Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

BLOG
‘Code Hooking’ Leads to Security Problems in Software Products PDF Print E-mail
Written by Administrator   
Friday, 22 July 2016 13:00


A technique called 'code hooking' which Microsoft as well as 3rd-party security firms implement, however, improperly, caused innumerable end-users vulnerable to assaults which effectively countered mitigation measures. A few of these measures, according to researchers, got bypassed for as long as 10 years even. Incidentally, hooking is that technique which various software applications use for pursuing operating systems' working so as to tap their functioning while altering the same, and sometimes even for injecting code into these OSs.

The researchers, Udi Yavo and Tomer Bitton, who belong to enSilo, a company specializing in prevention of data exfiltration, discovered six widely occurring security problems in more than fifteen software products at the time of examining the procedure wherein software companies utilize hooking technique for adding code to a process so that the 'application programming interface' (API) calls that are sensitive in nature and which the process makes can be tapped, monitored, and changed.

Researchers Yavo and Bitton examined certain hooking engines along with the code injection methods that over 15 separate software programs employed. The software programs were popular anti-virus programs of security companies McAfee, Kaspersky, AVG, BitDefender and Symantec; computer hacking protection solutions; anti-data leak safeguards; and system exploitation prevention programs. Itnews.com posted this, July 20, 2016.

The researchers' interest for the study comes from one earlier scrutiny that identified security issues in memory space of PCs that Kaspersky, McAfee and AVG worked on.

That earlier scrutiny, also by enSilo's researchers, detected how it was difficult for anti-virus software to append to other software programs or system APIs for checking for malicious operations.

The other software programs, which included performance and virtualization examining programs, were subject to malware infections that countered security software, as well as anti-malware solutions for operating systems.

Microsoft is aiming to release a fix for the said security software-countering problem in August. Nevertheless, according to Yavo and Bitton, it maybe difficult for developing an appropriate one for software employing code-hooking for want of reassembling of all the flawed software programs.

Pertinently, software companies are advised for patching their affected programs, while customers owning any should contact their providers for the same purpose.

Read more... - ‘Code Hooking’ L...
 
Apple Having Own Stagefright Vulnerability PDF Print E-mail
Written by Administrator   
Friday, 22 July 2016 13:00


A patch was released by Apple for vulnerabilities that are affecting the iOS, iTunes, Safari, tvOS, OS X El Captain and watchOS products line. A critical vulnerabilities patch in OS X and iOS was included in the update, which could permit remote code execution.

Tyler Bohan from team of Cisco Talos, found out the issues that could be exploited by sending an attachment of malformed image in an email to the victims, embedded in Webpage, by means of MMS messages, iMessages, and all other types of applications.

Softpedia.com posted on July 20th, 2016, stating that the problem was that few of the Apple products try automatic processing of the image that was received from attacker for creating and presenting a thumbnail.

Once this happens, product of Apple loses its control on handling of its memory space, and malicious code that is embedded in image gets executed, thus enabling attacker to obtain reins of device.

Tyler Bohan, Senior Security Researcher of Cisco Talos, discover flaws in image processing format of OS X platform. Stragefright vulnerabilities of Android devices that got discovered one year back by Joshua J. Drake of Zimperium zLabs are comparable to these vulnerabilities. The flaw of iOS allows almost undetectable passwords theft from iPhones.

Talos says that an attacker can deliver payload for launching the vulnerability by using MMS messages, iMessages, malicious webpages, or other file attachments that are malicious.

Zscaler, a security firm, founds separate vulnerability that is affecting OS X El Capitan, which allows illegal access of cookies kept in Safari browser to the applications which don't have suitable privileges. Abhinav Bansal, Senior Software Engineer of Zscaler, wrote on a blog post of the company that "this access could result in a malicious application lifting all the persistent cookies for a given user and accessing sites posing as that user."

Marc Laliberte, information security threat analyst of WatchGuard Technologies, says that several updates involved situations where Apple has discovered more related vulnerabilities as a vulnerabilities report that is disclosed by the external researchers. He sent an email to SCMagazine.com stating that "while investigating further into a reported vulnerability should be the status quo, that isn't always the case".

Read more... - Apple Having Own Sta...
 
Infamous Banking Trojan Carbanak Tied to Russia-Based Cyber-Security Company Captures Financial Transaction Making PDF Print E-mail
Written by Administrator   
Friday, 22 July 2016 13:00


Researchers investigating Carbanak the financial Trojan's origin have found it apparently having links with certain cyber-security company in Russia. Trojan Carbanak, which's very advanced in its operations, has been created for launching attacks on financial institutions, e-payment systems and banks globally. If any computer is infected with Carbanak, mostly via spear-phishing e-mail else because of inadequate network defense, then proliferation of the Trojan gets started to the extent of finding administrative panels followed with monitoring them for seizing financial transaction making.

Incidentally, Trojan Carbanak has been employed for a huge number of high-dollar online robberies. Its creators can be described as mainly infiltrating bank networks with the aid of infected Microsoft Office documents so as to utilize that access for compelling automatic teller machines of banks to dispense cash. Kaspersky Lab the Russian cyber-security company computes that Carbanak gangsters possibly stole nearly USD1bn chiefly from banks in Russia.

Security Researcher Guilmette found that the domains utilized for distributing the e-mails carrying the Carbanak malicious program were registered with e-mail id This e-mail address is being protected from spambots. You need JavaScript enabled to view it that Xicheng Co., a Chinese firm owned. The e-mail id provided 2 telephone numbers -1066549216 and 1066569215 that were prefixed with the American or Chinese international code. Softpedia.com posted this, July 19, 2016.

Continuing from Guilmette's research, ThreatConnect another security company spotted 484-or-more domains that were linked to the identical electronic mail id else twenty six other electronic mail ids which too displayed Xicheng Co.'s name else the identical telephone numbers.

But with more investigation, it was found that some URLs though registered with those very telephone numbers, didn't serve Carbanak. A particular URL namely cubehost.biz was apparently of Artem Tveritinov a 28-yr-old youth belonging to Perm, Russia, that was registered in 2013.

The URL is no longer active, but independent researcher Brian Krebs states it's an alias of Infocube (also written as InfoKube) another Russian cyber-security company that's as well of Tveritinov.

A lot of the websites employed for Carbanak campaigns obtained their hosting services from this Internet Protocol address. In completion to Kreb's findings, Guilmette showed how the same IP as well supported domains utilized for Citadel campaigns another well-known banking Trojan.

Read more... - Infamous Banking Tro...
 
Hackers Allegedly from China Deface Online Portals of Philippines Government PDF Print E-mail
Written by Administrator   
Thursday, 21 July 2016 13:00


Two websites of Philippines government recently became targets of online hackers suspected to be from China. The hack occurred only days after a ruling was passed at The Hague's Permanent Court of Arbitration in Netherlands supporting the Philippines' contention with regards to the dispute brewing as to the country' sole right on what is referred to as South China Sea.

The names of the websites are Panglao and Loon and these came under hackers' control July 16th, 2016. Subsequently, on July 18, another online site belonging to COA (Commission on Audit) faced hackers' onslaught. All the 3 sites cannot be currently accessed.

The hackers planted the mask of notorious Guy Fawkes onto the background of the hacked sites. Incidentally, this mask is an official mark of the Anonymous hacktivist group. The accompanying message stated, apparently from the Chinese government, that there was no one who could give another person his freedom, nor justice or equality; a person of strength would have to take it himself.

A web-link pointing to a Twitter account appeared as being of one dormant member of Anonymous belonging to Brazil. Another web-link pointing to one YouTube account too indicates the same member executed tasks during earlier Anonymous campaigns which primarily dealt with Brazil and South America. It's yet not certain whether the Anonymous intruder actually did the hack alternatively whether the web-link posted taking onto his Twitter A/C had been posted without his consent.

When the verdict was passed at The Hague, numerous Filipinos rejoiced. As per the tribunal's ruling, the China government was unlawfully trying to assert its authority on the alleged South China Sea. China dismissed the ruling stating that The Hague didn't have any jurisdiction on the particular portion of the Sea so it could pass no ruling regarding the dispute. Ibtimes.co.uk posted this dated July 18, 2016.

With abundant natural gas as well as hydrocarbon, the South China Sea covering several islands within the West Philippine Sea is one prominent shipping corridor opening up worldwide trade. Besides China, there are 6 nation states among which the Philippines, Vietnam and Japan are included with overlapping claims.

Read more... - Hackers Allegedly fr...
 
New Android Malware Blocks Calls to Customer Care of Banks to Stop Reporting Fraud PDF Print E-mail
Written by Administrator   
Thursday, 21 July 2016 13:00


Technology Company of America, Symantec, found the malware app Android.Fakebank.B in Oct. 2013. This app replaces the banking apps on the device of a user with fake versions, thus helping a hacker in tracking and accessing the bank details of a victim and then in conducting the fraudulent transactions.

Techtimes.com posted on July 19th, 2016, stating that latest malware version of Android.Fakebank.B was released in the month of March, and it has the ability to block calls to the banks.

As per Symantec, once a victim attempts calling these banks from their registered mobile number, then this malware redirects call to the IVR (Interactive Voice Response) System and then cancelled the call. This malware is highly dangerous because it will be difficult for customers to report for unauthorized transaction, or cancelling the unsanctioned payments.

The customer could call the bank from other device, but due to this hackers can still gain additional time for stealing the data from the compromised device.

The telephone numbers of banks and their respective customer care departments which may be affected from the malware are: KEB Hana Bank: 15991111, KB Bank: 15999999, Sberbank: 80055550, NH Bank: 15442100 and 15882100, Shinhan Bank: 15448000 and 15778000, SC Bank: 15881599 and 15889999.

Symantec suggests that users of Android phone should always update their software to protect mobile devices from the Android.Fakebank.B. Technology Company also recommends that users of tablet or mobile phone must not download application from unknown websites, and should always install apps from the trustworthy sources.

Google has started rolling out monthly security updates to Nexus devices and the same is being followed by many other device makers such as Samsung. A previous Tech Times report also highlighted that Samsung and Nexus devices are the safest Android smartphones to use.

Several users of mobile phone have started doing financial transactions from handsets, meaning that more and more hackers will attempt to target the smartphones for stealing data. Security experts suggested that it is a good habit to download the security patch once it is received, although a security update does not add new feature to it.

Read more... - New Android Malware ...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1424
Polls
The Spamproblem is
 
Who's online
We have 34 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us