O Cyber Newsletter é um documento com notícias seleccionadas ...

carpentergambrinousSecurity

Dec 3, 2013 (3 years and 11 months ago)

200 views


1


O
Cyber Newsletter

é um documento c
om notícias

seleccionadas

pela Equipa
M
ultidisciplinar de Garantia da Informação

(EqMd GI)

do Gabinete Nacional de
Segurança

(GNS)

sobre Ciber
s
egurança em que se optou

por manter a língua
original dos artigos
. A grande

fonte de
obtenção de
informação é

o

NATO
Information Assurance

Technical

Cente
r

(NIATC)
,

em Mons
,
Bélgica

e muita

d
a
informação

publicada

também p
oderá ser obtida directamente
da

World Wide
Web através dos
links

a

azul.

CYBER
Newsletter


N
ú
mero
:
33
/
201
3


16
-
08
-
201
3









Deutsche Telekom snubs U.S. email servers after
snooping scandal

from reuters.com

Germany's leading telecoms operator will c
hannel email traffic exclusively through its
domestic servers in response to public outrage over U.S. spy programs accessing citizens'
private messages, Deutsche Telekom said on Friday.


Painting a Picture of Cybersecurity Pros

from www.bankinfosecurity.com

Painting a Picture of Cybersecurity Pros BankInfoSecurity.com (blog) The survey of 500
cybersecurit
y professionals in 40 industries, which was conducted in May, is aimed, in part,
to help employers understand the people they need to recruit and the environment that could
attract those skilled professionals.


Microsoft is Working on a Cloud Operating System for
the U.S. Government

from wind8apps.com

As we’ve recently noticed with the latest earnings call, Microsoft is rely
ing even more on
the opportunities provided by the cloud technology. Now, according to sources that have
talked with long time Microsoft observer,

Mary Jo Foley, the Redmond behemoth is
preparing to come up with a

cloud operating system that is specially m
eant for government
purposes.



2

Per Russian Asylum Terms Snowden May Not Release
More Leaks, But Glenn Greenwald Can…

from libertycr
ier.com

Guardian

journalist

Glenn Greenwald is planning to release more documents from the cache
handed over to him by whistleblower Edward Snowden, claiming that what has been seen so
far is just a very small slice compared to the bigger picture.


The Pirate Bay Launches Browser To Evade ISP
Blockades

from www.paritynews.com

The Pirate Bay,
on its 10th anniversary, has released 'Pirate Browser,' which it claims would
allow people to access The Pirate Bay and other such blocked sites... According to the Pirate
Browser website, the browser is basically a bundled package consisting of the Tor cl
ient and
Firefox Portable browser. The package also includes some tools meant for evading
censorship in countries like UK, Finland, Denmark, and Iran among others.


Second LulzSec Sony website hacker starts a year in the
cooler

from theregister.co.uk

A LulzSec hacker has been sentenced to a year in a US jail for hacking Sony Pictures and
dumping personal information of 138
,000 movie fans online. Raynaldo Rivera, 21, of
Tempe, Arizona, will spend 366 days behind bars, followed by 13 months of house arrest
and 1,000 hours of community service for his involvement in the infamous hack.


A byte for a byte

from www.economist.com

Letting companies strike back at computer hackers is a bad idea. Security experts like to say
that there are now two types of
company: those which know they have been hacked and
those which have been hacked without realising it. An annual study of 56 large American
firms found that they suffered 102 successful cyber
-
attacks a week between them in 2012, a
42% rise on the year befo
re.


Tracking devices hidden in London's recycling bins are
stalking your smartphone

from www.wired.co.
uk

The unique identifying numbers of over half a million smartphones have been recorded by a
network of recycling bins in central London. Hundreds of thousands of pedestrians walking
past 12 locations unknowingly had the unique MAC address of their smartph
ones recorded
by

Renew London
.




3

Consumer Affairs Scamwatch says reported losses to
scam
up to NZ$ 4.4 million

from http://www.geekzone.co.nz

NetSafe today published its third annual review of cyber incidents reported by New Zealand
internet users and has found that more than NZ$ 4.4 million has been lost over the last 12
months to internet s
cams.

Financial losses more than quadrupled year on year with 562
reports received where money was paid over to a scammer that was not recovered. Online
incident volumes have risen by 214% year on year from 1549 to 3317 during the third year
of operation.


Silent Circle, Lavabit crypto mail shut down

from http://www.scmagazine.com.au

Two encrypte
d email services have today shut down after fears their customer data could fall
into the hands of authorities. The popular Lavabit mail service
-

used by NSA document
leaker Edward Snowden
-

announced its closure with Silent Circle following shortly after

with a statement its encrypted email service Silent Mail would also be shut down.


Central Tibetan Administration Website Strategically
Compromised as Part of Watering Hole Attack

from www.securelist.com

A snippet of code on the Central Tibetan Administration website redirects CN speaking
visitors to

a Java exploit that drops an APT
-
related backdoor. For some context, the site
claims the administration itself as "...the Central Tibetan Administration (CTA) of His
Holiness the Dalai Lama, this is the continuation of the government of independent Tibet.
"
The selection of placement for the malicious code is fairly extraordinary, so let's dive in.


Linux 'Hand of Thief' Trojan offered for sale at $2,000 a
time


from www.computerworld.com.sg

Researchers have discovered a Trojan capab
le of attacking multiple Linux distros being
offered for sale by enterprising Russian criminals for $2,000 (£1,300) a time. Time for
Linux users to worry or is this another speculative attack? Linux malware has hitherto been
a vanishingly small subject wit
h most of the recent examples being attacks on Apache web
servers. When desktop
-
oriented attacks turn up they are usually experimental, the work of a
curious programmer that are not heard of again. A good example would be the Snasko
rootkit from 2012.


Trend Micro: Hacker threats to water supplies are real


from www.computerworld.com.sg

A secu
rity researcher has shown that hackers, including an infamous group from China, are
trying to break into the control systems tied to water supplies in the U.S. and other countries.
Last December, a decoy water control system disguised as belonging to a U.S
. municipality,
attracted the attention of a hacking group tied to the Chinese military, according to Trend
Micro researcher Kyle Wilhoit. A dozen similar traps set up in eight countries lured a total
of 74 attacks between March and June of this year.



4

Cell phone hacking: don’t be a victim


from www.normantranscript.com

Unless you’ve been living on Pluto for the past 20 years, you probably k
now that computers
need to be protected from the dangers of the Internet. It doesn’t matter if it’s a desktop or
laptop computer, the same protections are needed. But, what about that computer you carry
around in your pocket or purse? You know, your cell p
hone

?


Will hackers soon target cars, homes, and toilets?

from www.bostonglobe.com

NEW YORK



Imagine driving on the freeway at 60 miles per hour, and your car suddenly
screeches to a halt, causing a pileup that injures dozens of people. Now imagine you had
absolutely nothing to do with the accident because your car was taken over by hackers.
Ch
arlie Miller, a security researcher at Twitter, and Chris Valasek, director of security
intelligence at IOActive, a security research company, recently demonstrated car hacks at
the Black Hat and DefCon computer security conferences in Las Vegas. The resea
rchers
completely disabled a driver’s ability to control a vehicle. No brakes. Distorted steering. All
with a click of a button. While the demos were with hybrid cars, researchers warn that
dozens of modern vehicles could be susceptible.


China ‘top source’ of malicious software in Kenyan
computers

from www.nation.co.ke

China is the top source for malicious software found in Kenyan computers, a situation
reflecting the global trends in cyber insecurity. Dat
a published in a report by the
Telecommunication Service Providers of Kenya (TESPOK) indicates that more than 50 per
cent of cyber attacks and malware recorded on Kenyan computers originate from China. The
United States and Korea follow closely as countrie
s that harbour computer security threats to
Kenya. Brazil, South Africa and India have also been noted for distributing the malicious
software found in Kenyan computers



Data Doctors: 6 ways to stop hackers from accessing your
webcam


from www.abc15.com

There’s absolutely no question that the ability to remotely access your webcam without your
knowledge
exits. A fairly high
-
profile arrest was made back in 2010 of a man that had
compromised over 100 computers and was remotely turning on webcams to take secret
movies to blackmail the victims. The mere fact that the LED is randomly flashing isn’t
necessarily

an indication that your computer has been compromised, but it’s certainly worth
investigating.







5

Can biometrics revolutionize mobile payment security?

from www.net
-
security.org

With the explosion in smartphones usage, the number of payments done via mobile devices
has significantly increased over
recent years. As eCommerce becomes mCommerce, the
industry has to focus on payment security. During a 'card not present' process, a personal
account number (PAN), expiration date, and card validation code (CVC) are not enough to
completely secure a transac
tion. Biometrics that provide high levels of security and an
intuitive customer experience might be the solution for secure mobile payments.


Web scams come in t
he 'likes' of many disguises


from www.hutchnews.com

Terms for new Internet scams pop up as frequently these days as the toadstools in our rain
-
soaked yards. One of the latest: "clickjacking." Our modern lexicon has gone from
"hijacking" to "carjacking" a
nd now to "clickjacking," plus its close relative, "likejacking."
The Better Business Bureau warns that these new Internet scams are worth acquainting
yourself with, so you don't find yourself victimized by their perpetrators.


Blogs, other content management sites targeted by
password thieves


from www.computerworld.com.sg

Brute force atta
cks to pry login credentials from content management sites like blogs have
been growing as more data robbers use a short
-
term gain for a bigger pay
-
off later on. Such
sites are attractive targets because they tend to be less secure than other environments


such as financial services


and since they're interactive by design, "drive
-
by" malware
planted on them can infect a lot of users quickly, said David Britton, vice president of
industry solutions at 41st Parameter.


Spam email contains malware, not Apple gift card

from www.scmagazineuk.com

There's a good chance you didn't win a $200 Apple Store Gift Card, but if you clicked the
link or
attachment in the 'winner' email, you probably will claim a nasty piece of malware.
'Dear client! You got our $200 Apple Store Gift Card', the message, crafted to look like a
legitimate email from Apple, reads. 'Please click the link or look at the attachm
ent to obtain
the Apple Store Gift Card code', it instructs. Victims that follow the dubious instructions
will instead download malware that steals data from their computer. A MacRumors report
indicates the malware only compromises Windows
-
based machines.


Researchers demonstrate how IPv6 can easily be used to
perform MitM attac
ks

from www.virusbtn.com

Many devices simply waiting for router advertisements, good or evil. When early last year I
was doing research for an article on IPv6 and security, I was surprised to learn how easy it
was to set up an IPv6 tunnel into an IPv4
-
onl
y environment. I expected this could easily be
used in various nefarious ways. I was reminded of this when I read about a DEFCON
presentation on using IPv6 to perform a man
-
in
-
the
-
middle attack on an IPv4
-
connected
machine.



6

Microsoft Patches Plug 23 Security Holes

from www.

krebsonsecurity.com

Microsoft has issued security updates to fix at least 23 distinct vulnerabilities in its Windows
operating sys
tems and other software. Three of the patch bundles released today address
flaws rated “critical,” meaning that malware or miscreants can use them to break into
Windows PCs without any help from users. Leading the critical updates is a cumulative
patch for

Internet Explorer (MS13
-
059) that affects every version of the browser on nearly
all supported versions of Windows. In its advisory, Microsoft warns it is highly likely that
attackers will soon develop exploit code to attack the flaws addressed in this pa
tch.


China
-
based intruders use fresh attack techniques against
dissidents


from www.computerworld.com.sg

The "Comment Crew," a group of China
-
based hackers whose outing earlier this year in
major media out
lets caused a row with the U.S., have resumed their attacks against
dissidents. FireEye, a security vendor that specializes in trying to stop sophisticated attacks,
has noticed attackers using a fresh set of tools and evasion techniques against some of its

newer clients, which it can't name. But Rob Rachwald, director of market research for
FireEye, said in an interview Monday that those clients include an organization in Taiwan
and others involved in dissident activity.


XP's retireme
nt will be hacker heaven


from www.computerworld.com.sg

Cyber criminals will bank their Windows XP zero
-
day vulnerabilities until after Microsoft
stops patching the aged operating system next April, a security expert argued today. Jason
Fossen, a trainer
for SANS since 1998 and an expert on Microsoft security, said it's simply
economics at work. "The average price on the black market for a Windows XP exploit is
$50,000 to $150,000, a relatively low price that reflects Microsoft's response," said Fossen.
Wh
en a new vulnerability
-

dubbed a "zero
-
day"
-

is spotted in the wild, Microsoft
investigates, pulls together a patch and releases it to XP users.


5 examples of zero
-
day attacks


from www.computerworld.com.sg

Zero
-
day attacks can strike a
nywhere, anytime. Here are five example of recent zero
-
day
exploits: Windows: In May, Google security engineer Tavis Ormandy announced a zero
-
day
flaw in all currently supported releases of the Windows OS. According to his claim, the
troubled code is more
than 20 years old, which means "pre
-
NT".


Hackers put a bull's
-
eye on small business

from www.computerwo
rld.com.sg

When Pamela (not her real name) sat down at her desk one recent weekday morning, online
security was the furthest thing from her mind. Sure, she had a basic knowledge of common
-
sense security practices. She wasn't the type to use insecure passwo
rds or download dubious
content from the Web. As chief financial officer for a small Chicago
-
based manufacturing
company, she regarded her PC as a no
-
nonsense work tool. Still, somewhere along the way,
a little snippet of malware slipped onto her PC, and i
t would soon threaten her company's
survival.


7

Kaspersky secures another top spot in real
-
world
antivirus test

from www.computerworld.com.sg

Kaspersky Lab's solution took the top spot in Dennis' home test

for anti
-
virus protection
from April to June 2013. The test aimed to compare the effectiveness of anti
-
malware
products provided by well
-
known security companies. Other products included AVG Anti
-
Virus Free 2013, Avast! Free Antivirus 8, BitDefender Inter
net Security 2013, ESET Smart
Security 6, McAfee Internet Security 2013, Microsoft Security Essentials, Norton Internet
Security 2013, and Trend Micro Internet Security 2013.


Malicious ads lead to outdated adware
-
laden Firefox
"update"

from www. net
-
security.org

A series of Internet campaigns push
ing bogus Firefox updates onto unwary users have been
spotted by researchers, and among them is one that lures them in through “Green Card
Lottery” ads. The good news is that the download is not triggered just by surfing to a
website offering the ads, but
the bad news is that there are plenty of people out there that
look at US green cards as a ticket to a good life, and are likely to click on the them.


How much confidential info
is left unprotected in
SharePoint?

from www. net
-
security.org

A Cryptzone security survey undertaken amongst SharePoint practitioners at the Microsoft
conference in Las Vegas, reveals how many organizations have inadequate security and
governance measures

in place to help prevent data misuse and loss from their SharePoint
environments. Whether this is because managers naively still believe that SharePoint is not a
repository for sensitive and confidential information or they have not got to grips with
cent
ral management of sprawling SharePoint deployments is unclear.


More Android malwar
e distributed through mobile ad
networks

from www.computerworld.co.nz

Mobile ad networks can provide a loophole to serve malware to Android devices, according
to researchers from security firm Palo Alto Networks who have found new Android threats
being di
stributed in this manner. Most mobile developers embed advertising frameworks
into their applications in order to generate revenue. Unlike ads displayed inside Web
browsers, ads displayed within mobile apps are served by code that's actually part of those
applications.





8

Phone Hackers Build Networks to Deliver Legitimate Ads
and Malicious Code

from www. blo
omberg.com

To keep hackers off your smartphone, the standard advice has been to avoid downloading
dodgy applications. Digital criminals love to hide their attack code in free porn apps and
counterfeit versions of popular programs such as Angry Birds. Users

should be wary of
legitimate apps, too. Palo Alto Networks said today it has discovered a threat emerging from
China and other Asian countries, where hackers are going to the extreme of building their
own ad networks. Their goal is to trick developers int
o embedding the networks' code in
their apps, unwittingly opening a door for malware to be pushed through alongside
legitimate ads, according to Wade Williamson, a senior security analyst with the Santa
Clara, California
-
based company.


Cyber attack danger grows

from technews.tmcnet.com

(Boston Herald (MA) V
ia Acquire Media NewsEdge) Aug. 14
--
Recent revelations about
China hacking U.S. computers have raised awareness of cyber espionage, but some of the
greatest threats local governments face are cyber attacks that can be used to defraud people
or to plunge an

entire city or state into chaos, according to one security expert.


Quarterly report outlines Androi
d vulnerabilities as
biggest security concern


from www.computerworld.com.sg

Android vulnerabilities, increased online banking threats and the availability of sophisticated
and inexpensive malware toolkits are some of the biggest security concerns of the
moment,
according to Trend Micro's Q2 2013 Security Roundup Report. In its report, Trend Micro
put particular emphasis on the Android mobile operating system, which it said was directly
in the crosshairs of hackers. One of the biggest problems is that, des
pite the Android threat
landscape continuing to expand, users who adopt Android are still giving little thought to
security.


Are you protected from cyber attacks?

from www.kitv.com

HONOLULU

Hackers invading your privacy and you might not even know it.
A local
expert weighs in on how protect your privacy. The next time you turn on your smart TV or
log on to surf the web, you might want to think about the devices your looking at. Hackers
could be looking back at you through those built in cameras.


GCHQ
Launches Twin
-
Track Approach to Cyber
Incident Response Scheme

from www.infosecurity
-
us.com

Following a pilot project aimed at providing UK government and business with an effective
cyber incident response capability, GCHQ (in the form of CESG and CPNI) h
as launched
two schemes: its own to focus on major business and critical infrastructure attacks, and a
CREST
-
led scheme for everyone else.



9

Kaspersky updates its security solutions for home u
sers

from www.net
-
security.org

Kaspersky Lab released Kaspersky Anti
-
Virus 2014 and Kaspersky Internet Security 2014.
Both products now include ZETA Shield antivirus technology, which performs an in
-
depth
scan of files and applications running on the comp
uter to identify malware that may hide
deep within individual components of each program. Kaspersky Lab offers further
protection from emerging threats through its improved Automatic Exploit Prevention
technology, which scans programs for behavior typicall
y found in exploits


a type of
malware that infects the PC through vulnerabilities in legitimate software.


BLOG: Anonymous is not anonymous

from www.computerworld.com.sg

A good friend emailed me the other day to ask if I thought using Tor's network and software
is
truly as secure as everyone thinks. My immediate reply was no, I don't think Tor or any
other so
-
called anonymizing service is truly secure. If you want absolutely anonymity, don't
use the Internet. No service or product can claim to give you absolute priv
acy or anonymity.
Here are six good reasons why.


Gov't urged to put up customized defense to combat
cyber attacks

from www.computerworld.com.sg

Investing in anti
-
virus software is no longer enough to counter cyber attacks on vital data
systems, e
specially if national security is at stake. This was what Trend Micro security
experts said as they urged the Philippine government to draw up a defense plan against
cyber attacks. "Look at what your neighbors are doing and what they are investing in to
co
mbat computer attacks," they said, adding that the country has to go beyond anti
-
virus
software.


Malware taps mobile ad network to
siphon money

from www.computerworld.com.my

Asian cybercriminals have figured out an unusual way to use the architecture of a mobile ad
network to siphon money from their victims. The new method represents another step in the
evolution of mobile malware, w
hich is booming with more smartphones shipping than PCs.
Mobile ad networks open up the perfect backdoor for downloading code.


The cyberwar against the media

f
rom www.politico.com

News organizations have been chronicling the cyberwar against the nation’s high
-
value
targets


financial institutions, the defense establishment and government. Now, it’s the
media that finds itself under attack like never before. On
Tuesday, the New York Post
became the latest to fall victim as several reporters’ Twitter accounts were apparently
hacked by a group supporting Syrian President Bashar Assad.




10

IBM acquires T
rusteer

from www.net
-
security.org

IBM announced a definitive agreement to acquire Trusteer, a provider of software that helps
protect organizations against financial fraud and security threats. Financial terms were not
disclosed.

As part of this announcem
ent, IBM is forming a cybersecurity software lab in
Israel that will bring together more than 200 Trusteer and IBM researchers and developers to
focus on mobile and application security, advanced threat, malware, counter
-
fraud, and
financial crimes. This l
ab is an addition to IBM’s existing research and development
facilities in Israel.


Researchers explore underground market of

Twitter
spam and abuse

from www.computerworld.com.sg

Researchers from the UC Berkeley will present a paper Wednesday at the 22nd USENIX
Security Symposium in Washington, D.C., on Wednesday that explores the underground
market of spam and abuse on Twitter
. Led by Vern Paxson of International Computer
Science Institute (ICSI) and Chris Grier of UC Berkeley, the group tracked the criminal
market on Twitter, which sells access to accounts that are later used to push spam, malicious
links (including Phishing a
nd malware), as well as inflate follower counts.


Cybercriminals use Google Cloud Messaging

service to
control malware on Android devices

from www.computerworld.com.my

Cybercriminals are controlling malware on Android devices through a Google service that
enables developers to send messages to their applications, according to security researche
rs
from antivirus vendor Kaspersky Lab. Google Cloud Messaging (GCM) for Android allows
developers to send and receive different types of messages to and from applications installed
on Android devices.


Start isolating critical XP systems now, experts

warn

from www.computerworld.com.my

Organizations that still need to use Windows XP after Microsoft pulls the support plug in
eight months should spend the time they have left isolating software running on the aged
OS. With no security patches forthcoming

after April 8, 2014, cybercriminals are expected
to head into overdrive in releasing exploits of zero
-
day vulnerabilities discovered and sold
for big bucks in the underground. Therefore, organizations keeping XP as a primary
operating system are painting
a big bulls eye on their computers.


Corporate data: the target for mobile malware

from www.computerworld.com.au

According to Juniper Networks’ Third Annual Mobile Threat Report, the majority of mobile
appware still simply generates revenue for its creators by eithe
r causing the phone, or
tricking the user, to send text messages to high charging premium numbers


.



11

Hacking the Lightbulb: Malware Ca
n Produce a
Sustained Blackout

from www.infosecurity
-
us.com

Considering the hyper
-
connected world that we live in, a good security mantra should be: if
it can be connected to the web, it can be hacked. Even light bulbs. Yes, even light bulbs.


Ransomware Spreads To Mobile Devices

from www.forbes.com

At the end of 2011, Derek Manky, senior security strategist with Fortinet’s FortiGuard Labs,
and his colleagues p
redicted that it was just a matter of time until ransomware would hit
mobile devices.


Former DHS Secretary Launches Council on
Cybersecurity

from www.infosecurity
-
us.com

A former deputy secretary of the US Department of Homeland Security has announced the
launch of the nonprofit Council on Cybersecurity, devoted to both encouraging the adoption
of cybersecurity best practices and addressing the

lack of skilled cyber
-
experts in the
workforce.


Rogue Ad Networks Deliver Malware To Mobile Devices

from www.darkreading.com

Software developers in searc
h of more income are adopting relatively unknown ad networks,
but the frameworks may deliver more than just ads, warn security firms

Technologically savvy criminals have begun creating fraudulent advertising networks as a
mechanism to spread malware, poten
tially escaping the detection of sentinel programs, such
as Google's Bouncer and Apple's App Store vetting process, aimed at detecting malicious
code, security researchers say.


Pakistan Intelligence Agency ISI hacks India's largest
telco BSNL Systems by Social Engineering

from ww
w.thehackerspost.com

Pakistan’s top secret intelligence agency
-

ISI has successfully penetrated and snooped
Indian state
-
owned Bharat Sanchar Nigam Ltd (BSNL) and also installed spyware in the
Telco’s system to take control of its entire system, According
to Indian Publisher Livemint.


Chinese hand seen in recent attacks on Indian websites

from news.in.msn.com

New Delhi: Even as the number of attacks on In
dian cyber space have increased in the past
five years, security experts have detected that a significant number of them ar
e being carried
out from China.




12

Twitter Hacked Accounts Posting links to Android
Opfake Trojan

from www.sectechno.com

Symantec
are tracking a new malicious link that is posted on compromised Twitter accounts.
The posted links are redirecting victims to a website that are hosting malicious applications.
By visiting the malicious website victims start to download a fake Asphalt 7 pr
ogram that is
packed with a Trojan which uses victims phone to send SMS in the background.


ESET: Banking Trojan used government server in

the
attack

from www.letsbytecode.com

Experts of the international anti
-
virus company ESET found a banking trojan aimed at users
in Brazil. A feature of this was the use of threats in the cyber vulnerability of the
government’s mail server. To steal confi
dential data threats established a special extension
for the browser Google Chrome . This extension allows an attacker to interce
pt
authentication credentials required to log on online banking. It is worth noting that in Brazil,
cyber criminals often use t
he banking malware to give a substantial profit. ESET’s antivirus
solutions detect this malicious code as MSIL Spy.Banker.AU. The threat was distributed
through a special spam campaign. The main element in this scheme is a dropper, which is
responsible for

the installation of the required dynamic DLL
-
libraries and JavaScript
-
objects
on the compromised computer.


Dalai Lama’s Website Compromised and Serving
Malware

from www.infosecurity
-
us.com

The Dalai Lama and his supporters have been under almost continuous cyber atta
ck for
years. In a new ‘don’t go there’ announcement, a security researcher warned Monday that
the Chinese language version of his website has been compromised in a new water hole
attack that delivers a backdoor trojan. “A snippet of code on the Central Ti
betan
Administration website redirects CN speaking visitors to a Java exploit that drops an APT
-
related backdoor,” said Kurt Baumgartner in a Kaspersky Lab Securelist blog.


Washington Post, CNN
and Time websites hit by pro
-
Assad hackers

from www.bbc.co.uk

Websites belonging to the Washington Post, CNN, and Time have been attacked by
supporters of Syrian President Bashar al
-
Assad. Some links on the sites were redirecting
readers to the website of

the Syrian Electronic Army (SEA). The breaches have been blamed
on a third
-
party link recommendation service that all three sites used.




13

Several Egyptian Government Sites Disrupted by
Hackers as Violence Continues

from news.softpedia.com

Egy
pt is becoming a war zone with several people being killed in the clashes between
Egyptian security forces and pro
-
Morsi supporters.

Violence escalated on Wednesday when at least 60 members of the Muslim Brotherhood
were reportedly killed and dozens injur
ed in an attack on two protest camps in Cairo.

In the meantime, Anonymous hackers are launching distributed denial
-
of
-
service (DDOS)
attacks against Egyptian government websites.


'Hand of Thief' Linux trojan steals Internet banking
information

from

www.techspot.com

One of the benefits of using an obscure operating system like Linux is that, well, nobody
uses it. That means you don’t really have to deal with all of the virus and malware
associated with Windows and to a lesser extent, OS X.


Google Code repo
sitory Hosting Trojans

from www.sectechno.com

New malware have been discovered by Trendmicro that is hosted on Google Code website.
This is a very popular web resource that aims to host open source projects developed by the
community. The malware is a jav
a Trojan that downloads banker malware and the project
called “flashplayerwindows”.


Bew
are of Apple Store phishing email

from www.macnn.com

A message is reportedly making the rounds purporting to offer a $200 Apple Store gift card.
Don't believe it.


More apps
exploiting Android "Master Key" bug found

from www.net
-
security.org

Patches for the two recently discovered Android "Master Key" bugs are still to be pushed
out by many mobile carriers and device manufacturers. In the meantime, malware
developers have sei
zed the opportunity and are making available for download seemingly
legitimate and innocuous apps that have been modified to perform malicious actions...


Joomla Exploit Cashes Out Accounts with Zbot Variant

from www.infosecurity
-
us.com

Websites using the popular content management system Joomla are at risk of being hijacked
for use in malware payload and phishing attacks, thanks to the discovery

of a fresh
vulnerability and accompanying zero
-
day attack. A forensic investigation of the exposed
sites by researchers at the Versafe Security Operations Center found that the exploit allows
attackers to gain full control over the compromised systems wit
h a variant of Zbot.



14

That’s Malware, Not Apple G
ift Card

from www.isssource.com

A spam email is making the rounds where an unsuspecting victim may think he is winning a
$200 Apple Store Gift Card. Wrong. If the victim clicks on the link, they end up
downloading a nasty piece of malware. “Dear client! Y
ou got our $200 Apple Store Gift
Card,” the message, crafted to look like a legitimate email from Apple, reads. “Please click
the link or look at the attachment to obtain the Apple Store Gift Card code.”


Malware Redirects to Exploit Kit Site

from www.isssource.com

The Counter.php strain of malware
is now redirecting users to websites serving up the Styx
exploit kit.

Vincente Diaz, a researcher with Kaspersky Lab, discovered counter.php while
looking into some of the popular Web attacks in Spain during the past three months,
according to a post on Se
curelist. One bit of code, Trojan.JS.iframe.aeq, jumped out.


Patch Tuesday: Microsoft has critical fixes for Exchange
Server

from www.computerworld.com.au

Businesses will want to jump on patches that fix vulnerabilities to the gamut of Microsoft
Exchange S
erver versions that are flagged in next week's Patch Tuesday alerts. "This
month's remediation is all about the Exchange servers," says Tommy Chin, a technical
support engineer at CORE Security. The critical alert affects all supported versions of
Exchange

Server
-

Exchange Server 2007 Service Pack 3, Exchange Server 2010 SP 2 and
3, and Exchange Server 2013, cumulative updates 1 and 2.


Bugtraq: Re: [Full
-
disclosure] Apache suEXEC privilege
elevation / information disclosure

from securityfocus.com

Re: [Full
-
disclosure] Apache suEXEC privilege elevation / information disclosure


Blogs, other content management sites targeted by
password thieves


from www.computerworld.com.sg

Brute force attacks to pry login credentials from content management sites like blogs have
been growing as more
data robbers use a short
-
term gain for a bigger pay
-
off later on. Such
sites are attractive targets because they tend to be less secure than other environments


such as financial services


and since they're interactive by design, "drive
-
by" malware
plant
ed on them can infect a lot of users quickly, said David Britton, vice president of
industry solutions at 41st Parameter.




15

HP Printer security flaw allows hackers to extract
passwords

from www.theregister.co.uk

Security flaws in a range of HP printers create a way for hackers to lift administrator's
passwords and other potenti
ally sensitive information from vulnerable devices, infosec
experts have warned. HP has released patches for the affected LaserJet Pro printers to
defend against the vulnerability (CVE
-
2013
-
4807), which was discovered by Mic
hał Sajdak
of Securitum.pl. Sajdak discovered it was possible to extract plaintext versions of users'
passwords via hidden URLs hardcoded into the printers’ firmware. A hex representation of
the admin password is stored in a plaintext URL, though it looks
encrypted to a casual
observer.


Burglar Systems Easily Bypassed By Hackers

from www. theregister.co.uk

Black Hat 2013 A pair of secu
rity researchers probing the Z
-
Wave home
-
automation
standard managed to unlock doors and disable sensors controlled by the technology.
Behrang Fouladi and Sahand Ghanoun took a long hard look at Z
-
Wave for their
presentation at last week's Black Hat hackin
g conference in Las Vegas. The wireless
standard dominates home
-
automation in the US, but the pair discovered some worrying
flaws.


Microsoft moves to block MD5 certificates and improve
RDP authentication

from www.computerworld.com.sg

Mic
rosoft released two optional security updates Tuesday to block digital certificates that
use the MD5 hashing algorithm and to improve the network
-
level authentication for the
Remote Desktop Protocol. These two updates are separate from important security p
atches
also released Tuesday for Internet Explorer, Windows and Microsoft Exchange Server, and
are not yet being pushed through the Windows Update mechanism.


Hackers target servers running Apache Struts apps

from www.computerworld.com

Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache
Struts, in order to install backdoors on servers hosting applications develo
ped with the
framework.

Apache Struts is a popular open
-
source framework for developing Java
-
based Web
applications that's maintained by the Apache Software Foundation.


Microsoft pulls critical Exchange Server 2013 security
patch

from www.v3.co.uk

Microsoft has pulled a critical security update for its Exchange Server, following reports it
blocked users from searching the email inbox.

Microso
ft's director of Test Ross Smith revealed the recall in a blog post, confirming that the
patch will be re
-
released once the search issue is resolved.



16

Google confirms Android flaw that led to Bitcoin theft

from news.cnet.com

Google has confirmed a flaw in Android
's operating system, which could make Bitcoin
digital wallets vulnerable to theft.

Android security engineer Alex Klyubin penned a blog post on Wednesday outlining the
root cause of the vulnerability.


Microsoft botches six Windows patches in latest
Automatic Update

from www.infoworld.com

Microsoft acknowledges problems with KB 2876063, KB 2859537, KB 2873872, KB
2843638, KB 2
843639, and KB 2868846, all released earlier this week.

In an amazing tour
de force, Microsoft's Automatic Update chute released at least six bad patches on Tuesday.
Here's what's amazing: It's just 48 hours or so since the bomb bay doors opened, and
Micro
soft has acknowledged problems with all of these patches. That's a first, I think
-

and
the biggest positive development in the Automatic Update minefield I've seen in a long time.