Spyware, Viruses, & Security forum

Alert

NEWS - October 29, 2013

by Carol~ Moderator / October 29, 2013 1:16 AM PDT
Database hacking spree on US Army, NASA, and others costs gov't millions

Federal prosecutors have accused a UK man of hacking thousands of computer systems, many of them belonging to the US government, and stealing massive quantities of data that resulted in millions of dollars in damages to victims.

Lauri Love, 28, was arrested on Friday at his residence in Stradishall, UK following a lengthy investigation by the US Army, US prosecutors in New Jersey said. According to prosecutors, the attacks date back to at least October 2012. Love and other alleged hackers are said to have breached networks belonging to the Army, the US Missile Defense Agency, NASA, the Environmental Protection Agency, and others, in most cases by exploiting vulnerabilities in SQL databases and the Adobe ColdFusion Web application. The objective of the year-long hacking spree was to disrupt the operations and infrastructure of the US government by stealing large amounts of military data and personally identifying information of government employees and military personnel, a 21-page indictment said.

Continued: http://arstechnica.com/security/2013/10/database-hacking-spree-on-us-army-nasa-and-others-cost-gov-millions/

Related:
British man accused of hacking US military servers, planting backdoors
British Hacker Charged With Infiltrating US Government Networks
Discussion is locked
You are posting a reply to: NEWS - October 29, 2013
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - October 29, 2013
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Adobe Breach Impacted At Least 38 Million Users
by Carol~ Moderator / October 29, 2013 1:37 AM PDT

The recent data breach at Adobe that exposed user account information and prompted a flurry of password reset emails impacted at least 38 million users, the company now says. It also appears that the already massive source code leak at Adobe is broadening to include the company's Photoshop family of graphical design products.

In a breach first announced on this blog Oct. 3, 2013, Adobe said hackers had stolen nearly 3 million encrypted customer credit card records, as well as login data for an undetermined number of Adobe user accounts.

At time time, a massive trove of stolen Adobe account data viewed by KrebsOnSecurity indicated that — in addition to the credit card records - tens of millions of user accounts across various Adobe online properties may have been compromised in the break-in. It was difficult to fully examine many of the files on the hackers' server that housed the stolen source because many of the directories were password protected, and Adobe was reluctant to speculate on the number of users potentially impacted.

But just this past weekend, AnonNews.org posted a huge file called "users.tar.gz" that appears to include more than 150 million username and hashed password pairs taken from Adobe. The 3.8 GB file looks to be the same one Hold Security CTO Alex Holden and I found on the server with the other data stolen from Adobe. [Screenshot]

Continued: http://krebsonsecurity.com/2013/10/adobe-breach-impacted-at-least-38-million-users/

Related:
Adobe Hack 'Affected 38 Million Users
Adobe Hack: At Least 39 Million Users Affected, Photoshop Source Code Stolen

Collapse -
Syrian Electronic Army Hack into Obama Campaign Staff Emails
by Carol~ Moderator / October 29, 2013 1:37 AM PDT

Symantec Security Response Blog:

Yesterday, the Syrian Electronic Army announced that it had compromised the email accounts of several staff members of Organizing For Action (OFA), a non-profit organization that also maintains the President's website (barackobama.com), the President's Facebook, and the President's Twitter account (@barackobama). A screenshot posted by @Official_SEA16 confirms the hack and indicates some OFA staff were conducting business using Gmail email accounts, hosted through Google Apps for Business.

We accessed many Obama campaign emails accounts to assess his terrorism capabilities. They are quite high #SEA pic.twitter.com/ARgGLX8IjN

— SyrianElectronicArmy (@Official_SEA16) October 28, 2013


The attackers also compromised the URL shortening service that the President used to share links through social media (ShortSwitch.com). The compromised links directed users to a video called "Syria Facing Terrorism", hosted on YouTube, which has since been removed.

We are working with OFA. Evidence suggests credentials were compromised elsewhere and used by unauthorized parties. Forensics ongoing...

— ShortSwitch (@shortswitch) October 28, 2013


The Syrian Electronic Army may have targeted the Obama campaign the same way that they targeted The Onion satirical news site. The Onion published a write-up explaining how they were compromised earlier this year. In the write-up, they point to emails they received (phishing attacks) that redirected staff to fake Google Apps login pages.

Continued : http://www.symantec.com/connect/blogs/syrian-electronic-army-hacks-obama-campaign-staff-emails

Related:
Syrian Electronic Army claims Obama social media hijacking
Obama Hacked, Syrian Group Claims Credit for Social Media Breach
President Obama's Twitter account compromised after Syrian group hacks into link-shortener

Collapse -
Facebook Android Flaws Enable Any App to Get User's Access..
by Carol~ Moderator / October 29, 2013 1:37 AM PDT
.. Tokens

A researcher has discovered serious vulnerabilities in the main Facebook and Facebook Messenger apps for Android that enable any other app on a device to access the user's Facebook access token and take over her account. The same researcher also discovered a separate, similar flaw in the Facebook Pages Manager for Android, an app that allows admins to manage multiple Facebook accounts. That bug also enables other apps to grab a user's access token.

The vulnerabilities were discovered earlier this year by Mohamed Ramadan, a researcher at Attack Secure, who reported them to Facebook and was rewarded with $6,000 in bug bounties. The first vulnerability lies in the way that the main Facebook app and the Facebook Messenger app for Android devices handles a user's access token, which is essentially the key to accessing a Facebook account. This flaw would allow a malicious app to get the access_token stored on a user's device and then hijack the user's account, Ramadan said.

"Imagine this scenario: you are a facebook user, you have android phone/tablet and you installed facebook main app and messenger app for android, now you got a message from a friend or from someone on facebook, you will open the message to read it and there is an attachment like: a movie, doc, pdf, pic or any files that can be attached in facebook messages," Ramadan said in a blog post explaining the exploit scenario.

Continued: http://threatpost.com/facebook-android-flaws-enable-any-app-to-get-users-access-tokens/102724

Related: Hackers Can Hijack Facebook Accounts by Exploiting Flaw in Android Apps - Video
Collapse -
Facebook asking locked out users to provide Government ID
by Carol~ Moderator / October 29, 2013 1:38 AM PDT

If you have opened Twitter today you may have noticed an increase in messages reporting that the social media site Facebook was asking them to provide a Government ID to unlock their account on the site.

The message that users received during log in to their Facebook account states the following: "For security reasons your account is temporarily locked. If this account reflects your real name and personal information, please help us verify it".

The user who has been temporarily locked out of the account is then asked to provide a government ID for verification.

Facebook itself has not published a public comment yet and it is unclear if the company will address the issue at all.

Facebook Government ID

Continued: http://www.ghacks.net/2013/10/29/facebook-asking-locked-users-provide-government-id/

Related: 'Absurd': Facebook Requesting Government ID to Unlock Accounts...Again

Collapse -
Apple introduces "cloudless dictation", no longer demands..
by Carol~ Moderator / October 29, 2013 1:38 AM PDT
.. your contact list to understand you

Not everyone was happy about Apple's terms and conditions when it introduced dictation to OS X 10.8 (Mountain Lion).

Speech-to-text was done in the cloud, so Apple got to listen to what you were saying.

In fact, Cupertino didn't just processs your data off-site.

It collected a bunch of other information about you and your contacts, and hung onto this data and your recorded utterances for an unknown amount of time: [...]

At the time of Mountain Lion's release, we acknowledged why this might be useful.

We wrote at the time that "names are notoriously difficult to recognise and spell correctly, since they frequently don't come from the same linguistic and orthographic history as the language of which they've become part. The Australian mainland's highest point, Mount Kosciuszko, is a lofty example.

Continued: http://nakedsecurity.sophos.com/2013/10/29/apple-introduces-cloudless-dictation-no-longer-demands-your-contact-list-to-understand-you/
Collapse -
Giraffe virus hoax spreads on Facebook, as users fail ..
by Carol~ Moderator / October 29, 2013 2:29 AM PDT
.. to see the joke

The latest virus hoax to spread across Facebook was probably started as a silly joke, but it's not funny how many people are believing it to be true - and sharing it with their online friends.

Here's an example of the typical warning that is currently being distributed by Facebook users, unwittingly perpetuating what is in reality a hoax:

'A virus that exploits the recently discovered JPEG vulnerability has been discovered spreading over google's giraffe pictures.

"It's been done in the past, but with HTML code instead of the JPEG," said James Thompson, chief technical officer for SANS' Internet Storm Center, the organization's online-security research unit. "It is a virus, but it didn't spread very far. We've only had two reports of it."

The Facebook message goes like this: "I just changed my profile picture to a giraffe, but my answer was wrong" When you do it, Facebook automatically gives the hackers your user mail and password, malicious code embedded in the JPEG image gives the hackers everything they need, James said.....
'

Continued : http://grahamcluley.com/2013/10/giraffe-virus-hoax-spreads-facebook-users-fail-see-joke/
Collapse -
Microsoft security research paint bleak picture for XP users
by Carol~ Moderator / October 29, 2013 2:29 AM PDT

The 15th and latest of Microsoft's Security Intelligence Report (SIRv15) has been released. We spoke with Tim Rains, Director, Trustworthy Computing at Microsoft about the results.

There are a lot of periodic threat reports from companies in the security business, but Microsoft's report is based on an probably the broadest set of data in the industry: they gather information from over 100 countries; more than 1 billion systems which use Windows Update, the Malicious Software Removal Tool (MSRT) and Microsoft's free Security Essentials program; more than 400 million Outlook.com accounts and millions of Office 365 accounts; and from the billions of web pages scanned every day by Bing.

Though there is other data in the report, Rains chose to focus this month on the situation as it relates to Windows XP users. Citing third party data, he said that 21% of users are still running Windows XP, which will reach end of life in April 2014, after which no security updates will be issued for it.

Continued: http://www.zdnet.com/microsoft-security-research-paints-bleak-picture-for-xp-users-7000022537/

Collapse -
Fake Whatsapp notification delivers malware
by Carol~ Moderator / October 29, 2013 2:29 AM PDT

WhatsApp is one of the most popular instant-messaging services out there, and its huge user base (over 300 million active users) makes Whatsapp-themed spam a great way to infect a large number of computers.

The latest of these spam campaigns is currently delivering emails claiming that the user has "Voice Message Notification / 1 New Voicemail" waiting in their inboxes, attached to the email: [Screenshot]

Unfortunately, according to Webroot, the fake voice mail attachment contains a Trojan downloader that attempts to download additional malware from a well-known C&C server.

The only good news in all of this is that this particular malware variant has a high detection rate, and is more than likely to be detected by most AV solution. Of course, not all users use one, and are in danger of getting a bucketful of different malware on their machines.

http://www.net-security.org/malware_news.php?id=2614

Collapse -
Mozilla developing geolocation data service for public use
by Carol~ Moderator / October 29, 2013 2:29 AM PDT

"The privacy-aware project will use publicly available cell tower and Wi-Fi signals"

Mozilla is working on a geolocation data service using cell tower and Wi-Fi signals to give developers what it says will be a more privacy-aware option than current alternatives.

The service, which is in its early stages, would be mobile-focused, though laptops without GPS hardware could also use it to quickly identify their approximate location, the Firefox browser maker announced Monday.

Geolocation data constitutes a crowded space -- commercial players include Neustar IP Intelligence, MaxMind, IPligence and Google. But there is still no large public service option, Mozilla said. Also, Mozilla's standing as an open-source software developer puts it in a better position to grapple with issues around privacy, the company said.

"None of the current companies offering this type of service have any incentive to improve on privacy," Mozilla said in its Wiki page devoted to the project. "In order to do this assessment, we need to understand the technological challenges and get real data," the company said.

Continued: http://news.techworld.com/security/3475956/mozilla-developing-geolocation-data-service-for-public-use/

Collapse -
Firefox 25: Find out what is new
by Carol~ Moderator / October 29, 2013 4:47 AM PDT

Firefox 25 ships with a handful of new features or changes only. The following list provides you with information about them.

Find Bar - [Screenshot]

The Find Bar of the browser can be used to find text on web pages that you have open in the browser. Up until Firefox 24, the bar was shared between all tabs. If you opened it in one tab, it would also be visible in all other tabs.

From Firefox 25 on, this has changed so that the bar is only displayed in the tab it has been opened it.

While that is useful for some users who only want to search in a single tab, it breaks the workflow of users who have used the feature to search in multiple tabs (one after the other).

Mozilla has not implemented a switch or option to the browser to restore the old functionality, and it seems that the organization is not willed to do so citing that this is better left to add-on developers.

Continued: http://www.ghacks.net/2013/10/29/firefox-25-find-new/

See updates thread: Mozilla Firefox v25.0 Released

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?