IT security, vunerabilities, bugs, fixes, flaws, RSA conference and Infosec.
A blog from V3.co.uk

« May 2010 | Main | July 2010 »

Adobe details Reader and Acrobat updates

Adobe has announced it will finally release updates for its Reader and Acrobat products set to fix critical issues which are already being exploited in the wild.

One of the issues set to be addressed was a flaw first disclosed by Adobe early on this month alongside a problem with Flash Player, which was subsequently fixed.

The issue relates to the authplay.dll component that ships with Adobe Reader and Acrobat 9.x for Windows, Macintosh and Unix and could cause a crash and potentially allow an attacker to take control of the affected system.

"Note that the 29 June 2010 updates represent an accelerated release of the next quarterly security update originally scheduled for 13 July 2010," noted an Adobe security blog post

"With this accelerated schedule, Adobe will not release additional updates for Adobe Reader and Acrobat on 13 July 2010."

Although Adobe is right to accelerate its update schedule for this flaw, given that it is being actively exploited in the wild, the firm will be angry that its products are receiving yet more bad publicity, given the long-running dispute with Apple over the security and stability issues of Flash.

June 25, 2010 | | Comments (0)

Tory MP has Twitter, Facebook account hacked

Social networking users were warned of the perils of not protecting their accounts properly yesterday as news emerged that Tory MP Therese Coffey's Facebook and Twitter accounts had been hacked.

Tory blog London Spin revealed the Conservative MP for Suffolk Coastal also had her blog hacked - presumably all three accounts shared the same log-in credentials - with attackers posting "sexually explicit messages and comments".

On Wednesday evening Coffey wrote on her blog "My account has been hacked - am trying to rectify the problem now". In a tweet later she wrote: "I have the email of the person who has hacked in, so hopefully I can do something about it."

It remains to be seen how the attacker managed to hack into Coffey's account, although it's a timely reminder, especially for those with official Twitter accounts, to keep a close eye on account activity, and ensure passwords for different accounts are kept separate.

It seems even those with Verified Twitter accounts are not guaranteed a secure account, with Britney Spears falling victim late last year.

June 18, 2010 | | Comments (1)

Trend Micro spots trouble ahead for all browsers

Trend Micro's latest monthly threat roundup has illuminated some interesting trends in cyber crime - notably that criminals are now looking to exploit the popularity of previously less well known browsers.

The security vendor revealed in its May roundup that Apple's Safari browser fell prey to a vulnerability that allowed cybercriminals to execute arbitrary code if users visited a malicious site. Opera was found to have a similar vulnerability.

These browsers, along with Google's Chrome and others, are likely to be targeted in increasingly large numbers as the traditional dominance of Internet Explorer, and to an extent Firefox, crumbles in the aftermath of the EU's browser ballot decision.

Trend Micro also showed a predictable increase in FIFA World Cup 2010 related spam, while PayPal remained the number one phishing target in terms of site and email spoofing.

"These statistics really demonstrate that attacks are increasingly regional and targeted in nature", said Rik Ferguson, senior security advisor at Trend Micro.

"The limited mitigation afforded by using a less widespread browser is increasingly sidelined by criminals all too aware that the browser market has changed for good."

June 15, 2010 | | Comments (0)

Kasperky offers World Cup fans free mobile security

Kaspersky Lab has become the latest tech firm to capitalise on World Cup fever and engage in a bit of canny marketing, by offering customers free mobile security for the duration of the tournament.

The rationale is that with Kaspersky Mobile Security 9 software installed, users can block the phone if it is stolen.

The location of a lost smartphone can also be tracked using built-in GPS technology, and if the SIM is replaced, the owner will receive immediate notification of the phone's new number, according to the vendor.

Kaspersky Lab is not the only vendor looking to use the global passion for the beautiful game to promote its own products and services - Twitter and Facebook have both sought to jump on the World Cup bandwagon with new offerings.

However, ITV's attempts to screen the matches live on its site seem to have hit a technical hurdle after the site crashed during the first match of the tournament and users watching on Saturday missed England's opening goal.

June 14, 2010 | | Comments (0)

Facebook hit by first wave of "political hacktivism"

Facebook's ongoing problems continue after security firm AVG announced that it has discovered hacking taking place on the site in the form of "political hacktivism" emanating from Turkey, seemingly in retaliation for the recent events in Gaza.

Research by the firm found that all manner of attacks including web site defacements, denial-of-service, information theft and virtual sabotage were coming from two different sources, suggesting only two groups or individuals are involved.

Roger Thompson, AVG's chief research officer, said that although the number attacked so far was relatively small, perhaps less than fifty, there was always a risk that it could increase in number very quickly.

"The number of hacked accounts is fairly small which would indicate that it is not an automated attack. This is the first time, as far as I am aware, that Facebook has been a victim of political hacktivism," he said.

"Given the attack seems to be run by Turkish hackers, and that they once claimed a world record for defacing 37,000 pages in day, we should not discount the thought they might find an automated way to move."

Late last year Twitter was targeted by a group calling itself the Iranian Cyber Army, which hijacked the web site domain name.

June 9, 2010 | | Comments (0)

Symantec Hosted Services warns of targeted World Cup attacks

Security experts are warning of yet more World Cup related threats, this time more targeted attacks which use the tournament as a lure to get users to open malicious attachments containing information stealing Trojans.

Symantec Hosted Services malware data analyst Dan Bleaken wrote in a blog post of three recently spotted attacks.

The first was emailed out to a small number of employees at a large US-based firm and claims to contain an attachment detailing the full match schedule of the tournament.

The attachment actually contains a backdoor executable allowing the attacker "to stealthily access data on the victim's PC, and/or access other systems on that network", he wrote.

The second attack was similar but targeted at only two users. The final attack encourages users to take part in a prediction league and download a malware-ridden document in order to fill in their match score predictions.

The same two employees were targeted as in the second attack, said Bleaken.

"MessageLabs Intelligence frequently sees certain users in certain organisations attacked again and again, month after month, either by one gang, or by multiple gangs," he added.

"The attackers clearly have these particular users in sight, and they are determined to get their attack through to them, and access their sensitive or valuable data."

June 4, 2010 | | Comments (0)

UK becomes world's third largest virus source

The UK is now responsible for nearly six per cent of the world's internet viruses, almost double its figure the month before, according to the latest stats from managed security services firm Network Box.

The worrying figures for the month of May now mean that the UK is the third largest global source of viruses, after the US in second with 11 per cent and leader Korea which has around 16 per cent.

Russia saw a drop in viruses produced from within its national borders, possibly a result of the taking down of Russian hosting service, PROXIEZ-NET, which is understood to have been used by cyber criminals.

"PROXIEX-NET had advertised itself as being impossible to shut down. But, like the McColo shutdown in November 2008, it is always possible to shut down these hubs of criminal activity," said Network Box internet security analyst Simon Heron.

"However, it does not mean that cyber crooks won't be back up and running in fairly swift order. We saw a dramatic fall in spam as a result of the McColo shutdown, but levels returned to pre-shutdown highs the following month."

When it comes to spam sources, the UK was edged into fourth by Brazil while the US and India took first and second spot respectively.

June 1, 2010 | | Comments (1)


Site credentials: About | Privacy policy | Terms & conditions | Top of the page
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093