Sign up for our Technology Newsletter 
Powerful “Flame” Virus Found In Iran
Security experts have uncovered a highly sophisticated computer virus in Iran and other Middle Eastern states that they believe was deployed at least five years ago to engage in state-sponsored cyber espionage.
Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran’s nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that claimed responsibility for discovering the virus.
Kaspersky researchers said on Monday they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.
Iran has accused the United States and Israel of deploying Stuxnet.
Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.
A cyber security agency in Iran said on its English website that Flame bore a “close relation” to Stuxnet, the notorious computer worm that attacked that country’s nuclear program in 2010 and is the first publicly known example of a cyber weapon.
Iran’s National Computer Emergency Response Team also said Flame might be linked to recent cyber attacks that officials in Tehran have said were responsible for massive data losses on some Iranian computer systems.
Is B.Y.O.D Proving To Be A Headache?
May 29, 2012 by admin
Filed under Around The Net
Comments Off on Is B.Y.O.D Proving To Be A Headache?
IT managers trying to cope with the growing bring-your-own-device (BYOD) trend can expect to see an explosion in the number of smartphones and tablets used by employees in the next few years.
As a result, IT shops won’t be able to provide the security necessary to protect company data, says Gartner analyst Ken Dulaney.
“The number of devices coming in the next few years will outstrip IT’s ability to keep the enterprise secure,” he said, adding that IT workers are “going crazy” and “get into fights” over whether users should have upgrades.
To help IT cope, software vendors should create what Dulaney called “beneficial viruses” that could be embedded in corporate data carried on mobile devices. These software tools would require users to have licenses in order to access files, just as digital rights management technology does with music and video files.
Beneficial viruses would also “be smart enough” to delete the sensitive data if a device is lost or stolen, or if data winds up on an unauthorized device, Dulaney said, adding, “It’s time for the SAPs and Oracles to begin thinking about doing that, and it’s a lot harder than we think.”
Today, IT shops use mobile device management software to monitor which mobile users are authorized to access applications and whether they can access the data outside the corporate cloud.
Will Linux See Growth Next Year?
Canonical has said it expects Ubuntu to ship on 18 million PCs next year.
Having just launched Ubuntu 12.04, Canonical is bullish about its future, with Chris Kenyon, its VP of sales and business development forecasting that the firm’s operating system will ship on 18 million machines in 2013. According to Phoronix, Kenyon claimed that will amount to five per cent of worldwide PC shipments.
Kenyon’s prediction represents more than double the number of PCs shipped currently with Ubuntu and while that might seem optimistic the firm has been on a roll when it comes to OEM support. Prior to Canonical’s launch of Ubuntu 12.04 it announced certification for HP Proliant servers, and yesterday it revealed that it has been working with Dell on an Ubuntu image for Dell’s headline XPS 13 ultrabook.
Although Kenyon mentioned PC unit sales, it is unlikely to forecast a similar growth in servers pre-installed with Ubuntu despite the firm’s certification for some Proliant servers.
Kenyon believes that most firms buy bare metal servers and load their own tweaked images. He said, “As a point of fact the vast majority of this [Ubuntu on servers] is not sold pre-installed. […] Pre-install in the server market is just irrelevant, it is not how the market works. Even when something gets pre-installed an enterprise will wipe it because they will have their own image. [OS pre-installation] is a distraction [for servers, but] it’s a very applicable question in the client world.”
WordPress Attacked By Hackers
March 14, 2012 by admin
Filed under Around The Net
Comments Off on WordPress Attacked By Hackers
Security outfit Websense said that more than 200,000 infected pages that redirect users to websites displaying fake antivirus scans have been created. The latest compromises are part of a rogue antivirus distribution campaign that has been going on for months, the Websense researchers said.
Cybercriminals gangs have switched to drive-by download attacks that exploit vulnerabilities in outdated browser plug-ins to automatically download and install their rogue software. The large number of infected Web pages seen in this campaign is an indication that these scams still work. Vulnerable websites are a rich source of opportunity for cybercriminals. More than 85 percent of the compromised sites were located in the US, but their visitors were geographically dispersed.
Remote Access Tools Threatens Smartphones
March 7, 2012 by admin
Filed under Smartphones
Comments Off on Remote Access Tools Threatens Smartphones
Malware tools that allow attackers to gain complete remote control of smartphones have become a major threat to owners around the world, security researchers say.
In a demonstration at the RSA Conference 2012 here Wednesday, former McAfee executives George Kurtz and Dmitri Alperovitch, who recently founded security firm CrowdStrike, installed a remote access tool on an Android 2.2-powered smartphone by taking advantage of an unpatched flaw in WebKit, the default browser in the OS.
The researchers showed an overflow audience how the malware can be delivered on a smartphone via an innocuous looking SMS message and then be used to intercept and record phone conversations, capture video, steal text messages, track dialed numbers and pinpoint a user’s physical location.
The tools used in the attack were obtained from easily available underground sources, Kurtz said. The WebKit bug, for instance, was one of 20 tools purchased from hackers for a collective $1,400.
The remote access Trojan used in the attack was a modified version of Nickispy a well-known Chinese malware tool.
Learning how to exploit the WebKit vulnerability and to modify the Trojan for the attack, was harder than expected, said Kurtz. He estimated that CrowdStrike spent about $14,000 in all to develop the attack.
But the key issue is that similar attacks are possible against any smartphone, not just those running Android, he said.
WebKit for instance, is widely used as a default browser in other mobile operating systems including Apple’s iOS and the BlackBerry Tablet OS. WebKit is also is used in Apple’s Safari and Google’s Chrome browsers.
Several mobile remote access Trojans are already openly available from companies pitching them as tools that can be used to surreptitiously keep tabs on others.
Apache Finally Goes To The Cloud
The Apache Software Foundation (ASF) has announced Hadoop 1.0.
The open source software project has reached the milestone of its first full release after six years of development. Hadoop is a software framework for reliable, scalable and distributed computing under a free licence. Apache describes it as “a foundation of cloud computing”.
“This release is the culmination of a lot of hard work and cooperation from a vibrant Apache community group of dedicated software developers and committers that has brought new levels of stability and production expertise to the Hadoop project,” said Arun Murthy, VP of Apache Hadoop.
“Hadoop is becoming the de facto data platform that enables organizations to store, process and query vast torrents of data, and the new release represents an important step forward in performance, stability and security,” he added.
Apache Hadoop allows for the distributed processing of large data sets, often Petabytes, across clusters of computers using a simple programming model.
The Hadoop framework is used by some big name organisations including Amazon, Ebay, IBM, Apple, Facebook and Yahoo.
Yahoo has significantly contributed to the project and hosts the largest Hadoop production environment with more than 42,000 nodes.
.
Hackers Plan To Go After Fox
Anonymous plans to take out the Fox news network because of its coverage of the Wall Street Protests.
Dubbed “Operation Fox Hunt”, Anonymous announced the plans on YouTube to attack the Fox News website on the anniversary of Guy Fawkes Day. Anonymous is also planning to target former Fox News personality Glenn Beck as well as current Fox News representative Sean Hannity and Bill O’Reilly during “Operation Fox Hunt”.
Anonymous said that it has had a gutsful of “right wing conservative propaganda” and “belittling the occupiers” of the Occupy Wall Street demonstrations. Anonymous recently a distributed denial-of-service attack against the Oakland police department’s website after a 24-year-old wounded Marine home from serving two tours in Iraq was critically injured in the Occupy Oakland protest. Police allegedly threw an object that fractured the marine’s skull landing him in the hospital.
The Linux Kernel Got Hacked
Servers that are part of the Linux kernel.org infrastructure were affected during a recent intrusion where attackers managed to gain root access and plant Trojan scripts.
According to an email sent out to the community by kernel.org chief administrator John Hawley, known as warthog9, the incident started with the compromise of a server referred to as Hera. The personal colocated machine of Linux developer H Peter Anvin (HPA) and additional kernel.org systems were also affected.
“Upon some investigation there are a couple of kernel.org boxes, specifically hera and odin1, with potential pre-cursors on demeter2, zeus1 and zeus2, that have been hit by this,” Hawley wrote.
The intrusion was discovered on 28 August and according to preliminary findings attackers gained access by using a set of compromised credentials. They then elevated their privileges to root by exploiting a zero-day vulnerability that the kernel.org administrators have yet to identify.
Fortunately, logs and parts of the exploit code were retained and will help the investigation. A Trojan was added to the startup scripts of affected systems, but gave itself away through Xnest /dev/mem error messages.
According to the kernel.org admins, these error messages have been seen on other systems as well, but it’s not clear if those machines are vulnerable or compromised. “If developers see this, and you don’t have Xnest installed, please investigate,” the administrators advised.
The good news is that the exploit failed on systems running the latest Linux kernel version, 3.1-rc2, which was released two weeks ago. This is possibly the fortunate consequence of one of the bugfixes it contains.
Get Ready For Email-Malware Spree
A sizeable uptick in malicious email attachments is just subsiding, but if history is any indicator,several smaller spikes are about to follow that use even more deceptive tactics than their predecessors.
The recent surge, fueled in large part by a flood of fake messages from UPS, is similar to one observed at the end of March in that the messages urge recipients to open an attachment that releases the malware on victims’ machines, according to Internet security firm Commtouch.
The earlier wave used a wide range of package-delivery services as senders, including FedEx and DHL, but the latest outbreak employs a wider variety of messages such as, “Dear client, recipient’s address is wrong”, “Dear User, Delivery Confirmation: FAILED”, and “Dear Client, We are not able to delivery [sic] the postal package”, according to the Commtouch blog.
All the messages then instruct the recipient to open the attachment that contains the malware, claiming it is an invoice or a form that needs to be filled out. “This time we see differences in the style of the emails – there is far more variation in the automatically-generated subjects, body and attachment names. Last time all the attachments were “UPS.exe” – this time there are many variations,” says Avi Turiel, director of product marketing at Commtouch in an email.
The attackers will evaluate the success of the attack by finding out how many recipients activated the malware, “Based on the infections vs. malware sent out they will probably try and figure out what they could improve in the next attack,” he says.
Accused Hacker Out On Bail In England
Comments Off on Accused Hacker Out On Bail In England
The accused ‘Topiary’, whose name is Jake Davis, was charged on Sunday and bailed by the courts yesterday. He was charged with five offences: Unauthorised access to a computer system, Encouraging or assisting offences, Conspiracy with others to carry out a Distributed Denial of Service Attack on the website of the Serious and Organised Crime Agency, Conspiracy to commit offences of Section 3 Computer Misuse Act 1990, and Conspiracy with others to commit offences of Section 3 Computer Misuse Act 1990 contrary to Section 1 of the Criminal Law Act 1977.
According to a report at the Guardian, his bail conditions are that Davis must wear an electronic tag, not access the internet, and not leave his house between 10pm and 7am.
Davis, who appeared outside court wearing sunglasses and holding a copy of “Free Radicals: The Secret Anarchy of Science” by Micheal Brooks and who allegedly authored the Rupert Murdoch is dead story that appeared on the hacked web site of the Sun newspaper, has already gained support on the internet in general and especially on Twitter.