ICT Security-Sécurité PC et Internet

Bei einer Analyse eines sich seltsam verhaltenden Domain Controllers entdeckten Sicherheitsspezialisten eine ganz besondere Hintertür: Einbrecher hatten die Windows Server so manipuliert, dass ein Master-Passwort universellen Zugang gewährte.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Skeleton-Key

An executives system was reportedly infected by malware after he charged an ecigarette purchased on eBay through his systems USB port.

Laut Microsoft steht Rumänien an der Spitze Europas, soweit es infizierte Rechner betrifft. Die größte Dichte an Malware-Sites weist Luxemburg auf. Deutschland bewegt sich im Mittelfeld der europäischen Staaten.

It appears that the website NBC.com was compromised by malware for around fifteen minutes Thursday 12pm PST with RedKit malware.

The technique makes malicious traffic harder to detect for firewalls and other network security systems, researcher says

A malware program designed for Linux systems, including embedded devices with ARM architecture, uses a sophisticated kernel rootkit that’s custom built for each infection.

The malware, known as XOR.DDoS, was first spotted in September by security research outfit Malware Must Die. However, it has since evolved and new versions were seen in the wild as recently as Jan. 20, according to a new report Thursday from security firm FireEye, which analyzed the threat in detail.

XOR.DDoS is installed on targeted systems via SSH (Secure Shell) brute-force attacks launched primarily from Internet Protocol (IP) addresses registered to a Hong Kong-based company called Hee Thai Limited.

The attacks attempt to guess the password for the root account by using different dictionary-based techniques and password lists from past data breaches. FireEye observed well over 20,000 SSH login attempts per targeted server within a 24-hour period and more than 1 million per server between mid-November and end of January.

Learn more:

- http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

It's time to use two-factor authentication, folks.

The newly-discovered "Skeleton Key" malware is able to circumvent authentication on Active Directory systems, according to Dell researchers.

The Dell SecureWorks Counter Threat Unit (CTU) teampublished their findings in an advisory notice this week.

A rogue anti-virus product that blackmails people by secretly taking their picture with their webcam is on the rise.

The amount of cybercriminal activity associated with the Zeus family of financial Trojan programs has increased during the past few months, according to security researchers from antivirus vendor Trend Micro.

SophosLabs has observed a trend of hackers inserting their malicious code into legitimate JavaScript hosted on legitimate compromised websites.

Learn more about what our experts have seen, and e...

 

 

 

 

 

 

 

Recently SophosLabs has seen a flurry of detections of Troj/Iframe-JG on legitimate websites, including:

Primary School websites in EnglandSmall community websites in ItalyA nightclub website in LondonThe website of an East African nation's TV companyThe website of trade association of Financial Advisors in the US

We’ve seen malware for PCs that infects mobile devices, but it turns out there’s also malware for mobile devices designed to infect PCs. Kaspersky researchers have discovered a new piece of Android malware that masquerades as a “cleaner” app meant to free memory for Google’s operating system but wreaks havoc on your smartphone in the background and on Microsoft’s operating system when it’s connected to a PC.

The security firm says the malware has the most “extensive feature set” it has ever seen in one mobile app. Here’s the list:

Sending SMS messages.Enabling Wi-Fi.Gathering information about the device.Opening arbitrary links in a browser.Uploading the SD card’s entire contents.Uploading an arbitrary file (or folder) to the master’s server.Uploading all SMS messages.Deleting all SMS messages.Uploading all the contacts/photos/coordinates from the device to the master.