Thursday, June 12, 2014

Malware Bytes adds exploit-Blocking technology (included in Free Version!)


The free version of Anti-Exploit will protect against exploits in browsers, their add-ons, and Java, while the $24.95 premium version will also work in Microsoft Office, PDF readers, media players, and software selected by the owner.

(From the article)

Anti-Exploit is "not about the product. It's about the problem," Kleczynski said during an interview at Malwarebyte's office in San Jose, Calif. "Sometimes it catches the exploit so early we can't show the alert" that it has stopped an attack.

If it works as advertised, Malwarebytes Anti-Exploit would be remarkable for preventing zero-day vulnerabilities -- previously unknown, unpatched software flaws -- from being exploited to steal data or gain control of your computer. Exploits that launch malicious code on your computer, known as remote code execution, combined with zero-day flaws have been successful in targeting massive multinational corporations, financial institutions, and critical infrastructure, as well as private individuals.


The link below has more information:-
Posted by at No comments:
Labels:

Tuesday, June 10, 2014

Pandemiya - New Trojan, New Code, Novel Technique


"This malicious code writer has chosen to use quite a novel technique for injecting its malicious code into every new process in the victim's computer," 

As a part of that injection mechanism, the malware assures its persistence on a system by checking to ensure that Explorer.exe is injected with its code each time a new process is initiated.



The link below has more information:-

Posted by at No comments:
Labels:

Two 9th grade kids hack ATM - What is strange about it - They used the operator's Manual

Apparently, even the password was not changed from the default one.


(From the article)

Matthew Hewlett and Caleb Turon, both Grade 9 students, found an old ATM operators manual online that showed how to get into the machine's operator mode. 

Hewlett and Turon were even more shocked when their first random guess at the six-digit password worked. They used a common default password.


The link below has more information:-

Posted by at No comments:
Labels: ,

iOS8 - Randomizing Mac addresses


Is it for privacy reason or is Apple expecting everyone to buy this information from them, instead of collecting it free.


When iOS 8 devices look for a connection, they randomize that address, effectively disguising any trace of the real device until it decides to connect to a network.

The link below has more information:-
http://www.theverge.com/2014/6/9/5792970/ios-8-strikes-an-unexpected-blow-against-location-tracking
Posted by at No comments:
Labels: , ,

Friday, June 6, 2014

Google Mail - end-to-end encryption available for Chrome.


Nice to have another additional layer of security



(from the article)

Google is now offering a plug-in called End-to-End for the Chrome browser -- in alpha test -- that lets users encrypt their web email messages.

The new End-to-End Chrome extension encrypts, decrypts, digitally signs, and verifies signed messages within the browser using OpenPGP. 

Both the sender and the recipient would need to be using OpenPGP, says Alex McGeorge, a senior security researcher for Immunity Inc. "You still have to go through the whole process of exchanging keys,"

"Once we feel that the extension is ready for primetime, we'll make it available in the Chrome Web Store,

Just how secure the extension will be also is unclear, McGeorge says. "JavaScript and crypto have typically been incompatible. A lot has to do with getting good randomness. That is super important for PGP."



The link below has more information:-


Posted by at No comments:
Labels: ,

5 QUESTIONS EVERY CEO SHOULD ASK THEIR CIO / CISO


Nothing hi-tech here, just a few important common sense questions


(from the article)
1. Can we identify unusual user or network activity to cloud services?
2. Can we track who accesses what cloud-hosted data and when?
3. How are we protecting against insider attacks at the cloud service providers?
4. How do we know unprotected sensitive data is not leaving the corporate network?
5. Can we reduce surface area of attack by limiting access based on device and geography?


The link below has more information:-
Posted by at No comments:
Labels: ,

Thursday, June 5, 2014

VIPER - To Manage and Explore Malware Samples



According to the article:-

Viper is "a framework to store, classify and investigate binary files." This project is an improvement on another tool called VxCage.Viper is lightweight (due its usage of SQLite),


Viper project is maintained by Claudio Guarnieri (@botherder), Kevin Breen (@KevTheHermit) and Mariano Graziano (@emd3l). This tool is included in the latest version of REMnux. To take full advantage of the latest features of Viper, update the version of the tool included with REMnux using the instructions below. Some of the features available in the updated version of Viper are:

  • The introduction of projects
  • Additional processing and reporting modules
  • Multiple fixes (see Github history for more info


The link below has more information:-

Posted by at No comments:
Labels:

Android/Simplocker - Ransomware that encrypts your files till you pay $21.40


Something that we will need to get used to and the solution is simple , MAKE BACKUPS.


According to the article:-

“Android/Simplocker.A will scan the SD card for files with any of the following image, document or video extensions: jpeg, jpg, png, bmp, gif, pdf, doc, docx, txt, avi, mkv, 3gp, mp4 and encrypt them using AES [the Advanced Encryption Standard],” 

The malware will then display a ransom message in Russian asking for a payment of 260 Ukrainian Hryvnia (around US$21.40) to be made through a service called MoneX

The new threat masquerades as an application called “Sex xionix,” but it wasn’t found on Google Play and its distribution so far is most likely low.

Another interesting aspect of Simplock.A is that it uses a .onion command-and-control (C&C) domain address. The .onion pseudo-top-level domain is only used inside the Tor anonymity network for accessing so-called hidden services.

The link below has more information:- 
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)