Keyword: malware

Brevity: Headers | « Text »
  • Dangerous 'Misfortune Cookie' flaw discovered in 12 million home routers

    12/19/2014 9:29:02 PM PST · by Swordmaker · 23 replies
    PCWorld ^ | December 19, 2014 | By John E. Dunn
    Researchers at Check Point have discovered a serious security vulnerability affecting at least 12 million leading-brand home and SME routers that appears to have gone unnoticed for over a decade. Dubbed the ’Misfortune Cookie’ flaw, the firm plans to give a detailed account of the issue at a forthcoming security conference but in the meantime it’s important to stress that no real-world attacks using it have yet been detected. That said, an attacker exploiting the flaw would be able to monitor all data travelling through a gateway such as files, emails and logins and have the power to infect connected...
  • Iranian hackers downed Adelson's casino empire

    12/12/2014 7:25:31 AM PST · by Cincinatus' Wife · 11 replies
    The Hill ^ | December 12, 2014 | Cory Bennett
    n February, Iranian hackers took down the computer system of gambling magnate Sheldon Adelson’s casino empire, wiping hard drives clean and shutting down email. Las Vegas Sands, the world’s largest gaming company, was devastated by the attack. But until a Bloomberg Businessweek report Thursday night, the company had never revealed the extent of the hack. Coming months before the recent hack on Sony Pictures, the hit on Sands is now believed to be the first major destructive cyberattack on a U.S. business, although there are likely others that have gone unreported. From the instant the offensive started, Las Vegas Sands...
  • Anyone here have experience with PCMATIC?

    12/07/2014 9:30:05 AM PST · by TurboZamboni · 55 replies
    me | 12-7-14 | TZ
    I'm not renewing my paid subscription to AVG as it gets more worthless every year. (Windows based PC)
  • Details Emerge on Malware Used in Sony Hacking Attack

    12/03/2014 2:28:58 AM PST · by TigerLikesRooster · 7 replies
    recode.net ^ | December 2, 2014, | Arik Hesseldahl
    Details Emerge on Malware Used in Sony Hacking Attack December 2, 2014, 7:31 AM PST By Arik Hesseldahl New details have emerged about the hacking attack against Sony Pictures Entertainment, the motion picture studio which last week came under a withering digital siege that investigators say may have originated from North Korea. Late Monday the FBI issued a confidential five-page warning to U.S. businesses concerning malicious software, or malware, used to carry out destructive attacks. The warning did not name Sony as a victim of the malware, though it is said to be a direct response to the breach at...
  • Iranian hackers compromised airlines, airports, critical infrastructure companies

    12/02/2014 7:33:30 PM PST · by grandpa jones · 11 replies
    IT World ^ | 12/2/14 | Lucian Constantin
    For the past two years, a team of Iranian hackers has compromised computers and networks belonging to over 50 organizations from 16 countries, including airlines, defense contractors, universities, military installations, hospitals, airports, telecommunications firms, government agencies, and energy and gas companies. The attacks have collectively been dubbed Operation Cleaver after a string found in various malware tools used by the hacker group, which is believed to operate primarily out of Tehran. "We discovered over 50 victims in our investigation, distributed around the globe," said researchers from IT security firm Cylance in an extensive report released Tuesday. "Ten of these victims...
  • FBI warns US businesses of 'destructive' malware

    12/01/2014 3:46:00 PM PST · by Dacula · 31 replies
    The FBI warned U.S. businesses that hackers have used malicious software to launch destructive attacks in the United States, following a devastating cyberattack last week at Sony Pictures Entertainment. The five-page, confidential "flash" warning issued to businesses late on Monday provided some technical details about the malicious software that was used in the attack, though it did not name the victim. An FBI spokesman declined comment when asked if the software had been used against the California-based unit of Sony Corp. The Sony attack resulted in five films being leaked online, including the updated version of "Annie." In the attack...
  • Android tablets at Best Buy, Target, Amazon, Walmart found to with security flaws, malware

    11/26/2014 12:42:15 AM PST · by Swordmaker · 21 replies
    Apple Insider ^ | Tuesday, November 25, 2014, 01:14 pm | By Daniel Eran Dilger
    All of the dozen different "doorbuster" Android tablets Bluebox examined were found to include unpatched Android vulnerabilities including Masterkey, FakeID, Heartbleed and Futex, while more than a quarter were sold with security misconfigurations or active backdoors installed. Bluebox discovered Android's Masterkey "zombie botnet" vulnerability last year and detailed FakeID super malware earlier this summer. While Google has released patches for both flaws—in addition to Android's Heartbleed and Futex bugs—the fact is that major retailers are actively promoting new Android products that still harbor these unpatched vulnerabilities. Several devices also ship with remote exploits wide open, block access to Google Play...
  • Now e-cigarettes can give you malware

    11/21/2014 3:40:53 PM PST · by upchuck · 20 replies
    Guardian ^ | Nov 21, 2014 | Alex Hern
    E-cigarettes may be better for your health than normal ones, but spare a thought for your poor computer – electronic cigarettes have become the latest vector for malicious software, according to online reports. Many e-cigarettes can be charged over USB, either with a special cable, or by plugging the cigarette itself directly into a USB port. That might be a USB port plugged into a wall socket or the port on a computer – but, if so, that means that a cheap e-cigarette from an untrustworthy supplier gains physical access to a device. A report on social news site Reddit...
  • Sheriff's department files held for ransom by malware

    11/14/2014 7:01:23 AM PST · by Brother Cracker · 21 replies
    Odd_News ^ | Nov. 13, 2014 | Ben Hooper
    DICKSON, Tenn., - A Tennessee sheriff's department said it paid more than $500 ransom to release files locked away by malicious software accidentally downloaded into the system. Detective Jeff McCliss, IT director for the Dickson County Sheriff's Office, said the "Cryptowall" program was installed into the department's computer system in late October when someone streaming local radio station WDKN accidentally clicked on a rotating ad that had been infected with the malware. McCliss and Sheriff Jeff Bledsoe said Cryptowall put a lock on the department's case folder and demanded $572 worth of anonymous online currency Bitcoins to unlock the files....
  • Security Flaw in iOS Opens Malware Door for Cyber Crooks

    11/12/2014 9:21:19 AM PST · by SeekAndFind · 23 replies
    The VAR GUY ^ | 11/12/2014 | DH Kass
    Security provider FireEye (FEYE) is cautioning that an opening in Apple’s (AAPL) iOS leaves most iPhones and iPads vulnerable to hackers attempting to swap installed, trusted applications for rogue software capable of stealing sensitive and confidential information from the user. FireEye first reported the bug to Apple in late July, dubbing the way it infiltrates iOS 7.1.1 and later devices (including the most recent iOS 8 and iOS 8.1 updates), a “Masque Attack.” The hack requires users first click on a malicious link included in an email or text message that targets the location of the malware download, tricking users...
  • Apple iOS bug makes devices vulnerable to attack: experts

    11/10/2014 2:28:47 PM PST · by SeekAndFind · 30 replies
    Reuters ^ | 11/10/2014 | Jim Finkle
    Researchers have warned that a bug in Apple Inc's (AAPL.O) iOS operating system makes most iPhones and iPads vulnerable to cyber attacks by hackers seeking access to sensitive data and control of their devices. Cybersecurity firm FireEye Inc (FEYE.O) published details about the vulnerability on its blog on Monday, saying the bug enables hackers to access devices by persuading users to install malicious applications with tainted text messages, emails and Web links. The malicious application can then be used to replace genuine, trusted apps that were installed through Apple's App Store, including email and banking programs, with malicious software through...
  • 'Trojan Horse' Bug Lurking in Vital US Computers Since 2011

    11/06/2014 12:36:14 PM PST · by driftdiver · 106 replies
    ABCNews ^ | Nov 6, 2014 | JACK CLOHERTY and PIERRE THOMAS
    A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security. National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat. The hacked software is used to control complex industrial operations like oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants. Shutting down or damaging any of these...
  • The iPhone just lost its perfect security record — now what?

    11/06/2014 10:14:15 AM PST · by for-q-clinton · 221 replies
    The Verge ^ | 6 Nov 2014 | Russell Brandom
    For most of the iPhone's lifespan, it's been effectively immune to malware. There were theoretical attacks and viruses targeting jailbroken phones, but thanks to the tight controls of the App Store, finding iOS malware in the wild has been nearly impossible. If you didn't jailbreak your phone and you weren’t targeted by the NSA, you simply didn't have to worry about catching a virus. Yesterday, that changed. A security firm called Palo Alto Networks discovered a malware program they’re calling Wirelurker, which sneaks into computers through unauthorized Chinese apps, then attacks iOS devices when they connect over USB. It’s an...
  • How to protect OS X from the “rootpipe” vulnerability

    11/04/2014 7:32:21 PM PST · by Swordmaker · 19 replies
    Mac Issues ^ | November 4, 2014 | by Topher Kessler
    A relatively long-standing vulnerability in OS X has been uncovered by a Swedish hacker, Emil Kvarnhammar, who has dubbed it “rootpipe” by the so-far undisclosed method in which it can be used to take control of your Mac. In this vulnerability, a flaw allows a hacker to gain administrative access of a system without supplying a password, and then be able to interact with your Mac as an administrator. In an interview with MacWorld, Kvarnhammar describes this bug as having been present in OS X 10.8.5, but he was not able to replicate it in 10.9; however, Apple has shuffled...
  • Researcher Finds Tor Exit Node Adding Malware to Binaries

    10/24/2014 6:54:44 PM PDT · by Utilizer · 22 replies
    The Kaspersky Lab Security News Service ^ | October 24, 2014 , 12:07 pm | Dennis Fisher
    A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services. Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. Downloading any kind of file from the Internet is a dodgy proposition these days, and many...
  • Cyber security Expert Gary Milefsky (flashlight app on smartphones)

    10/19/2014 5:43:12 AM PDT · by Mechanicos · 17 replies
    YouTube ^ | Unknown | Bret Baire via YouTube
    http://www.youtube.com/watch?v=Q8xz8xKEFvU/a>
  • Internet Explorer stars in monster October Patch Tuesday

    10/12/2014 12:22:15 PM PDT · by Utilizer · 8 replies
    The Register ^ | 10 Oct 2014 | John Leyden
    October is stacking up to be a bumper Patch Tuesday update with nine bulletins lined up for delivery — three rated critical. Cloud security firm Qualys estimates two of the lesser "important" bulletins are just as bad however, as they would also allow malicious code injection onto vulnerable systems. Top of the critical list is an update for Internet Explorer that affects all currently supported versions 6 to 11, on all operating system including Windows RT. Vulnerabilities discovered in most versions of Windows Server, Windows 7 and 8, and the .NET framework are covered in the other pair of critical...
  • dairy queen confirms malware intrusion at some u.s. locations

    10/10/2014 5:47:13 PM PDT · by TurboZamboni · 10 replies
    Dairy Queen ^ | 10-9-14 | Dean A. Peters
    EDINA, MINN. — International Dairy Queen, Inc. today confirmed that the systems of some DQ® locations and one Orange Julius® location in the U.S. had been infected with the widely-reported Backoff malware that is targeting retailers across the country. The company previously indicated that it was investigating a possible malware intrusion that may have affected some payment cards used at certain DQ locations in the U.S. Upon learning of the issue, the company conducted an extensive investigation and retained external forensic experts to help determine the facts. Because nearly all DQ and Orange Julius locations are independently owned and operated,...
  • Critical USB hack goes public; how bad is the risk?

    10/05/2014 8:51:31 PM PDT · by TChad · 16 replies
    The Atlanta Journal-Constitution ^ | 10/4/2014 | Matt Picht
    Because we just don't already have enough tech security problems to worry about, computer science researchers have just published a potentially catastrophic security exploit.
  • Large-scale malvertising campaign hidden in online ads hits Last.fm

    09/22/2014 10:47:02 AM PDT · by Ernest_at_the_Beach · 20 replies
    theinquirer.net ^ | Fri Sep 19 2014, 16:45 | By Lee Bell
    1 SECURITY OUTFIT MALWAREBYTES has warned of a malvertising attack that appears to be part of a large scale, ongoing campaign affecting a number of popular websites such as Last.fm.Users are getting infected by the exploit kit that is hidden in online ads, which means they probably don't even know the payload is on their computer.Malwarebytes said The Times of Israel and The Jerusalem Post were affected by the same attack campaign and looking further into it discovered "it is much bigger" than first thought because it involves doubleclick.net, a subsidiary of Google for online ads, and Zedo, a...
  • Google reporting malware Free Republic thread re:ussjallao site US Submarine site ??

    09/18/2014 2:33:04 PM PDT · by free_life · 49 replies
    Got a google malware report when I opened a FR thread on 'U.S. Submarines: Run Silent, Run Deep...On Diesel Engines?' http://www.freerepublic.com/focus/f-news/3205441/posts Never seen a warning like this before. Was using Chrome browser. Malewarebytes and Avast did not warn me of this. False positive maybe? Malware on FR or Google playing nasty with us or what? Went to thread in Pale Moon just now and no warning.
  • Google Threat to FreeRepublic

    08/29/2014 10:19:41 PM PDT · by Wuli · 178 replies
    8/30/2014 | Wuli
    Twice in the past 30 minutes, when executing a link to one of the FreeRepublic posts, Firefox sent me a warning page that the "site" I was going to was a malware threat. In more detail, the notice explained that it gets that threat info from Google, and that FreeRepublic had been identified as a "malware" threat. Who knows if some troll got p-o'd or if WH trolls are involved in having set up the threat notice at Google. I don't know what the mods can do.
  • Visit the Wrong Website, and the FBI Could End Up in Your Computer

    08/05/2014 10:18:32 PM PDT · by Utilizer · 58 replies
    W I R E D ^ | 08.05.14 6:30 am | Kevin Poulsen
    Apparently, the feebs have been using malware and the TOR network to snoop on quite a bit more information than one might have suspected. Use the following link here for more info: http://www.wired.com/2014/08/operation_torpedo/
  • Manic malware Mayhem spreads through Linux, FreeBSD web servers

    07/21/2014 6:45:33 AM PDT · by Olog-hai · 14 replies
    The Register ^ | 18 Jul 2014 | Iain Thomson
    Malware dubbed Mayhem is spreading through Linux and FreeBSD web servers, researchers say. The software nasty uses a grab bag of plugins to cause mischief, and infects systems that are not up to date with security patches. Andrej Kovalev, Konstantin Ostrashkevich and Evgeny Sidorov, who work at Russian internet portal Yandex, discovered the malware targeting *nix servers. They traced transmissions from compromised computers to two command and control (C&C) servers. So far they have found 1,400 machines that have fallen to the code, with potentially thousands more to come. […] Mayhem spreads by finding servers hosting websites with a remote...
  • Malware, please help!

    07/03/2014 12:40:22 PM PDT · by Libertynotfree · 46 replies
    July03,2014 | Libertynotfree
    FireFox 3.0 action: reset to default. Window X3 I copied their URL to post on this thread, if you know any malware protection program which can take care of this kind of malware, please post. First 3 URL come up every time I click. I have CClean. http://cr.gogorithm.com/WLBidRequestHandler?oid=2&width=1200&height=900&pubid=58488&noaop=1&tagid=300157822500000000&revmod=2&born=1401903982&Prof=&BTF=&cb=1404413752629&encoded=1&cirf=http%3A%2F%2Fwww.freerepublic.com%2Ftag%2F*%2Findex http://static.icmwebserv.com/blank4.html#%7B%22ad_type%22%3A%22siteunder%22%2C%22percent%22%3A100%2C%22size%22%3A%5B%7B%22percent%22%3A100%2C%22width%22%3A1200%2C%22height%22%3A900%7D%5D%2C%22max_impressions%22%3A2% http://cdncache1-a.akamaihd.net/pwn.html?u=http%3A%2F%2Fp.txtsrving.info%2Fclick%3Fc%3Dda480a77af4541ad8537a425d5da1aec%26subid%3Dg-605317-b757b08c6b66452f9abd524ffc443982-%26t%3Dhttp%253A%252F%252Fwww.freerepublic.com%252Ffocus%252Ff-chat%252F3175370%252Fposts%26rt%3D1717%26data_tag%3DA%26mk%3DbGF0ZXN0K2FydGljbGVz&n=ld893__da480a77af4541ad8537a425d5da1aec__1404358630&r= http://www.onefloorserve.com/lps/player_lp7.aspx?appId=339032&source=saymedia_1fa&cid=275759&clickid=07_25004824_02eac240-cf93-44d0-ab7b-09bdb01b60d6 http://lp.empire.goodgamestudios.com/?country=us&pid=516&camp=1&gid=12&cid=15489&tid=US
  • AFP: Malware "Dragonfly" Aims at US, Europe Energy Sector

    07/02/2014 3:31:31 PM PDT · by ransomnote · 4 replies
    ex-skf.blogspot.com ^ | ex-skf blogger citing Security Week citing AFP news
    AFP news says: The US security firm Symantec said it identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines This Stuxnet-like malware attack is likely to be government-sponsored, says Symantec. No word about nuclear power plants. From Security Week quoting AFP (6/30/2014; emphasis is mine): Malware Aims at US, Europe Energy Sector: Researchers WASHINGTON - Cyberattackers, probably state sponsored, have been targeting energy operations in the United States and Europe since 2011 and were capable of causing significant damage, security researchers said Monday. The US security firm Symantec said it identified malware targeting industrial...
  • iOS Does Exist — (list of ALL the existing iOS malware to date)

    06/17/2014 12:37:31 AM PDT · by Swordmaker · 15 replies
    Fortinet Security Research Threat Landscape and Analysis ^ | June 9 2014 | Axelle Apvrille — The Crypto Girl
    iOS Malware Does Exist With our FortiGuard Labs reporting that 96.5% of all mobile malware is Android based it would be easy to see why someone might opt for an iPhone. But, users beware. Don’t write off iOS as the secure alternative to Android just yet! Despite, Android malware being nearly an epidemic, or as Tim Cook referenced, “a toxic hellstew”, iOS is not immune. Before somebody asks me (again) whether there are any iOS malware or not, I decided to consolidate the information for you. Hope this helps you, and keeps your (i-) phones secure :) (I have marked...
  • GameOver Zeus P2P Malware

    06/02/2014 5:06:15 AM PDT · by ShadowAce · 6 replies
    US CERT ^ | 02 June 2014 | CERT
    Systems Affected Microsoft Windows 95, 98, Me, 2000, XP, Vista, 7, and 8Microsoft Server 2003, Server 2008, Server 2008 R2, and Server 2012 Overview GameOver Zeus (GOZ), a peer-to-peer (P2P) variant of the Zeus family of bank credential-stealing malware identified in September 2011­1, uses a decentralized network infrastructure of compromised personal computers and web servers to execute command-and-control. The United States Department of Homeland Security (DHS), in collaboration with the Federal Bureau of Investigation (FBI) and the Department of Justice (DOJ), is releasing this Technical Alert to provide further information about the GameOver Zeus botnet. Description GOZ, which is often...
  • Android Wallpaper Apps Hide Bitcoin Mining Malware

    04/25/2014 12:24:53 PM PDT · by Up Yours Marxists · 10 replies
    Info Security Magazine ^ | April 25 19:00 GMT | Not Listed
    Is your smartphone running low on battery for seemingly no reason? Are things taking longer to render or load? Your gadget could be secretly mining bitcoins, thanks to a piece of mobile malware in Google Play that quietly uses an Android phone’s processing power, while hiding behind innocuous-seeming wallpaper apps. Lookout Software uncovered the bug, dubbed “BadLepricon,” after which Google removed five applications that were incorporating it. The apps had between 100 to 500 installs each at the time of removal. “And yes, that is how the malware authors spelled ‘leprechaun,’” wrote Lookout researcher Meghan Kelly, in a blog detailing...
  • Heartbleed: How the Net Bug That Caught Tech Experts by Surprise Affects You

    04/09/2014 3:00:05 PM PDT · by kingattax · 32 replies
    The Blaze ^ | 4-9-14 | Elizabeth Kreft
    This week web experts discovered a huge flaw in the security software used by millions of Web sites — including many banks, email and social media services. Some sites have likened the breach to leaving your front door unlocked, and anyone who knows how to open the door can intrude and expose your confidential information. Unfortunately, the fix isn’t as simple as locking the door from inside your house. The code vulnerability exists within layers of secure Internet server coding. So how does this affect you? * This week web experts discovered a huge flaw in the security software used...
  • ‘Heartbleed’ Bug Exposes Passwords, Web Site Encryption Keys

    04/08/2014 6:13:21 PM PDT · by Drago · 25 replies
    Krebs on Security ^ | 04-08-2014 | Brian Krebs
    Researchers have uncovered an extremely critical vulnerability in recent versions of OpenSSL, a technology that allows millions of Web sites to encrypt communications with visitors. Complicating matters further is the release of a simple exploit that can be used to steal usernames and passwords from vulnerable sites, as well as private keys that sites use to encrypt and decrypt sensitive data.
  • Parents empowered while fighting against Common Core in public schools

    03/31/2014 7:52:41 AM PDT · by usalady · 8 replies
    Examiner ^ | March 30, 2014 | Martha
    Common Core indoctrination has become an issue in coming elections as parents target politicians who support the Federal government imposed program on school districts.
  • Advice on adware/malware remover programs

    03/28/2014 1:58:50 PM PDT · by N. Theknow · 64 replies
    N.Theknow
    Aw crap, new program loaded adware/malware program from Ads by Quiknowledge. What do FReepers recommend as removal/guard programs?
  • Malicious Malware Uses Photos of Sunsets and Cats to Steal Banking Credentials

    03/05/2014 12:16:51 PM PST · by SWAMPSNIPER · 75 replies
    PETAPIXEL ^ | March 05,2014 | Gannon Burgett
    It’s a sad day for the Internet… according to Trend Micro’s security analysts, it’s been discovered that photographs of both sunsets and — even more heartbreaking — cats being shared across the web contain malware capable of getting into your bank accounts.
  • Banking Trojan Caphaw is being distributed through Youtube ads!

    03/03/2014 9:39:01 AM PST · by foundedonpurpose · 15 replies
    Emsisoft News ^ | 3-3-14 | Steven
    Caphaw Trojan Found in Youtube Ads In Malware, Malware Alerts by steven on February 25, 2014 | Deutsch, English, Français, Italiano, Русский 99 EmailShare youtube-logoLast Friday – under the shadow of two critical zero day exploits on Internet Explorer and Adobe Flash – researchers at Bromium Labs discovered malware in an advertising network connected to Youtube. Specific details are yet unknown and the threat has yet to be completely mitigated. As of Friday, Google Security was made aware of the issue and is currently investigating the matter with Bromium. What is Known The malware being served is a Caphaw banking...
  • "The Mask" Espionage Malware

    02/13/2014 8:23:30 PM PST · by Theoria · 1 replies
    Schneier on Security ^ | 11 Feb 2014 | Bruce Schneier
    We’ve got a new nation-state espionage malware. "The Mask" was discovered by Kaspersky Labs: The primary targets are government institutions, diplomatic offices and embassies, energy, oil and gas companies, research organizations and activists. Victims of this targeted attack have been found in 31 countries around the world -- from the Middle East and Europe to Africa and the Americas. The main objective of the attackers is to gather sensitive data from the infected systems. These include office documents, but also various encryption keys, VPN configurations, SSH keys (serving as a means of identifying a user to an SSH server) and...
  • ObamaCare's Potemkin Village Website Written In Belarus?

    02/05/2014 10:12:16 AM PST · by raptor22 · 21 replies
    Incestor's Business Daily ^ | February 5, 2014 | IBD EDITORIALS
    Debacle: U.S. intelligence agencies report that developers linked to the Belarus government helped create the Healthcare.gov website and may have inserted malicious code making it vulnerable to cyberattacks and hacking. The disastrous rollout of Healthcare.gov was bad enough. But as if Americans need another reason to avoid Healthcare.gov, we now hear that the Obama administration, through the Department of Health and Human Services, has indirectly contracted with developers in the worker's paradise of Belarus, a former Soviet republic still closely tied to Russia, to write some of the software code used for the website. The Washington Free Beacon's Bill Gertz...
  • The Belarusian Connection Obamacare network vulnerable to cyber attack

    02/03/2014 5:49:36 PM PST · by driftdiver · 20 replies
    Washington FreeBeacon ^ | Feb 3, 2014 | Bill Gertz
    U.S. intelligence agencies last week urged the Obama administration to check its new healthcare network for malicious software after learning that developers linked to the Belarus government helped produce the website, raising fresh concerns that private data posted by millions of Americans will be compromised. The intelligence agencies notified the Department of Health and Human Services, the agency in charge of the Healthcare.gov network, about their concerns last week. Specifically, officials warned that programmers in Belarus, a former Soviet republic closely allied with Russia, were suspected of inserting malicious code that could be used for cyber attacks, according to U.S....
  • Healthcare.gov Contractor (and Close Russian Ally) Belarus Built Malware RIGHT INTO Obamacare Code

    02/04/2014 3:28:29 AM PST · by Reaganite Republican · 26 replies
    Reaganite Republican ^ | 04 February 2014 | Reaganite Republican
    Remember when John McAfee warned us in November that anybody who signed up to the Obamacare site might have their bank account cleaned-out by hackers? The eccentric genius and former fugitive called the government website 'a hacker's wet dream', adding that there were 'NO safeguards' that would stop someone from starting a fake Obamacare website 'for a couple hundred dollars' that could 'empty your bank account' in hours.  McAfee added unambiguously that 'It's going to happen, and it's going to happen soon... nothing in the Obamacare system safeguards against this.'  And I thought he was just trying to sell...
  • A cross-platform java-bot

    01/29/2014 11:05:37 AM PST · by ShadowAce · 13 replies
    Securelist ^ | 28 January 2014 | Anton Ivanov
    Early this year, we received a malicious Java application for analysis, which turned out to be a multi-platform bot capable of running on Windows, Mac OS and Linux. The bot was written entirely in Java. The attackers used vulnerability CVE-2013-2465 to infect users with the malware. Initializing and decrypting strings To make analyzing and detecting the malware more difficult, its developers used the Zelix Klassmaster obfuscator. In addition to obfuscating bytecode, Zelix encrypts string constants. Zelix generates a different key for each class – which means that in order to decrypt all the strings in the application, you have to...
  • Malformed FileZilla FTP client with login stealer

    01/28/2014 10:08:51 AM PST · by Utilizer · 25 replies
    avast antivirus blog ^ | January 27th, 2014 | Malware Analyst Workforce
    Beware of malformed FileZilla FTP client versions 3.7.3 and 3.5.3. We have noticed an increased presence of these malware versions of famous open source FTP clients. The first suspicious signs are bogus download URLs... Malware installer GUI is almost identical to the official version. The only slight difference is version of NullSoft installer where malware uses 2.46.3-Unicode and the official installer uses v2.45-Unicode. All other elements like texts, buttons, icons and images are the same. The installed malware FTP client looks like the official version and it is fully functional! You can’t find any suspicious behavior, entries in the system...
  • Adware vendors buy Chrome Extensions to send ad- and malware-filled updates

    01/20/2014 9:57:14 AM PST · by Utilizer · 32 replies
    ars technica website | Jan 17 2014, 3:10pm -0800 | Ron Amadeo
    ...ownership of a Chrome extension can be transferred to another party, and the new owners can issue an ad-filled update over Chrome's update service, which sends the adware out to every user of that extension.
  • Microsoft Security Essentials misses 39% of malware in Dennis test

    12/21/2013 6:39:43 PM PST · by Utilizer · 33 replies
    pc pro ^ | 19 Dec 2013 at 15:24 | Barry Collins
    Dennis Publishing's security labs saw Microsoft Security Essentials fail to detect 39% of the real-world malware thrown at it. Dennis Technology Labs (DTL) tested nine home security products on a Windows 7 PC, including Security Essentials, which is distributed free to Windows users and built into Windows 8 in the form of Windows Defender. While the other eight packages all achieved protection scores of 87% or higher - with five scoring 98% or 99% - Microsoft's free antivirus software protected against only 61% of the malware samples used in the test. -snip- Norton Internet Security received the strongest protection rating...
  • Bitcoin miners bundled with PUPs in legitimate applications backed by EULA

    11/30/2013 12:05:32 PM PST · by Utilizer · 16 replies
    techienews uk ^ | November 30, 2013 | Ravi Mandalia
    Bitcoin miners are being allegedly bundled with third party potentially unwanted programs (PUPs) that come bundled with legitimate applications, a new report indicates. According to a report by security company Malwarebytes third party applications that come bundled with legitimate applications and commonly known as potentially unwanted programs/applications (PUPs/PUAs) now come integrated with Bitcoin miners. These miners surreptitiously carry out Bitcoin mining operations on the user’s system consuming valuable CPU time without explicitly asking for user’s consent. Because of the extensive mathematical calculations involved, the mining operation consumes a lot of CPU resource and renders the user’s system almost useless for...
  • MS Windows Local Privilege Escalation Zero-Day in The Wild

    11/30/2013 10:10:25 AM PST · by Utilizer · 35 replies
    fireeye ^ | November 27, 2013 | Xiaobo Chen and Dan Caselden
    FireEye Labs has identified a new Windows local privilege escalation vulnerability in the wild. The vulnerability cannot be used for remote code execution but could allow a standard user account to execute code in the kernel. Currently, the exploit appears to only work in Windows XP. This local privilege escalation vulnerability is used in-the-wild in conjunction with an Adobe Reader exploit that appears to target a patched vulnerability. The exploit targets Adobe Reader 9.5.4, 10.1.6, 11.0.02 and prior on Windows XP SP3. Those running the latest versions of Adobe Reader should not be affected by this exploit. Post exploitation, the...
  • 'Stuxnet has infected Russian nuclear plant and International Space Station'

    11/12/2013 6:24:23 AM PST · by tamarijp · 28 replies
    The Jerusalem Post ^ | 11/12/2013 | Sara Miller
    An internet security specialist says that Stuxnet, the computer malware that targeted Iran's nuclear facilities in 2010 and widely attributed to Israel and the US, has spiraled out of control and attacked a Russian nuclear plant and the International Space Station.
  • Semi-VANITY : Prevention of New Virus sweeping the Interwebs: CryptoLocker

    10/26/2013 1:29:26 PM PDT · by NoLibZone · 39 replies
    bleepingcomputer.com ^ | Oct 25, 2013 | Bleeping Computer
    Heads up and Prevention of New New Virus sweeping the Interwebs: CryptoLocker http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information PROBLEM: CryptoLocker is a ransomware program that was released around the beginning of September 2013. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 96 hours, or 4 days, to pay the ransom or it will delete your encryption...
  • How The NSA Deploys Malware: An In-Depth Look at the New Revelations

    10/09/2013 10:34:00 AM PDT · by shego · 23 replies
    EFF ^ | 10/8/13 | Dan Auerbach
    We've long suspected that the NSA, the world's premiere spy agency, was pretty good at breaking into computers. But now, thanks to an article by security expert Bruce Schneier—who is working with the Guardian to go through the Snowden documents—we have a much more detailed view of how the NSA uses exploits in order to infect the computers of targeted users. The template for attacking people with malware used by the NSA is in widespread use by criminals and fraudsters, as well as foreign intelligence agencies, so it's important to understand and defend against this threat to avoid being a...
  • NSA Going Deeper Into Your Life Than You Thought

    10/08/2013 5:57:56 PM PDT · by Nachum · 33 replies
    patriots billboard ^ | 10/8/13 | Dan Auerbach
    Dan Auerbach 10-8-13 We’ve long suspected that the NSA, the world’s premiere spy agency, was pretty good at breaking into computers. But now, thanks to an article by security expert Bruce Schneier—who is working with the Guardian to go through the Snowden documents—we have a much more detailed view of how the NSA uses exploits in order to infect the computers of targeted users. The template for attacking people with malware used by the NSA is in widespread use by criminals and fraudsters, as well as foreign intelligence agencies, so it’s important to understand and defend against this threat to...
  • Virus: Setup by Firseria

    08/21/2013 9:37:53 AM PDT · by exDemMom · 24 replies
    Self | 8/21/13 | Self
    I am using Google Chrome, which shows downloaded files at the bottom of the browsing window. A few minutes ago, I saw that a file had downloaded. The information on the file (taken from the delete file window) is this: Setup File description: Installer Application Company: Firseria File version: 1.0.0.1 Date created: 8/21/2013 12:10 PM Size: 193 KB Obviously, I know enough not to run the thing. I did a Google search on "Firseria installer application" and came up with results that I really cannot make any sense of, since they give a lot of technical data. However, at this...