New proof-of-concept malware demonstrates virus for OS X
A posting from Cnet News in there Security and Privacy Section:
Security researchers have found a proof-of-concept attack that appears to be the first true viral malware approach for compromising OS X.
The malware is called “Clampzok.A” and is a cross-platform malware package that alters the binary files on an affected system so when executed, the binary will infect neighboring binary files.
The malware is written in assembly code, and was originally released in 2006 for Windows and Linux systems, but was recently updated to affect 32-bit Mach-O binary files in OS X machines.
Unlike Trojan horses, spyware, and adware that hide in one location on the system and persistently run to steal information or otherwise be a nuisance, viral malware attempts to spread itself around the system. Of these, a form known as a worm will try to replicate itself, but does not infect otherwise healthy files. The classic virus, by contrast, will inject itself into the compiled code of an executable or into the structure of a file, modifying it significantly so that when the file is read, the virus is executed and further injects itself around the system, wreaking havoc on the system’s ability to function.
This latest malware shows promise to do just that.
To Read more click here:
Evernote offers two-factor verification in wake of hack
A posting from NBS News in there Technology Section:
Popular media-saving service Evernote has stepped up its security after a recent breach in which users’ emails and passwords were leaked. The company is now offering two-factor verification to its premium users to make sure that when someone signs into your account, it’s really you.
The hack, in March, did not appear to expose any critical information like financial data, but just in case, Evernote’s 50 million users were warned of the attack and their pssswords reset.
Two-factor verification or authentication improves on using just passwords by requiring that whoever logs in also input a code sent to their mobile phone. The idea is that by using both something only you should know (your password) with something only you should have (your phone) makes things very difficult for potential hackers. Twitter said last week it is starting two-factor authentication, and it is something used by Google, Facebook and Microsoft.
To read more click here:
‘NetTraveler’ Cyberespionage Campaign Uncovered
An intrstuing article from Dark Reading:
A less sophisticated but long-running cyberspying program out of China aimed at high-profile targets in government, embassies, oil and gas, military contractors, activists, and universities has infected hundreds of targets across 40 nations.
The so-called NetTraveler campaign revealed today by Kaspersky Lab comes from a midsize APT group out of China that has some 50 members and who also have used other malware including Zegost (from Gh0stNet), Saker, and other APT-related tools. That doesn’t mean the same group is behind Gh0stNet or other campaigns, however: “The groups and their activities are large, complex and in many ways separate, and we are simply saying that there are inter-relations in the dataset,” said Kurt Baumgartner, senior security researcher for the Americas on the Global Research and Analysis Team at Kaspersky Lab, in an email interview. “This group’s connections with a handful of other groups is both operational and shares infrastructure.”
To read more click here:
Are Businesses Knowingly Infecting Their Web Visitors?
A posting from Dark reading in there Vulnerability and Threat section:
As cybercriminals have shifted their techniques to get the most efficiency out of their attack campaigns, some of their favorite methods involve two-pronged attacks to first compromise legitimate Web servers and then use them to, in turn, infect unsuspecting visitors to seemingly innocuous sites. While much of this illicit malicious activity occurs behind the backs of these organizations, there are increasing number of businesses that upon being informed that their IPs are engaging in bad behavior stall indefinitely or wait months to remediate the situation.
Whether it is willful denial, a lack of preparation to respond quickly to news of this kind of infection, or simply a lack of resources to be able to properly clean up their online messes, the net effect is that businesses are complicit in spreading malware online, says Srinivas Kumar, CTO of TaaSERA. As he puts it, it is the height of hypocrisy considering how much proselytizing that so many organizations have done in the past to users about how users endanger end-to-end trust in online transactions by using infected devices. Now it is the businesses themselves that are infecting the unknowing users.
To read more click here:
End user security requires layers of tools and training as employees use more devices and apps
A posting from Dark Reading in there Endpoint security section: When Meritrust Credit Union wanted to improve its endpoint security to comply with financial regulations, information security officer Brian Meyer needed to go beyond antivirus. The commonly used endpoint security typically doesn’t provide a way of tracking whether employees’ devices — the laptops, tablets and phones moving in and out of the network — have up-to-date security or are running potentially dangerous applications. With attackers routinely evading endpoint security, Meyer was legitimately worried that one might get in.
To read more click here:
LinkedIn flips the two-factor authentication switch
A posting from Naked Security on LinkedIn authentication: Happy anniversary of getting the bejeezus hacked out of you, LinkedIn!
Maybe the timing is just a coincidence, but the career-toned social networking site got savagely hacked on 5 June 2012.
Cybercrooks stole about 6.5 million passwords, over 60% of which were cracked within the span of one measly day.
The attack resulted in a variety of nastiness, including a pump-and-dump stock scam and a $5 million class action lawsuit (dismissed in March).
To read more click here:
