Hacking, Security & Privacy News - Page 94

Crowd funding website Indiegogo was hit by a DDOS attack by an unknown source after YourAnonNews posted up a fundraising campaign. YourAnonNews (YAN) is attempting to raise funds to develop and host a new website that is similar to a newswire for Anonymous news. Apparently someone didn't like the idea.

Over the past two years Your Anon News (YAN) has been many things to many people and has continuously evolved under the guidance of numerous contributors. Since our humble beginnings as a new account we have always resisted being held to the constraints placed upon mainstream media outlets, but were limited to the tools available to us via Twitter and Tumblr. Those of us contributing to YAN have always desired to expand our capabilities and to report, not just aggregate, the news.

It's not clear where the DDOS attack originated from and Indiegogo hasn't been exactly forthcoming about the attack. Slava Rubin, founder of Indiegogo, apologized for the outage and offered an extension to any campaigns ending this week: "Any campaigns scheduled to conclude this week will have the option of extending until Sunday by contacting our 24-7 Customer Happiness team."

Activist in Tibet might want to reconsider spreading the word about their next rally through their Android based smartphones. Researchers at Kaspersky Labs have just discovered a new Trojan virus that is designed to target Tibetan and Uyghur Activist.

The malware is specifically designed for Android Phones and is injected into the device when the unsuspecting user opens an email that references the recent World Uyghur Conference. Kaspersky says that this is the first documented attack that targets Android smartphones but it will most certainly not be the last.

In an interview with Mashable, Kurt Baumgartner, a senior security researcher at Kaspersky, said:

A new virus specific to Mac has been discovered by Russian security firm Doctor Web. Named Trojan.Yontoo.1, the virus injects ads into webpages on the infected machine.

The malware works by installing an adware plugin into any of the popular browsers then overlays an advertisement in key locations on webpages. Doctor Web says that this trojan is just another piece of a large adware puzzle that has been infecting OS X for some time now.

The virus can be caught in several different ways, with the most popular method being the use of movie trailer pages in which users must install a plugin to view the content. Other methods of injection have been media player enhancement programs and download accelerators. One indication of infection is that when launched, Trojan.Yontoo.1 will prompt users to install a program called "Free Twit Tube" or something similar.

Samsung has confirmed that they are working on a fix for a flaw that allows bypassing of the lock screen. The bug was posted to the internet today and shows a method for bypassing the lock screen, permanently, if you have enough time to download an app from the Play Store.

The steps to reproduce the bug are below:

The bug is only present on Samsung's implementation of Android. It doesn't seem to affect the stock build. In a statement, Samsung said, "We are aware of this issue and will release a fix at the earliest possibility. Samsung considers user privacy and the security of user data its top priority."

China has said that it is willing to cooperate with the US in an effort to curb future cyber-attacks allegedly coming from within its borders. The country said it is ready to open a "constructive dialogue" to help put a stop to internet related attacks.

In a report released by the Associated Press, a spokesperson for China's foreign ministry said that he condemned the recent attacks. "Cyberspace needs rules and cooperation, not wars. China is willing to have constructive dialogue and cooperation with the global community, including the United States."

The response from China comes after White House national security adviser Tom Donilon released a statement saying "China should take serious steps to investigate and put a stop to these activities," and asked the country to "engage with us in a constructive direct dialogue to establish acceptable norms of behavior in cyberspace."

At the Pwn2Own hacking competition currently running in Vancouver, Canada, two security researchers from MWR Labs have managed to exploit Google Chrome. As a result of this impressive feat, they have been awarded a $100,000 prize. The exploit relied on a bug in Chrome as well as a bug in the kernel of Windows 7.

By visiting a malicious webpage, users could be susceptible to the exploit, even if they are running fully patched software. The exploit allowed the researchers to run code in the sandboxed renderer process. They then utilized a kernel exploit in Windows 7, which granted them elevated privileges.

We were able to exploit the first vulnerability in multiple ways, allowing us to leak the addresses of several objects in memory, calculate the base address of certain system dlls, read arbitrary data, and gain code execution. This allowed us to bypass ALSR by leaking the base address of a dll, and to bypass DEP by reading that dll's .text segment into a javascript string, allowing us to dynamically calculate the addresses of ROP gadgets.

Reports surfaced today stating that a small number of Apple's systems were hacked through the same zero-day Java exploit that Facebook's systems fell victim to in January. The source of the exploit is said to be the same as the one that managed to infect some of Facebook's systems. In the case of Apple, there is no evidence that any data was transmitted from Apple's systems.

"Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers," the company said in a statement. "The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network."

Apple has released an update to Mac OS X that will help protect customers from the malware. The update can be installed from the Software Update panel in the Mac App Store or downloaded directly from Apple's website.

Security firm Mandiant has come out with quite the startling report titled "APT1: Exposing One of China's Cyber Espionage Units", which has tracked the alleged military-backed Chinese hacking group dubbed as Advanced Persistent Threat 1 all the way back to 2006.

Mandiant have written "Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China's cyber threat actors." The group is also believed to be the 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's (GSD) 3rd Department, otherwise known as Unit 61398.

The New York Times have written about it, where they worked off an advance copy of the report, which led them to buildings in Shanghai which they believe is where the unit is based. The Times then encountered persistent attacks from Chinese hackers last year, where they worked with Mandiant to monitor and block the intrusions into their network.

Aaron Swartz took his life a couple of weeks ago and we have now seen hacktivist collective Anonymous making a strategic move by hacking a US government website related to the justice system.

They posted on the site informing everyone they would begin leaking a cache of government documents if the justice system is not reformed. Anonymous hacked the website for the United States Sentencing Commission late Friday, where they posted a message about what they're calling "Operation Last Resort", which included a bunch of downloadable, but encrypted files that they say contain sensitive information.

Anonymous' statement reads:

Java seems to be one of the most exploited pieces of software running on a computer. Unfortunately, most computers are running Java for websites and other interactive features online. Just earlier this week, Oracle had to rush out a patch for Java that secured up a critical bug that allowed hackers to run code on a victim's machine.

An administrator for an exclusive cybercrime forum posted up Monday an offering for a new zero-day exploit that has yet to be patched by Oracle. It also has yet to be rolled into one of the exploit kits, some of which rent for upwards of $10,000 a month. The starting price for the exploit? $5,000.

New Java 0day, selling to 2 people, 5k$ per person