Archive for the ‘IT Security News’ Category

ESET LogoAnti-virus experts are warning about a surge of activity the malware FileCoder.

IT security company Eset reported about a rapid increase in activity a dangerous Trojan FileCoder, which encrypts your personal data files in order to extort money from the transcript. Most of the victims are Russian users. Experts have recorded an unusual burst of activity malware families Filecoder. According to data obtained using cloud technology Eset Live Grid, Win32/Filecoder activity compared with the average level recorded in the first half of 2013 increased by more than 200%.

From this activity the most affected people of Russia. According to Eset, Russia accounts for 44% of detections. In addition, a significant proportion of infections recorded in Europe – from extortionists FileCoder affected users from Germany, Spain, Italy, Poland, Romania, Ukraine and Czech Republic. Also infected with this malware have been observed in the United States. (more…)

New Vulnerabilities

New Trojan for Mac

Analysts on Information Security by company Intego discovered a new type of Trojan that infects Mac computers. The data presented indicate a relationship with the Syrian group of hackers Syrian Electronic Army, responsible for numerous attacks recently.

The company Intego, engaged in release of antivirus software, said in a blog post about finding a hacker attack aimed at the owners of computers Apple Mac.

Sample Trojan, with which the attack was carried out, was sent to Intego by a user in Belarus. At the moment, the command server, which connects to the malicious application is idle and does not send to the computers of victims of any team.

Intego experts suggest that a Trojan was distributed by e-mail and via infected websites masquerading as an image file with the name of kissing couple DSC00117 – like file photo taken with a digital camera. When a user tried to open it, the Trojan copies itself to / Users / Shared / UserEvent.app and created the file ~ / Library / LaunchAgents / UserEvent.System.plist to run UserEvent.app. (more…)

Symantec CorpSymantec experts have found 469 new vulnerabilities, which is 13 % higher than in August 2012.

Symantec has introduced a virus activity report for August 2013. Experts analyzed the level of spam, the most common scams on social networks, the number of malicious programs for mobile devices, and phishing attacks.

The authors of the study say that the most popular form of fraud in social networks has been spreading false information about the sale of the goods at a discount. These scams invite social network users to join a fake event or group with incentives such as free gift cards. This type of attack accounted for 82 % of all attacks carried out in the social networks. (more…)

New Vulnerabilities

0day-exploit for Internet Explorer

Microsoft warns users of Internet Explorer, what the attackers began to exploit a new previously unknown 0-day vulnerability in browser IE 6-10.

Now specialists are working on the release of the patch, which will included in automatic updates. But the danger is so great that people are asked to self-install the patch Fix It, which released an emergency basis. Before you install it you need to install the September patch KB2870699.

Vulnerability CVE- 2013-3893 refers to the browser Microsoft Internet Explorer 6-10 under all versions of the OS, other than Server Core, and allows for remote code execution. According to the official description, the failure is due to improper browser access to an object in memory that has been deleted or incorrectly placed. Exploit the remote execution of code means that an attacker can install malicious software on your computer, just pointing it on outside web page (the attack drive-by). (more…)

G DataAnti-virus company revealed the new technology of cloud cyber attacks.

Experts in the field of computer security have identified a new way of carrying out cyber attacks based on the placement of the virus code in the cloud storage.

According to experts of G Data, the virus placed in the “cloud ” can be used to intercept data when making payment transactions over the Internet. So, for example, downloaded from the cloud of the malicious code may require the user to re-enter credit card information or personal data, which as a result will be in the hands of criminals.

According to this principle already has two well-known Trojan virus called Zeus and Ciavax. Unlike traditional viruses, which are located directly among the files stored on the computer, cloud viruses are much more difficult to detect and analyze and effective means of dealing with them is not there yet. (more…)

Adobe Logo

Vulnerabilities in Adobe Reader

The Adobe Systems company has released an update for Flash Player, Reader, Acrobat and Shockwave Player, designed to eliminate critical vulnerabilities that could allow hackers to gain remote control over the victim’s computer.

Flash Player update includes patches for four vulnerabilities that could allow an attacker to execute arbitrary code. Updated versions of Flash Player for Windows ( new version 11.8.800.168), Mac OS X (11.8.800.168), Linux (11.2.202.310) and Android (11.1.111.73).

Web browsers Google Chrome and Internet Explorer 10, will receive the updates automatically.

Similar vulnerabilities have been fixed in a cross platform environment Adobe AIR, which is also equipped with Flash Player. A new version of AIR for Windows, Mac OS X and Android – 3.8.0.1430. (more…)

ESET LogoResearchers has discovered ‘Zeus-like Trojan‘.

ESET’s researchers has discovered a new effective web banking Trojan – Hesperbot (Win32/Spy.Hesperbot), whose activities are aimed at users from Turkey, the Czech Republic, Portugal and UK.

Malicious software can capture keystrokes, take screenshots with the user’s screen , record video , and configure proxy and create a hidden VNC- server on the infected system.

Hesperbot spreads by sending out phishing emails and often tries to infect mobile devices that operate on the basis of Android, Symbian and Blackberry. Experts notes – the functionality of the new malware is reminiscent of another well-known banking Trojan – Zeus. (more…)

G DataMobile viruses are rapidly evolving, and in the first half of 2013, their number an increase of 180 percent 180%.

According to experts of the German anti-virus company G Data, for the first 6 months of this year, it was discovered more than 519 thousand new malicious programs for the Android, while in the second half of 2012, the figure was about 185,000. Daily products G Data detected 2,868 new malware aimed at users of the platform. It is noteworthy that in the first half of last year it was discovered a little more than 29.5 million new threats.

To date, Android is the absolute leader among mobile platforms on the number of targeted malware on it. This is not only the prevalence of gadgets running on the Linux operating system, but also the availability of emerging lately special tools (malware kit), with which the creation of malware under the force of even the most experienced users. Moreover, the virus writers are more often disguise malicious code in applications, which makes the analysis of such software. As a result, an infected attachment remains active for a long time on the device and can be used by hackers in their own selfish purposes. (more…)

Google“Google Cloud Storage service is now automatically and free of charge encrypts all user data,” – said in the Internet company Google.

According to Dave Barth (the product manager for Google Cloud Storage), embedded encryption process is completely transparent to users and does not affect the performance of the service.

“If you enable encryption of your data, this feature saves you from using third-party solutions for data encryption, as well as the need for storage and management of cryptographic keys,” – he said.

According to him, when you turn on encryption for new downloadable service files will be encrypted at the back end, and users will not see any differences between the files with crypto support without it. In a blog post Google said that such an approach – is only part of the company’s efforts to strengthen the privacy of customer data after recent scandals with Internet wiretapping and NSA leaks from the U.S.. (more…)

Symantec CorpSymantec reported the detection of an attack on a popular hosting “Freedom Hosting”, which provides anonymous hosting service through a network of Tor. On the page of the service have been detected malicious scripts that allow attackers to intercept user data network Tor. As a result, questioned the anonymity of the hosting center – in fact with the help of malicious programs can track the user’s location.

August 4 at the sites hosted on hosting Freedom Hosting, allows access through a network of Tor, were found malicious scripts. Discovered scripts use the vulnerability, found in the browser Firefox, which has already been fixed in Firefox 22 and Firefox 17.0.7 ESR (Extended Support Release). Most likely, this vulnerability has been chosen because it set to work with a network of Tor Browser Bundle (TBB) is based on the Firefox ESR 17. Symantec products are defined these scripts as Trojan.Malscript! Html. (more…)