Recent Hacks: NBC.com, Twitter, and Zendesk – Warnings: Tumblr, Pinterest

After dealing with multiple attacks on several sites, including Apple, Facebook, and Twitter – this being Java exploits. Now, it’s time to deal with more hacks, including NBC.com (which has been serving up malware for a day now) and Twitter. As in recent reports now, Tumblr and Pinterest have been forewarned.

The latest high profile organization that was recently hacked is the National Broadcast Company (NBC), more specifically on their website. The idea from the hackers is to use the website to infect visitors, using exploits and other JavaScript injections.

NBC.com’s hacked pages were modified to include additional HTML component called IFRAME, which is inline frame. This allows at least a 1px x 1px frame to be included independently in the webpage, which may contain malicious code. In HTML code, frames can be made to host web content. But, in the hands of the evildoers, aka cybercriminals, it is used as an effort to launch malware campaigns.

Malicious JavaScript was added to the mix, and also used the exploit kit called RedKit. It delivers one of two exploit files to try to take control of your browser.

I recognized something was wrong with NBC.com, which may have already been hacked a few weeks ago, and I posted the information on my Twitter account that a downloaded file was sent to my browser asking me to save or open it. This was on a sister site/blog, RedTape. I asked people to replicate it. The Twitter status can be found here.

What type of malware was delivered? Citadel or ZeroAccess, which are both crimeware families and botnets. They are usually part of several exploit kits.

This drive-by download situation is no good, as the pages were taken offline. Therefore, that dropped the traffic of those specific areas of the site. It is sure that this situation is a matter of cybercrime aimed at a financial side of things, not defacement or pranks.

Was it a big deal that it was NBC? No. In fact, it is sure the hackers were aimed at using a high-profile site, and apparently NBC.com was the easiest or quickest to access. Hackers rely on time and many other factors to make their approach(es).

Zendesk hacks and other various warnings

Zendesk is all about customer support…therefore no one really knows, except for those in the business of customer support. Big names use this service, which include Tumblr, Twitter, and Pinterest, among others. Hackers broke into the Zendesk systems, accessing email addresses of those big name customers, namely Twitter, Tumblr, and Pinterest.

How “pinteresting” that another hack has been born, which is related to a social network. Zendesk detailed the hack:

We’ve become aware that a hacker accessed our system this week. As soon as we learned of the attack, we patched the vulnerability and closed the access that the hacker had. Our ongoing investigation indicates that the hacker had access to the support information that three of our customers store on our system. We believe that the hacker downloaded email addresses of users who contacted those three customers for support, as well as support email subject lines. We notified our affected customers immediately and are working with them to assist in their response.

The companies involved made a point to tell its customers that they haven’t been hacked, but private information was stolen. Luckily, no password thievery was involved.

Obviously, an incident like this, just like the NBC.com incident, needs to be taken very seriously. Something must be done to stop the continuous hacks.

Twitter hacks additionally are nothing new. Many times, hackers used a backdoor, such as the tools the support team uses, to infiltrate the information of Twitter users. It’s not a huge gain, more possibly a waste of time.

Five Ways to Secure a Web Browser for a Tablet

It is important to secure your tablet’s web browser before you go internet surfing. Here are five ways to do it…

1. Use a secured wireless network for WiFi or 3G/4G connection. Using unencrypted wireless networks are very insecure and can be a way for hackers and other threats to happen to your device.
2. Use a Virtual Private Network (VPN). VPNs are available through your mobile service provider (if you have one, like 3G/4G access). They provide an extra layer of protection (sometimes multiple layers of encryption) to secure your web browsing.
3. Keep the OS and apps up-to-date. Check for updates at least twice a week for the OS and apps. System upgrades provide multiple security and functionality updates. It’s good to keep apps up-to-date to avoid security exploits.
4. Only download from trusted sources. If it looks bad, it probably is. Stick to trusted apps stores such as Apple App Store, Google Play, Amazon: App Store.
5. Have a good secure plan. Use a pin code or passphrase to secure access. It’s important to use adequate mobile protection. Because hackers and virus makers are always crafting new threats. Monitoring the latest security threats is a great idea as well, to know how to stay protected from them also.

More Apps Slip Through Google Play; Today it’s Apple’s Products?

The title of this article is a question, because somebody decided to take Apple’s apps and put them on Google Play. Was it Apple? Nope. Apple wouldn’t offer their full-size applications for a mobile device, and definitely not $4.99.

AndroidAuthority reports about this small mess. Here’s a screenshot from AndroidAuthority:

 

Although the Google Play team did take down the apps a few hours later, much damage was already done apparently. It’s very obvious that Google’s team did not take a good look at the apps. What does that tell you? They may not be holding to their promises of reviewing apps, they let in viruses and trojans all the time…etc.

If you want to be free from viruses, the best way would be to protect yourself with Kaspersky Mobile Security – download now.

Is Microsoft Overconfident? Ballmer Calls Android “Wild” and iOS “Highly Controlled”

Steve Ballmer may be the most audacious techie, well at least at Microsoft. He sure has his ways of expressing the opinions he has, which also reflect on the company. But, at least he did it professionally. Anyway, during his interview the other night with Reid Hoffman from LinkedIn, he stated some significant views on the mobile market.

Some of the views of Steve Ballmer included that the Android OS is “wild” and “uncontrolled”; further prone to malware infestations. But, answer this Ballmer…what was Microsoft’s excuse for years in its game of malware infestations? He has no room to talk, as his involvement with Microsoft has existed since 1980, being the 30th employee of the company (according to biographical reports). Microsoft had plenty of time to heal their security problems, but just ignored them for years.

Secondly, he called the iOS, Apple’s forefront mobile product, “highly controlled” and “quite high priced”. Of course, now he’s picked Microsoft as being the middle party operating system maker. As Microsoft’s products are not very well controlled or evenly controlled, and okay pricing. Our perspectives see Ballmer’s point. The question remains, however, was Ballmer just picking on the competition?

It can be sure that Ballmer just wants the middle-ground, as many people seem very comfortable there. Just to hope that mediocre tactics don’t set in, and Microsoft’s mobile line doesn’t go down the tube.

Apple distributes iOS 6.0.1 with special update tool, fixing Passbook access issues

iOS 6.0.1 was released recently, fixing a slew of issues in the mobile operating system, here’s the overview:

• Fixes a bug that prevents iPhone 5 from installing software updates wirelessly over the air
• Fixes a bug where horizontal lines may be displayed across the keyboard
• Fixes an issue that could cause camera flash to not go off
• Improves reliability of iPhone 5 and iPod Touch (5th generation) when connected to encrypted WPA2 Wi-Fi networks
• Resolves an issue that prevents iPhone from using the cellular network in some instances
• Consolidated the Use Cellular Data switch for iTunes Match
• Fixes a Passcode Lock bug that sometimes allowed access to Passbook pass details from lock screen
• Fixes a bug affecting Exchange meetings

This update is highly recommended, especially because the Passbook issue being fixed. It also includes an update tool, which automatically prepares the iPhone/tablet OS for future updates.

Apple Advisory

All about TPM Chip in Windows 8 – Microsoft is Many Years Late

What is the TPM Chip?

• Microsoft released Windows 8, and with it came the Trusted Platform Module (TPM Chip) is a chip that allows a certain operating system to recognize a chip to verify the operating system and its modules. This provides even better security, so that Windows can only be installed on hardware that is verified through the TPM Chip.
• Now, it is unclear whether or not it will be required for Windows 8, however, it is in testing mode at this point. In future versions of Windows, it will probably be required. Which also makes it difficult for those using Windows on a virtual machine, and will probably require people to acquire a specific compatibility license to run Windows on virtual machine, or dual boot with a Mac-based computer.
• Confused yet? Apple was one of the first, if not the first, to introduce an OEM chip, which required people to have if they wanted to run Mac operating systems. Which meant, for example, Mac OS X couldn’t be installed onto a normal computer, it had to be on “Mac-branded hardware” as they state in their terms-of-use on Mac OS X.
• What does this bring to the security of operating systems necessarily? It provides very low level security, and will be just another possibility to block bootkit attackers and other boot-based viruses/rootkits.
• Some experts say that TPM will probably be included in new PCs, tablets, and other Windows-branded devices. There’s no current way to just “install it”, however, Windows 8 is engineered to be able to recognize the TPM Chip.
• When did this idea come about? Probably the late-1990s was when this idea came about, because security experts were realizing the issue that software antivirus/firewall was not strong enough to block the threats. It would take more than just software-based protection programs.
• What other implementations (other than Apple’s chip) are in place?The Google Chromebook is a good example of implementation, because when it boots, the TPM chip object in there checks the modules on the system. If one is bad, it automatically replaces it with its “last known good module” (in its comprised library of last known good modules), keeping itself protected.

 

For the future of TPM technology

• It’s possible the makers of the TPM technology would be working with security/OS vendors to create antivirus that can be built over top of the TPM chip, which would scan the operating system and kernel before it starts up.
• What’s different than boot-time scanners offered by companies like Avast, for example? Boot-time scanners offered by software companies still use Windows modules to help scan the whole computer. However, since the modules are part of the operating system, the boot-time scan cannot get to the OS kernel deep enough. Although, it can scan the system before it loads services/drivers, it cannot necessarily get a good look at all of the drivers/services or the MBR/BIOS for that matter.
• By allowing antivirus to scan computer before operating system starts (at all), it will also keep on top of things so malware cannot hinder or suppress the scan.

 

This is just one of the many security features included in Windows 8. Take a look!

Latest security reports: Android malware growth, Apple most vulnerable vendor

The latest security studies are in, and here are the analyses from seCURE Connexion…

• Android malware has overgrown, with an extreme growth by the end of July to the month of August, and into September and October. Get protected now with the latest in mobile security, so your smartphone can stay secure from the dangers of the app world.
• Another rise for Android issues, would be apps that act like aggressive adware, by collecting way too much personal information. It is continuously a problem, dealing with apps that collect a load of personal information, and some have worried about identity theft.
• Vendors of software have seen a continual rise in vulnerabilities for the past couple of years. However, Apple seems to have the worst problem, but so does Google. Both companies have seen varying degrees of intensity and quantity of attacks, and it’s to question that Microsoft is seeing a break in the action. The good part is, Microsoft only shown half as many vulnerabilities as Google, and only one-quarter as many as Apple. Though these numbers are only speculative, based on looking over the lists of the past few months.
• Some of the major malware on Windows systems have included Trojan.ZeroAccess, Worm.Conficker, and more.
• Corporate and government entities have seen an extreme rise in the number of cyberattacks. Worries about a cyberwar are continually heating up, and it’s unknown the origin of most of the attacks.
• According to the Symantec Internet Security Threat Report (ISTR), 400 million new variants of malware were created in 2011, which is an average of 33 million new variants of malware a month, or an average of one million new variants a day.

Overall, the spectrum of cyberattacks has increased on an extreme level, whether it’d be cyberwar related, or cybercrime. It’s definitely best to consider this declared war, and work constantly to protect our computers and our own livelihood.

 

Critical fix issued for Shockwave Player – Oct. 23, 2012

Adobe has released a critical update for Shockwave Player after several serious vulnerabilities were found.

• Users of 11.6.7.637 and earlier versions should now update to version 11.6.8.638 – Update Now
• Updates are available for Windows and Mac systems.
• There is no active propagation of exploits.
• Check to see if you have Shockwave Player.
• Shockwave Player is not the same as Adobe Flash Player, which update October 8.
• Check release notes.
• Uncheck the Norton Security Scan, if it shows.

To protect against vulnerabilities, it is best to have a good internet security software, not FREE antivirus! Check here:

Security & BYOD for the iPhone 5 (mini-whitepaper)

As you upgrade to the iPhone 5, please keep in mind some principles, both personal and business.

• If your iPhone will be handed down to a child, make sure ALL critical data is removed from there. This includes all business data, personal details, etc. It is highly critical to maintain your business and personal identity.
• As new devices are created, new threats are created as well. These security threats need to be identified and taken care of. Just because it is a new iPhone does not mean it’s immune from security threats. Security is a losing battle, because hackers are always trying to stay one-step ahead of programmers/developers. While developers are working around the clock trying to prepare these new capable hardware/software, hackers are doing the same working against them.
• The iPhone 5 is set to accelerate BYOD, which means better available options to network administrators. Things like data copying, wiping operations (erasing loads of data), etc.
• The iOS 6’s Passbook feature can store financial information for securing digital transactions. If you’re comfortable storing that information go ahead, otherwise just keep it off.
• Emails, texts, and calendar appointments can be modified by the Siri app, without requiring the administrator to log in to the device.
• If Apple succeeds in the acquisition of AuthenTec, it allows for a fingerprint identification security system for the device, making it more secure physically. But this technology is pending at the moment.
• Apple calls the iPhone 5 “The thinnest, lightest, fastest iPhone ever”, but they mention nothing about security do they?

 

If this has helped you personally or your business in any way, please consider making a donation to help further the seCURE Connexion project.

Apple releases major update to iTunes with version 10.7

160 vulnerabilities are being fixed with a new release from Apple for iTunes 10.

The newest version number is 10.7. Update now!

Most of the fixes rolled out are involved with WebKit. WebKit is a layout engine from Apple, which allows webpages to be rendered in a browser. Therefore, the main problems faced in iTunes 10 are with the Store site. WebKit is also used in Safari browser by Apple and Chrome browser by Google. Google apparently helped get the fixes for Apple’s iTunes program.

Many of the vulnerabilities in WebKit are from bug reports in 2011. Just now fixing these flaws shows how low this is on the priority list with the Apple development team concerning iTunes. These same vulnerabilities were apparently fixed long ago in Safari and Chrome. So, what’s the excuse?

Users can get the security fixes by updating iTunes directly in the application.

Apple’s statement on the security update page:

Available for: Windows 7, Vista, XP SP2 or later

Impact: Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution

Description: Multiple memory corruption issues existed in WebKit. These issues are addressed through improved memory handling.

 

Protect your computer now from ANY vulnerability by getting a second opinion malware removal scanner and protection program: