Tag Archives: site

[ISN] Long-running Android botnet evolves, could pose threat to corporate networks


http://www.computerworld.com.au/article/560036/long-running-android-botnet-evolves-could-pose-threat-corporate-networks/ By Lucian Constantin IDG News Service 20 November, 2014 An Android Trojan program that’s behind one of the longest running multipurpose mobile botnets has been updated to become stealthier and more resilient. The botnet is mainly used for instant message spam and rogue ticket purchases, but it could be used to launch targeted attacks against corporate networks because the malware allows attackers to use the infected devices as proxies, researchers from security firm Lookout said. Dubbed NotCompatible, the mobile Trojan was discovered in 2012 and was the first Android malware to be distributed as a drive-by download from compromised websites. Devices visiting such sites would automatically start downloading a malicious .apk (Android application package) file. Users would then see notifications about the finished downloads and would click on them, prompting the malicious application to install if their devices had the “unknown sources” setting enabled. […]

Tags: , , , , , , , , , , , , ,

[ISN] Attend Nullcon 2015 in Goa India!

Dear Friends Greetings from nullcon! Another year passes by with more severe vulnerabilities and threats being discovered. From heartbleed to poodle, Enterprises and Governments now face a real threat to their confidential data and communication. We at nullcon strive to provide actionable information on latest and unknown threats to the industry and the community via our cutting edge talks and Hi-Tech security trainings. “The neXt security thing” is here! and you are invited! Early Bird Registration Discount Closes on 15th Nov.  Come be a part of the largest gathering of infosec professionals in Asia – right here in Goa, India  on 4th – 7th Feb 2015 Keynote:  1. Paul Vixie (http://en.wikipedia.org/wiki/Paul_Vixie) 2. Jennifer Steffens (https://www.linkedin.com/in/jsteffens) 3. Katie Moussouris (https://www.linkedin.com/in/kmoussouris) Training:-  http://nullcon.net/website/goa-15/training.php Conference Speaker: http://nullcon.net/website/goa-15/about-speakers.php#conference-talks 1. Amol Sarwate,  Director of Vulnerability – Qualys 2. Attila Marosi,  Senior Threat Researcher – Sophos 3. Denis Makrushin & Stas Merzlyakov,  Security Researcher  4. James Forshaw,  Security Researcher – Google Project Zero 5. Karsten Nohl,  Telecom Security Researcher   6. Mario Heiderich,  Founder – CURE53 7. Philippe Alcoy,  Technical Director – Rapid7 8. Shubham Bansal,  Intern at 3SLabs 9. Yuval Idan,  Technical Director – CheckMarx 10. Zubair Ashraf,  Senior Security Researcher – IBM Registration:- http://nullcon.net/website/register.php Early Bird Discount, 10% for 3 participants                                     15% for 4 and more participants See you in Goa!

Tags: , , , , , , , , , , , ,

[ISN] The US government is hacking Healthcare.gov to make sure it’s secure

http://www.theverge.com/2014/11/6/7171347/the-us-government-is-hacking-healthcare-gov-to-make-sure-its-secure By Rich McCormick Deaily Mail November 6, 2014 The launch of Healthcare.gov, the US government’s health insurance website, was beset with technical problems so severe that only six people were able to enroll on its first day in October 2013. Ahead of a second enrollment period, beginning on November 15th, government officials are launching cyberattacks against the revamped site to make sure the same crippling bugs and security holes don’t appear again. Andy Slavitt, hired to oversee the Centers for Medicare and Medicaid Services’ Healthcare.gov program, says that groups of white-hat hackers in his team are conducting weekly attacks on the network that simulate real hacking attempts, in order to probe for weak points and bolster its defenses. Flaws in the previous incarnation of Healthcare.gov were exposed earlier this year when a security researcher reportedly obtained 70,000 medical records through a Google search. […]

Tags: , , , , , , , , , , , ,

[ISN] College freshman nabbed for alleged data hacking

http://www.koreaherald.com/view.php?ud=20141106000958 The Korea Herald 2014-11-06 Police said Thursday they have booked a 20-year-old student without physical detention for allegedly hacking into websites and leaking more than 10,000 IDs and passwords of their users online. The Seoul Metropolitan Police Agency said the college freshmen in Seoul spread malicious software on 104 websites in 24 countries between November 2013 and August this year, collecting information from about 280,000 accounts. He published 13,000 of them on his blog and online hacking forums and used some of them to snoop on emails or purchase goods with others’ credit cards. The student is also accused of accessing the website of a South Korean state institution with the account of a civil servant he had obtained through his hacking. […]

Tags: , , , , , , ,

[ISN] Did Drupal Drop The Ball? Users Who Didn’t Update Within 7 Hours ‘Should Assume They’ve Been Hacked’

http://www.forbes.com/sites/thomasbrewster/2014/10/30/did-drupal-drop-the-ball-users-who-didnt-update-within-7-hours-should-assume-theyve-been-hacked/ By Thomas Fox-Brewster Forbes.com 10/30/2014 Hackers are remarkably quick off the mark. Drupal, the creator of the eponymous content management system that millions use the world over, now knows that all too well. In mid-October it patched a SQL injection flaw, which could be exploited by tricking a database into coughing up data from its tables and columns using the SQL language. But yesterday, it said that thanks to an automated attack that hit up as many Drupal sites containing the vulnerability as quickly as possible, anyone who didn’t update to version 7.32 within seven hours of its release should assume they’ve been hacked. The bombshell was officially dropped in an advisory late yesterday, ranked ‘Highly Critical’. And for all those users concerned, updating to version 7.32 or applying the patch fixes the vulnerability but will not fix a compromised website, the warning read. It gets a little worse, as Michael Hess HES -1.01% of the Drupal security team notes: “If you find that your site is already patched but you didn’t do it, that can be a symptom that the site was compromised – some attacks have applied the patch as a way to guarantee they are the only attacker in control of the site.” Hackers who broke into Drupal-based sites may have done all kinds of nasty things, from installing backdoors to simply grabbing all data on that site. They might even be able to use their leverage to compromise other websites and apps hosted on the same server, escalating their attacks. Put simply, this could be catastrophic for victims. SQL injection is one of the most commonly used attack methods on the planet. Tools like slqmap automate such attacks requiring little technical skill of the hacker, yet lead to devastating results. […]

Tags: , , , , , , , , , , , , , ,

[ISN] N.Korea Hacks 20,000 S.Korean Smartphones

http://english.chosun.com/site/data/html_dir/2014/10/29/2014102901755.html? By chosun.com Oct. 29, 2014 Some 20,000 smartphones in South Korea are infected with malicious apps as a result of a recent North Korean hacking campaign. National Intelligence Service data revealed on Tuesday say the apps were posted by North Korean hackers on South Korean websites from May 19 to Sept. 16 this year. The NIS claims it has taken steps to delete the apps, update vaccines and block the sources of hacking attacks. It did not reveal who the targets of the attacks were. Once infected with the malicious apps, smartphones are reportedly vulnerable to eavesdropping and clandestine videotaping. There have been a lot of worries about the possibility of the North hacking into smartphones, but this is the first time that specific cases have been revealed. […]

Tags: , , , , , , , ,

[ISN] New InfoSec News Mailing list and More!

Forwarded from: William Knowles For years, InfoSec News offered complete news articles for its subscribers, but after copyright holding companies like Righthaven were founded in 2010, under the advice of legal counsel, we stopped posting full articles. InfoSec News is now offering a new list with full articles, no advertising, and no public archives. Full details are at: http://www.infosecnews.org/services/ We also added close to 1000 new subscribers with a promotion with the IP EXPO Europe, Data Centre EXPO and Cyber Security EXPO held October 8 – October 9 in London. InfoSec has a regular feed, and a digest, and just in case everyone subscribed missed this information in the welcome message, please visit… http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org …to update their information Lastly, if there isn’t InfoSec News blast on a normal day, its more than likely its because of some DDoS, or other issue, the site and list is getting larger and more successful. New paid offerings will help grow and improve the site, likewise, donations are always welcome and those links are in the sidebars or drop us a line at: http://www.infosecnews.org/contact/ Thanks for your time and longtime support! – William

Tags: , , , , , , , , , , , , , ,

[ISN] Personal information of almost 100, 000 people exposed through flaw on site for transcripts

http://www.washingtonpost.com/blogs/the-switch/wp/2014/10/21/personal-information-of-almost-100000-people-exposed-through-flaw-on-site-for-transcripts/ By Ashkan Soltani, Julie Tate and Ellen Nakashima The Washington Post October 21, 2014 The personal information of almost 100,000 people seeking their high school transcripts was recently exposed on a Web site that helps students obtain their records. The site, NeedMyTranscript.com, facilitates requests from all 50 states and covers more than 18,000 high schools around the country, according to its Web site and company chief executive officer. The data included names, addresses, e-mail addresses, phone numbers, dates of birth, mothers’ maiden names and the last four digits of the users’ Social Security numbers. Although there is no evidence the data were stolen, privacy advocates say the availability of such basic personal information heightens the risk of identity theft. The availability of the data appears to be the result of a flaw in the way the two-year-old site was designed. It highlights how easily sensitive personal information can be exposed with the proliferation of online businesses and services – many of which do not employ adequate security practices. […]

Tags: , , , , , , , , , , , , , ,