TechBlog

SophosLabs: Symantec has confirmed that a file made available on the internet for anyone to download, does contain the source code for an old version of its pcAnywhere product. For a short while last month, before releasing a patch, Symantec advised customers to disable their pcAnywhere installations because of concern that hackers could exploit vulnerabilities. In addition, the firm says that in January someone claiming to be the hacker responsible for the data theft tried to extort $50,000 from the firm in exchange for not releasing Symantec’s stolen source code. ...

Sunbelt: With the U.S. currently in tax season, online criminals have, once again, sought to take advantage of this. Robert Stetson, one of Sunbelt’s malware researchers, spotted a phishing email posing as Intuit Inc., a company that “develops financial and tax preparation software”. They developed Quicken and TurboTax. Below is a screenshot of the said email: Email details are as follows: Subject: Please verify your tax information ASAP. Message body: Good afternoon, ...

H-Online: Researchers at Ruhr-Universität Bochum in Germany have announced that they have cracked the A5-GMR-1 and A5-GMR-2 encryption algorithms used in satellite phones. Satellite phones are mainly used in areas with insufficient mobile network coverage and in the maritime sector. The researchers obtained the proprietary, and previously undocumented, algorithms by reverse engineering phone firmware updates. Ideally this, in itself, should not compromise the security of the transmitted data. Data security should not depend on the secrecy of the encryption methods, it should only depend on the non-disclosure of the secret key that is being used. ...

v3.co.uk: The uniform infrastructure and predictable behaviors are making corporate retail and restaurant chains the choice targets for cybercriminals. A report from security firm Trustwave found that attackers favor companies with chains of outlets, such as those commonly found in the food and retail industries, when launching targeted attacks. The attackers like the uniform IT infrastructure that large chains deploy at individual sites, Nicholas Percoco, head of the Trustwave’s SpiderLabs team, told V3. ...

Google Chrome Wrote: In 2008, we launched Google Chrome to help make the web better. We’re excited that millions of people around the world use Chrome as their primary browser and we want to keep improving that experience. Today, we’re introducing Chrome for Android Beta, which brings many of the things you’ve come to love about Chrome to your Android 4.0 Ice Cream Sandwich phone or tablet. Like the desktop version, Chrome for Android Beta is focused on speed and simplicity, but it also features seamless sign-in and sync so you can take your personalized web browsing experience with you wherever you go, across devices. ...

The H-Online: Adobe has released a public beta of a sandboxed version of its Flash plugin for Firefox in an effort to improve its security. The new “Protected Mode” for Flash, which has been in development for at least a year according to Adobe engineer Peleus Uhley, runs with restricted privileges and, to further limit its access to the system, can only access system resources through a broker. This should help intercept attackers trying to gain access to a system through malicious Flash files. ...

The H-Online: RealNetworks has released an update to RealPlayer to close a number of holes in its media player application. Version 15.02.71 of RealPlayer addresses a total of seven remote code execution vulnerabilities, rated as highly critical by Secunia, which could be exploited by an attacker to compromise a victim’s system. These include errors when processing RMFF Flags, VIDOBJ_START_CODE and RealAudio coded_frame_size, as well as RV10 Encoded Height/Width, RV20 Frame Size Array and RV40 content. A remote code execution problem in Atrac Sample Decoding has also been fixed but is not found in the 15.x.x branch of the media player; this issue affects Mac RealPlayer 12.0.0.1701 but is reportedly not found in version 12.0.0.1703. ...

The H-Online: Google plans to turn off online checks for SSL certificate validity in its Chrome browser soon, according to a blog post by Adam Langley, the developer in charge of that element of the browser. Instead, the browser will use the update mechanism to receive lists of revoked certificates. When browsers make a connection, they check whether the certificate presented by the server has already been blocked by the certificate authority, using either the certificate authority’s certificate revocation lists (CRLs) or, directly and interactively, the Online Certificate Status Protocol (OCSP). But that whole process has never been completely reliable, since, if the browser isn’t certain of the validity – if, say, an OCSP request doesn’t work – it simply “looks the other way”. Otherwise, there would be too many false alarms. ...

The Hacker News: Roland Dela Paz, a threat response engineer with Trend Micro have discovered a piece of malicious software that automatically uploads its stolen data cache to the SendSpace file-sharing service for retrieval. File-storage services offer several advantages for cybercriminals. SendSpace accepts files and then generates a link that can be shared with other people to download the content in the files. The malware has been configured to send files, copy the download link and send it to a command-and-control server along with the password needed to access the archive, Dela Paz wrote. ...

The H-Online: Versions 1.7.5 and 2.5.1 of the open source Joomla! content management system (CMS) have been released to address two information disclosure vulnerabilities. These include one medium severity problem in Joomla! 1.7.x that could allow an unauthorized user to gain access to the error log stored on a victim’s server, and, in both versions, an inadequate validation problem that could be exploited to gain access to private data. The update to Joomla! 2.5, which arrived last month, also fixes 30 bugs, including one that caused batch processing to break. ...