Feed aggregator

Enterprise Apps in Scope of Ghost glibc Vulnerability

Threatpost for B2B - Fri, 02/06/2015 - 13:59
Researchers at Veracode examined whether enterprise applications were also vulnerable to the Ghost vulnerability in glibc.

Analyzing Angler: The World’s Most Sophisticated Exploit Kit

Threatpost for B2B - Fri, 02/06/2015 - 13:42
Angler's unique obfuscation, ability to detect antivirus and virtual machines, encrypted payload and fileless infection have some calling it the most sophisticated exploit kit.

Threatpost News Wrap, February 6, 2015

Threatpost for B2B - Fri, 02/06/2015 - 12:14
Dennis Fisher and Mike Mimoso discuss the Anthem data breach, the continuing Flash 0-day happy fun times, the expansion of exploit kits and the crowd funding support for GnuPG.

Cheezburgers, Warrant Canaries and Cat Memes

Threatpost for B2B - Fri, 02/06/2015 - 12:03
Surveillance, privacy and security are serious subjects. So too, for some people, are cat memes and GIFs of screaming goats. And Cheezburger Inc., the premier purveyor of said memes and GIFs, wants its users to know that the company is standing up for their rights. The folks at Cheezburger have built an online empire on […]

Security, Tech Communities Rally to Support GnuPG

Threatpost for B2B - Fri, 02/06/2015 - 08:44
The last year has seen a big swing in the support from the technology community for open-source security tools, many of which are maintained by tiny staffs or volunteers. OpenSSL last year received a large chunk of funding from the Core Infrastructure Initiative, and now it’s GnuPG’s turn. After a story on ProPublica Thursday publicized […]

Following Exploits, Zero Day in WordPress Plugin FancyBox Patched

Threatpost for B2B - Thu, 02/05/2015 - 14:21
Developers have patched a zero day vulnerability in FancyBox, a plug-in for WordPress, which allowed malware to be added, via an iFrame, to infected sites.

IE Memory Attacks Net ZDI $125,000 Microsoft Bounty

Threatpost for B2B - Thu, 02/05/2015 - 11:19
Three HP ZDI researchers won a $125,000 bounty from Microsoft for successful attacks against memory protections introduced last summer into Internet Explorer.

Flash Zero Days Dominate Exploit Landscape

Threatpost for B2B - Thu, 02/05/2015 - 08:20
The recent Flash zero-day vulnerabilities and exploits have uncovered the relatively quiet Hanjuan exploit kit, and further exposed the dangers of malvertising.

Anthem Data Breach Could Affect Millions of Consumers

Threatpost for B2B - Thu, 02/05/2015 - 08:05
Attackers have compromised Anthem Inc., one of the larger health-care companies in the United States, gaining access to the Social Security numbers, birth dates, names, employment and income data and other personal information of an untold number of customers. The company says it is not sure yet how many customers are affected, but Anthem claims to […]

Adobe Begins Patching Third Flash Player Zero Day

Threatpost for B2B - Wed, 02/04/2015 - 17:44
Adobe has begun distributing an emergency update for Flash Player that patched the third of three zero-day vulnerabilities under attack.

U.S. Officials Say Chinese Cyberespionage ‘Needs to Stop’

Threatpost for B2B - Wed, 02/04/2015 - 13:00
The top cybersecurity officials in the United States on Wednesday said that China is harming the potential for an open Internet through its policies of censorship, and also said the country’s continued cyberespionage operations are damaging the two countries’ relationship. In a piece co-authored in Politico with Ambassador Robert Holleyman and Alex Niejelow, the chief […]

XSS Vulnerability in IE Could Lead to Phishing Attacks

Threatpost for B2B - Wed, 02/04/2015 - 12:55
Microsoft is aware of a recently disclosed bug in its latest browser, Internet Explorer 11, and is actively developing a patch for the issue.

Siemens ICS Switches Hit With Buffer Overflow, Authentication Bugs

Threatpost for B2B - Wed, 02/04/2015 - 11:30
There are a number of serious vulnerabilities in the Siemens Ruggedcom WIN switches, including a remotely exploitable buffer overflow and a flaw that could allow an attacker to take actions on the device without authentication. The vulnerabilities affect several models of the Ruggedcom WIN switches, including WIN51xx all versions prior to SS4.4.4624.35, WIN52xx: all versions […]

Latest Flash 0Day Under Attack; Possible Ties to Group Behind Angler EK

Threatpost for B2B - Wed, 02/04/2015 - 11:03
The third Adobe Flash Player zero day in two weeks is also currently under attack. Researchers at Trustwave found an exploit for it in the HanJuan exploit kit, which could be tied to the group behind the Angler kit.

Spammers against hurricanes and terrorist attacks

Secure List feed for B2B - Wed, 02/04/2015 - 06:00

Nothing holds a potential reader's attention stronger than a story about a catastrophe. A few days ago we came across an excellent example of a mass mailing where spammers took full advantage of this universal fascination with destruction.

The mass mailing in question is intended primarily for the US users. In it, the spammers list a series of recent tragedies and predict that worse is yet to come. They also propose a solution – just click the link to find out how to protect yourself and your family from harm.

In the email below the authors mention Sandy hurricane that hit North America about two years ago.

The spammers recall the crisis that faced many Americans after that hurricane – stranded in badly-damaged houses without food or electricity. The author of the email claims to know a guy who lived right in the center of the storm, in a wind-lashed city in New Jersey, and who suffered no shortages of anything. Click the link, and the spammers promise you'll enjoy the same good fortune if disaster strikes your neighborhood.

Yet another example mentions the recent terror attacks in France.

In this email, the spammers paint a bleak picture of America's immediate future, claiming the government is hiding the truth but expects blood to flow in the streets as it did in France. But there is an answer – just click the link and you'll find out how to protect your family from any attack.

When users follow these links they are taken to sites that are also striking. They start with an audio presentation of a confidential story told by a well-wisher.

The design of the site, the voice and the details of the story differ but the essence is the same: anyone who spends a few minutes to listen to the audio will be introduced to our hero, understand why he decided to share his warnings about the disasters in store for America and, eventually, find out how to build a miracle machine that can be easily assembled in your own home. The link to the video tutorial on self-assembly of this life-saving device costs just a few dozen dollars and shows you how to create a generator so simple that even your grandmother could make it work. Happy buyers don't only get an autonomous source of energy to be used in the event of disaster; they ca also save on household energy bills.

The audio is supported by a presentation which displays the speaker's text. So even users who cannot turn on the sound need only have the patience to watch for a few minutes, see the offer and reward the spammers for their efforts to spread paranoia by sending them their hard-earned dollars.

Google Trades Technicality for Brevity With New SSL Warning

Threatpost for B2B - Tue, 02/03/2015 - 17:45
Google and the University of Pennsylvania performed a study intended to determine the effect of best practices on the efficacy of SSL browser warnings.

1,800 Domains Overtaken by Flash Zero Day

Threatpost for B2B - Tue, 02/03/2015 - 15:27
Researchers at Cisco say that a Flash zero day exploit has compromised 1,800 domains, the majority of those during a 48-hour period last week.
Syndicate content