19227226
submission
Batblue writes:
Researchers at Symantec today said that the notorious Stuxnet worm targeted five separate organizations, and attacks against those objectives — all with a presence in Iran — started in June 2009, more than a year before independent experts raised the alarm.
In a post on Symantec's security blog, the company said that further analysis of Stuxnet samples showed that the worm was aimed at five different organizations. "All targeted organizations have a presence in Iran," said Ben Nahorney, a senior information developer with the U.S.-based security company.
Speculation on Stuxnet's targets has centered on a pair of Iranian locations crucial to its nuclear program: the underground uranium enrichment facility at Natanz in the central part of the country, and the nuclear reactor at Bushehr, in southern Iran.
19024260
submission
Batblue writes:
The rumored combination of two pieces of advanced online banking malware appears to be fully underway after several months of speculation.
What appears to be a beta version of a piece of malware that has bits of both Zeus and SpyEye is now in circulation, albeit among just a few people, said Aviv Raff, CTO and cofounder of Seculert.
Seculert has published screen shots of the new malware, which has two versions of a control panel used for managing infected computers. One of those control panels resembles one in Zeus, and the other resembles that in SpyEye. Both of the control panels are connected to the same back-end command-and-control server, he said.
18936338
submission
Batblue writes:
Google's new Android version 2.3, a.k.a. Gingerbread, was supposed to close a previous data-leak hole in the smartphone operating system, but a researcher has discovered a new, similar hole in the OS.
Xuxian Jiang, a security researcher at NC State University, has tested and confirmed the bug on a Nexus S smartphone running Android 2.3. An attack would work like this: An Android user clicks on a malicious link in an email or in the browser, and an attacker could then read and upload any files on the phone's SD memory card, including things like online banking information, pictures and saved voicemails. An attacker could also root out the phone's apps and upload them to a remote server, according to Jiang, who is an assistant professor in the computer science department.
Google's Android 2.3 was built to fix a similar flaw identified last year that gave an attacker access to files stored on the memory card. But NC State's discovery shows that Google's "fix" for the flaw can be bypassed.
18694364
submission
Batblue writes:
Happy anniversary Basit and Amjad! Twenty-five years ago this month, the Alvi brothers of Lahore, Pakistan, gave the world the Brain Virus, the first bit of malware capable of infecting a DOS-based PC. Back in those relatively innocent times, the brothers actually embedded their real names and business address in the code and later told Time magazine they had written the virus to protect their medical software from piracy.
Who knows what they were really thinking, but by all accounts the Brain Virus was relatively harmless. Twenty-five years later, most malware is anything but benign and cyber criminals pull off exploits the Alvi brothers never envisioned.
18694334
submission
Batblue writes:
The U.S. Department of Justice (DOJ) will file criminal charges against the alleged attackers who copied personal information from the AT&T network of approximately 120,000 iPad users, the U.S. Attorney's Office, District of New Jersey announced Monday.
Daniel Spitler will be charged in U.S. District Court in New Jersey with one count of conspiracy to access a computer without authorization and one count of fraud. Andrew Auernheimer will be charged with the same counts at the U.S. Western District Court of Arkansas, which is in Fayetteville.
Auernheimer made headlines last June when he discovered that AT&T's website was disclosing the e-mail addresses and the unique ICC-ID numbers of multiple iPad owners. Claiming that he wanted to help AT&T improve its security, he wrote a computer script to extract the data from AT&T and then went public with the information. AT&T said that nobody from Auernheimer's hacking group contacted them about the flaw.
18446956
submission
Batblue writes:
A botnet fingered for stealing a treasure trove of information last year has struck again, harvesting sensitive documents from dozens of government agencies and contractors, according to a pair of security experts.
The botnet, dubbed "Kneber" by Alex Cox, principal research analyst at NetWitness, was behind a campaign of fake Christmas e-mails waged two weeks ago against government workers. NetWitness deals in advanced threat detection technologies, and conducts post mortem network forensics for firms that have been hit with attacks or data breaches.
The only thing about the newest Kneber attack that stunned Cox was its effectiveness. "We see new attacks all the time, but what surprised me here was that Kneber has been known for about a year, but people are still getting infected," he said. "Even a year later with an identical payload, it still worked."
17224076
submission
Batblue writes:
How to Protect Against Firesheep Attacks
