Spyware, Viruses, & Security forum

Alert

NEWS - September 21, 2011

by Carol~ Moderator / September 21, 2011 3:29 AM PDT
Adobe announces emergency patch for Flash Player

Adobe has announced an emergency patch that is scheduled to be released some time later today (Wednesday 21 September). The update will address several previously unknown critical holes in Flash Player. The new version is also designed to close a universal cross-site scripting (XSS) hole that Adobe says is already being actively exploited. The company's security blog doesn't provide any further details.

Google has already released updated stable and beta channel versions of its Chrome browser 14.0.835.186 for Windows, Mac OS X, Linux and Chrome Frame. The updates contain only a corrected version of Flash Player.

http://www.h-online.com/security/news/item/Adobe-announces-emergency-patch-for-Flash-Player-1347162.html

Also: Adobe readies critical security patch for Flash Player

See: Prenotification: Security Update for Flash Player
Discussion is locked
You are posting a reply to: NEWS - September 21, 2011
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - September 21, 2011
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Mass AG, Victim of iTunes Scam, Says She'll Demand Answers
by Carol~ Moderator / September 21, 2011 3:35 AM PDT

"Massachusetts Attorney General, Victim of an iTunes Scam, Says She'll Demand Answers"

Massachusetts Attorney General Martha Coakley said on Tuesday that her office would be inquiring into long-standing complaints about fraudulent purchases that leverage Apple's popular online music store.

In a lunchtime address to business and technology leaders in Massachusetts, Coakley said she was a victim of identity theft in recent months, and that her stolen credit card information was used to make fraudulent iTunes purchases. When asked (by Threatpost) about whether such fraud constitutes a reportable event under the Bay State's strict data breach notification law, Coakley said that her office would be looking into that question and demanding answers from Cupertino, California based Apple, which has steadfastly refused to comment, or report the breaches to Massachusetts regulators.

Coakley was speaking before an audience of technology and business leaders at an inaugural lunch for Massachusetts' Advanced Cyber Security Center (ACSC). Coakley said that her investment in protecting consumers from identity theft was personal, acknowledging that her bank account was emptied after cyber criminals stole her debit card information during a ski trip to New Hampshire. It was not the first time Coakley had mentioned the incident in public. After skimming the card info, Coakley said the thieves attempted to use it to purchase a laptop from Dell Computer, which detected the fraudulent transaction and contacted Coakley. Not so Apple, whose iTunes media store was used to make a slew of transactions that emptied the Attorney General's account.

Continued : http://threatpost.com/en_us/blogs/massachusetts-attorney-general-victim-itunes-scam-says-shell-demand-answers-092111

Collapse -
Botnets on discount!
by Carol~ Moderator / September 21, 2011 5:06 AM PDT

From the G Data Security Blog:

Creating a botnet has become insanely easy and cheap

We've encountered a bot sale, which, in case it finds followers, can cause a massive glut of malware all over. The so-called "Aldi Bot" first appeared in late August and has been sold for the initial price of €10! Parts of the bot's code oddly look like ZeuS code...


The malware author, the name used makes us suspect it is a male author, announces his bot creation in the underground and explains that he likes coding and is not keen on making a lot of money. That would be the reason for the low price, he says. Accepted payment methods: paysafecard (with receipt) and Ukash. "I cannot guarantee that the stub you get is always FUD", he says. This means that there is no guarantee for buyers that the program code remains undetected by AV products. And he is quite right - AV products are able to detect the bot.

The offer: 1 x Builder + stub + updates + installation assistance = €10
This price even dropped down to €5, less than two weeks ago.

The main functions of "Aldi Bot" v1.0 are:

• Possibility to carry out DDoS attacks
• SOCKS; bot owner can use victim's pc as proxy
• Firefox password stealer; stealing passwords saved in Firefox database
• Remote execution of any file

An update to v2.0 added the following functions to the ones already in use:

Continued : http://blog.gdatasoftware.com/blog/article/botnets-on-discount.html

Collapse -
"We are going to sue you" spam campaign leads to malware
by Carol~ Moderator / September 21, 2011 5:06 AM PDT

Every once in a while, security researchers spot an email spam campaign so poorly thought out and executed that I have to wonder: "Who would fall far this?" But then I remember that a moment of distraction and/or simply curiosity sometimes makes people act irrationally.

A similar campaign has been recently spotted by Websense. It involves poorly written emails purportedly coming from well-established companies that threaten the potential victim with a lawsuit for sending out spam: [Screenshot]

The attention grabbing subject line ("We are going to sue you") is just one of the variations employed by this particular campaign. Other popular choices are "This is the final warning", "Please stop sending spam messages..." and "A message from our security service."

The attached ZIP file is not a text document, but an executable - a downloader Trojan that copies itself on the target's computer, deletes the original file, and then proceeds to execute every time the machine is started. Needless to say, this opens the way for other malware to be downloaded and executed on the computer.

http://www.net-security.org/malware_news.php?id=1846

Collapse -
Russian cracker helps hoist $10m, fined $310k
by Carol~ Moderator / September 21, 2011 5:36 AM PDT

A Russian cracker has sold two St Petersburg apartments to cover a $309,000 fine for his role in hacking into the Royal Bank of Scotland's RBS WorldPay service and stealing more than $10 million from ATMs.

Viktor Pleshchuk plead guilty and was slapped with six years' probation and fined under new Russian laws that allow economic criminals to evade harsh punishment if they financially reimburse victims, local news outlet Fontanka reported.

The cracker sold the properties and two cars, a BMW and Lada Kalina, initially worth around $245,000 for a 30 percent profit, all of which went to the bank.

The sell-off saved him up to six years in jail, according to Fontanka.

Fellow cracker Eugene Anikin received three years' probation and will sell his two Siberia properties in October to pay for fines.

The lighter punishments were introduced under reforms to the Russian Criminal Code by President Dmitry Medvede.

Continued : http://www.scmagazine.com.au/News/272675,russian-cracker-helps-hoist-10m-fined-310k.aspx

Also:
Russian hacker sells home and cars to pay RBS
Russian hacker's property auctioned off to pay RBS: report
Russian hacker sells a Lada to pay off RBS

Collapse -
China rebuffs allegations over Mitsubishi Heavy hack attack
by Carol~ Moderator / September 21, 2011 5:36 AM PDT

Plays victim card again; denies role in hack attack on Japan's biggest weapons contractor

China has quickly and angrily rebuffed media reports which suggested that the country was behind the hacking attack on Mitsubishi heavy, Japan's biggest weapons contractor.

A Chinese foreign ministry spokesman Hong Lei told reporters, "The Chinese government has consistently opposed hacking activities. The law strictly prohibits this."

As in the past, when the country refuted suggestions that it was behind the hack attacks on government servers in South Korea, the spokesman said that China itself is a victim of hacking.

"China is one of the main victims of hacking ... criticising China as being the source of the hacking attacks is not only baseless, it is also not beneficial for promoting international co-operation for internet security," said Hong Lei.

Recently, Mitsubishi Heavy Industries Limited disclosed that hackers have stolen data from its database after a hack attack, believed to be the first hack attack on Japan's defence industry.

Continued : http://security.cbronline.com/news/china-rebuffs-allegations-over-mitsubishi-heavy-hack-attack-210911

Also:
China denies hacking high-tech weapon maker
China denies role in hack of Japanese defense contractor

Collapse -
Microsoft dumps partner over telephone scam claims
by Carol~ Moderator / September 21, 2011 5:36 AM PDT

One of Microsoft's Gold Partners has had its relationship with the software giant unceremoniously terminated, after being revealed to be orchestrating a telephone support scam.

Comantra, based in India, are said to have cold-called computer users in the UK, Australia, Canada and elsewhere, claiming to offer assistance in cleaning up virus infections.

The bogus support calls came from Comantra employees who claimed to be representing Microsoft, and used scare tactics to talk users into opening the Event Viewer on Windows, where a seemingly dangerous list of errors would be seen.

Once terrified by what appears to be a worrying collection of warning messages, and believing this was evidence of a malware infection, users would be tricked into allowing Comantra technicians to gain remote access to their computer, and hand over their credit card details to fix any "problems".

In the past, vulnerable elderly people have even been told by scammers that heavy rain may have caused a computer virus infection.

Continued : http://nakedsecurity.sophos.com/2011/09/21/microsoft-dumps-partner-telephone-support-scam/

Also: Microsoft dumps partner over support call scam

Collapse -
Flash Player Update Fixes Critical Flaws
by Carol~ Moderator / September 21, 2011 8:25 AM PDT
Adobe today issued an out-of-band software update to fix dangerous security flaws in its Flash Player products, including at least one that is actively being exploited. Patches are available for versions of Flash on Windows, Mac, Linux, Solaris and Android operating systems.

Adobe said one of the bugs, a cross-site scripting flaw, is being exploited in the wild in targeted attacks to trick users into clicking on a malicious link delivered in an email message. At the moment there isn't much more information about this vulnerability (other than Adobe credits Google with reporting it). That may soon change if news begin to surface about which organizations that were targeted with the help of this flaw.

According to Adobe: "This universal cross-site scripting issue could be used to take actions on a user's behalf on any website or webmail provider if the user visits a malicious website."

This update applies to Flash Player 10.3.183.7 and earlier on Windows, Mac, Linux and Solaris systems, and Flash 10.3.186.6 for Android. Adobe's bulletin says the company is fixing at least six different security flaws in this update. The latest version for Android devices is 10.3.186.7; for all others it is 10.3.183.10.

Continued : http://krebsonsecurity.com/2011/09/flash-player-update-fixes-critical-flaws/#more-11579

See: Security update available for Adobe Flash Player (APSB11-26)
Collapse -
Does Adobe Flash 11 have a future on the Web?
by Carol~ Moderator / September 21, 2011 8:25 AM PDT

Adobe promises amazing graphics performance and 3D gaming in Flash 11, but how bright is Flash's future on the Web, particularly without Apple's iOS and Windows 8 Metro?

Adobe has formally announced it will be shipping Adobe Flash Player 11 and Adobe Air 3 in early October. Adobe touts the new versions as a "game console for the Web," with graphics performance up to 1,000 times faster than Flash Player 10 and Adobe Air 2, thanks to full hardware-accelerated rendering for both 2D and 3D graphics and 64-bit support on Windows, Mac OS X, and Linux. However, while Adobe Flash remains common on PCs, Apple has famously eschewed Flash on its iOS mobile platform, and even stopped shipping it on Macs (although Mac users are free to install it themselves). This week, Microsoft announced the version of Internet Explorer for its Windows 8 Metro environment won't support browser plug-ins — and that means no Flash in the browser.

Is Adobe Flash going to fade away in the face of HTML5 and online video delivered in formats like H.264 and Google's WebM? Or will Adobe's advances to the platform let it remain a major player in Internet development even as it starts to disappear from people's browsers?

What Adobe's Bringing to Flash 11 and Air 3

The flagship development in Flash Player 11 and Air 3 is Stage 3D, a new hardware-accelerated graphics architecture for 2D and 3D rendering performance...

Continued : http://www.digitaltrends.com/mobile/does-adobe-flash-11-have-a-future-on-the-web/

Collapse -
Cisco warns of vulnerability in its Identity Services Engine
by Carol~ Moderator / September 21, 2011 8:25 AM PDT

Cisco is warning users of a critical vulnerability (CVE-2011-3290) in its Identity Services Engine (ISE). In its security advisory, the company says that the underlying database used by ISE, its identity and access control policy platform, contains three sets of default credentials that could be exploited by a remote attacker without any end-user interaction.

Using these credentials, an attacker could modify the configuration and settings, or even gain complete administrative control of a device. All hardware appliance and software-only versions of Cisco ISE prior to 1.0.4.MR2 are affected.

The company says that it will release a free update to the software to address the vulnerability on 30 September 2011; no temporary workaround is available. Once released, the updates will be available to download from the Cisco Software Center.

http://www.h-online.com/security/news/item/Cisco-warns-of-vulnerability-in-its-Identity-Services-Engine-1347301.html

Also: Cisco Reveals Identity Services Engine Vulnerability

See Vulnerabilities & Fixes: Cisco Identity Services Engine Undocumented Database Account

Collapse -
The Shifting Motivations Behind Digital Threats -INFOGRAPHIC
by Carol~ Moderator / September 21, 2011 8:26 AM PDT

From TrendLabs Malware Blog:

Online threats and malware have been plaguing Internet users for more than 20 years. While today's cybercsecurity headlines often refer to the latest data breaches, Facebook scams, and the 1410% increase in Android malware, it is interesting to note that the tool used by today's cybercriminals are, in a sense, the BRAIN-child (pun intended) of two Pakistani brothers who ironically wanted to do good and prevent software piracy. From the PC boom in the 80's to the rise of the Internet and connectivity in the 90's to 2000's, Trend Micro has been closely monitoring technological advancements in information exchange, and along with it, how malware and online threats grew and developed from their roots as pesky computer viruses to the notorious information stealing programs they are today.

Today, Trend Micro sees 3.5 new threats per second. With more and more businesses and home users taking the inevitable journey to the cloud, the risks of data loss and financial loss are greater than ever. Trend Micro also continues to uncover cybercrime operations and how bad guys are earning millions of dollars, pointing to an underground economy that matures with time.

Our new infographic Threat Morphosis: The Shifting Motivations Behind Digital Threats offers a look into the evolving motivations of cybercriminals and the resulting shifts in the threat landscape through the years.

Click here for a detailed look of the thumbnail below. [INFOGRAPHIC]

http://blog.trendmicro.com/the-shifting-motivations-behind-digital-threats-infographic/

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

FALL TV PREMIERES

Your favorite shows are back!

Don’t miss your dramas, sitcoms and reality shows. Find out when and where they’re airing!