Google Releases Chrome 16.0.912.77
US-Cert has just distributed a notification about the release of Chrome 16.0.912.77 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities.
The vulnerabilities may allow an attacker to execute arbitrary code or
cause a denial-of-service condition.
Security fixes and rewards:
Please see the Chromium security page for more detail. Note that the referenced bugs may be kept private until a majority of our users are up to date with the fix.
- [$1000] [106484] High CVE-2011-3924: Use-after-free in DOM selections. Credit to Arthur Gerkis.
- [$3133.7] [107182] Critical CVE-2011-3925: Use-after-free in Safe Browsing navigation. Credit to Chamal de Silva. *
- [108461] High CVE-2011-3928: Use-after-free in DOM handling. Credit to wushi of team509 reported through ZDI (ZDI-CAN-1415).
- [$1000] [108605] High CVE-2011-3927: Uninitialized value in Skia. Credit to miaubiz.
- [$1000] [109556] High CVE-2011-3926: Heap-buffer-overflow in tree builder. Credit to Arthur Gerkis.
The bugs 106484, 107182, 108461, and 109556 were detected using AddressSanitizer.
* Bug 107182 was fixed in 16.0.912.75 but accidentally excluded from the release notes.
More information can be retrieved from the Google Chrome Release blog entry and update to Chrome 16.0.912.77.
Email scam could clear out your bank account
By: Mario Armstrong of HLNTV.com
The latest online banking scam is called “Gameover” and it’s an email that’s been making its way around in recent weeks.
The FBI even put out a warning to let people know what to watch out for. This recent scam doesn’t surprise me at all. It only takes these scanners to get .05% of people on email for it to be worth their time. And think how much easier it is today. I mean, I hardly ever go into a bank anymore. With online banking I can do almost everything, from checking my balance, transferring funds to paying my bills. And with hot new apps from banks like Chase, PNC and USAA I can even scan my checks with my phone and deposit them straight into my account.
But with all of these great new features rolling out across bank websites and apps, the security issue is becoming more important than ever. Choose a strong, unique password to bank with is important, something like 10 characters, no words that can be defined and use symbols (for example !&7MJs$5b1). Beyond that, you also want to verify you’re at the correct website address and that it’s secure (look for the letters HTTPS in the address bar).
The recent GameOver threats mean you now, more than ever need to really make sure that the emails you’re getting are actually from your bank.
Read the rest of Mario’s article at HLNTV.com
Check this video:
Visit msnbc.com for breaking news, world news, and news about the economy
Vulnerability Summary for the Week of January 16, 2012
From US-CERT Cyber Security Bulletin SB12-023:
This bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) the week of January 16, 2012. It is available here:
Congress withdraws SOPA and PIPA
SAN ANTONIO — Lawmakers on Friday indefinitely postponed anti-piracy legislation that pits Hollywood against Silicon Valley, two days after major Internet companies staged an online protest by blacking out parts of prominent websites.
Senate Democratic leader Harry Reid postponed a showdown vote in his chamber on the Protect Intellectual Property Act, or PIPA for short, that had been scheduled for January 24.
Lamar Smith, the Republican chairman of the House of Representatives Judiciary Committee, followed suit, saying his panel would delay action on similar legislation called the Stop Online Piracy Act, or SOPA, until there is wider agreement on the legislation.
“I have heard from the critics and I take seriously their concerns regarding proposed legislation to address the problem of online piracy,” Smith told Reuters in a telephone interview.
“It is clear that we need to revisit the approach on how best to address the problem of foreign thieves that steal and sell American inventions and products,” Smith said in a statement.
The bills are aimed at curbing access to overseas websites that traffic in pirated content and counterfeit products, such as movies and music. But support for the legislation has eroded in recent days because of fears that legitimate websites could end up in legal jeopardy.
The entertainment industry wants legislation to protect its movies and music from counterfeiters, but technology companies are concerned the laws would undermine Internet freedoms, be difficult to enforce and encourage frivolous lawsuits.
On Wednesday protests blanketed the Internet, turning Wikipedia and other popular websites dark for 24 hours. Google, Facebook, Twitter and others protested the proposed legislation but did not shut down.
In a brief statement, Reid said there was no reason why concerns about the legislation cannot be resolved. He offered no new date for the vote.
Reid’s action comes a day after a senior Democratic aide, speaking on the condition of anonymity, said the measure lacked the 60 votes needed to clear a procedural hurdle in the 100-member Senate.
A handful of senators who had co-sponsored the legislation dropped their support after Wednesday’s protests started.
Reid expressed hope on Friday that Senate Judiciary Committee Chairman Patrick Leahy, who has been shepherding the bill through Congress, could help resolve differences in the legislation.
“I am optimistic that we can reach a compromise in the coming weeks,” Reid said.
Leahy said in a statement that he was committed to addressing online piracy and hoped other members of Congress would work with him to get a bill signed into law this year.
“But the day will come when the Senators who forced this move will look back and realize they made a knee-jerk reaction to a monumental problem,” he said.
“Criminals who do nothing but peddle in counterfeit products and stolen American content are smugly watching how the United States Senate decided it was not even worth debating how to stop the overseas criminals from draining our economy,” Leahy said.
(Msnbc.com is a joint venture of Microsoft and Comcast/NBC Universal. Microsoft publicly opposes SOPA in its current form, while Comcast/NBC Universal is listed as a supporter of SOPA on the House Judiciary Committee website.)
Visit msnbc.com for breaking news, world news, and news about the economy
Carberp Malware is Back in a New Form to Target Facebook users
New Version Of Carberp Trojan Targets Facebook Users
A new version of the Carberp Trojan attempts to steal money from Facebook users by duping them into divulging an e-cash voucher, researchers say.
“Carberp replaces any Facebook page the user navigates to with a fake page notifying the victim that his/her Facebook account is ‘temporarily locked,'” says Trusteer CTO Amit Klein in his blog. “The page asks the user for their first name, last name, email, date of birth, password and a Ukash 20 euro [approximately $25 US] voucher number to ‘confirm verification’ of their identity and unlock the account.
Read more at DarkReading.com
Facebook Users Hit By Money-Grubbing Malware
A new version of the Carberp Trojan attempts to steal money from Facebook users by duping them into divulging an e-cash voucher, researchers say.
“Carberp replaces any Facebook page the user navigates to with a fake page notifying the victim that his/her Facebook account is ‘temporarily locked,'” says Trusteer CTO Amit Klein in his blog. “The page asks the user for their first name, last name, email, date of birth, password, and a Ukash 20 euro [approximately $25 U.S.] voucher number to ‘confirm verification’ of their identity and unlock the account.
Read more at InformationWeek.com
Win32/Carberp
Summary
Win32/Carberp is a family of trojans that may be delivered via malicious code, for instance by variants of Exploit:JS/Blacole. The trojan downloads other Win32/Carberp components to execute payload code such as stealing online banking credentials and log on data from numerous other software applications, downloading and executing arbitrary files, exporting installed certificates, capturing screen shots and logging keystrokes.
Read more on Malware Protection Center site
CARBERP Trojan Steals Information
As ZeuS draws the industry’s attention, a new spyware silently but successfully entered the cybercrime scene. CARBERP, as indicated in initial reports, is a new Trojan family that might have been created to challenge the already dominant ZeuS.
TROJ_CARBERP.A uses an ingenious technique to avoid detection. This malware deliberately drops a copy of itself and its component files in directories that do not require administrator privileges, effectively defeating Windows 7 and Vista’s User Account Control (UAC) feature. As such, its routines are not detected in newer Windows OS versions. More specifically, it drops files into the Startup and Application Data folders but neither creates nor modifies registry entries. Since files dropped in the Startup folder can easily be spotted even by novice users, CARBERP hooks two APIs to hide itself, its thread in Explorer.exe, and its component files.
Apart from its stealth tactics, the real danger that CARBERP brings is that it hooks network APIs in WININET.DLL to monitor browsing activities on the affected system. Furthermore, it contacts its C&C server to download a possible configuration file, to send a list of processes running in the affected system, and to receive arbitrary commands. These capabilities can enable the cybercriminals behind this malware to steal virtually any information they wish to get their hands on.
Read more on the Trend Micro Blog
Carberp: Quietly replacing Zeus as the financial malware of choice
Zeus ushered in a new era of malware, but it’s slowly losing its effectiveness. Don’t celebrate just yet; Zeus’s heir apparent, Carberp is ready to take over.
Financial malware like Zeus provide a significant ROI for the bad guys. Just ask fellow IT security writer Brian Krebs, who tirelessly reports on how much damage ZeuS has caused. I even added my two cents about Zeus and its successes.
What is financial malware?
Automated Clearing House (ACH) transactions and Electronic Fund Transfers (EFT) are the main focus of financial malware. The malcode tries to steal login and accounting information, allowing it to transfer the victim’s money to bank accounts of the attacker’s choice through the use of EFT.
Security experts focused on financial malware explain there are two types of attacks.
Read more at TechRepublic.com
Upcoming SANS 2012 (Orlando) Information Security Training Event
SANS 2012 (March 23-30, 2012) is fast approaching! More than 35 courses are offered, all taught by our top-rated instructors who are the best at ensuring you learn the material and can apply it immediately when you return to your office. Choose from audit, IT legal, security management, software and web app developer, forensics, computer security training, and more.
You also won’t want to miss the SANS @Night evening talks, vendor expo and reception, lunch and learns, cocktail briefs, and multiple special events. All of these opportunities will teach you the tools and techniques to keep your company safe.
Register for any five- or six-day course by Wednesday, February 8 and you can receive up to a $500 discount. Add NetWars – Tournament Play to your registration, and you will find that it is free with a long course. Seats are selling fast; register now to obtain the most savings.
SANS 2012 main page:
http://www.sans.org/info/90976
For complete course descriptions and requirements visit,http://www.sans.org/info/96831
Enrich your conference experience by attending evening talks given by our faculty and selected subject matter experts. These talks will broaden your knowledge and give you the opportunity to hear from voices that matter in Cybersecurity. And if you are registered for SANS 2012 these talks are offered at NO CHARGE! View the incredible lineup here: http://www.sans.org/info/96836
*** Save $150 off your registration by using discount code: Refer_SecOrb ***
