Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

BLOG
Extremely Refined APT Campaign Targets Renowned Individuals PDF Print E-mail
Written by Administrator   
Saturday, 20 December 2014 16:00


Experts of Blue Coat, a security firm, warn that a highly sophisticated and multifaceted advanced persistent threat (APT) is aiming persons holding strategic ranks: executives in significant enterprises like money and engineering, oil, embassy, government and military officers.

Researchers of Blue Coat Labs have recognized the arrival of this formerly
undocumented attack framework. The malware started targeting in Russia or related to Russian interests after the beginning of a movie in 2010 of the matching name about a burglar who entered people's dreams and embezzled secrets from their subliminal but has since stretched to other sites all over the world.

The malware is preferably delivered through phishing emails tainted with Trojanized documents targeting users of PC.

When an innocent victim clicks on the attachment, it opens the expected Word document to avoid raising any red flags. But actually in the background, the malware exploits a known RTF vulnerability to drop two small pieces of code to disk and open a link to communicate with command-and -control accounts hosted by a free version of Swedish hosting service CloudMe.

The malware once enters into a system, collects information like name of the computer, version of the system, user name and local IDs along with system drive and volume details. Blue Coat observed that all the collected data is encrypted and propelled to a cloud account through the Web Distributed Authoring and Versioning (WebDAV) format to try to avoid detection by anti-virus tools.

Blue Coat said that the framework is planned in such a manner that all contact after the malware contamination (i.e. target surveying, malware updates, configuration updates and information exfiltration) can be executed through the cloud service.

The attackers have also designed malware to target BlackBerry, Android and iOS devices in addition to PCs.

SecurityWeek reported on 10th December, 2014 quoting Waylon Grange, Senior Malware Researcher of Blue Coat, as saying "Depending on the characteristics of the attack and affected persons connected with national political, military and economic benefits, the group behind the origin could be a medium-sized country or may be a professional and resourceful private entity."

Read more... - Extremely Refined AP...
 
McAfee - Cyber-Espionage Likely to Increase Next Year PDF Print E-mail
Written by Administrator   
Saturday, 20 December 2014 16:00


ZDNet.in reported on 9th December, 2014 quoting McAfee's annual threat landscape report as predicting that "Cyber-espionage and attacks on connected devices are expected to increase in 2015."

The recently released report reveals that Internet-warfare has been hitting at almost everywhere from Information Technology circles to renowned culture which is getting a fever pitch creating suspicion and information about the breach at Sony Entertainment Pictures (SPE).

Nevertheless, online-warfare is anticipated to become a usual tactic - especially for "small countries and terrorist outfits" in 2015 focusing on collecting valuable intelligence on well-placed people and rational property along with operational intelligence.

ZDNet.in reported on 9th December, 2014 quoting explanation of researchers as "They will strike with the launch of crippling DDOS or (distributed denial of service) attacks or by using malware which swabs the MBR (master boot record) to demolish the network of their enemies. Together, players of lasting Internet espionage will execute better techniques to remain on a network of a victim with the help of better and more refined discreet technologies and other ways to stay below the operating system and clandestinely."

During third quarter, McAfee detected around 307 new threats per minute with overall levels of malware going up to a worrying 76% every year. The security firm adds that malware for mobile also grew by 16%.

Itproportal.com reported on 10th December, 2014 quoting Vincent Weafer, Senior Vice President of McAfee Labs as commenting on various incidents "The year 2014 will be remembered as 'the year of Shaken Trust. This exceptional series of incidents shook the confidence of the industry in long-standing trust models of Internet, confidence of consumer on the organisation's ability to protect their data and resulting lack of confidence of organization in detecting and deflecting targeted attacks in a timely manner."

Marketwatch.com published news on 9th December, 2014 quoting Vincent Weafer as saying "Trust will be restored in 2015 with stronger collaboration in industry, new standards for a new threat-landscape and new security postures which shrink time to detect through superior use of threat data. Eventually, we need to have a security model with built-in design and flawless integrated into every device at every layer of the compute stack."

Read more... - McAfee - Cyber-Espio...
 
Major Security Breach Happens on CHARGE Anywhere PDF Print E-mail
Written by Administrator   
Friday, 19 December 2014 08:00

Securityweek.com reported on 9th December, 2014 that an electronic payment opening solutions giver CHARGE Anywhere, LLC revealed that a recent attack on its network has resulted entry by hackers to payment card information for transactions processed via several merchants.

CHARGE Anywhere said that the crooks breached the machines and captured data by using malware which had not been detected before by anti-virus program.

The company (CHARGE Anywhere) provides answers that route transactions regarding payment from merchant's point-of-sale machines to their processors of payment. Customers consists developers, large enterprises and ISO or (independent sales organizations).

The company said that scammers potentially accessed data such as account numbers, names of cardholder, expiry dates and verification codes.

The company emphasized that it performed an investigation on being asked to probe fraudulent charges which emerged on cards that had been legally used at certain businesses.

Threatpost.com reported on 10th December, 2014 quoting CHARGE Anywhere as saying "The probe highlighted that an unlawful person initially gained entrée to the network and fitted advanced malware which was then used to capture sections of outbound network traffic and most of the outbound traffic was encrypted. But, the format and process of connection for definite outbound messages allowed the illegal person to capture and then gain entrée to text authorization requests for payment card business."

The unfortunate firm said that the malware has been removed from its network since it was discovered on 22nd September, 2014. They said that they have found the evidence of network capture for traffic segments between 17th August and 22nd September but it seems that hackers were capable of this capability since as long back as 5th November, 2009.

CHARGE Anywhere added: "We have been working with credit card companies and processors to provide a list of merchants and account numbers of cards used during the period of issue so that the banks issuing those cards can be alerted and banks conduct intensified monitoring of transactions to detect and thwart unauthorized charges."

CHARGE Anywhere said that it deeply regrets any inconvenience caused to its customers due to such attack and advised them to ask questions on their hotline numbers if needed.

Read more... - Major Security Breac...
 
Phishers Using Logo of Norton Antivirus within Fake E-mails, Caution Security Experts PDF Print E-mail
Written by Administrator   
Friday, 19 December 2014 08:00

According to security researchers, Internauts should be wary of a phishing electronic mail that carries Norton Antivirus' logo while poses as a message from the company's admin, reported softpedia.com dated December 10, 2014.

A false assertion made in the e-mail tells the recipient that his account has been sending out malware onto the sender's machine and warns that if the virus problem isn't resolved, the user's e-mail A/C will be suspended forever.

The e-mail directs that the user must immediately follow a given web-link for executing a scan as also cleaning his e-mail account.

But, everything asserted within the e-mail is totally false and has been resorted to for deceiving the user into divulging his account login credentials for the benefit of the scammers.

Actually, following the web-link leads one onto a fake web-page of Norton Antivirus which contains one bogus login box. Inside this box subsequently, the victim is directed for logging in while providing his e-mail id along with password for executing the scan spanning 30-secs.

So, if the log-in procedure is done, a message -"Please wait-scanning" would get exhibited spanning some seconds. Eventually, another message -"Scan Complete" would appear. Now, the victim is likely to believe his computer is sanitized off the viruses.

In the meantime, the scammers may gather the user's login credentials followed with compromising his e-mail account. They may then utilize the account to distribute bulk e-mails which would elude the anti-spam solutions.

Researchers report the above phishing scam isn't happening for fresh since after its first emergence back in 2013 beginning, its continuation has been ongoing.

Clues abound that are suggestive of the deceit. First, the e-mail sender's details are vague. Genuine entities present their identity unambiguously, especially for deterring malevolent third-parties from attempting impersonation. Besides, they would use recipient's name directly for addressing him - name obtainable from the subscription details.

Now, incase none of the above clues stand out, while instructions in the message are fulfilled, checking the URL inside the Web browsers' address bar can help i.e. incase the URL doesn't correspond with the sender's particulars in that situation a fraud definitely is developing, the researchers conclude.

Read more... - Phishers Using Logo ...
 
Destover Attack on PCs by Using Stolen Security Certificates from Sony PDF Print E-mail
Written by Administrator   
Thursday, 18 December 2014 06:00

Kaspersky Labs has found that the huge breach carried out against Sony Pictures Entertainment has led to a seemingly side effect wherein the 'Destover' malicious program is currently wreaking havoc by utilizing one embezzled digital certificate that belonged to SPE for probably hacking PC-systems.

The implication of this is that since there's a trust factor associated with the certificate deployed on certain PCs, the malware possibly has little difficulty in bypassing defense technologies such as default-deny policies and/or anti-virus programs. The entire provisions is allegedly for exploitation as certain folders accessed through the Sony hack contained an assortment of SPE's signing keys and security certificates.

Global Security Strategist Trey Ford with Rapid7 explains that suppose SPE-signed digital certificates got exposed during the hack, there could be serious problems confronting the IT security departments of other organizations. For, crooks may utilize embezzled digital certificates for authorizing Destover thus letting them circumvent the IT security solutions of several businesses without getting noticed, he analyzes. Mashable published this, December 9, 2014.

According to Vice-President of Security Strategy and Threat Intelligence Kevin Bocek at Venafi a security company, with further news coming in gradually about the SPE breach, it is little astonishing to know about Destover malware's latest variant, which the hackers employed, actually got signed with an authentic cert from Sony. Repeatedly, hacked companies like Sony are being seen carelessly enabling attackers by not sufficiently safeguarding the faith which cryptographic keys and digital certificates provide, Bocek bemoans. SecurityWeek published this, December 9, 2014.

Bocek continues that cyber-crooks have discovered how easily, quickly and successfully they can insert malicious software into corporate networks without getting detected via authenticating the malware with signature using filched/compromised e-certificates. They're aware how organizations usually can't recognize atypical certificates which nevertheless validate machines along with their operators on company networks, software programs as well as devices; consequently, they abuse the items.

It's typical of global organizations to use innumerable certificates/keys, while most don't maintain a proper stock of them, don't have an idea about the places they're deployed, the person(s) utilizing them as also don't maintain the proper security mechanisms for the same, Bocek tells.

Read more... - Destover Attack on P...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1218
Polls
The Spamproblem is
 
Who's online
We have 22 guests and 4 members online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us