Big hacks, big data add up to blackmailer's dream

Do the data records stolen in a pair of recent hacks signal the start of something more sinister?










from Latest topics for ZDNet in Security http://ift.tt/1KZoGwU

ジェイルブレイクした iOS を狙うトロイの木馬 KeyRaider、無料アプリ詐欺に利用される

攻撃者は、盗み出した Apple ID アカウントを悪用して、iOS デバイス用の有料アプリを無料で提供すると偽っています。

Read More

from Symantec Connect - Security - Blog Entries http://ift.tt/1ifC2OD

FBI: Savvy, Crafty Wire Transfer Fraud is Booming

So far more than 7,000 US companies have been victimized—with total dollar losses exceeding $740 million.

from http://ift.tt/1IBvZJl

KeyRaider Steals iPhone Credentials for App Purchases

KeyRaider appears to be behind the largest known Apple account theft caused by malware to date.

from http://ift.tt/1IBvZt0

Pawn Storm Serves Malware Via Fake EFF Site

Hackers have set up a fake domain for the Electronic Frontier Foundation as part of a targeted malware campaign.

from http://ift.tt/1UogJX6

Brazil tops cyberattack ranking in LatAm

The country has seen more than 27 million attacks this year so far, says research










from Latest topics for ZDNet in Security http://ift.tt/1UilQgV

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Flex System Manager (FSM) (CVE-2014-3508, CVE-2014-3509, CVE-2014-3505, CVE-2014-3506, CVE-2014-3507, CVE-2014-3510, and CVE-2014-3511)

There are multiple vulnerabilities in OpenSSL that is used by IBM Flex System Manager (FSM). These issues were disclosed on August 6, 2014 by the OpenSSL Project. CVE(s):   CVE-2014-3509 ,   CVE-2014-3506 ,   CVE-2014-3507 ,...

from IBM Product Security Incident Response Team http://ift.tt/1IzQXs3

Bugtraq: [security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information

[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1X6RBrX

Bugtraq: [security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information

[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information

from SecurityFocus Vulnerabilities http://ift.tt/1JHmHwk

iPhone malware KeyRaider stole thousands of Apple logins

Researchers called this the "largest known Apple account theft caused by malware."










from Latest topics for ZDNet in Security http://ift.tt/1EwoXe6

How Qualcomm plans to make phones and tablets safe from malware

A new security approach built into the Snapdragon 820 chip next year will provide protection from zero-day and other malware attacks.










from Latest topics for ZDNet in Security http://ift.tt/1fRN3UF

Microsoft's Project Sonar: Malware detonation as a service

Microsoft's 'Project Sonar' service, which analyzes millions of potential exploit and malware samples in virtual machines, may be available to users outside the company in the not-too-distant future.










from Latest topics for ZDNet in Security http://ift.tt/1EwoYPg

USN-2726-1: Expat vulnerability

Ubuntu Security Notice USN-2726-1

31st August, 2015

expat vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 15.04
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

Expat could be made to crash or run programs as your login if it opened a specially crafted file.

Software description

• expat - XML parsing C library

Details

It was discovered that Expat incorrectly handled malformed XML data. If a
user or application linked against Expat were tricked into opening a
crafted XML file, an attacker could cause a denial of service, or possibly
execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 15.04:

libexpat1 2.1.0-6ubuntu1.1

lib64expat1 2.1.0-6ubuntu1.1

Ubuntu 14.04 LTS:

libexpat1 2.1.0-4ubuntu1.1

lib64expat1 2.1.0-4ubuntu1.1

Ubuntu 12.04 LTS:

libexpat1 2.0.1-7.2ubuntu1.2

lib64expat1 2.0.1-7.2ubuntu1.2

To update your system, please follow these instructions: http://ift.tt/17VXqjU.

After a standard system upgrade you need to restart any applications linked
against Expat to effect the necessary changes.

References

CVE-2015-1283

from Ubuntu Security Notices http://ift.tt/1UnAoGL

US plans 'unprecedented' sanctions against China over hacks

Sanctions -- should they go ahead -- could land as early as mid-September.










from Latest topics for ZDNet in Security http://ift.tt/1LO2fAw

Jailbreak iOS Trojan KeyRaider used as part of free apps scam

Attackers claim to offer premium apps to iOS devices for free by using stolen Apple ID accounts.

Read More

from Symantec Connect - Security - Blog Entries http://ift.tt/1KyN0dg

Bugtraq: [SECURITY] [DSA 3346-1] drupal7 security update

[SECURITY] [DSA 3346-1] drupal7 security update

from SecurityFocus Vulnerabilities http://ift.tt/1hrchKs

Bugtraq: Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host

from SecurityFocus Vulnerabilities http://ift.tt/1N3X3IZ

Bugtraq: [slackware-security] mozilla-firefox (SSA:2015-241-01)

[slackware-security] mozilla-firefox (SSA:2015-241-01)

from SecurityFocus Vulnerabilities http://ift.tt/1hrcjlN

Bugtraq: [SECURITY] [DSA 3345-1] iceweasel security update

[SECURITY] [DSA 3345-1] iceweasel security update

from SecurityFocus Vulnerabilities http://ift.tt/1N3X3st

The Decline of Email Spam?

As threat defense experts, Trend Micro has been delivering quarterly security roundup reports for several years now. Each quarter we look back on the previous quarter to highlight the key threats found during that time period. We also review the threat data we collect and analyze from the Trend Micro™ Smart Protection Network™ which gives us insights into the trends occurring within the threat landscape. In our Q2’15 report, A Rising Tide: New Hacks Threaten Public Technologies, one of the trends we’ve been seeing for some time now is a lower amount of spam affecting the world. As you can see from the below chart, spam volumes have generally been trending lower since August of 2014.

While this is good news for users I’d like to dive into some of the reasons we may be seeing this lowering trend.

Our threat researchers have been analyzing many of the recent spam campaigns whether they are Cryptoransomware spam runs in Australia, Europe, and North America, or general spam looking to infect individual users. What we’re finding is the spammers today are taking a page out of the playbook of targeted attack (or Advanced Persistent Threats – APTs) campaigns. The threat actors behind targeted attacks will identify who they want to target and limit the number of individuals they will attack.  Spammers today have access to the cybercriminal underground markets (Cyber Arms Bazaar) where they can buy email lists to be used in their campaigns. The difference today than before is these lists are much more refined and accurate. In the past, spammers would send their emails to a huge list of email addresses and did not care if they were legitimate addresses or not.  Today these lists contain confirmed live email addresses for actual users, versus say email addresses of many honeypots used in the defense of spam. This means they can take a more targeted approach in their spam campaigns and ensure they are hitting real people.

Other trends we’re seeing with spammers looking to outwit defenses against them are:

	Use of email authentication like DKIM and SPF Embedded URLs will link to legitimate, compromised sites that redirect to the malicious servers Use standard malware techniques for attachments to reduce anti-malware detection Use of CAPTCAs in the threat lifecycle Improve the message content to be more plausible with less grammatical/spelling errors

While we cannot predict that spam will continue to drop, we do know that many of the threat actors today are being more and more targeted in their approach to cybercrime and in many cases even though they may not be pushing more threats out, this tactic has allowed them to keep their infection rates just as high as ever.  So while spam volume has diminished which on the surface is good, it does not mean that less people are infected as the spammers have been able to be more efficient in their process.

Combatting this trend has required a shift in how messaging-based threats are dealt with.  Traditional antispam solutions have struggled to deal with phishing and spearphishing threats and as spam morphs more towards these more effecting infection methods, the addition of advanced threat messaging technologies must be added to these solutions.  Trend Micro has been developing and integrating a number of these advanced technologies into our messaging solutions including:

	New-born Domain Host Inspection which identifies newly born malicious domains used by threat actors to block embedded URLs Socially Engineered Attack Prevention which uses big data analytics to correlate meta data and content within emails to identify those that are malicious

The threat defense experts within Trend Micro will continue to analyze the cyber-threats affecting our world and will use their expertise to continually innovate new technologies and solutions to protect our customers as the threat landscape changes. Feel free to leave a message if you have your own opinions on this phenomenon we’re seeing.

from Trend Micro Simply Security http://ift.tt/1hrGRUs
via IFTTT

Weaponized Drones For Police Now Legal In North Dakota

Drones also known as Unmanned Aerial Vehicles (UAVs) have contributed enormously by acting as an interface for conducting surveillance operations, or delivering products, or attacking a war site to name a few. We have seen Drones like 'Snoopy' that are capable to intercept data from your Smartphones, even without authentication or interaction, using spoofed wireless networks. And now

from The Hacker News http://ift.tt/1NIPEPm

IBM Security Bulletin: Potential Information Disclosure vulnerability could expose user personal data in WebSphere Commerce (CVE-2015-4980)

A remote authenticated user could exploit a security vulnerability in WebSphere Commerce to expose personal data. CVE(s):   CVE-2015-4980 Affected product(s) and affected version(s): WebSphere Commerce...

from IBM Product Security Incident Response Team http://ift.tt/1FbR8d4

IBM Security Bulletin: Java CVE-2015-2590

An unspecified vulnerability related to the Libraries component has complete confidentiality impact, complete integrity impact, and complete availability impact and affects IBM i java. CVE(s):   CVE-2015-2590 Affected...

from IBM Product Security Incident Response Team http://ift.tt/1MXt57U

IBM Security Bulletin: Vulnerabilities in OpenSSL affect Sterling Connect:Direct for HP NonStop (CVE-2015-1792, CVE-2015-1789, CVE-2015-1790)

OpenSSL vulnerabilities were disclosed on June 11, 2015 by the OpenSSL Project. OpenSSL is used by Sterling Connect:Direct for HP NonStop. Sterling Connect:Direct for HP NonStop has addressed the applicable CVEs CVE(s):  ...

from IBM Product Security Incident Response Team http://ift.tt/1MXt6ZB

IBM Security Bulletin: Apache Tomcat Vulnerability in Algo Audit and Compliance (CVE-2014-0230 )

Apache Tomcat is vulnerable to a denial of service, caused by missing limitations on request body size. Apache Tomcat 6.0 is used by Algo Audit and Compliance. CVE(s):   CVE-2014-0230 Affected product(s) and affected...

from IBM Product Security Incident Response Team http://ift.tt/1MXt4RE

IBM Security Bulletin: Apache Tomcat vulnerability affects IBM Storwize V7000 Unified (CVE-2014-0230)

Apache Tomcat denial of service vulnerability CVE(s):   CVE-2014-0230 Affected product(s) and affected version(s): IBM Storwize V7000 Unified The product is affected when running a code releases 1.3.0.0 to...

from IBM Product Security Incident Response Team http://ift.tt/1FbR7WA

IBM Security Bulletin: Vulnerability in Rational DOORS Next Generation and Rational Requirements Composer with potential for Cross Site Scripting attack (CVE-2015-1917)

An undisclosed security vulnerability of IBM Rational DOORS Next Generation and Rational Requirements Composer may result in a Cross Site Scripting attack. CVE(s):   CVE-2015-1917 Affected product(s) and affected version(s):...

from IBM Product Security Incident Response Team http://ift.tt/1FbR50U

IBM Security Bulletin: GNU C library (glibc) vulnerability affects IBM Storwize V7000 Unified (CVE-2013-7423)

IBM Storwize V7000 Unified is shipped with GNU glibc, for which a fix is available for a security vulnerability. CVE(s):   CVE-2013-7423 Affected product(s) and affected version(s): IBM Storwize V7000...

from IBM Product Security Incident Response Team http://ift.tt/1MXt6Jb

Security Bulletin: Multiple vulnerabilities in libxml2 affect IBM Flex System Manger (FSM) (CVE-2013-2877, CVE-2014-0191, CVE-2014-3660)

There are multiple vulnerabilities in libxml2 that is used by IBM Flex System Manager (FSM). This bulletin addresses these vulnerabilities. CVE(s):   CVE-2013-2877 ,   CVE-2014-0191   and   CVE-2014-3660 Affected...

from IBM Product Security Incident Response Team http://ift.tt/1MXt6IZ

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM) (Multiple CVEs)

There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 1.6 and 1.7 that is used by IBM Flex System Manager (FSM). This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption (POODLE) SSLv3...

from IBM Product Security Incident Response Team http://ift.tt/1FbR50E

Here's How Iranian Hackers Can Hack Your Gmail Accounts

Hackers are getting smarter in fooling us all, and now they are using sophisticated hacking schemes to get into your Gmail. Yes, Iranian hackers have now discovered a new way to fool Gmail's tight security system by bypassing its two-step verification – a security process that requires a security code (generally sent via SMS) along with the password in order to log into Gmail account.

from The Hacker News http://ift.tt/1NRKL5U

Photos Leaked! Here's Top Features Expected in Next iPhone Release

Only 9 days are left for Apple's annual new iPhone launch event, where the company will bring its various new products but the obvious stars of the show will be the iPhone 6s and the iPhone 6s Plus. The company has not officially announced the iPhone 6S and iPhone 6S Plus yet, but a series of new, high-resolution photographs obtained by 9to5Mac show some new features coming to its

from The Hacker News http://ift.tt/1JvQA5L

​ASIC commits to fighting online attacks over the next four years

The Australian Securities and Investments Commission said it will be watching out for the growing number of online attacks as part of its corporate plan to 2018-19.










from Latest topics for ZDNet in Security http://ift.tt/1Jrlfiy