Security Blog
June 2009 Archives
June 19, 2009
Cyber Criminals Hold Medical Records Hostage
The line between real life criminal and cyber criminal is quickly blurring, as an unidentified hacker is potentially holding millions of user records for ransom. The hacker broke into a Virginia state prescription drug database containing over 35 million records. You can read more about it here.
I guess we're all used to reading about bad guys holding people, pets, and other valuables for ransom, but as more and more of the world goes digital, so has crime.
Some people still have the misconception that hackers, malware authors, and the like are people with too much time on their hands trying to make a statement. The reality is there is an entire cyber criminal underworld complete with its own eco-system. Everyone has a role. Malware authors write malicious code and put it up on malware forums and bulletin boards for sale to the highest bidder, while the people who buy the programs or code use them to steal data or create havoc....again for money.
What does this mean for the rest of us? Unfortunately, the laws and law enforcement governing the Internet are not as well established as what we are used to for all other things. What that means is that we will have to be responsible for our own online safety, whether it be identity or personal data. Much like some of us who have alarm systems installed in our homes, we need to take a similar approach when it comes to protecting our computers and network assets. Multiple layers of security, along with good computer usage practices are the best ways to minimize exposure. Again, this is serious business for cyber criminals and this should be serious business for you and me as well.
Posted by: Pete at 4:59 PM
Categories: General
June 12, 2009
Threat Lab Report: Microsoft Patches Vulnerabilities
Microsoft announced Tuesday the release of 10 security patches, including six of the critical variety. However, we noticed that a recently discovered DirectX vulnerability was on the list of those being patched. Microsoft's official statement on why the patch was left out was "the patch still hasn't the quality that is needed for shipping".
Microsoft DirectX is an often used multimedia API in Microsoft operating systems. Directshow is the part of the API which handles streaming media.
Last week a vulnerability was discovered in Directshow. This vulnerability can be exploited by attackers when Directshow is processing specially crafted Quicktime video files.
Once an attacker successfully exploits this vulnerability, the remote attacker would be able to run arbitrary code in the context of the user running the application that uses DirectX. Even if the attacker is unsuccessful at exploiting this vulnerability, it still uses many system resources, effectively creating a denial-of-service scenario.
Affected DirectX Versions:
Microsoft DirectX 7.0
Microsoft DirectX 8.1
Microsoft DirectX 9.0
Microsoft DirectX 9.0 a
Microsoft DirectX 9.0 b
Microsoft DirectX 9.0 c
This security hole undoubtedly creates a new way of spreading malware. We have already detected such malware surfacing, so before an official patch is available, we strongly suggest our readers to download the corresponding hotfix found here to patch this vulnerability.
Posted by: Netgear Threat Lab at 3:49 PM
Categories: General , Malware , Netgear Threat Lab , Viruses
June 5, 2009
Threat Lab Update: Gumblar Slowing Down
Based on our collected samples and monitoring of Web-based malware, Gumblar no longer sits at the top of the charts. Traces of the virus have substantially gone down over the course of the past two weeks. For now, Gumblar is no longer a major threat to Web servers and PCs across the Internet. However, new threats are coming out daily so please continue to make sure your systems are patched and security software and devices are updated and running.
Posted by: Netgear Threat Lab at 3:03 PM
Categories: Malware , Netgear Threat Lab , Viruses
