earlier this year. But the company says it’s curbing the ability to use the codes beyond its corporate reach.

The company revealed its plans yesterday in a privacy notice spotted by non-profit news outfit ProPublica.

Typically, in order for a website to track its visitors it must leave a small file called a “cookie” on the user’s device. But cookies are tied to the user’s web browser. If they’re using a smartphone app instead of their web browser, it’s difficult to track that user. Plus users can block or delete these cookies.

Continued: http://www.wired.com/2015/10/verizon-curbs-zombie-cookies-theyll-still-stalk/

- Collapse -
At Experian, Security Attrition Amid Acquisitions
Oct 8, 2015 4:51PM PDT
T-Mobile disclosed last week that some 15 million customers had their Social Security numbers and other personal data stolen thanks to a breach at Experian, the largest of the big American consumer credit bureaus. But this actually wasn’t the first time that a hacking incident at Experian exposed sensitive T-Mobile customer data, and that previous breach may hold important clues about what went wrong more recently.

Over the past week, KrebsOnSecurity has interviewed a half-dozen security experts who said they recently left Experian to find more rewarding and less frustrating work at other corporations. Nearly all described Experian as a company fixated on acquiring companies in the data broker and analytics technology space, even as it has stymied efforts to improve security and accountability at the Costa Mesa, Calif. based firm.

Continued : http://krebsonsecurity.com/2015/10/at-experian-security-attrition-amid-acquisitions/
- Collapse -
Former journalist faces 25 years in prison for ..
Oct 8, 2015 4:51PM PDT
.. article defacement

Matthew Keys, a former Reuters social media editor, has been found guilty of computer hacking, and could be sentenced to spend as many as 25 years in prison.

Keys was indicted in March 2013 for conspiring with members of the hacker group Anonymous to hack into and alter the website of the Tribune Company-owned KTXL FOX 40 television station in Sacramento, California, for which he worked as a web producer until late October 2010, when he was terminated.

A California jury decided that he did, as accused, share on an IRC channel frequented by hackers the login credentials to the server hosting the site, and urged Anonymous members to tamper with Tribune Company-owned websites.

Continued : http://www.net-security.org/secworld.php?id=18953

Related :
Jury finds journalist guilty of aiding Anonymous in media hacking case
Journalist convicted of helping Anonymous hack the LA Times
- Collapse -
Android malware hammers phones with unwanted ads
Oct 8, 2015 4:53PM PDT

Android users in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.

Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores.

"This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat," wrote Yulong Zhang, a staff research scientist with FireEye.

Continued : http://www.computerworld.com/article/2990420/mobile-security/android-malware-hammers-phones-with-unwanted-ads.html

Related: Android adware wields potent root exploits to gain permanent foothold

Post was last edited on October 8, 2015 5:18 PM PDT

- Collapse -
What’s in a Boarding Pass Barcode? A Lot
Oct 8, 2015 4:55PM PDT

Brain Krebs @ his "Krebs On Security" blog:

The next time you’re thinking of throwing away a used boarding pass with a barcode on it, consider tossing the boarding pass into a document shredder instead. Two-dimensional barcodes and QR codes can hold a great deal of information, and the codes printed on airline boarding passes may allow someone to discover more about you, your future travel plans, and your frequent flyer account.

Earlier this year, I heard from a longtime KrebsOnSecurity reader named Cory who said he began to get curious about the data stored inside a boarding pass barcode after a friend put a picture of his boarding pass up on Facebook. Cory took a screen shot of the boarding pass, enlarged it, and quickly found a site online that could read the data. [Screenshot]

“I found a website that could decode the data and instantly had lots of info about his trip,” Cory said, showing this author step-by-step exactly how he was able to find this information. ‘

Continued : https://krebsonsecurity.com/2015/10/whats-in-a-boarding-pass-barcode-a-lot/

- Collapse -
Disclosed Netgear Router Vulnerability Under Attack
Oct 8, 2015 4:57PM PDT

A vulnerability in Netgear routers, already disclosed by two sets of researchers at different security companies, has been publicly exploited.

Netgear, meanwhile, has yet to release patched firmware, despite apparently having built one and confirmed with one of the companies that privately disclosed that it addressed the problem adequately.

Alexandre Herzog, CTO of Compass Security Schweiz Ltd., of Switzerland, told Threatpost that the unnamed victim became aware of the attack upon investigating the reasons behind some router instability. They discovered that all of their DNS queries had been redirected to the attacker’s server.

Continued : https://threatpost.com/disclosed-netgear-router-vulnerability-under-attack/114960/

- Collapse -
Wealth of personal data found on used electronics ..
Oct 8, 2015 5:18PM PDT
..purchased online

Varying amounts and types of residual data have been found on used mobile devices, hard disk drives and solid state drives purchased online from Amazon, eBay and Gazelle.com.

Based on an examination of 122 pieces of second-hand equipment, 48 percent of the hard disk drives and solid state drives contained residual data, while thousands of leftover emails, call logs, texts/SMS/IMs, photos and videos were retrieved from 35 percent of the mobile devices.

Upon closer examination, Blancco Technology Group and Kroll Ontrack discovered that a deletion attempt had been made on 57 percent of the mobile devices and 75 percent of the drives that contained residual data. Even more compelling was the discovery that those deletion attempts had been unsuccessful due to common, but unreliable methods used, leaving sensitive information exposed and potentially accessible to cyber criminals.

Continued : http://www.net-security.org/secworld.php?id=18945
- Collapse -
Amazon iPhone order email has malware attached
Oct 8, 2015 5:59PM PDT

Watch out folks - malware has been spammed out in an email claiming to come from Amazon.

The email, which has a subject line of "Your Amazon.com order confirmation for <email address>", tries to trick you into thinking that your credit card has been used without authorisation to purchase goods on the Amazon website. [Screenshot]

Part of the email reads: [...]

If you're paying close attention you might notice that they call it an Iphone rather than an iPhone, and that a genuine email regarding an Amazon order would contain the postal address that you wanted your goods delivered to.

Continued : https://grahamcluley.com/2015/10/amazon-iphone-order-email-malware/