Security Fix
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Feb 2009 | Jan 2009 | Dec 2008 | Nov 2008 | Oct 2008 | Sep 2008 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 | Apr 2008 | Mar 2008 |Sat, 27 Jun 09
Ex-DHS Cyber Chief Tapped as President of ICANN
http://feeds.voices.washingtonpost.com/click.phdo?i=8719f7cccafd71b73191c70ab10621ea
Former Department of Homeland Security cyber chief Rod A. Beckstrom has been tapped to be the new president of the Internet Corporation for Assigned Names and Numbers (ICANN), the California based non-profit, which oversees the Internet's address system. Most recently, Beckstrom was director of the National Cyber Security Center -- an organization created to coordinate security efforts across the intelligence community. Beckstrom resigned that post in March, citing a lack of funding and authority. Beckstrom joins ICANN as the Internet governance body faces some of the most complex and contentious proposed changes to the Internet's addressing system in the organization's entire 11-year history. For example: -- The United States is under considerable pressure to give up control over ICANN and turn it over to international supervision and management. ICANN currently operates under a Joint Project Agreement with the U.S. government, but that agreement is due to expire at the end
Fri, 26 Jun 09
Critical Security Fix for Adobe Shockwave Player
http://feeds.voices.washingtonpost.com/click.phdo?i=ccdadc5584ea979f050fc422903dffae
Adobe Systems Inc. on Tuesday issued a software update to fix a critical security flaw in its Shockwave Player, a commonly installed Web browser plug-in. According to Adobe, a malicious or hacked site could use the security hole to install malicious software if the visitor merely browses the site with a vulnerable version of the media player software. The flaw exists in Shockwave Player (also known as Macromedia Shockwave Player) version 11.5.0.596 and earlier. To find out whether Shockwave is installed and which version may be on your PC, visit this site. In a posting to its security blog, Adobe said it is not aware of any exploits in the wild for this vulnerability. Adobe recommends Shockwave Player users on Windows uninstall Shockwave version 11.5.0.596 and earlier on their systems, restart and install Shockwave version 11.5.0.600, available here. Readers should be aware that by default this patch will also try
Thu, 25 Jun 09
Microsoft Debuts Free Antivirus Software Beta
http://feeds.voices.washingtonpost.com/click.phdo?i=3cb6f7b912e24eb36be993c836b094d9
Microsoft on Tuesday released a beta version of its new free anti-virus offering, Microsoft Security Essentials (a.k.a "Morro"). My review, in short: the program is a fast, easy to use and unobtrusive new addition to the stable of free anti-virus options available today. MSE is basically the next generation of Microsoft's Windows Live Onecare anti-virus and anti-spyware service, but without all of the extras, such as a firewall, data backup solution or PC performance tuning (Microsoft announced in Nov. 2008 that it would stop selling Onecare through its retail channels at the end of June 2009). The toughest part was getting the program installed. MSE can run on Windows XP, Vista or Windows 7 (both 32-bit and 64-bit versions), but it failed to install on an XP Pro system I tried to use as my initial test machine -- leaving me with nothing more than a failure message and cryptic
Wed, 24 Jun 09
Accused Spam King Alan Ralsky Pleads Guilty
http://feeds.voices.washingtonpost.com/click.phdo?i=c994800c91186ca60c6b3bb00e73ecd2
Alan Ralsky, a 64-year-old Michigan man that federal investigators say was among the world's top spam kingpins, pleaded guilty on Monday to running a multi-million dollar international stock fraud scam powered by junk e-mail. Ralsky (pictured at right, courtesy of Spamhaus) and his son-in-law and chief financial officer Scott K. Bradley, 38, also of Michigan, pleaded guilty to conspiracy to commit wire fraud, money laundering and to violate the CAN-SPAM Act. Under the terms of his plea agreement, Ralsky faces as much as 87 months in prison and a $1 million fine, while Bradley could get as much as 78 months in prison and a $1 million fine under the federal sentencing guidelines. The Ralsky plea caps a long effort by the government to nab one of the most prolific spammers. In September 2005, the FBI raided Ralsky's home, but it wasn't until early 2008 that the government indicted Ralsky
Sat, 20 Jun 09
Web Fraud 2.0: Franchising Cyber Crime
http://feeds.voices.washingtonpost.com/click.phdo?i=b6ecdbd748f84e4446479d20b8e7d853
For the most part, cyber gangs that create malicious software and spread spam operate as shadowy, exclusive organizations that toil in secrecy, usually in Eastern Europe. But with just a few clicks, anyone can jump into business with even the most notorious of these organizations by opening up the equivalent of a franchise operation. Some of the most active of these franchises help distribute malicious software through so-called pay-per-install programs, which pay tiny commissions to the franchise operators, or so-called affiliates, each time a supplied program is installed on an unsuspecting victim's PC. These installer programs will often hijack the victim's search results, or steal data from the infected computer. Typically, affiliates will secretly bundle the installers with popular pirated software titles that are made available for download on peer-to-peer file-trading sites. In other cases, the installers are stitched into legitimate, hacked Web sites and quietly foisted upon PCs when
Sat, 20 Jun 09
Malicious Attacks Most Blamed in '09 Data Breaches
http://feeds.voices.washingtonpost.com/click.phdo?i=99991398e2f966ccfa65a84b7f5df70c
Rogue employees and hackers were the most commonly cited sources of data breaches reported during the first half of 2009, according to figures released this week by the Identity Theft Resource Center, a San Diego based nonprofit. The ID Theft Center found that of the roughly 250 data breaches publicly reported in the United States between Jan. 1 and Jun. 12, victims blamed the largest share of incidents on theft by employees (18.4 percent) and hacking (18 percent). Taken together, breaches attributed to these two types of malicious attacks have increased about 10 percent over the same period in 2008. Some 44 states and the District of Columbia now have laws requiring entities that experience a breach to publicly disclose that fact. Yet, few breached entities report having done anything to safeguard data in the event that it is lost or stolen. The ITRC found only a single breach in
Fri, 19 Jun 09
iPhone 3.0 Includes 46 Security Updates
http://feeds.voices.washingtonpost.com/click.phdo?i=42226302d137da23eeb835fb3e45be4d
Apple on Wednesday released the much anticipated 3.0 update for the iPhone, bundling at least 46 security fixes into a new version of the iPhone operating system that includes essential functionality such as cut-and-paste and Spotlight search. Included in the 3.0 bundle are security patches for vulnerabilities in a broad range of iPhone components, including Safari and Mail. The mail flaw, for example, could allow a malicious app or attacker to place a phone call without user interaction. A host of other security holes fixed by this update could allow a remote attacker or Web site to run malicious code on the device or cause it to crash. The update is available only through iTunes. My colleague Rob Pegoraro has a more in-depth post about the new features built into this update, but he was having trouble grabbing the update yesterday. Apple says that the automatic update process may take
Thu, 18 Jun 09
An Odyssey of Fraud
http://feeds.voices.washingtonpost.com/click.phdo?i=faa65244db89cb91494e05621dc5f611
Andy Kordopatis is the proprietor of Odyssey Bar, a modest watering hole in Pocatello, Idaho, a few blocks away from Idaho State University. Most of his customers pay for their drinks with cash, but about three times a day he receives a phone call from someone he's never served -- in most cases someone who's never even been to Idaho -- asking why their credit or debit card has been charged a small amount by his establishment. Kordopatis says he can usually tell what's coming next when the caller immediately asks to speak with the manager or owner. "That's when I start telling them that I know why they're calling, and about the Russian hackers who are using my business," Kordopatis said. The Odyssey Bar is but one of dozens of small establishments throughout the United States seemingly picked at random by organized cyber criminals to serve as unwitting pawns
Wed, 17 Jun 09
Top Security Minds Urge Google to Encrypt All Services
http://feeds.voices.washingtonpost.com/click.phdo?i=ce5f56106f3ad8c2de017e09fb85054f
A who's-who of more than three dozen high-tech and security experts from industry and academia is urging Google to beef up the privacy and security settings of its Gmail, Google Docs and Calendar online services. At issue is whether Google is doing enough to block hackers from hijacking a user's Webmail account or intercepting information from online documents. An increasing number of free, publicly available tools may make it simple for even novice hackers to launch such attacks. "Google's default settings put customers at risk unnecessarily. Google's services protect customers' usernames and passwords from interception and theft," said the experts, including luminaries from AT&T, PGP Corp. and top researchers from Berkeley, Harvard, MIT, Oxford and Purdue. "However, when a user composes email, documents, spreadsheets, presentations and calendar plans, this potentially sensitive content is transferred to Google's servers in the clear, allowing anyone with the right tools to steal that information.
Wed, 17 Jun 09
Apple Patches Java Flaws, At Last
http://feeds.voices.washingtonpost.com/click.phdo?i=be1ac66606cbb93a9d62d8df2390d997
Apple on Monday shipped updates to plug more than two dozen security holes in its version of Java, including a particularly dangerous flaw that Java maker Sun patched back in early December. Last month, Security Fix and others took Apple to task for taking too long to fix Java vulnerabilities. In fact, I found that Apple patches Java flaws on average about six months after Sun had shipped its own updates to fix the same vulnerabilities. At least two different researchers even released proof-of-concept exploits to shame Apple into quickly fixing an easy-to-exploit vulnerability that potential attackers had known about for six months. This Java update appears to address most of the outstanding Java vulnerabilities. From looking at the common vulnerabilities and exposures (CVE) numbers attached to each of the flaws fixed by Apple's Java rollup, it looks like this update brings Mac OS X systems to the equivalent of
Sat, 13 Jun 09
Default Passwords Led to $55 Million in Bogus Phone Charges
http://feeds.voices.washingtonpost.com/click.phdo?i=b9b64ed0e9aa6b32c18dcdf6d5516466
The U.S. Justice Department today unsealed indictments against three Filipino residents accused of hacking into thousands of private telephone networks in the United States and abroad, and then selling access to those networks at call centers in Italy that advertised cheap international calls. The indictments correspond to a series of raids and arrests announced today in Italy, where authorities apprehended five men alleged to have been operating the call centers and using the profits to help finance terrorist groups in Southeast Asia. The U.S. government alleges that the individuals arrested in the Philippines were responsible for hacking so-called private branch exchange (PBX) systems -- computerized telephone switches and voice mail systems -- owned by more than 2,500 companies in the United States, Canada, Australia and Europe. The indictment alleges that between October 2005 and December 2008, Manila residents Mahmoud Nusier, Paul Michael Kwan and Nancy Gomez broke into PBX systems,
Fri, 12 Jun 09
Spear-Phishing Gang Resurfaces, Nets Big Catch
http://feeds.voices.washingtonpost.com/click.phdo?i=855fc62176cf3765cd89542cb4c43c68
A prolific phishing gang known for using sophisticated and targeted e-mail attacks to siphon cash from small to mid-sized business bank accounts appears to be back in operation after more than a 5-month hiatus, security experts warn. From Feb. 2007 to Jan 2009, analysts at Sterling, Va., based security intelligence firm iDefense tracked 38 separate phishing campaigns from am Eastern European gang they simply call "Group A." iDefense believes this group was one of two responsible for a series of successful phishing attacks that spoofed the U.S. Better Business Bureau (BBB), the U.S. Department of Justice, the IRS, as well as Suntrust and payroll giant ADP. Last summer, authorities in Europe and Romania are thought to have arrested most members of a rival BBB phishing gang that iDefense called Group B. While the type of tricks that Group A employs once victims are hooked have grown more sophisticated, the initial
Thu, 11 Jun 09
Adobe Issues Security Updates for Reader, Acrobat
http://feeds.voices.washingtonpost.com/click.phdo?i=bf44620cb29b51ed8d23062d81762dd8
Adobe Systems Inc. on Tuesday released security updates to remedy at least 13 security flaws in its PDF Reader and Acrobat software. Updates are available for Mac and Windows versions of both programs. Last month, Adobe said it would begin rolling out security updates every three months, and yesterday was the first installment under that program, which is timed to coincide with Microsoft's Patch Tuesday in a bid to lighten the load on businesses that have to test these patches before deploying them. The latest update brings both Reader and Acrobat to version 9.1.2. Users can grab the latest versions via the updater built-in to the programs (from the menu, click "Help," then "Check for Updates") or from the links in the accompanying security advisory for this rollup.. Adobe said security updates for Adobe Reader on the UNIX platform will be available on June 16, 2009.
Wed, 10 Jun 09
Microsoft Issues Record Number of Security Updates
http://feeds.voices.washingtonpost.com/click.phdo?i=b84b9cfbb40bd318a872eabd0fb405d8
Microsoft Corp. issued a record-breaking number of software security updates today, shipping patches that plug at least 31 different security flaws in its Windows operating systems and other software. More than half of the security holes Microsoft plugged with June's patch batch earned a "critical," severity rating, meaning Redmond believes attackers could exploit the flaws to break into vulnerable systems without any help from the victims. What's more, Microsoft is warning that it expects to see publicly available reliable exploit code for most of the vulnerabilities it has issued patches for today. According to Symantec Corp., this is the largest number of vulnerabilities Microsoft has ever addressed in a single patch release (the previous record was set in Dec. 2008, when Microsoft issued 28 security updates in one go). Probably the most important of today's updates is a critical patch that addresses at least eight security holes in various versions
Wed, 10 Jun 09
The Fallout from the 3FN Takedown
http://feeds.voices.washingtonpost.com/click.phdo?i=389cd44df1fc1e8a4f47786944ebba7f
The Federal Trade Commission's unprecedented recent takedown against troubled Web hosting provider 3FN.net has had an immediate -- if little noticed -- impact on the level of spam sent worldwide, and the number of infected PCs doing the spamming, according to multiple sources. Experts say the drop in spam probably is not visible to most Internet users or even operators of large networks, as the decrease is within the upper ranges of daily fluctuations in spam volumes. Still, the preliminary results indicate that a large number of spam-spewing zombie PCs were being coordinated out of severs hosted at 3FN. According to botnet expert Joe Stewart, director of malware research at Atlanta based SecureWorks, 3FN was home to a large number of command-and-control servers for the Cutwail spam botnet, one of the world's largest. As of last week, Stewart said he was tracking upwards of 400,000 spam zombies infected with Cutwail
Wed, 10 Jun 09
Unshrinking Shortened Web Links
http://feeds.voices.washingtonpost.com/click.phdo?i=c93d7ecae6db5b1a4626fe84c3bec518
Social networking are contributing to an explosion in the number of services that help people convert long URLs into tiny Web links. URL shrinking services are especially useful on sites that place a premium on brevity -- such as Twitter, which limits tweets to 140 characters. But few online communities have made it easy for users to tell where the shortened links will take them, a reality that could be advantageous to phishers and other cyber crooks. When I first began researching this subject, I was amazed to learn how many URL shortening services are available today (at least 90). Also, the lack of a built-in or standardized approach to URL shortening services within individual social networking sites adds complexity to the problem. For example, many Twitter users shorten long Web links with bit.ly, but Twitter users are just as likely to see Tweets with links shortened by the services
Tue, 9 Jun 09
T-Mobile Investigating Data Breach Claims
http://feeds.voices.washingtonpost.com/click.phdo?i=afe3868a831f48dc421a4b28ad3cc65f
Wireless phone giant T-Mobile said today it is investigating claims that hackers have broken in and stolen customer data and company proprietary information. On Saturday, June 6, someone anonymously posted to the Full Disclosure security mailing list claims that a broad range of internal T-Mobile data had been compromised and was being put up for sale to the highest bidder. "We have everything, their databases, confidental [sic] documents, scripts and programs from their servers, financial documents up to 2009. We already contacted with their competitors and they didn't show interest in buying their data - probably because the mails got to the wrong people - so now we are offering them for the highest bidder.
Fri, 5 Jun 09
FTC Sues, Shuts Down N. Calif. Web Hosting Firm
http://feeds.voices.washingtonpost.com/click.phdo?i=2c3d1784c892bf128e890b8253e0897c
In an unprecedented move, the Federal Trade Commission has taken legal steps to shut down a Web hosting provider in Northern California that the agency says was directly involved in managing massive global spam operations. Sometime on Tuesday, more than 15,000 Web sites connected to San Jose, Calif., based Triple Fiber Network (3FN.net) went dark. 3FN's sites were disconnected after a Northern California district court judge approved an FTC request to have the company's upstream Internet providers stop routing traffic for the provider. In its civil complaint, the FTC names 3FN and its various monikers, including Pricewert LLC -- the business entity named on the 3fn.net Web site registration records. The FTC alleges that Pricewert/3FN operates as a "'rogue' or 'black hat' Internet service provider that recruits, knowingly hosts, and actively participates in the distribution of illegal, malicious, and harmful content," including botnet control servers, child pornography and rogue antivirus
Thu, 4 Jun 09
Microsoft's Fix for the Firefox Add-on Snafu
http://feeds.voices.washingtonpost.com/click.phdo?i=0632d4ed368175f8fa4498e23ad9070f
Last week, I received a tremendous reader response to a post I wrote about a security update from Microsoft that silently installed a "Microsoft .NET Framework Assistant" add-on for Firefox that was difficult and risky for users to uninstall. Given the emotional buttons this subject pushed among a large number of readers, I've put together a brief update along with some information provided in the comments to the previous post. Since that posting, someone pointed out that Microsoft has issued a patch in an apparent bid to appease those who have cried foul about this silently installed add-on. The patch is available and detailed at this link here. The update patches Windows systems so that the add-on installed by Microsoft can be successfully uninstalled without the user having to manually edit the Windows registry. (While editing the registry isn't all that difficult, a misstep can cause serious problems and it
Wed, 3 Jun 09
Security Updates for iTunes, QuickTime
http://feeds.voices.washingtonpost.com/click.phdo?i=1f7667e702e771313b2ea3b77041f287
Apple has issued updates to fix security issues in its QuickTime media player and iTunes software. Updates are available for both Mac and Windows versions of both programs. The QuickTime patch brings the program to version 7.6.2, and plugs at least 10 security holes, including two that are specific to the Windows version of QuickTime. The iTunes update, version 8.2, fixes a single yet critical flaw in iTunes that could let a malicious Web site use the program to install software on the user's system. Apple users can grab the updates from Software Update. Windows users will need to use the bundled Apple Software Update program to fetch these.
Wed, 3 Jun 09
Beladen Loads Hacked Web Sites With Badness
http://feeds.voices.washingtonpost.com/click.phdo?i=300a7c18153ad57e1ff67f8a952bb861
At least 40,000 Web sites recently were hacked and retrofitted with instructions that silently attempt to infest visitor PCs with malicious software, security experts warn. Internet security firm Websense has dubbed this series of attacks "Beladen," because the infected sites divert visitors to a site called beladen.net -- one of at least two exploit domains implicated in this attack (this domain actively serves malicious software, so please do not visit it). Stephan Chenette, a senior security researcher at Websense, said the company is not sure how the attackers are breaking into the hacked sites, and that it is still in the process of determining what the malware installed on victim's PCs actually does. However, each hacked Web page shares the same blob of obfuscated Javascript code, which is appended to the bottom of the hacked page's HTML. Each hacked site redirects to Web sites that bombard the visitor's PC with
Tue, 2 Jun 09
Microsoft Warns of Attacks on Unpatched Windows Flaw
http://feeds.voices.washingtonpost.com/click.phdo?i=1a7c4def28b4e7c3485549c2f82567c5
Microsoft is warning that hackers are using booby-trapped QuickTime media files to exploit a newly discovered security hole in Windows 2000, Windows XP, and Windows Server 2003 systems. Microsoft said it is aware of "limited attacks" against an unpatched vulnerability in a Windows DirectShow component designed to process QuickTime files. The vulnerability is present in those operating systems and can be exploited whether or not users have QuickTime installed. From a post on the Microsoft's Security Research & Defense blog: The vulnerability is in the DirectShow platform (quartz.dll). While the vulnerability is NOT in IE or other browsers, a browse-and-get-owned attack vector does exist here via the media playback plug-ins of browsers. The attacker could construct a malicious webpage which uses the media playback plug-ins to playback a malicious QuickTime file to reach the vulnerability in Quartz.dll. Please note this type of attack could happen for any browsers, not IE