Archive | October 2012

Steam Gamers Listen Up: Platform Vulnerable to Remote Exploits, 50M at risk

50 million users plus of the Steam gaming and distribution platform are at risk for remote exploits because of vulnerabilities in the platform’s URL protocol handler, researchers at ReVuln wrote in a paper released.

According to ThreatPost, Luigi Auriemma and Donato Ferrante discovered a number of memory corruption issues, including buffer and heap overflows that would allow an attacker to abuse the way the Steam client handles browser requests. Steam runs on Windows, Linux and Mac OSX.

The steam:// URL protocol is used to connect to game servers, load and uninstall games, backup files, run games and interact with news, profiles and download pages offered by Valve, the company that operates the platform. Attackers, Auriemma and Ferrante said, can abuse specific Steam commands via steam:// URLs to inject attacks and run other malicious code on victim machines.

Read more on the ThreatPost blog

Protect your gaming with BitDefender GameSafe

DDoS on HSBC, disruption in online banking services

The Hongkong and Shanghai Banking Corporation, also known as HSBC, was the next victim of a distributed denial-of-service attack (DDoS), making it impossible for customers to conduct their Internet banking services.

According to a statement posted on its website:

On 18 October 2012 HSBC servers came under a denial of service attack which affected a number of HSBC websites around the world.

This denial of service attack did not affect any customer data, but did prevent customers using HSBC online services, including internet banking.

We are taking appropriate action, working hard to restore service. We are pleased to say that some sites are now back up and running.

We are cooperating with the relevant authorities and will cooperate with other organisations that have been similarly affected by such criminal acts.

We apologise for any inconvenience caused to our customers throughout the world.

The update on its website stated, “HSBC restored all of its websites globally to full accessibility as of 11:00 PM EST time last night. ”

DDoS attacks, conducted by cyber criminals, are a means of controlling a certain number of computers to target a single or group of Internet servers, in attempts to overload them. This in turn, causes the server to shutdown, or discontinue its service until the load wears down.

This is only one of the few latest DDoS attacks on corporations or government entities.

Kaspersky secure operating system in production

Kaspersky Lab is currently working on their own operating system from scratch, which includes the ability to help monitor business and government servers, further protecting them from government malware attacks. Government malware include Stuxnet, Flame, Duqu, Gauss, etc.

The whole point of the OS is to protect the various complex industrial systems we see today, especially in government facilities, corporations, and other industrial sectors.

Many government agencies are in fear that their systems/servers are still compromised, and without a good operating system, these systems/servers may still be at risk. Meanwhile, some companies/government facilities are overwhelmed with the idea of having to update their programs, keep patches up-to-date, etc., and also keeping the system continually running. Therefore, a secure operating system is a good plan to be in the works.

Kaspersky Lab held the operating system as a secret for quite a while, but now will be releasing information and updates: “Quite a few rumors about this project have appeared already on the Internet, so I guess it’s time to lift the curtain (a little) on our secret project and let you know (a bit) about what’s really going on,” Eugene Kaspersky, CEO of Kaspersky Lab, said in a blog post.

Apparently, the protocols SCADA (Supervisory Control and Data Acquisition) and PLCs (Programmable Logic Controllers) don’t require authentication to access them, which present a huge security risk. With that in mind, the secure OS will work on making that more of a secure approach.

With these new ideas into a secure OS, it will pave the way for a greater security realm in the industrial, corporate, governmental sectors, etc.

 

Critical Java patch issued for 30 security holes

Oracle has issued a critical advisory for multiple (30) vulnerabilities in Java Runtime Environment. Most of the flaws involve Java Runtime Environment, however a couple of them are issued for JavaFX.

Here is our update table:

Version affected: JRE version 7 update 7 and previous => need update 9 now

Version affected: JRE version 6 update 35 and previous => need update 37 now

Version affected: JRE version 5 update 36 and previous => no patch available!

As always, you can get the latest Java updates from the following methods:

  • WINDOWS = Access Start > Control Panel > Java. Click the Update Tab and select Update Now. (You can also enable automatic updates through this method)
  • Any other method: http://www.java.com – click the Free Java Download. It should auto-detect your system.

NOTE: If you use the offline installer found on java.com, make sure you’re aware that it bundles either Ask Toolbar or McAfee Security Scan Plus. It isn’t recommended to install either one, but that choice is up to you.
Read more about different Java issues:

Facebook alliance with key antivirus companies continues, update enclosed

Facebook has announced the expansion of their alliance with antivirus companies in hopes to better secure its users and promote good privacy… here is a quick scope of the details:

Today, we are excited to announce the expansion of our AV Marketplace to include 7 new partners to our growing coalition of security companies. Starting now, Facebook users will be able to download software from – avast!, AVG, Avira, Kaspersky, Panda, Total Defense, and Webroot. Not only do we have new partners but also many of our existing partners – Microsoft, McAfee, Norton, TrendMicro, and Sophos – will begin offering anti-virus software for your mobile devices. You can visit the AV Marketplace now to download your free anti-virus software for PC, Mac and Mobile.

Our new anti-virus partners bring with them both the latest software and comprehensive intelligence. As with our existing partners, these seven companies will help protect Facebook’s community of over a billion users by improving our URL blacklist system. This system scans trillions of clicks per per day, and before each click, the system consults the databases of all our AV Marketplace partners to make sure the website you are about to visit is safe. This means that whenever you click a link on our site you are protected both by Facebook and 12 of the industry leaders in computer security. We will be cooperating with these partners more in the future, and look forward to announcing new tools soon.

Read more now at the Facebook blog

 

 

See more antivirus recommendations

More news in Sony Pictures hack, LulzSec member Rivera pleads guilty

LulzSec member, Raynaldo Rivera, who was arrested at the end of August, appeared in court this past Thursday (Oct. 11), and has plead guilty to the charges of being involved in hacking into Sony Pictures, as well as for stealing personal information, passwords, and other personal data from thousands of users.

Under the plea agreement, Rivera will pay restitution to his victims and faces the maximum penalty: five year prison sentence and a fine of at least $250,000.

Because of this “simple SQL injection“, it costed Sony over $600,000 apparently, which is not cheap change by any means.

Rivera used the HideMyAss proxy service, illegally according to their Terms, to investigate potential vulnerabilities on Sony servers. HideMyAss proxy service cooperated with authorities, providing a report of the data transactions made by the hacker.

Unknown hackers allegedly steal $400,000 from city of Burlington, Washington

The town of Burlington, Washington fell victim to a recent attack by a band of unknown hackers, stealing $400,000 in the operation. Odds are that taxpayer data was stolen, also.

Burlington officials have warned residents in the city that their private data could have been stolen, and becoming targets for identity theft. A number of billing systems in the town were attacked, notably the online automatic utility billing system, which holds a large amount of resident data. Once these systems were attacked, the band of hackers were able to leak $400,000 out of the city’s funds.

According to Computer World, an alert [that was] issued this morning, city administrator Bryan Harrison said all autopay customers should assume that their name, bank account number and routing number was compromised following an intrusion into a city utility billing system.

Authorities are still investigating this issue, and will provide updates soon.

%d bloggers like this: