Hack The Planet

Because if you don't, who will?

Friday, October 29, 2010

Nobel Peace Prize website delivering malware

A Firefox 0-day vulnerability is being used to vend malware from the official website for the Nobel Peace Prize. Norman ASA detection executive Einar Oftedal stated in an instant message to the Register, “This iframe has a multi exploit backend and serves exploits for Firefox, including a working remote exploit for firefox 3.6.11, we didn’t see any 0day for IE.” The malware does not target Windows Vista, or 7 systems, limiting the attack to only Windows XP users running Firefox 3.6.11 or earlier.

Mozilla is aware of the vulnerability and is working on a fix that will most likely be out later this week once it has been tested. This attack is most likely not limited to the Nobel Peace Prize website and users of Mozilla’s Firefox can protect themselves from this attack by using NoScript or disabling JavaScript in their browser.

Some theorize the attack is related to the Nobel Peace Prize being awared to Liu Xiaobo this year, who is incarcerated in China for his participation in Chapter 08.

posted by holliday at 11:51 am  

Friday, October 29, 2010

Bredolab botnet neutered, not dead yet

Dutch authorities in conjunction with network security organizations have taken control of and started dismantling 143 command and control servers used by the Bredolab botnet. The Bredolab botnet had infected an estimated 30 million computers during its time and was reportedly used in a phishing scam last year against Facebook users.

A 27 year old suspect was arrested a little while later after trying to regain control of the botnet and then trying use it to DDOS the web hosting firm Leaseweb that was being used by the hacker.

While the majority of the CnC servers have been taken offline there are still some alive and kicking.

One of the more interesting pieces to me is that the Fox-IT team who is working with the Dutch authorities, are contacting the infected machines users when they log on of the infection and how to remedy it. At the posting of this over 100,000 users have been notified.

posted by holliday at 11:08 am  

Wednesday, October 27, 2010

iPhone security flaw

On an iPhone 4 running iOS 4.1 if you tap the “Emergency Call” button, then enter three pound signs, hit the green call button and immediately press the Lock button you gain access to the Phone app.

Well, what’s so bad about this? The Phone app includes your contacts, your voice mail and call history. Some people probably don’t think this is a large issue and it may not be. But with iPhones becoming more prevalent in the business world your contacts can include a lot of people you may not want someone else seeing. Especially in Sales where your contacts are your livelihood.

So if you have an iPhone 4 with iOS 4.1 you may not want to leave it laying around, not that you would in the first place.

posted by holliday at 2:19 pm  

Wednesday, October 20, 2010

It was bound to happen

According to the Kroll Annual Global Fraud Report this is the first time that cyber theft has surprassed physical theft. I am surprised that it took this long for it to happen.

The report doesn’t say that other forms of fraud are decreasing, but that the theft of intellectual property is just increasing, with 27.3% of companies reporting it compared to 18% in 2009. In comparison only 27.2% of companies reported theft of physical property. It does make me wonder what the true numbers are compared to the reported.

What it comes down to is that it is much easier to steal your intellectual property from the thief’s couch (or office chair) than it is to break into your office and take your laptops or paper clips. Saying that, the report shows that most fraud is done by insiders, people that are already part of your organization.

When companies are losing so much annually to insiders it makes me wonder what type of privileges their organizations utilize. Do they use “least privilege”, or is everyone walking around with admin rights? If your employees have access to data that they shouldn’t because you haven’t instituted a good rights management system then you really need to update your resume because your data is probably already gone.

posted by holliday at 2:27 pm  

Powered by WordPress