 Your new post is loading...
Your new post is loading...
Cybercrime costs Britain £27bn a year, and it could cost you dear too if you don't take basic precautions. James Silver asked experts for their top tips
Bösartige Angreifer kapern Apache-Webserver und leiten deren Besucher auf Schad-Websites um. Die Tarnung der Malware ist fast perfekt. Eine Hintertür, die von Administratoren nur schwer bemerkt werden kann, sorgt dafür, dass Internet-Anfragen an Apache-Server nicht in Logs aufgenommen werden. Die gesendeten http-Anfragen, die in Wirklichkeit einen Trojaner steuern, sind nicht ersichtlich. Der Rest des Angriffs läuft im Speicher ab, Bugfixes gibt es noch nicht. 29. April 2013 von Manfred Kohlen 0
Die Malware Linux/Cdorked.A ist eine raffinierte Hintertür, die alles tut, um den Internetverkehr auf schädliche Webseiten umzuleiten, schreibt Sicherheitsanbieter Eset in einer aktuellen Warnung. Der Schädling sei so gut, dass er laut eigener Analysen schon hunderte von Webservern unter seine Kontrolle gebracht habe.
|
Scooped by
Gust MEES
March 21, 2013 5:54 PM
|
Sicherheitsexperten analysieren derzeit die Cyberattacken auf Südkorea und liefern die ersten Ergebnisse. Demnach wurde unter anderem eine Malware eingesetzt, die das Ziel hat, Linux-Rechner auszuschalten.
|
|
Scooped by
Gust MEES
February 25, 2013 1:44 PM
|
View the results of the Virus Bulletin VB100 anti-virus product comparisons
|
|
Scooped by
Gust MEES
January 3, 2013 3:38 AM
|
Security researchers from antivirus vendor Trend Micro have uncovered a piece of backdoor-type malware that infects Java-based HTTP servers and allows attackers to execute malicious commands on the underlying systems.
|
|
Rescooped by
Gust MEES
from 21st Century Learning and Teaching
November 6, 2012 12:24 PM
|
|
|
Scooped by
Gust MEES
October 9, 2012 11:32 AM
|
|
|
Rescooped by
Gust MEES
from 21st Century Learning and Teaching
September 2, 2012 8:05 AM
|
If you thought that capturing a user's social media session was only done by skilled hackers, now the Firesheep addon can allow even the truly clueless to become an Internet griefer. Even if you were drunk and surfing at a Wi-Fi hotspot, you probably wouldn't stand up and shout your username and password for anyone who might want it. But an attacker does not need to find out your username and password. If you thought that capturing a user's social media session was only done by skilled hackers, now the Firesheep addon can allow even the truly clueless to become an Internet griefer. If you were at a Wi-Fi hotspot, you probably would have no options and no encryption at all. Although many websites give lip service about how important their users' privacy and security is to them, very few have their entire site encrypted with HTTPS. Most sites encrypt the username and password during the login process, but most of those sites stop encrypting and protecting the user right there. As soon as a user moves on to a regular HTTP page on the site, an attacker can sniff and capture the user's cookie information. Many of us are busy multitasking, so we log into Twitter or Facebook, or even Flickr, and then move on to surf other sites without first logging out of those accounts. If any of those future sites have a Twitter or Facebook widget, or even a Flickr image embedded, if you didn't log out of those sites before continuing to surf, then HTTP session jacking, also called "sidejacking," can happen and leak the user's cookie. Security researchers explained that if a person can steal the cookie, then they can steal your session and allow them to do anything the user could do on the site. Gust MEES: a MUST READ for Mac, Linux and Windows users!!! Read more: http://blogs.computerworld.com/17226/firesheep_addon_allows_the_clueless_to_hack_facebook_twitter_over_wi_fi
|
|
Scooped by
Gust MEES
August 31, 2012 1:04 PM
|
Mobile variants of the commercial FinFisher trojan target BlackBerry, Windows Mobile, Symbian, Android and iOS devices. The commercial FinFisher FinSpy spyware trojan was created by Gamma International, and its development is believed to take place in Germany. The company sells its trojan toolkit – which is thought to currently support all major operating systems including Linux, Mac OS X and Windows – to governments for use by security agencies. Until now, relatively little was known about the mobile variant of the trojan.
Based on the available code samples, Citizen Lab is convinced that the mobile trojans it analysed are a mobile variant of FinSpy. The trojan is believed to be capable of monitoring rooms through silent calls, downloading files, tracking a user's location, and forwarding phone calls, SMS text messages and emails. FinSpy can also apparently intercept BlackBerry Messenger messages. The trojan typically infects smartphones via specially crafted emails.
The iOS variant requires iOS 4 or later and is executable on all iPad models, on iPhone 4 and 4S devices, and on third and fourth generation iPod Touch devices. The app installs in the background, downloads further code, and injects this code into the startup routine, anchoring itself deep into the system. The researchers found "FinSpyV2" references in the binary. As the binary contains a valid developer certificate and an ad-hoc distribution profile, iOS devices accept it without the need for a jailbreak. The certificate was issued to Martin Münch – the managing director of Gamma International's German subsidiary.
|
|
Scooped by
Gust MEES
August 28, 2012 2:11 PM
|
|
|
Scooped by
Gust MEES
July 31, 2012 7:33 PM
|
Summary: Google Chrome version 21.0.1180.60 (21.0.1180.57 for Mac and Linux) is out, fixing 15 security vulnerabilities in the search giant's browser. ===> Strictly from a security perspective, you should upgrade as soon as possible. <=== Read more: http://www.zdnet.com/google-chrome-21-is-out-7000001920/
|
|
Scooped by
Gust MEES
July 16, 2012 5:38 PM
|
|
|
Scooped by
Gust MEES
July 11, 2012 12:21 PM
|
|
Malware that hides itself from admins has been found in the wild, allowing attackers to compromise web servers and redirect users to sites hosting exploit kits. Researchers at security firm ESET have dubbed the malware Linux/Cdorked.A and are calling it "the most sophisticated Apache backdoor" due to its ability to evade detection. ===> Apache web servers run about 50 percent of the world’s websites, according to UK-based internet security firm, Netcraft. <=== The researchers claim the malware has been installed on hundreds of compromised web servers, which have served up malicious redirects to thousands of visitors.
|
|
Scooped by
Gust MEES
March 29, 2013 2:47 PM
|
There is a critical vulnerability in several current versions of the BIND nameserver software that could allow an attacker to knock vulnerable DNS servers offline or compromise other applications running on those machines. The bug is present in several versions of the ubiquitous BIND software and the maintainers of the application have released a patch for it ===> that they recommend users install as soon as possible. <=== ===> The vulnerability is in BIND 9.7, 9.8, and 9.9 for Unix systems, but Windows versions are not affected. <=== The problem lies in the way that the software handles certain regular expressions, and an attacker who exploits the vulnerability could not only cause a denial-of-service condition on the server but also could potentially compromise other software on the machine.
|
|
Scooped by
Gust MEES
March 11, 2013 3:36 AM
|
This bulletin was written by Vigil@nce : http://vigilance.fr/offer SYNTHESIS OF THE VULNERABILITY A local attacker can use the getsockopt() (...)
|
|
Scooped by
Gust MEES
February 25, 2013 10:51 AM
|
Auf kompromittierten Linux-Systemen haben Sicherheitsexperten eine heimtückische Hintertür entdeckt, die sich über eine Bibliothek in den SSH-Dienst einklinkt.
|
|
Scooped by
Gust MEES
November 20, 2012 8:32 AM
|
The Linux root kit targets 64-bit Linux platforms and uses advanced techniques to hide itself, and infects the websites hosted on attacked HTTP server working to launch drive-by download attacks. “It's an outstanding sample, not only because it targets 64-bit Linux platforms and uses advanced techniques to hide itself, but primarily because of the unusual functionality of infecting the websites hosted on attacked HTTP server - and therefore working as a part of drive-by download scenario,” commented Marta Janus, a Kaspersky Lab Expert who examined the rootkit sample. ===> “This rootkit, though it's still in the development stage, shows a new approach to the drive-by download schema and we can certainly expect more such malware in the future.” <=== Read more: http://www.securityweek.com/linux-rootkit-found-launching-iframe-injection-attacks
Two weeks ago, Mac security software company Intego discovered malware which it classified as "a new Java backdoor trojan called Java/Jacksbot.A.” New threats are discovered all the time, but Intego later concluded that even though Jacksbot is a variant of the Java remote access tool (RAT) created by the jailbreaking group Redpois0n, it can target multiple platforms. The malware writers behind JACKSBOT may just be testing the waters for a successful multiplatform malware; however for now they appear to be unwilling to invest the time and resources to develop the code more completely. ===> It’s likely that the authors will continue to improve the code to fully support infection for OS X and Linux. <=== Read more, a MUST: http://thenextweb.com/2012/10/31/jacksbot-java-malware-can-take-control-of-windows-mac-and-linux-systems/?utm_source=dlvr.it&amp;utm_medium=twitter
|
|
Scooped by
Gust MEES
September 3, 2012 9:03 AM
|
|
|
Scooped by
Gust MEES
September 1, 2012 9:53 AM
|
===> Malware writers are interested in Linux after all. <=== Russian security firm Dr Web has reported finding a shadowy Trojan that sets out to steal passwords on the open source platform as well as OS X. Cross platform malware is rare but not unheard of, the usual technique being to hook into Java in search of victims using OS X. Malware specifically designed to steal credentials from Linux systems is almost unheard of but might, on the basis of this new discovery, become a little less so in future. "We do not have explicit evidence that it uses Java. To my knowledge it does not. This file was received from Virustotal," Dr Web analyst Igor Zdobnov told Techworld. Read more: http://news.techworld.com/security/3378804/linux-users-targeted-by-password-stealing-wirenet-trojan/?olo=rss&utm_source=dlvr.it&utm_medium=twitter
|
|
Scooped by
Gust MEES
August 29, 2012 6:12 AM
|
|
|
Rescooped by
Gust MEES
from 21st Century Learning and Teaching
August 14, 2012 3:58 PM
|
Adobe and Microsoft each issued security updates today to fix critical vulnerabilities in their software. Adobe’s fixes include a patch for a Flash Player flaw that is actively being exploited to break into Windows computers. Microsoft’s Patch Tuesday release includes nine patch bundles — more than half of them rated critical — addressing at least 27 security holes in Windows and related software. Nevertheless, the underlying vulnerability being targeted exists in Windows, Mac and Linux versions of the software. Windows and Mac users can grab the latest version (v. 11.3.300.271) via the Flash Player download center. Be sure to uncheck the “free” software scans that Adobe loves to bundle with updates, such as McAfee‘s obnoxious Security Scan Plus, if you don’t want it. Linux users should update to v. 11.2.202.238, and Chrome users want to be at v. 11.3.330.270 (normally Chrome auto-updates Flash, but recently it’s been sluggish to do so: my Chrome installation is still at v. 11.3.31.225. I will update this post in a bit with the direct links to the Flash Player downloads. Read more, a MUST for any "OS": http://krebsonsecurity.com/2012/08/critical-security-fixes-from-adobe-microsoft/
|
|
Scooped by
Gust MEES
July 17, 2012 9:37 AM
|
|
|
Scooped by
Gust MEES
July 16, 2012 9:24 AM
|
|
Scoop.it!
The weakest link in a security chain is and still will be the human!!! A security by 100% doesn't exist!!!
===> Read the article, a MUST!!! <===> ALSO for MAC & Linux users!!! <===
Learn more:
- https://gustmees.wordpress.com/2012/11/29/cyber-hygiene-ict-hygiene-for-population-education-and-business/
- https://gustmees.wordpress.com/2012/11/05/naivety-in-the-digital-age/
- http://www.symantec.com/connect/articles/social-engineering-fundamentals-part-i-hacker-tactics?API1=100&API2=3640290
The weakest link in a security chain is and still will be the human!!! A security by 100% doesn't exist!!!
===> Read the article, a MUST!!! <===> ALSO for MAC & Linux users!!! <===
Learn more:
- https://gustmees.wordpress.com/2012/11/29/cyber-hygiene-ict-hygiene-for-population-education-and-business/
- https://gustmees.wordpress.com/2012/11/05/naivety-in-the-digital-age/
- http://www.symantec.com/connect/articles/social-engineering-fundamentals-part-i-hacker-tactics?API1=100&API2=3640290