New Attack Method Delivers Malware Via Mouse Hover

Mouseover’ technique relies on users hovering over hyperlinked text and images in Microsoft PowerPoint files to drop Trojan.

Researchers have found a new form of attack that abuses the action of hovering over hyperlinked text and images in a Microsoft PowerPoint presentation.

Trend Micro researchers discovered the “mouseover” technique, used by a Trojan downloader also found in a spam campaign hitting EMEA businesses in the manufacturing, education, pyrotechnics, logistics, and device fabrication industries. The downloader they analyzed delivers a version of the OTLARD banking Trojan, also known as GootKit.

“This is the first occurrence of malware using the ‘hover’ method to initiate a download that we know of,” says Mark Nunnikhoven, Trend Micro’s VP of cloud security.

“While GootKit is known malware, businesses should be more concerned about this latest technique as it shows none of the usual indicators of an infected document,” he explains. This is novel because it abuses the previously safe user practice of hovering over a link before clicking.
Continue reading New Attack Method Delivers Malware Via Mouse Hover

Advertisements

Netgear Router Security Update

Netgear noted that several of their routers have a command injection Vulnerability issue where an attacker can use a phishing method to gain control of your router.

Tip:
To find the model/version number, check the bottom or back panel of your NETGEAR device.

From the vulnerability Notes Database:

R6200, R6250, R6400, R6700, R6900, R7000, R7100LG, R7300, R7900, R8000, D6220, and D6400 contain an unauthenticated command injection vulnerability that may be executed directly or via cross-domain requests. Known affected firmware versions include Netgear R7000 version 1.0.7.2_1.1.93, R6400 version 1.0.1.12_1.0.11, and R8000 version 1.0.3.4_1.1.2. Earlier versions may also be affected. The command injection vulnerability has been assigned CVE-2016-6277.

By convincing a user to visit a specially crafted web site, a remote, unauthenticated attacker may execute arbitrary commands with root privileges on affected routers. An unauthenticated, LAN-based attacker may do the same by issuing a direct request, e.g. by visiting: http:///cgi-bin/;COMMAND

Continue reading Netgear Router Security Update

Bringing down the Net?

Security expert Bruce Schneier recently talked about how someone is learning how to take down the internet. We have seen lots of companies talk about attacks on their infrastructure, breaches, hacking and stealing accounts, etc. As per the companies, it seems name of the attacks are made out to seem like probing for ways to get into networks and do harm.

It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.
– Bruce Schneier

Continue reading Bringing down the Net?

Researchers find over 100 spying Tor nodes

Researchers find over 100 spying Tor nodes that attempt to compromise darknet sites

When it comes to accessing public websites, Tor has an intrinsic security problem: though the nodes between your computer and the public internet are unable to see where the traffic is coming from or going to, the final hop in the network (known as an exit node) gets to know what webserver you are connecting to. Continue reading Researchers find over 100 spying Tor nodes

Linux Kernel Zero Day Vulnerability CVE-2016-0728

This vulnerability has existed since 2012 and it affects Android and Linux systems running Linux Kernel version 3.8+, and Linux server or desktop running kernel 3.8+ is vulnerable.

As of the date of disclosure, this vulnerability has implications for approximately tens of millions of Linux PCs and servers, and 66 percent of all Android devices (phones/tablets).

How do I fix this?

First some background on what the CVE-2016-0728 bug is. From the Perception Point Research Team

CVE-2016-0728 is caused by a reference leak in the keyrings facility. Before we dive into the details, let’s cover some background required to understand the bug. It can successfully escalates privileges from a local user to root.

Continue reading Linux Kernel Zero Day Vulnerability CVE-2016-0728

Being13: Inside the Secret World of Teens

If you are a parent, thinking about becoming one or know a parent that can benefit from this coverage; please allocate some time and watch and pass the word on to as many families as you can. This is an important piece that parents, guardians and well, everyone needs to watch; and make sure your child(ren) watch it with you. In today’s word where the interwebs is the place to be and where children spend most of their time; it is important that we all know what they do, how they are living their social lives, what they are doing online and with whom, etc. Anderson Cooper captures a lot of this in the #Being13 special report.

I have written these pieces:

and there will be more to come.

Atlanta (CNN) For the past two years, CNN has been investigating how teens use social media.

#Being13: Inside the Secret World of Teens airs on October 5th (tomorrow) at 9 p.m. ET on CNN

Across the country, eighth graders (with the permission of their parents and schools) allowed child development experts into their online world. Experts studied 150,000 posts across Instagram, Twitter and Facebook.

Ahead of the special, CNN asked some of the teens who participated in the study about the impact of social media on their lives. Their answers express solely their opinion and are edited for brevity and clarity.

What does social media mean to you?

Morgan: Social media means a lot to me, and it’s very important in my eyes. A lot of my life revolves around it. So, without social media, my life would be pretty different.

Zack: Social media, to me, means a place where I can post things about myself for other people.

Jay: Honestly, I really love social media. Social media is a great way to chat with your friends.

Emmy: It makes me feel really happy — I guess? I don’t know how to explain it. It gives me mixed emotions, but most of the time it makes me feel very happy. I don’t know, it is just something I really like to do.

What is the purpose of social media?

Morgan: To me, social media’s purpose is to have a way to connect with people online. It helps you to still be in touch with lots of people even if it’s not face to face. It can also have the purpose of letting people know who you really are. People can be themselves, and be more open than they might be in person.

Zach: The purpose of social media is so I can express who I am, what I do and places I go.

Jay: Social media definitely has more than one purpose. One of the ways is to interact with your friends and meet new people. Actually, it is funny that you ask, because my school just based everything online. They are making us get these apps, and then we get all of our homework on it. So now, everything is basically off social media, Facebook and everything. Like, I am in this class, and they give us stuff to do that is on the Facebook page. We have to get this app called Google classroom. We are basically going paperless. Everything is going to be online now.

Emmy: I would say to be connected to everything and everybody in your school and your friends and have like a mini community online.

Describe what it feels like when you are cut off from social media?

Morgan: Being cut off from social media is awful. Even just one day off it makes you feel like you’re totally out of the loop on everything. I always feel like I miss out on tons of stuff, and everyone knows more than me about what’s been going on lately.

Zach: It feels as if something really important has been taken away, and if I don’t have it, I will just be a more grumpier and frustrated person in general.

Jay: Oh well, it happens a lot because my mom keeps taking away my phone. I guess sometimes I feel like I am not able to talk with anyone. I feel sort of like cut off from all my friends, because I am not going to be able to talk to them to see what they are doing. When you think about it, that is one of the only ways you can interact with them when you are not with them.

Emmy: It makes me very upset. My parents would ground me from my phone before they would ground me like into my room, because I am constantly always on it. If I am disconnected from that, I just feel like I have nothing to do. Everything I do is on my phone. I go outside and play sports, but I am always doing that. I am always on my phone — usually. So, when I am disconnected, I am very upset and just beg and beg my parents to give me it back. Or, I ask my friends when I get to school, “What’s been going on?” So like, everybody knows what is going on, but I am the only one that is out. I feel left out.

Do parents and teachers understand why social media matters so much to kids your age? What don’t they get about it?

Morgan: I don’t think parents and teachers understand why social media matters so much to kids my age. They don’t get that everything relies on how we look in a picture, how many likes/followers we have, if we get a comment back from someone, etc.

Zack: What don’t they get about it? They do understand that it is very important to us, but they don’t understand why. Because, when they grew up they didn’t have the social media that we have. So, they don’t understand why or how important.

Jay: Oh, definitely not! My parents don’t have social media or anything, where our generation has grown up with the advanced iPhones and new apps coming out. But my parents just see it as distractions. Like to us, it was basically something we grew up with and something we have known all our lives.

Emmy: Since they didn’t have it when they were younger, they don’t understand why we are constantly on it. They don’t understand why we have to post everything, because they know some people might get mad or offended by it. They just don’t get it. Like, I know my dad uses social media, but they still don’t use it as much as we would.

Cooper quotes from one of the many online attacks that his team unearthed.

“Go die. Stop trying to be popular,”

“Holy s— your [sic] ugly.”

(And that’s one of the tamer ones!)

Headlines from CNN’s “Being13: Inside The Secret World of Teens” include:

  • Middle schoolers view social media as a real time score board for a 24/7 popularity contest.
  • Students in our study admit checking their social media accounts more than 100 times a day. Middle schoolers “check” social media more than they post. The more they look at social media, the more distressed they can become.
  • Social media interactions often matter more than real life conversations. The line between the real world and the cyber world no longer exists to middle schoolers.
  • #Being13 identifies new, painful ways teens bully and strategically exclude each other on social media. More than a third of middle schoolers admit they purposely exclude others online.
  • 94% of parents underestimated the amount of fighting on social media. We decode the language teens don’t want their parents to understand.
  • 15 percent of middle schoolers admit they have received inappropriate photos, many of which are used for revenge porn.
  • #Being13 explores the connection between selfies and self-esteem. We’ll introduce viewers to teens who take 200 selfies before selecting which one to post.
  • “#Being13: Inside The Secret World Of Teens” also gives families a practical roadmap for navigating the new challenges of parenting plugged-in Tweens. We show parents what to worry about and what to let go, and how to use social media as a way to deepen their relationships with their children.“Being 13” is a follow up to AC360°’s Emmy award winning special report, “Bullying: It Stops Here.”

The infinite loop of iOS 8

There’s a bug in Apple’s iOS 8 that allows nearby attackers to send apps—and in some cases the iPhone or iPad they run on—into an endless reboot cycle that temporarily renders the devices useless, according to researchers who demonstrated the attack Tuesday.

The exploit uses a standard Wi-Fi network that generates a specially designed secure sockets layer (SSL) certificate to exploit the bug, according to the researchers, who work for Israel-based Skycure. The encrypted communication causes whatever apps happen to be connected to the booby-trapped Wi-Fi network to crash. The vulnerability was introduced in version 8 of the Apple mobile operating system.

After sustained connections to the malicious signal, the OS itself will crash, in some cases in a way that causes the devices it runs on to spiral into a repeatable reboot cycle. Making the attack particularly vexing, even if users know the endless crashes are generated by the Wi-Fi network they’re connected to, they can’t disconnect because the repeated restarts make it impossible to access the device’s user settings, as demonstrated in the following video:

The Skycure researchers said the exploit can be combined with one they uncovered two years ago that forces iPhones to automatically connect to rogue Wi-Fi networks. The combination allows attackers to form a “NO iOS Zone” that after luring all iOS devices to join the Wi-Fi network, sends them into an endless crash cycle. Targets hit by the attack would have few options to stop the attack as long as they’re within range of the Wi-Fi access point. Skycure documented the vulnerability in a blog post published Tuesday and demonstrated it the same day at the RSA security conference in San Francisco.

Until there’s a patch, iPhone and iPad users should make sure they’re using iOS 8.3, since it appears to have mitigated some of the effects of the bug. Users should also keep Wi-Fi on their device turned off except when it’s needed.

Most Common Internet Acronyms

#

  • 143 – I love you
  • 2 – To
  • 20 – Location
  • 24/7 – Twenty-four hours a day, seven days a week
  • 411 – Information

A

  • AFAIK – As far as I know
  • AFK – Away from keyboard
  • AIM – AOL Instant Messenger
  • AKA – Also known as
  • AM – Antemeridian
  • AOL – America Online
  • ASAP – As soon as possible
  • ASL – Age, sex, location
  • ATM – At the moment

B

  • b/c – Because
  • b/w – Between
  • b4 – Before
  • BBIAB – Be back in a bit
  • BBL – Be back later
  • BCC – Blind carbon copy
  • bf – Boyfriend
  • BFF – Best friends forever
  • Bling – Overly flashy jewelry
  • blog – Web log
  • BRB – Be right back
  • BTW – By the way
  • Buck – Dollar

C

  • Cab – Taxi
  • CC – Carbon copy
  • CTN – Can’t talk now
  • cya – See ya
  • CYE – Check your e-mail

D

  • Dis – Disrespect
  • DIY – Do it yourself
  • dl – Download

E

  • ETA – Estimated time of arrival

F

  • f – Female
  • FAQ – Frequently Asked Questions
  • fb – Facebook
  • FUBAR – Fouled up beyond all recognition
  • fwd – Forward
  • FWIW – For what it’s worth
  • FYI – For your information

G

  • Gamer – Video game player
  • gf – Girlfriend
  • GG – Good game
  • GJ – Good job
  • GL – Good luck
  • GLHF – Good luck have fun
  • GPS – Global positioning system
  • gr8 – Great
  • GTG – Got to go

H

  • HOAS – Hold on a second
  • HTH – Hope this helps
  • hw – Homework

I

  • IAC – In any case
  • IC – I see
  • IDK – I don’t know
  • IIRC – If I remember correctly
  • IKR – I know, right?
  • IM – Instant Message
  • IMO – In my opinion
  • info – Information
  • IRT – In regards to

J

  • J/K – Just kidding

K

  • K – OK

L

  • L8 – Late
  • l8r – Later
  • LAN – Local Area Network
  • LMAO – Laughing my a** off
  • LMK – Let me know
  • LOL – Laughing out loud

M

  • m – Male
  • MIRL – Meet in real life
  • MMB – Message me back
  • MMO – Massively multiplayer online
  • Mooch – Freeload
  • msg – Message
  • MYOB – Mind your own business

N

  • N/A – Not Available
  • NC – No comment
  • ne1 – Anyone
  • NM – Not much
  • noob – Newbie
  • NP – No problem
  • NTN – No thanks needed

O

  • od – Overdose
  • OMG – Oh my gosh
  • OMW – On my way
  • OT – Off topic

P

  • PC – Personal computer
  • PHAT – Pretty hot and tempting
  • PK – Player Kill
  • pls – Please
  • PM – Postmeridian
  • POS – Parent over shoulder
  • ppl – People
  • pwn – Own

Q

  • qt – Cutie

R

  • re – Regarding
  • ROFL – Rolling on floor laughing
  • ROTFL – Rolling on the floor laughing
  • RPG – Role playing game
  • RSVP – Répondez s’il vous plaît
  • RTFM – Read the flippin’ manual

S

  • sec – Second
  • SMH – Shaking my head
  • SMS – Short Message Service
  • SOS – Someone over shoulder
  • Sry – Sorry
  • sup – What’s up

T

  • TBA – To be announced
  • TBC – To be continued
  • TBD – To be determined
  • TC – Take care
  • thx – Thanks
  • TIA – Thanks in advance
  • TLC – Tender love and care
  • TMI – Too much information
  • Troll – Offensive comments poster
  • TTFN – Ta-ta for now
  • TTYL – Talk to you later
  • Tweet – Twitter post
  • txt – Text
  • TY – Thank you

U

  • u – You
  • U2 – You too
  • ugh – Disgusted
  • UR – Your

V

  • VM – Voicemail
  • vs – Versus

W

  • w/ – With
  • w/e – Whatever
  • w/o – Without
  • W8 – Wait
  • WB – Write back
  • Whoa – Expression of surprise
  • WTF – What the f***

X

  • XOXO – Hugs and kisses

Y

  • Y – Why
  • YOLO – You only live once
  • YW – You’re welcome

Z

  • ZZZ – Sleeping

Massive WordPress Plugin Vulnerability

Sucuri disclosed a large malware campaign targeting and compromising over 100,000 WordPress sites, and growing by the hour. It was named SoakSoak due to the first domain used in the malware redirection path (soaksoak.ru).

According to Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team has known about the vulnerability since September, but it looks like they failed to fix it before the security hole got crammed with steaming hot malware. Continue reading Massive WordPress Plugin Vulnerability