Posts Tagged ‘attack’

Windows shortcut flaw goes wild?

Wednesday, July 21st, 2010

On July 16, Microsoft released Security Advisory 2286198 confirmed the Windows shortcut flaw that exposes all windows user of all current versions of Windows system to very serious attacks, including fully patched Windows 7 system.

Just by opening a directory containing the infected shortcut will get user infected. Once the infected shortcut icon is displayed in Windows Explorer, malicious code is launched without any further user interaction. Hackers have already developed malware that spreads via USB sticks, using this vulnerabilities.  Independent security researcher Frank Boldewin had found the attack is currently targeted toward the WinCC SCADA system by Siemens. “Looks like this malware was made for espionage,” Boldewin writes.

On Sunday, a researcher known as “Ivanlef0u” published aproof-of-concept code to several locations on the Internet. There is already a Metasploit module that implements the exploit with the WebDAV method.

To protect yourself from the attack, Microsoft suggests disabling the displaying of icon for shortcut and turning off WebClient service as workarounds against possible attacks. Please reference Microsoft advisory for details of how to “Disable the displaying of icons for shortcuts“. Another way to protect yourself is to use Didier Stevens’ tool Ariad .

Additional information on the flaw can be found in a blog post by the SANS Institute’s Internet Storm Centre here.

source:

Experts Warn of New Windows Shortcut Flaw

MS confirms Windows shortcut zero-day flaw

Preempting a Major Issue Due to the LNK Vulnerability – Raising Infocon to Yellow

Tags: , , ,
Posted in security news | No Comments »

Mobile network hack reveals sensitive cellphone data

Saturday, April 24th, 2010

Researchers have shown how easy is to find the number of most US-based mobile phone structural cracks in GSM mobile networks and to track practically any GSM-enabled handset through the world.

In the end of 2008 Tobias Engel demonstrated how to find the whereabouts of mobile phones by tapping into mobile network databases. An independent researcher Nick DePetrillo from the Source Conference in Boston Wednesday, and Don Bailey of iSec Partners proved how with related techniques it is possible to find a person’s spot even when his number is unknown and to gather other details which most users assume are undetectable.

(more…)

Tags: , ,
Posted in security news | No Comments »

Attack through new IE exploit

Tuesday, January 26th, 2010

Internet Explorer is again exploited by hackers. The attack, named “Aurora”, against Google and some other American companies was based on this new exploit of the Internet Explorer, announced McAfee. The exploit has already been reproduced by the Metasploit-Team, which has added the exploit to its framework.

Therefore the danger of this exploit has grown because also Script-Kiddies are able to use this exploit. The BSI recommended using another browser to not get victim of this exploit. Microsoft recommends to set the security options to “high” or to disable JavaScript on which the exploit is based.

A video explaining the attack “Aurora” can be found here.

Tags: , ,
Posted in security news | No Comments »

Twitter redirected

Monday, January 18th, 2010

On Thursday, 2009-12-17, Twitter’s domain name was hijacked. Visitors were redirected to a page that claimed Twitter had been hacked by the “Iranian Cyber Army”. But there is evidence to suggest that the attack was realised carried out by an individual from the U.S.

It seems the attackers had been able to change the DNS entries at Twitter’s provider. On the provider’s site no evidence was found that unauthenticated users had logged into the system. Therefore it is assumed that the attackers had the proper credentials to log into Twitter’s account at the provider.

In the last year, social networking services have often been attacked in various ways because of their popularity.

The whole article can be found here.

Tags: ,
Posted in security news | No Comments »

A new effective attack against Google’s reCAPTCHA

Thursday, December 17th, 2009

A new effective attack against Google’s CAPTCHA mechanisms was invented by a security researcher lately. The whole attack procedure is presented in a paper that was released on Saturday. The attack is based on OCR (Optical Character Recognition) techinques that used to evade Googles’ reCAPTCHA (CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart, for more information click here). reCAPTCHA is a recent security measure that Google uses so as to stop malicious scripts of doing important tasks without has been done first a specific authentication process. This process requires the sense of sight, that a computer script can’t have, so that optical puzzles can be solved first, in order to continue with the task execution.

(more…)

Tags: , ,
Posted in security news | No Comments »

H1N1 malware epidemic

Monday, December 7th, 2009

Earlier this week, the Center for Disease Control (CDC) issued a new malware scam, to warn citizens about a large malware campaign exploiting the public awareness of phishing attacks and the interest in H1N1 vaccinations.

The E-mail security company AppRiver detected a large amount of  fake CDC e-mails which were sent at a rate of nearly 18,000 messages per minute, reaching more than 1 million in the first hour alone, according to the company’s blog post.

The e-mails claim users to register for a new state vaccination programm by creating a personal H1N1 vaccination profile at a fraudulent web page of CDC. However, anyone who clicks on the link, his computer is infected with malware, an executable copy of ZBot trojan horse. This trojan, also known as Zeus, powers one of the most active botnets which steal data of compromised machines.

According to the security company Sunbelt Software’s report,  ZBot is listed as the second most prevalent malware threat.

Malware propagation can be succesful in a situation where social engineering is dominatinated by technology due to the public awareness and fear.

Tags: , , ,
Posted in Uncategorized | No Comments »

When XXS met Reddit

Wednesday, October 7th, 2009

The well-known social news website Reddit got hit from a very effective XSS (cross site scripting) attack on Sunday, September 27th.

The attack was rested on the fact that Reddit was not filtering out JavaScript in specific instances while a user was moving the mouse over the text field of the comments. (more…)

Tags: , , ,
Posted in security news | No Comments »