Spyware, Viruses, & Security forum

Alert

NEWS - September 08, 2014

by Carol~ Forum moderator / September 8, 2014 4:39 AM PDT
After hacking, Apple to send out more security alerts to users

"The company will also expand the two-step verification process for iCloud."

Apple plans to send out more e-mails to alert users of a potential security risk following the hacking of celebrities' iCloud accounts.

Apple CEO Tim Cook told The Wall Street Journal on Thursday that users will soon be able to receive e-mail notifications when iCloud data is restored. Apple already sends e-mails to users when a new password is requested, when a password is changed, or when an account is used on a new device for the first time.

The company will start to send out the new notifications in two weeks, according to the WSJ. It will also expand the two-step verification process—which requires a separate code or a key in order to log in to an account—to include access to an iCloud account on the new iOS.

In an interview with the WSJ, Cook acknowledged that Apple could have done more to prevent the attack on female celebrities' accounts.

Continued : http://arstechnica.com/security/2014/09/after-hacking-apple-to-send-out-more-security-alerts-to-users/

Related: Apple tightens iCloud security after celebrity nude photo hack
Discussion is locked
You are posting a reply to: NEWS - September 08, 2014
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - September 08, 2014
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Hacker breached HealthCare.gov website, planted malware ...
by Carol~ Forum moderator / September 8, 2014 5:02 AM PDT
... on "ObamaCare"

The Wall Street Journal is reporting that a hacker managed to break into the US Government's HealthCare.gov health insurance comparison website in July, and managed to implant malware.

The site was hacked back in July, but they only found out a week ago.

Before you start to have heart palpitations, take a deep breath and take some comfort in the news that investigators are claiming that the personal information of consumers does not appear to have been stolen or compromised.

Of course, that's often a difficult thing to determine. After all, if the Mona Lisa gets stolen from the Louvre it's pretty obvious - there's a gap in the wall where the painting used to hang.

Continued : http://grahamcluley.com/2014/09/hacker-healthcare-gov-obamacare-malware/

Related:
HealthCare.gov Server Hacked, Infected With Malware
Hackers break into HealthCare.gov
HealthCare.gov breached, injected with malware
Collapse -
Web-based attack targeting home routers, the Brazilian way
by Carol~ Forum moderator / September 8, 2014 5:02 AM PDT

Kaspersky Lab weblog:

We spotted an interesting attack from Brazilian bad guys aiming to change the DNS settings of home routers by using a web-based attack, some social engineering, and malicious websites. In these attacks the malicious DNS servers configured in the user's network device are pointed towards phishing pages of Brazilian Banks, programmed to steal financial credentials.

Attacks targeting home routers aren't new at all; in 2011, my colleague Marta described malware targeting network devices like these. In Brazil we documented a long and painful series of remote attacks that started in 2011-2012 that affected more than 4.5 million DSL modems, exploiting a remote vulnerability and changing DNS configurations. But this "web-based" approach was something new to Brazilian bad guys until now and we believe it will spread quickly amongst them as the number of victims increases.

The attack starts with a malicious e-mail and a bit of social engineering, inviting you to click: [Screenshot]

"I'm your friend and want to tell you you're being cheated, look at the pics"

Continued : https://securelist.com/blog/incidents/66358/web-based-attack-targeting-home-routers-the-brazilian-way/

Collapse -
Facebook's privacy dinosaur will check your settings for you
by Carol~ Forum moderator / September 8, 2014 5:03 AM PDT

Bitdefender's "HOT for Security" blog:

Facebook has announced that it has started rolling out a new feature which will help you "review and control who you're sharing with" on the world's biggest social network.

With a little help from a blue dinosaur cartoon character, the "Privacy Checkup" will allow you quickly review your privacy settings, and see if you're comfortable with how your account is configured.

Unless you're a privacy ninja who feels confident that they've carefully locked down their Facebook account, I'd strongly recommend that you don't dismiss the dialog if you see the little blue dinosaur pop up on your screen. [Screenshot]

Continued : http://www.hotforsecurity.com/blog/facebooks-privacy-dinosaur-will-check-your-settings-for-you-10059.html

Related :
Review your settings with Facebook's new privacy checkup tool
Review your Facebook privacy settings with Privacy Checkup

Collapse -
iCloud hackers planned Flappy Bird clone to steal photos
by Carol~ Forum moderator / September 8, 2014 5:03 AM PDT
.. from phones

"Poster on AnonIB message board detailed method for stealing photos by putting malicious app in Google Play store"

The ring of hackers who gathered naked pictures of more than 100 celebrities also planned to use a malware-ridden "clone" of Flappy Bird to steal photos from Android phones.

They aimed to exploit users' carelessness about the permissions that Android apps demand on installation to gain access to photos stored on the phone and siphon them to a remote location before Google spotted and blocked the malicious app.

The ring, which experts believe may have been stealing and trading photos for at least two and a half years, congregated on the /stol/ - short for "stolen" - forum on image board AnonIB, a spinoff of the notorious 4chan community.

Continued : http://www.theguardian.com/technology/2014/sep/05/icloud-hackers-planned-flappy-bird-clone-to-steal-photos-from-phones
Collapse -
Reddit bans celebrity naked photo leaks subreddit ...
by Carol~ Forum moderator / September 8, 2014 5:04 AM PDT
... 'The Fappening'

On Saturday, Reddit banned r/TheFappening, a subreddit in which people were sharing the nude celebrity photos that were leaked last week.

While the original publication of around 100 different celebrities' private pics began on the 4chan message board, further publication and commenting on the images quickly moved to r/TheFappening.

According to johnsmcjohn, who claims to have created the subreddit, TheFappening received over 250 million page views since it was created less than a month ago, the majority of which presumably coincided with the publication of the nude images.

Continued : http://nakedsecurity.sophos.com/2014/09/08/reddit-bans-celebrity-naked-photo-leaks-subreddit-the-fappening/

Related:
reddit shuts down subreddit that showcased celebrities' stolen nude photos
Reddit bans celebrity naked photo leaks subreddit 'The Fappening'
Collapse -
List compiled of Android apps that allow MitM attacks
by Carol~ Forum moderator / September 8, 2014 5:04 AM PDT
Researchers compile list of Android apps that allow MitM attacks

Around 350 Android apps that can be downloaded from Google Play and Amazon stores fail to properly validate SSL certificates for HTTPS connections, and thus open users to Man-in-the-Middle attacks if they use them on insecure and open networks, a researcher with the CERT Coordination Center at the Software Engineering Institute at Carnegie Mellon University warned.

The vulnerable apps have been discovered via automated testing using the CERT Tapioca testing appliance, and the researchers keep a list of these updated - among them are OKCupid's official app, (ironically) a number of security apps, but most worryingly, a number of e-commerce (such as an eBay app for German users) and e-banking apps.

The list is not yet complete. The setup created by the researchers tests only one application at a time, and the testing started only a few weeks ago.

Continued : http://www.net-security.org/secworld.php?id=17335
Collapse -
Home Depot Hit By Same Malware as Target
by Carol~ Forum moderator / September 8, 2014 5:10 AM PDT

The apparent credit and debit card breach uncovered last week at Home Depot was aided in part by a new variant of the malicious software program that stole card account data from cash registers at Target last December, according to sources close to the investigation.

On Tuesday, KrebsOnSecurity broke the news that Home Depot was working with law enforcement to investigate "unusual activity" after multiple banks said they'd traced a pattern of card fraud back to debit and credit cards that had all been used at Home Depot locations since May of this year.

A source close to the investigation told this author that an analysis revealed at least some of Home Depot's store registers had been infected with a new variant of "BlackPOS" (a.k.a. "Kaptoxa"), a malware strain designed to siphon data from cards when they are swiped at infected point-of-sale systems running Microsoft Windows.

Continued : http://krebsonsecurity.com/2014/09/home-depot-hit-by-same-malware-as-target/

Collapse -
iPhone Payment Security
by Carol~ Forum moderator / September 8, 2014 5:27 AM PDT
Bruce Schneier @ his "Schneier on Security" blog:

Apple is including some sort of automatic credit card payment system with the iPhone 6. It's using some security feature of the phone and system to negotiate a cheaper transaction fee.

Basically, there are two kinds of credit card transactions: card-present, and card-not-present. The former is cheaper because there's less risk of fraud. The article says that Apple has negotiated the card-present rate for its iPhone payment system, even though the card is not present. Presumably, this is because of some other security features that reduce the risk of fraud.

Not a lot of detail here, but interesting nonetheless.

https://www.schneier.com/blog/archives/2014/09/iphone_payment_.html
Collapse -
Ransomware rising, even on Android
by Carol~ Forum moderator / September 8, 2014 5:27 AM PDT

The first half 2014 saw an increase in online attacks that lock up user data and hold it for ransom - even on mobile devices, according to F-Secure. [Screenshot]

Rising numbers of attacks from malicious software known as ransomware underscore the importance of data security for home, enterprise and government users. Ransomware demands payment of a sum in exchange for unlocking a user's files.

On the mobile front, in Q2 of 2014, 295 new threat families and variants were discovered - 294 on Android and one on iOS. That's up from the first quarter, during which 277 threats were discovered, 275 targeting Android.

Continued : http://www.net-security.org/malware_news.php?id=2860

@ F-Secure: H1 2014 Threat Report

Collapse -
Popular Photo Sharing Website Likes.com Vulnerable To ..
by Carol~ Forum moderator / September 8, 2014 10:09 AM PDT
... Multiple Critical Flaws

Likes.com, one of the emerging social networking site and popular image browsing platform, is found vulnerable to several critical vulnerabilities that could allow an attacker to completely delete users' account in just one click.

Likes.com is a social networking website that helps you to connect with people you like and make new friends for free. Just like any other social place, users can always follow their favorite tag or people who catch their fancy. It is much easier to use and is designed for those who want to look at pictures different people upload.

An independent security researcher Mohamed M. Fouad from Egypt has found a series of critical security vulnerabilities in the Likes website that really pose danger to its users. The vulnerabilities he found not only have capability to add any post, comment to users' account as well as delete users' account, but the vulnerabilities can be escalated to deface entire website by posting malicious URLs and delete all users accounts.

Continued : http://thehackernews.com/2014/09/popular-photo-sharing-website.html
Collapse -
OpenSSL to prenotify distros of severe security fixes
by Carol~ Forum moderator / September 8, 2014 10:10 AM PDT

"The OpenSSL project has unveiled its first security policy on how the project will handle security fixes, and to whom it will disclose vulnerabilities prior to releases."

Given the blowback from the Heartbleed vulnerability revealed earlier this year, the OpenSSL project has released its first security policy that details how the project handles security issues.

The policy says that the project classifies security issues into three categories of severity: High, moderate, and low.

For an issue to gain the high rating, it must be likely to exploit common configurations of OpenSSL, examples given being the launching of a denial of service attack, a memory leak, or remote code execution. Upon reporting to the project, the policy states that the issue will be keep private amongst the OpenSSL development team, with a number of Linux and BSD distributions given details and patches in order for them to prepare packages for users and to provide feedback.

Continued : http://www.zdnet.com/openssl-to-prenotify-distros-of-severe-security-fixes-7000033409/

Related: OpenSSL Publishes its Security Policy

Collapse -
Salesforce Warns Customers of Dyreza Banker Trojan Attacks
by Carol~ Forum moderator / September 8, 2014 10:10 AM PDT

Salesforce.com is warning its customers that the Dyreza banker Trojan is now believed to be targeting some of the company's users. The Trojan, which has the ability to bypass SSL, typically goes after customers of major banks, but seems to be expanding its reach.

Dyreza is relatively new among the banker Trojan crowd and it hasn't had the reach or effect of older bankers such as Carberp or Zeus. But it has some interesting capabilities that make it troublesome. The malware installs itself on a victim's machine after a user clicks on a malicious attachment in a spam message. Once on the machine, Dyreza reaches out to a C2 server and waits for the victim to visit a targeted banking site. The malware uses a technique known as browser hooking to intercept traffic before it's encrypted on the way to the bank's site.

"The traffic, when you browse the Internet, is being controlled by the attackers. They use a MiTM (Man in The Middle) approach and thus are able to read anything, even SSL traffic in clear text. This way they will also try to circumvent 2FA," an analysis by Peter Kruse at CSIS says.

Continued : http://threatpost.com/salesforce-warns-customers-of-dyreza-banker-trojan-attacks/108134

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

The Samsung RF23M8090SG

One of the best French door fridges we've tested

A good-looking fridge with useful features like an auto-filling water pitcher and a temperature-adjustable "FlexZone" drawer. It was a near-flawless performer in our cooling tests.