SECURITY SECURITY SECURITY
NYT claims evidence that US and FBI warns of
NEW SECURITY Israel jointly created Stuxnet banking Trojan
RISKS DETECTED
An article in the New The US FBI's Internet Crime
AND PATCHED York Times dated intelligence center has warned
January 15, 2011, businesses of a Trojan that
claims that recently logs into users' online bank
uncovered Wikileaks accounts on compromised
cables contain evidence computers. While the
that the Stuxnet worm technique isn't particularly
that spread rapidly new, the payload delivery
around the world in method is. The Trojan is
late 2009 was in fact attached to emails designed
deliberately developed to look like responses to job
by the US in collaboration with Israel, specifi cally to target application advertisements.
and disable Iran's nuclear efforts. The newspaper further The criminals behind the scam
GMAIL
Spammers can send messages through
ordinary day-to-day functioning of the nuclear facility and have posted job notices and
a manipulated website on Google
accounts without knowing their mail then played these back in order to mask its activities. The are even tailoring these emails
addresses. It is enough to be logged in article cites unnamed experts who say that Stuxnet is still to look like responses to those
as a Google Mail user and visit a being studied, and is far more complicated than anything specifi c requirements. Once the
hacker site in a new tab. ever previously encountered. If true, this would make it the worm obtains users' banking
SOLUTION: Google has already taken fi rst known instance of a successful cyber weapon. With credentials, it transfers money
up the issue of this error in their
such capabilities out in the wild, any kind of chaos could be to an account registered in the
mail service—special configuration
spread by forces that manage to modify it for themselves. Ukraine.
is not required.
MICROSOFT WINDOWS
SECURITY SECURITY
A zero-day vulnerability in Windows
enables offenders to provide admin Hackers circumvent industry- FB cancels phone
rights to the actual user via a
StackOverflow and install malware. standard image signatures number sharing
SOLUTION: A Microsoft patch isn’t
available up till now, however the
Software giant is already working on Photos taken with
a bug fix for this problem. professional Canon cameras
can be embedded with an
G DATA INTERNET SECURITY ODD signature (Original
The latest G DATA anti virus scanner Decision Data). This is Narrowly avoiding yet
raises an error alarm while visiting designed to ensure that the another uproar over sharing
popular sites: the sites may be photo cannot be altered or users' private information
infested with JS:RedirectorEN. These
retouched without being with third parties, Facebook
alarms are in fact false positives.
SOLUTION: G Data has stated that it is detected. However Dmitry Sklyarov, a safety expert from has decided to temporarily
concerned with error alarms in all ElcomSoft, has now showed how he can forge this signature, roll back a feature that would
cases. With the next update the at the CONFidence 2.0 hacker trade fair. The expert read grant application developers
websites should be shown correctly out and analyzed the fi rmware of his Canon EOS 30D using access to its users' phone
and without an incorrect error message being displayed. encryption code and was thus able to forge ODD signatures addresses. The capability will
and deceive the offi cial Canon signature reader, known as be reintroduced when a more
CLAM AV the OSKE3 Security Kit. Canon is aware of this shortcoming transparent system for opting
After an erroneous update, the free but has not commented on it till now. News agencies and out can be implemented. Apps
virus scanner considers Windows a insurance providers have been using ODD for years in order which use this information
virus and then tries to quarantine the
to be able to check the authenticity of a photo—such as its will be able to target users
entire system.
recording time and place. Several controversial photo edits and send notifi cations
SOLUTION: ClamWin has provided a
problem-free update of its tool on have made the news in the past few years, embarassing the directly to their phones,
its website. responsible agencies and leading to allegations of bias or possibly including unsolicited
manipulation of the news. advertisements.
NYT claims evidence that US and FBI warns of
NEW SECURITY Israel jointly created Stuxnet banking Trojan
RISKS DETECTED
An article in the New The US FBI's Internet Crime
AND PATCHED York Times dated intelligence center has warned
January 15, 2011, businesses of a Trojan that
claims that recently logs into users' online bank
uncovered Wikileaks accounts on compromised
cables contain evidence computers. While the
that the Stuxnet worm technique isn't particularly
that spread rapidly new, the payload delivery
around the world in method is. The Trojan is
late 2009 was in fact attached to emails designed
deliberately developed to look like responses to job
by the US in collaboration with Israel, specifi cally to target application advertisements.
and disable Iran's nuclear efforts. The newspaper further The criminals behind the scam
GMAIL
Spammers can send messages through
ordinary day-to-day functioning of the nuclear facility and have posted job notices and
a manipulated website on Google
accounts without knowing their mail then played these back in order to mask its activities. The are even tailoring these emails
addresses. It is enough to be logged in article cites unnamed experts who say that Stuxnet is still to look like responses to those
as a Google Mail user and visit a being studied, and is far more complicated than anything specifi c requirements. Once the
hacker site in a new tab. ever previously encountered. If true, this would make it the worm obtains users' banking
SOLUTION: Google has already taken fi rst known instance of a successful cyber weapon. With credentials, it transfers money
up the issue of this error in their
such capabilities out in the wild, any kind of chaos could be to an account registered in the
mail service—special configuration
spread by forces that manage to modify it for themselves. Ukraine.
is not required.
MICROSOFT WINDOWS
SECURITY SECURITY
A zero-day vulnerability in Windows
enables offenders to provide admin Hackers circumvent industry- FB cancels phone
rights to the actual user via a
StackOverflow and install malware. standard image signatures number sharing
SOLUTION: A Microsoft patch isn’t
available up till now, however the
Software giant is already working on Photos taken with
a bug fix for this problem. professional Canon cameras
can be embedded with an
G DATA INTERNET SECURITY ODD signature (Original
The latest G DATA anti virus scanner Decision Data). This is Narrowly avoiding yet
raises an error alarm while visiting designed to ensure that the another uproar over sharing
popular sites: the sites may be photo cannot be altered or users' private information
infested with JS:RedirectorEN. These
retouched without being with third parties, Facebook
alarms are in fact false positives.
SOLUTION: G Data has stated that it is detected. However Dmitry Sklyarov, a safety expert from has decided to temporarily
concerned with error alarms in all ElcomSoft, has now showed how he can forge this signature, roll back a feature that would
cases. With the next update the at the CONFidence 2.0 hacker trade fair. The expert read grant application developers
websites should be shown correctly out and analyzed the fi rmware of his Canon EOS 30D using access to its users' phone
and without an incorrect error message being displayed. encryption code and was thus able to forge ODD signatures addresses. The capability will
and deceive the offi cial Canon signature reader, known as be reintroduced when a more
CLAM AV the OSKE3 Security Kit. Canon is aware of this shortcoming transparent system for opting
After an erroneous update, the free but has not commented on it till now. News agencies and out can be implemented. Apps
virus scanner considers Windows a insurance providers have been using ODD for years in order which use this information
virus and then tries to quarantine the
to be able to check the authenticity of a photo—such as its will be able to target users
entire system.
recording time and place. Several controversial photo edits and send notifi cations
SOLUTION: ClamWin has provided a
problem-free update of its tool on have made the news in the past few years, embarassing the directly to their phones,
its website. responsible agencies and leading to allegations of bias or possibly including unsolicited
manipulation of the news. advertisements.
No comments:
Post a Comment