August 2009 Archives
Posted By Netgear Threat Lab at 2:06 PM, August 28, 2009
Microsoft announced 9 security patches in August. Of the 9, 5 were of the level "Critical", including a fix to the mass exploited Office "memory corruption" zero-day vulnerability, as well as another serious Windows security hole affecting Mac users.
This security update (named as MS09-043), not only fixes a security vulnerability in multiple versions of Office, but also involves VisualStudio.NET 2003 SP1, ISA Server 2004 SP3 / 2006 SP1, and BizTalkServer2002 as well as other Microsoft products, thereby reducing number of users of these products that are at risk to remote code execution attacks.
On July 14th Microsoft released an emergency update immediately available to customers worldwide numbered as "973,472". This security bulletin recognizes that some versions of Office Web Components ActiveX control (this control is mainly used for Web page display, release forms, charts, and databases) contained loopholes that hackers could exploit by constructing a malicious Web page (i.e. "hang Ma page") to gain control of the visitor's computer and execute arbitrary code. Up to now, there have been several million Web pages used by hackers to exploit the Office loophole "hanging horse". We are able to detect and deal with this specifically crafted Trojan. The virus is named Trojan.Win32.Monder.cqjp in our virus library.
In the patch containing the fix for the aforementioned Office memory corruption vulnerability also contained eight other patches for Windows2000, XP, Vista, and even Windows Server 2008, as well as fixes to dozens security vulnerabilities for software applications such as Outlook Express and Windows Media Player. These vulnerabilities may lead to remote code execution, privilege escalation, denial-of-service attacks, and other hacker attacks.
With the Black Hat and DefCon security conferences taking place earlier this month in Las Vegas, there was a large gathering of the world's hackers, disclosing and sharing all kinds of information on security vulnerabilities. We expect this to dramatically amplify the amount of potential threats on the global Internet. Seems like Microsoft has also taken notice shown by their increased intensity for August security updates.
Posted by: Netgear Threat Lab at 2:06 PM
Categories: General , Netgear Threat Lab
Posted By Pete at 5:02 PM, August 7, 2009
Denial of service attacks on Twitter have continued, and while the Twitter service is still up, some of the services such as SMS tweeting are still experiencing some problems. Out of the three main targets (Twitter, Facebook, and LiveJournal), Twitter seems to be affected by it the most. Now that the attack is under control, we try to find who did it and the motivation behind it.
Per Twitter's blog:
"The ongoing, massively coordinated attacks on Twitter this week appear to have been geopolitical in motivation. However, we don't feel it's appropriate to engage in speculative discussion about these motivations. The open exchange of information can have a positive impact globally and our job is to keep Twitter services running reliably to the best of our ability."
Further investigation leads to this report from PC World. In the report they point out that the attacks maybe an attempt from Russia to silence a certain blogger identified as Cyxymu in Georgia (the country). According to the report a spokeswoman from Facebook almost went as far as confirming it:
"[The attacks] appears to be directed at an individual who has a presence on a number of sites, rather than the sites themselves. Specifically, the person is an activist blogger and a botnet was directed to request his pages at such a rate that it impacted service for other users. We've isolated the issue and almost all of our users are able to enjoy the normal Facebook experience."
One thing that disturbs me in all of this, is the easy availability of botnets to the attacker. It seems like there are an unlimited number of botnets at their disposal. All they need to is flip the switch and whoever they attack is at their mercy. I wouldn't be surprised if there are underground vendors selling botnets to the highest bidder. This just means that there are way too many infected PCs and the Internet has become a farm for growing weapons.
Posted by: Pete at 5:02 PM
Categories: Denial of Service , General
Posted By Pete at 11:46 AM, August 6, 2009
Social networking services Twitter and Facebook were the targets of a denial of service (DoS) attack this morning. The hackers managed to take down Twitter for a couple of hours and were also somewhat successful in disrupting Facebook as well. As of now, Twitter is still trying to fend off the attacks and has managed to restore service to its users.
Hackers and cyber criminals alike are clearly making social networks one of their primary targets. Social networking services such as Twitter and Facebook need to look long and hard at how they protect their services and users.
Posted by: Pete at 11:46 AM
Categories: Denial of Service , General
« July 2009 |
Main Index |
| September 2009 »