Researchers claim to have found more zero-day vulnerabilities in Java
An article from Naked security on java vulnerabilities: A security research team that has alerted Oracle to a series of security flaws in Java in the past, says that it has uncovered new zero-day vulnerabilities in the software.
According to Polish firm update posted by Security Explorations, it has sent proof-of-concept code to Oracle’s security team – so they can investigate the issue.
To read more click here:
Cyber-criminals are targeting phones and bank info
An article form CNN in there tech Sections: As recent high-profile attacks at major companies like Facebook and Apple, major publications like the New York Times and Washington Post and the U.S. government itself have made clear, cyber-crime is a very real and growing concern for everyone.
The latest threat report from security firm McAfee highlights the need for vigilance on mobile devices and a change in how people and companies approach security.
For more information click here:
White House Cracks Down On Cyberespionage
An interesting article form Dark reading in there advanced-threats sections on Cyberespionage: The Obama administration is turning up the heat on nation-state cyberespionage attackers: A new policy aimed at protecting the U.S. government and businesses from theft of their intellectual property goes further than previous administrations in addressing the worst-kept secret that cyberspies are stealing U.S. IP.
Direct diplomatic pressure, greater law enforcement engagement, promotion of better security practices by potential victims, tougher legislation, and more aggressive public awareness campaigns are some of the main approaches of the strategy announced yesterday by administration officials.
To read more Click Here:
NBC website hacked and distributes malware – here’s what happened
An interesting article form Naked Security about NBC website being hack :The latest high-profile organisation to fall victim to cybercriminals is the National Broadcasting Company (NBC), one of the so-called Big Three television networks in the USA.
NBC’s website was “owned” and used as a go-between in a campaign to infect online visitors automatically.
For more on this topic click here:
Mandiant Exposes APT1 – One of China’s Cyber Espionage Units & Releases 3,000 Indicators
An interesting article by By Dan Mcwhorter on the Mandiant Blog
Today, The Mandiant® Intelligence Center™ released an unprecedented report exposing APT1′s multi-year, enterprise-scale computer espionage campaign. APT1 is one of dozens of threat groups Mandiant tracks around the world and we consider it to be one of the most prolific in terms of the sheer quantity of information it has stolen.
Highlights of the report include:
- Evidence linking APT1 to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Cover Designator 61398).
- A timeline of APT1 economic espionage conducted since 2006 against 141 victims across multiple industries.
- APT1′s modus operandi (tools, tactics, procedures) including a compilation of videos showing actual APT1 activity.
- The timeline and details of over 40 APT1 malware families.
- The timeline and details of APT1′s extensive attack infrastructure.
Mandiant is also releasing a digital appendix with more than 3,000 indicators to bolster defenses against APT1 operations. This appendix includes:
- Digital delivery of over 3,000 APT1 indicators, such as domain names, and MD5 hashes of malware.
- Thirteen (13) X.509 encryption certificates used by APT1.
- A set of APT1 Indicators of Compromise (IOCs) and detailed descriptions of over 40 malware families in APT1′s arsenal of digital weapons.
- IOCs that can be used in conjunction with Redline™, Mandiant’s free host-based investigative tool, or with Mandiant Intelligent Response® (MIR), Mandiant’s commercial enterprise investigative tool.
Read the rest here.
Google says it is winning the war against Gmail account hijackers
An interesting article on Naked Security: It was 2011, and if you were a Gmail user you might have found things had begun to turn ugly.
Spam messages, spear-phishing attacks, and bogus “I’m stranded in a foreign country” scams, began to appear in some users’ inboxes, defeating Google’s anti-spam systems.
To read more about this click here:
