Social Network For Security Executives: Network, Learn & Collaborate
Several Wordpress themes have been found to host a cross-site scripting (XSS) vulnerability, according to a professional penetration tester. If you have a WordPress blog and are using one of the affected themes, you need to download the fixed themes and install them to close the XSS flaws.
XSS vulnerabilities can be found in Unite, Salutation, Intersect, and Traject themes from Parallelus, said Janne Ahlberg, a Finnish product security professional and a penetration tester. The themes generally range between $30 and $60 and can be easily found on Themeforest.net, a theme marketplace for Wordpress environments.
Earlier Friday, The Verge reported on a significant security exploit with Apple's "reset password" functionality for Apple IDs. Armed with only your email address and date of birth, a hacker could tweak a specific URL to reset the password for your account.
If you've already enabled Apple's just-launched two-step verification for your account, you shouldn't be vulnerable to this attack. But if you hadn't, or if you had started the process but were ensnared by the three-day waiting period Apple levied for certain users to enable the more secure option, your account remained at risk--unless you updated your account with a fake date of birth.That said, you're safe--for the time being. Apple has disabled its password reset functionality for now, presumably while it works to patch the exploit.
A network of thousands of computers stealing millions of dollars from advertisers by generating fake advert viewings has been discovered.British web analytics firm Spider.io claims the "Chameleon" botnet is made up of 120,000 home PCs and costs advertisers $6m (£3.9m) per month.Spider.io said that Chameleon simulated clicks on adverts on over 200 sites.The firm said the botnet was responsible for up to nine billion false ad views every month.
The U.S. Department of Homeland Security's Industrial Control System Cyber Emergency Response Team (ICS-CERT) recently published an advisory [PDF file] warning of seven vulnerabilities in Siemens' WinCC TIA (Totally Integrated Automation) Portal (h/t Threatpost).
The portal, which is used in a wide range of industries including food and beverage, water and wastewater, oil and gas, and chemical, is an HMI software package used for process visualization, operator control of a process, alarm display, process value and alarm archiving, and machine parameter management.
Hackers Masked as High Profile Express Shipping Industries Attacking Your Computers
Recently, there has been an increase in express mail deliveries received via email titled “Express Shipment Notification” or “Shipping Detail” claiming to be from companies like FedEx or DHL Express.If you have ever received this type of email, please beware as the email could potentially be a malicious virus waiting to attack your computer.Cybercriminals have forward several spam messages indicating that you have an item waiting for you via DHL Express International or FedEx. The message goes on to state that the package (to be received by e-mail) is intended to protect customers and PC users from malware viruses.
I'm always on the lookout for breaking news about companies who might have had their systems hacked, so when I received the following email earlier today my interest was piqued.
Its subject line was "An important notice about security".
A cyberattack caused computer networks at major South Korean banks and top TV broadcasters to crash simultaneously Wednesday, paralyzing bank machines across the countryand raising fears that this heavily Internet-dependent society was vulnerable.Screens went blank at 2 p.m. local time, the state-run Korea Information Security Agency said, and more than seven hours later, some systems were still down.
Initial findings indicated that the attack on one of the companies originated in China, although experts say hackers often attack via computers in other countries to hide their identities.
Facebook has corrected a flaw in the new Timeline design that would have allowed friends of friends to see all events past and present that a user has signed up for. According to the Austria-based privacy advocacy group Europe v. Facebook, which first notified the social network of the flaw, the privacy implications were myriad, potentially revealing sensitive information about sexual orientation, political leanings and more."Users were able to look through often times thousands of past events users were invited to, including demonstrations or gay parties,” the group noted.
When nations eventually adopt ground rules for conflict in cyberspace as they apply in an actual kinetic war, the Tallinn Manual on the International Law Applicable to Cyber Warfare, is likely to be their key reference material in doing so.
The Tallinn Manual, officially released late last week, is a 302-page treatise on the applicability of international law to cyberspace. Though NATO-commissioned, it is not an official NATO guidance or official expression by any country of how they will proceed in times of conflict with regard to cyber. Instead, it lays out 95 rules that explain rules of sovereignty, state responsibility, laws of neutrality, and more from a legal context.
The gang that maintains Android.Enesoluty has been busy since last summer registering over one hundred domains used to host app sites and sending spam from these domains. It is now apparent that the group is also still busy developing malware variants. Several days ago, Symantec discovered a new variant of Android.Enesoluty.As is the case with its predecessors, spam with a link to the app page is sent to potential victims.