Hackers target Microsoft Windows XP support system

jeudi 1 juillet 2010

Windows XP is a product with a large user base. Despite being an old operating system there are millions of users around the world whose primary operating system to Windows XP. In recent days have seen an unprecedented rise in attacks is concerned: the target of these attacks is precisely the Microsoft operating system. Microsoft has reported that the attacks have been more than 10,000 PCs, but now the figure may be much higher since not found a solution to this problem.

A Google engineer reported finding a vulnerability in Windows XP to be allowed total control of a PC, using the capacities of this to receive help from another computer remotely.

Researchers from security firms like Trend Micro, say it is a serious problem for many developers of malware and viruses are being targeted on users of Windows XP. It is expected that in next few hours there is a more specific answer from Microsoft.

This breach of security does not affect Windows Vista or Windows 7.

Vía
gHacks
Link Hackers target Microsoft Windows XP support system


Read More


Google adds new alerts of suspicious activity



A few months ago, Google reported that it would be adding alerts on suspicious activity in the accounts of users. And for suspicious activity relating to unusual patterns in the sessions: if a person logs on to Madrid, and in half an hour from Los Angeles does, surely there is something to be suspicious. Are those situations that cause the above warning. This only happened when working in the environment of GMail, because it is currently the most used services. Due to the good results obtained from this practice, Google has incorporated this alarm system in more pages, now in the homepage of the Dashboard (board) where they are shortcuts to the links on Google, you can see notifications this style.

It seems that it is a new layer of protection for users, which may expand to other services later. Until that comes, now there are two places where we can check for suspicious activity in the accounts. Congratulations to Google for this initiative.

Via
Download Squad


Read More


Hacker sells 1.5 million Facebook accounts

dimanche 9 mai 2010

Researchers from the firm Verisign iDefense discovered that a hacker who calls himself "Kirllos' being sold in black market forums 1.5 million Facebook account. Although not confirmed the legitimacy of the accounts, the hacker claims that it has sold around 700,000 credentials.

Kirllos offers packages of 1,000 accounts for a price ranging from $ 25 to $ 45 depending on the number of contacts which each user. While it is a very low price compared to similar sales on the black market, krill can still get a lot of money with a high volume of accounts.

Facebook has not confirmed if these accounts are real, but so be, it is an alarming amount of stolen data, which can be used by other criminals for many purposes: from committing fraud to contact the victim, to spread malicious software to massive social network.


Read More


Cyberattack Targeted Google Password System

lundi 3 mai 2010

There continue to be more details on the attacks on Google in China, this time are more specific and relate to the safety of all users of Google services. Here is a brief account of the facts:

• Chinese Hackers attempt an attack on Google.
• Noticing this, the Mountain View company ceases to
censor their search results.
• Start the bickering. The Chinese government warned Google to comply with its rules and if he leaves.
• Representing U.S. interests outside the White House position on the facts.
The Chinese government denies any connection with the attacks.
• It is found that the Asian nation's government is lying. They start out the first names.
• As highlighted, the Beijing government promises to punish those responsible.
• The tension grows and
Google takes a defiant stance predicting his departure from the Chinese market.

It has been much criticism of Google for defending their interests in such a way, but to learn more about the role of attack, we note that no wonder. Now comes to light that the real objective of the hackers was not simply attacking dissent, the jackpot was violating the Google login system called Gaia and serves as identification for many sites such as GMail.The problem is that there are Google services for which people pay, which means that billing information (credit cards, bank accounts) could be exposed and used in ways harmful to users. The sensitive data here is that the attack was possible to obtain the source code for Gaia with which the security of our data is in doubt.

Although until now nothing has happened relevant to this situation, we should not be so trusting. Google does not officially pronounce, so it is speculated that there is already a backup plan to ensure the protection of user data. In any way change the password regularly is not a bad idea, whether or not hackers.

Via
Download Squad
Link New York Times


Read More


Caution: WordPress blogs are being attacked

jeudi 22 avril 2010

It has raised a new alarm that affects many thousands of people around the world with a blog runs on WordPress (the latest version, 2.9.2 is vulnerable too) and several blogs have been attacked and are now infected distributing malware without the operators of these sites have been noticed. The worst thing is that it affects self-hosted version (installed on your own server) of WordPress.

Apparently this vulnerability has to do with SQL injection or some failure of a theme or plugin, it could also be because of some outdated as Magpie library that ships with WordPress. For now only speculation because the problem has not been fully identified.

The problem arises when the field in the table wp_options siteurl is replaced by a HTML code. This field holds the URL of the blog (ie, that field is not designed to accommodate HTML code), so that being accomplished the attack, possibly the affected site longer to load.

The highest number of cases that have been presented so far has to do with the company Network Solutions, although other sites have also been affected VPS.net so probably this attack is independent of the company that provides hosting for the hole security is in the same WordPress and not a default configuration or hardware.

It is important to be vigilant and continuously review the sites to ensure there are no problems, in case of finding an abnormal behavior, it is advisable to check the database and especially the siteurl field.

For now Sucuri Security Labs and Trend Micro have reported this attack, Trend Micro announced that its antivirus detects the problem as TROJ_BUZUS.ZYX (see more information on this virus), which leads to malware infection, and in some cases may install a fake antivirus on the computer of users.

Update: In addition to spreading malware, the infection can get them to generate backdoor Trojans (backdoors), ie that administrators and users could see a normal version of the site, but search engines actually could be seeing another version of site , which is especially dangerous and harmful to the issues related to SEO.

Via Download Squad


Read More


iPhone hacked, SMS database hijacked

jeudi 25 mars 2010

This week is taking place in Vancouver on Pwn2Own 2010, a competition in which participants compete for great prizes to exploit security problems in smathphones and web browsers.

On the first day of the event two European security experts, Vincenzo Iozzo, Ralf Philipp Weinmann, exploited a known vulnerability in the iPhone with which you made the SMS database in 20 seconds, including text messages that had been previously eliminated.

While obviously not been given details of the exploit, Weinmann explained that by visiting a malicious site can capture the SMS database and sent to a remote server for checking. He also said the same bug can be exploited to extract the list of phone contacts, like emails, photos and music stored.

The expert duo won a prize of $ 15,000. And the event sponsor, TippingPoint, has become the sole owner of the rights of the vulnerability, which will be reported to Apple to be solved.


(via: ZDNet)


Read More


SQLFury, application to see if your site is protected

lundi 22 mars 2010

A recurrent form of attack sites that interact with SQL databases is called SQL injection is to modify the normal behavior of a routine, either to obtain or delete information without the permission or knowledge of managers. It is considered a vulnerability that is exploited widely in many places. SQLFury is an application made in Adobe AIR that allows you to test the safety and stability of a site. Through a series of tests trying to find vulnerabilities in a site (for example by contact or registration form) and where to find them, is notified by a message.

The application requires only the URL to be analyzed as an input parameter. Clicking the Test button starts the analysis of possible failures (can get all the information in the database). SQLFury supports MySQL, Oracle, PostgreSQL and Microsoft SQL Server. Esra application is free and runs on Windows XP/Vista/7 and Mac OS X 10.4/10.5.

Link
SQLFury


Read More


New Phishing Attack on Twitter, is spread by direct messages



Hackers continue to target users of Twitter with some deceptive practices in order to steal their login details. A new phishing attack (phishing) is underway and there are many users who have been affected by this attack. The contents of DM (direct message) has the phrase "You're on here?" (Are you here?). Reading the rest of the message we are informed that someone spoke to us in a blog. The attack occurs when the user clicks on the URL of the message, which leads to a site where your information is asked to identify themselves Twitter. When the user fills, is stolen the password.

The suggestion is that if someone receives a message with the above features, not even risk it and not click on the link. The thing to do is delete the message and alert other users about this attack. We recommend browsing with care and not delivering the data to any site that asks for it compromises safety.

Via
Mashable


Read More


Google removes the censorship filter for all content in China

mercredi 17 mars 2010

This seems to be the end of the history of Google vs China. Since those attacks, the situation has become tense as a possible solution and not hostile is beyond possibility, the output of Google's China is a real fact. Because of this, the attitude of the Californian company has been a total challenge to the Chinese authorities, as branded content as inappropriate by the government, is available through Google China. From Tuesday, content related to Tibet, Tiananmen Square and independence movements can be accessed by searching on Google, which would be impossible to see at another time. Even ultra-censored keywords as June 4 (phrase related to the massacre of students in Tiananmen) shows results related to those facts.

The images are displayed without censorship, perhaps the best known is the man who stands before a group of tanks. That picture has gone around the world today can be seen in China through Google.

In this regard, representatives have said that Google search has nothing to do with the removal of the filter information, which I doubt it's true. With a lose-lose situation and with his last days in China, Google has nothing to lose with this defiant attitude in the Asian nation.

Via
MSNBC


Read More


Hackers are looking for U.S. safety

samedi 13 mars 2010

To hide it, governments of different countries are and will be subject to cyber attacks, but as you know: "If you can not beat your enemy, Team up" and that is what is intended with this type of competition that take out.

In the U.S., both government and private companies want to know the behaviors and the modus operandi of these cybercriminals and the best way is to take a group of great minds of the scene and "converted" to the right side of the law.

Moreover, I have been amused by the comparison made in
Newsweek with Professor Charles Xavier X-Men and Alan Paller, Director and Co-founder of the Sans Institute, which has over 20 years trying to re-educate young cybercriminals to serve their country and protect it from such external attacks.


Read More


China will punish hackers who attacked Google

mardi 9 mars 2010

The Chinese government seems to be cooperating a bit more on the political-novel attacks triggered by Google in China. If Google shows strong evidence that Chinese hackers were indeed those behind the riots, these people will be severely punished.

Miao Wei, Vice Minister of Industry and Information Technology has made clear the situation with his statements.

If Google has had evidence that the attacks came from China, the Chinese government opens the doors to provide information and severely punish the offenders according to law.

Although the position is categorically denying any connection with the attacks, the government of China seems willing to do acts of good will, but perhaps this is a way to relieve pressure after details were reported, for example, that computers two educational institutions have been the means to attack Google and other companies based in the United States.

While this situation is somewhat complicated by the time you know that Google has filed a formal complaint to China with this action, which could be a sign that the parties involved are working to reach a peaceful and least scandalous possible.

In my opinion, the Chinese have come to say what every government with common sense would do, resort to diplomacy and some bold words to give a cordial and cooperative.

More
China to 'severely punish' Google attackers


Read More


This is how hacked Baidu, the Chinese search engine

mardi 2 mars 2010

During the February 12, until the 14th of the same month, China's top search engine, Baidu, was hacked, as the domain's DNS were changed, redirecting to a site where one could read a menssaje suggesting that the vulnerability was made by the Iranian army cyber. This group of security experts has successfully hacked other sites. Now they have given more insight into the whole mess happened and slowly begins to be laughably absurd, something worthy of appearing in a program of Ripley. More or less the story goes like this:

• The hacker (who posed as agents of Baidu) initiates a chat room with the support of register.com.
• The imposter calls to technical support, change the email address used as Baidu contact form.
Register.com • The employee claims that the alleged agent of Baidu, a security code to verify the legitimacy of their identity. As the hacker obviously had no access to that code, it sent the wrong one.
• The strangeness begins when the employee support has not verified the validity of the code and proceeds to change the contact, although information provided by the hacker is false.

From this point, the rest was easy for the attackers, as they were able to change the DNS and redirect search engine traffic. Something that is also absurd is that register.com person who was attending the event, did not suspect anything wrong, despite the change of the email was made from a cuenta@baidu.cn to antiwahabi2008@gmail.com . Such behavior is suspect miles.

After noticing these problems, Baidu's team tried to fix things, but the support was not entirely register.com friendly. Finally after a couple of hours, they could communicate with the domain registrant company, but it took 2 days to reset the DNS to the originals, resulting in a huge loss for the form.

The result of this problem is a lawsuit against Baidu register.com, and possibly discharge from medium, which still do not understand, and could do so much wrong in so little time.

Via
The Next Web


Read More


A Chinese programmer would have participated in the attack against Google



A new chapter in the tangle of cyberattacks on Google China. This time it has been reported that a Chinese programmer, who is also an expert consultant on computer security, wrote part of the exploit code (vulnerability) that affect Internet Explorer, which functioned as a means to launch the network attack Google and other companies.
Although data were not fixed, according to a report, this hacker shared part of the code in a Chinese forum on hacking. In this way the Beijing government officials had special access to this material, which enabled them to know more about how the attacks were carried out.

For the moment there are no proven links with this developer and Shanghai Jiaotong University and the Vocational School Lanxiang, both institutions have been part of that attack, since, according to research from Google, from computers to these centers carried out actions that affected the safety of several companies.

Also mentions that both institutions have links with the Chinese military, and although it clearly has refused to study these houses have participated in this mess, some there are many doubts to be cleared. Although not yet determined exactly how the attack was executed, now known a bit more, especially on the part of the code.

Vía | CNet
Más información | Financial Times


Read More


 

Our Partners

© 2010 hh All Rights Reserved