Hackers gain access to all .edu domains

The hacker collective “Hack the Planet” (HTP) has claimed responsibility for an attack on MIT (Massachusetts Institute of Technology) computer systems in late January, in which it claims to have briefly taken control of the university’s domain, redirected email traffic, and obtained administrator access to all .edu domains. HTP also claims to have compromised web servers for other sites, including security tool Nmap, network security service Sucuri, IT security company Trend Micro, and network analysis tool Wireshark.

Some of the hacks made use of a zero-day exploit, which the group has now taken the opportunity to disclose, against a vulnerability in the MoinMoin wiki system. Hack the Planet has also released information about an exploit against web servers running ColdFusion 9 or 10. The group claims to have used a variant of this exploit for their April attack on hosting company Linode.

HTP are a pretty hardcore bunch, though they are keen to stress their adherence to hacking’s code of honour on their trawls through the web. In contrast to the carefree approach practised by more chaos-loving hackers of the LulzSec ilk, which involves simply pasting everything they uncover online, they appear to be more concerned with bragging rights. They document their deeds in old-school zines, consisting of scorn-laden ASCII documents with detailed descriptions of their adventures.

According to the latest zine, HTP has obtained access to a number of servers, including servers hosting the Nagios, Mono, Pastie, and SQLite projects. The hackers even claim to have compromised ICANN and the SourceForge backbone. They have published around 7500 .edu domain records together with unsalted MD5 password hashes. Nearly half (around 3400) of the records also include the password as plain text. In view of the speed with which it is possible to try out MD5 hashes, it is likely to be only a matter of time before the remainder are cracked. The registrar has declined to comment on whether or not it has a firm grip on the threat this poses.

Source:
http://www.h-online.com/security/news/item/Hackers-gain-access-to-all-edu-domains-1858471.html

Posted in Internet, Privacy, Security | No Comments

Malwarebytes backup service prevents malware uploads

Your hard drive crashes. You hit “Save” without thinking and an important version is overwritten and lost forever. Someone accidentally deletes all the wedding pics. You restore an infected file to your new computer and end up having to start all over again.

Stuff happens.

Having a backup is a good idea. Having a backup that you can be confident is completely free of malware is a better idea.

Malwarebytes Secure Backup automatically backs up your important documents, music, photos, and videos to our state-of-the-art online data center. And these files are transmitted using military-grade encryption for complete safety.

But before Malwarebytes Secure Backup uploads a file, it scans the file for malware using Malwarebytes Anti-Malware. So now you can confidently save files that you know are clean. And you can share these clean files with friends by simply sending URL links to the files stored at our data centers.

Unlike other backup services, Malwarebytes Secure Backup won’t allow you to back up, restore, or share infected files or malware. It’s just a good idea…made better.

Source:
http://www.malwarebytes.org/products/securebackup/

Posted in Internet, Security | No Comments

Stats confirm that trojans spreading, malware being built at record rates

Trojans continue to dominate the threat landscape, according to Panda Security’s latest quarterly report, released Monday.

The anti-virus maker’s research arm, PandaLabs, found that between January and March of this year, more than 6.5 million new malware strains were built, with trojans comprising 75 percent of those. In total, trojans were responsible for 80 percent of global computer infections – a record – far outpacing worms, viruses and adware.

Across the globe, researchers discovered that more than 31 percent of PCs have been seeded with malware, with machines in China experiencing the highest infection rates (around 50 percent). In the United States, PandaLabs said 28 percent of computers are infected nationwide, numbers that roughly correspond to previous versions of the report.

PandaLabs said trojans are particularly effective because of their ability to take advantage of vulnerabilities in commonly deployed third-party software, such as Java or Adobe, and be served through compromised websites. Plus, they often can evade detection.

“This attack method allows hackers to infect thousands of computers in just a few minutes with the same trojan or different ones, as attackers have the ability to change the trojan they use based on multiple parameters, such as the victim’s location, the operating system used, etc.,” according to PandaLabs.

Source:
http://www.scmagazine.com/stats-confirm-that-trojans-spreading-malware-being-built-at-record-rates/article/292188/

Posted in Internet, Security, Software | No Comments

Microsoft confirms exploit in Internet Explorer 8

Internet Explorer 8 is still the most-used version of Microsoft’s web browser family, according to data from Net Applications. Late Friday, Microsoft posted word that it had discovered an exploit in the browser but noted the issue issue does not appear to affect any other versions.

Microsoft’s Security blog states the exploit could in theory be used to allow for a “remote code execution if users browse to a malicious website with an affected browser.” Computerworld.com reports that the issue was first identified by the security firm Invincea and has already been used by hackers in attacks directed against the U.S. Department of Labor and U.S. Department of Energy.

People still using IE8 can simply upgrade to a more recent version of the browser to avoid this exploit.

Microsoft is working to create a patch for IE8 that will close this exploit. If users don’t wish to upgrade their browsers, Microsoft says some workarounds might help stop the issue. One is to set Internet and local intranet security zone settings to high, and the other is to set up IE8 to prompt users before running any Active Script type of program or to simply disable Active Scripting entirely.

Source:
http://www.neowin.net/news/microsoft-confirms-exploit-in-internet-explorer-8

Posted in Internet, Security, Windows | No Comments

DHS: ‘OpUSA’ May Be More Bark Than Bite

The U.S. Department of Homeland Security is warning that a group of mostly Middle East- and North Africa-based criminal hackers are preparing to launch a cyber attack campaign next week known as “OpUSA” against websites of high-profile US government agencies, financial institutions, and commercial entities. But security experts remain undecided on whether this latest round of promised attacks will amount to anything more than a public nuisance.

A confidential alert, produced by DHS on May 1 and obtained by KrebsOnSecurity, predicts that the attacks “likely will result in limited disruptions and mostly consist of nuisance-level attacks against publicly accessible webpages and possibly data exploitation. Independent of the success of the attacks, the criminal hackers likely will leverage press coverage and social media to propagate an anti-US message.”

The DHS alert is in response to chest-thumping declarations from anonymous hackers who have promised to team up and launch a volley of online attacks against a range of U.S. targets beginning May 7. “Anonymous will make sure that’s this May 7th will be a day to remember,” reads a rambling, profane manifesto posted Apr. 21 to Pastebin by a group calling itself N4M3LE55 CR3W.

“On that day anonymous will start phase one of operation USA. America you have committed multiple war crimes in Iraq, Afghanistan, Pakistan, and recently you have committed war crimes in your own country,” the hackers wrote. “We will now wipe you off the cyber map. Do not take this as a warning. You can not stop the internet hate machine from doxes, DNS attacks, defaces, redirects, ddos attacks, database leaks, and admin take overs.”

Source:
https://krebsonsecurity.com/2013/05/dhs-opusa-may-be-more-bark-than-bite/

Posted in Internet, Privacy, Security | No Comments