We always knew someone would do it so, finally it is done.
http://www.darknet.org.uk/2014/08/windows-registry-infecting-malware-files/
Monday, August 4, 2014
Interesting - Malware that fully resides in Registry
We always knew someone would do it so, finally it is done.
http://www.darknet.org.uk/2014/08/windows-registry-infecting-malware-files/
AV Zero day detection - Does anyone still believe it?
This should not come as a surprise
(From the article)
Kyle Adams wrote what he describes as "ridiculously obvious" malware that most major antivirus products ultimately failed to detect.
His research shows that code emulation and sandboxing aren't really working anymore.
What can AV vendors do to beef up their code emulation? For one thing, "they should start penetration-testing their own AV software."
The link below has more information:-
If you own Synology's NAS devices , you might want to disconnect it.
This advise is coming from the he vendor.
To avoid being affected by ransomware that uses strong encryption to lock files on the brand’s machines and demands US$350 for the decryption key.
The SynoLocker “service” asks for 0.6 Bitcoins to unlock the encrypted files, which at today’s exchange rate is around USD$350
The link below has more information:-
Sunday, August 3, 2014
Can you or your computer detect a compromised USB device? - NO !!!
DOn't believe me. read further.........
(From the article)
The infection can travel both from computer to USB and vice versa. Any time a USB stick is plugged into a computer, its firmware could be reprogrammed by malware on that PC, with no easy way for the USB device’s owner to detect it.
he malware they created, called BadUSB, can be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic. Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue.
“These problems can’t be patched,” says Nohl,
‘IN THIS NEW WAY OF THINKING, YOU HAVE TO CONSIDER A USB INFECTED AND THROW IT AWAY AS SOON AS IT TOUCHES A NON-TRUSTED COMPUTER.’
It can even impersonate a USB keyboard to suddenly start typing commands. “It can do whatever you can do with a keyboard, which is basically everything a computer does,” says Nohl.
The malware can silently hijack internet traffic too, changing a computer’s DNS settings to siphon traffic to any servers it pleases. Or if the code is planted on a phone or another device with an internet connection, it can act as a man-in-the-middle, secretly spying on communications as it relays them from the victim’s machine.
The link below has more information:-
76,000 email addresses + 4000 passwords exposed, How? - bad script!!!!
C'mon mozilla , It is a shame
(From the article)
he breach was caused by a bad script that on July 23 was found to have inadvertently published the records online over the previous month.
"As soon as we learned of it, the database dump file was removed from the server immediately, and the process that generates the dump was disabled to prevent further disclosure," they said.
The exposed passwords were salted hashes but further technical details have not been revealed
The link below has more information:-
MPTCP - New concern for security folks? ;
I guess the security tools have a lot to catch up
(From the article)
If any of your security decisions, tools, thought-processes, manual processes, if they rely on any of... these four things, then something in those is going to break," he says.
- If you expect to see all app layer data within a TCP stream;
- if you expect to differentiate clients from servers based on the connection direction;
- if you expect to tamper with or close bad connections midstream;
- if attempt to associate logical connections to IP addresses.
If you make any security decisions based on any of those, then those security mechanisms are going to break in the face of MPTCP.
The link below has more information:-
Friday, August 1, 2014
Apple scammed 42 time - by a 24 Year old:-
Simple but brilliant..............
From the article)
Parrish allegedly tricked Apple Store employees in 16 states starting around December 2012 into accepting fake authorization codes to purchase $309,768 worth of Apple goods.
Here’s how it works: Parrish allegedly visited Apple Stores and tried to buy products with four different debit cards, which were all closed by his respective financial institutions. When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn’t really calling his bank.
he would offer the Apple Store employees a fake authorization code with a certain number of digits, which is normally provided by credit card issuers to create a record of the credit or debit override
“It does not actually matter what code the merchant types into the terminal,” the U.S. Attorney’s Office in New Jersey said publicly after a similar case occurred there in February. “Any combination of digits will override the denial.”
The link below has more information:-
http://www.businessinsider.com/sharron-laverne-parrish-jr-charged-with-apple-credit-card-scam-2014-7
Subscribe to:
Comments (Atom)