Weekly Top 10 security news (25th-feb-3rd-mar)

Evernote Hacked

Evernote, a Web-based note-sharing service, said it was resetting the passwords of its 50 million users because hackers managed to breach its computer network and access some usernames, email addresses and encrypted passwords.

Evernote spokeswoman Ronda Scott said via email on Saturday that the attack "follows a similar pattern" to other cyber attacks on Internet-based companies in recent weeks, but she did not elaborate."In our security investigation, we have found no evidence that any of the content you store in Evernote was accessed, changed or lost," the company said on its website. "We also have no evidence that any payment information for Evernote Premium or Evernote Business customers was accessed."

Read More

Stuxnet cyberweapon two years older than believed:

On Tuesday, researchers from Symantec’s Security Response team released a report offering proof that the Stuxnet worm that targeted industrial facilities in Iran—most especially the Natanz uranium enrichment facility suspected to be part an Iranian effort to produce nuclear weapons— is 2 years older than previously thought.

The 18-page report reveals that development of the malware dates back to 2005, although it first appeared in the wild in 2007. It wasn’t identified until July 2010. What explains the two-year lead time? An extended refinement process was probably part of what made Stuxnet and its precursor, Flame, so sophisticated.

Read More

Yahoo to shut down seven products, including Blackberry app

Yahoo Inc is shutting down seven products, including its mobile app for Blackberry smartphones, as new Chief Executive Marissa Mayer takes a page from Google Inc's Playbook by eliminating unsuccessful products en masse.

The product shutdowns, which Yahoo announced on its official company blog on Friday, are part of what the company said are regular efforts to evaluate and review its product lineup.Mayer signaled the company would prune its line-up of mobile apps at an investor conference last month, noting that Yahoo would reduce the 60 to 75 disparate mobile apps it currently has to a more manageable 12 to 15 apps.

Yahoo said its app for Blackberry smartphones would no longer be available for download, or supported by Yahoo, as of April 1.

Read More

Latest Kelihos Botnet Shut Down Live at RSA Conference 2013

The third version of the prolific peer-to-peer botnet responsible for volumes of pharmaceutical spam, Bitcoin wallet theft and credential harvesting was shut down before a live audience today at RSA Conference 2013.

With the execution of a few commands that culminated weeks of intelligence gathering and coding, a CrowdStrike researcher was able to sinkhole thousands of bots before a packed session hall. A heat map of the world lit up like a stoplight with red dots representing bots connecting to the sinkhole rather than to their P2P proxies—a real-time illustration of a successful takedown.

Read More

Webhosting management company cPanel suffers break-in, lets slip customers' root passwords

Webhosting management company cPanel recently announced a worrying sort of compromise.A break-in to one of the company's technical support servers put customers at risk by exposing Personally Identifiable Information (PII).This time, the PII was of the most intimate sort: root (i.e. administrative) passwords.

Giving remote support staff administrative access to your servers is always fraught with danger.It's a bit like handing the keys to your fancy new car to the valet parking guy.You assume that he's insured, and that he's a competent driver, and even that he's a lot more experienced than you at reversing in and out of the tricky spaces in the parking garage.

Read More

Google patches two-factor authentication oversight

Google's two-factor authentication system has been heralded as a great way to add additional security to an account, but an oversight, recently closed by the web giant, had enabled attackers to reduced the factor back to one.Researchers have discovered an oversight in how Google's two-factor authentication system works for services that could have allowed attackers to reduce the factor of security to one.

Google's two-factor system requires users to enter an additional factor — a numerical token — sent to or generated on their smartphone, in order to increase the security of their account from more than just a single password. However, as the system only works with applications that useTime-based One-time Password Algorithm (TOTP), the system uses application-specific passwords (ASP) as an additional factor.

Read More

Facebook to fix bug leaking users' phone numbers

Facebook is rolling out a patch to fix a rare bug in its API that had apparently been leaking users’ phone numbers to app developers.The glitch, which was first reported back in June 2012, was affecting the email field in some mobile apps accessing Facebook’s API (application programming interface).During the registration process users would give the developer permission to access their email address on file with Facebook. But instead of returning an email address, the app’s email field was giving developers the user’s phone number instead.

The bug had been occurring only once in every thousand cases, Facebook said. But with some larger app developers having multiple thousands of users, the incidence rate is significant.One app developer affected by the glitch, however, reported a higher incidence rate. Nathan Cobb, research investigator with the American Legacy Foundation, an antismoking nonprofit, said their group’s smoking cessation app, Ubiquitous, was giving them phone numbers for about one in every 200 users.

Read More

Dropbox users hit with spam emails

Popular cloud storage company Dropbox saw another uptick in the amount of spam users reported receiving last week, leading to complaints on the company's own troubleshooting forum.Some users speculated that the storage service had been hacked and that a list of customer emails may have been stolen and sold to spammers.

But a company spokesman said that, from what he could tell, this wasn't the case."We've been looking into these spam reports, and take them seriously," a man identified as "Sean B." wrote on the forum. "At this time, we have not seen anything to suggest this is a new issue, but remain vigilant given the recent wave of security incidents at other tech companies."

Read More

China says U.S. routinely hacks Defense Ministry websites

(Reuters) - Two major Chinese military websites, including that of the Defense Ministry, were subject to about 144,000 hacking attacks a month last year, almost two-thirds of which came from the United States, the ministry said on Thursday.This month a U.S. computer security company said that a secretive Chinese military unit was likely behind a series of hacking attacks mostly targeting the United States, setting off a war of words between Washington and Beijing.

China denied the allegations and said it was the victim.It has now provided some details for the first time of the alleged attacks from the United States."The Defense Ministry and China Military Online websites have faced a serious threat from hacking attacks since they were established, and the number of hacks has risen steadily in recent years," said ministry spokesman Geng Yansheng.

Read More

Third time's the charm? Adobe patches even more critical Flash vulnerabilities

On Tuesday, Adobe released yet another security patch for Flash player, addressing several critical vulnerabilities that would allow attackers to take control of affected computers. The update is for Windows, OSX, and Linux users. It's the fourth critical Flash update since the beginning of the year—and the third Flash security patch from Adobe in February alone.

A total of three serious exploits (CVE-2013-0504, CVE-2013-0643 and CVE-2013-0648) are addressed in this update, which Adobe said are already being used in the wild in targeted attacks. These exploits are designed to trick the user into clicking a link that redirects to a website where the computer is exposed to malicious Flash (SWF) files. Two of the exploits specifically target users of the Firefox browser.

Read More

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service