Blog

h-online: Three weeks after releasing LibreOffice 3.5.5, The Document Foundation has confirmed that security holes in earlier versions of the open source LibreOffice productivity suite can be exploited by attackers to compromise a victim’s system. According to the project’s security advisory, these include multiple heap-based buffer overflow vulnerabilities in the XML manifest encryption tag parsing code. Successful exploitation of the vulnerabilities could lead to the execution of arbitrary code on a system with the privileges of a local user. For an attack to be successful, a victim must first open a specially crafted Open Document Format (ODF) file. Versions up to and including LibreOffice 3.5.4 are affected; upgrading to version 3.5.5 or later fixes these problems. All users are advised to upgrade. ...

Cross-posted from Surelist The appearance of a new Android malware family is not that surprising at all today. Especially when we talk about SMS Trojans which are one of the most popular and oldest type of threats created for extracting money from users. A new family of SMS Trojans named Vidro appeared a few days ago but we’ve already collected a lot of APK files with very similar functionality. At the moment all the samples we have found target users only from Poland. ...

Mashable Wrote: The team behind Outlook.com revealed in a tweet that one million people signed up for the new email service in just six hours. Microsoft unveiled its Hotmail replacement Tuesday at noon Eastern, and by dinnertime it had cracked seven digits. That’s an impressive spike, illustrated in the chart that @Outlook attached to the tweet (shown below). However, it’s still a tiny fraction of the user base of Hotmail, which comScore pegs at about 350 million — making it the most popular free email service in the world. ...

Mashable: Iran’s Grand Ayatollah Ali Khamenei joined Instagram last week and so far has posted four photos. Iran’s supreme leader since 1989 chose to share shots that likely show scenes of Ramadan. It comes as a surprise to some that a person who has been slow to get onboard with social media trends — not to mention Iran’s stance toward its citizens’ use of the social media — has joined Instagram. His Twitter account has 4,337 followers so far, and links to his Instagram account. Also posted on his Twitter account are links to YouTube videos and stories about his visits with other world and religious leaders. ...

h-online: At the Black Hat hacker conference in Las Vegas, encryption expert Moxie Marlinspike promised that his CloudCracker web service was able to crack any VPN or WiFi connection secured using MS-CHAPv2 within 24 hours. The cost? Around $200. MS-CHAPv2 is based on the eminently crackable encryption algorithm DES. The problem was first documented in 1999 by Bruce Schneier working with two other researchers. A large number of processor cores are still required to crack the encryption within a reasonable time – the number of possible keys makes trying to perform a brute force attack on a normal PC a hopeless task. ...

h-online: A data leak at the meetOne dating site allowed anyone to access private data including the plaintext passwords, email addresses and real names of the site’s approximately 900,000 members. To obtain the data, an attacker simply needed to increment a URL parameter. After they were informed by The H‘s associates at heise Security, the operators soon closed the hole. When news of a data leak in one of the dating portal’s custom APIs was disclosed to heise Security, the editors managed to reproduce the problem and access the data of a specially created test profile. The API disclosed information including the email address and password of the test user, which allowed access to the user’s profile. ...

h-Online: Citizenlab has released a detailed analysis of the activities of a trojan in which the experts conclude that the malware is most likely closely related to FinFisher, a commercial spyware tool developed by a company called Gamma International. The trojan targeted political activists in Bahrain and included sender names such as that of an Al Jazeera correspondent and subject lines like “Torture reports on Rabil Najaab”. The attached .exe file, disguised as an image, disabled anti-virus software and installed a complete set of spyware programs on the recipient’s PC. The spyware proceeded to monitor, among other things, the victim’s Skype communications including conversations and file transfers. An analysis of the infected systems’ working memory repeatedly produced the “finspy” character string. This name is used by Gamma to advertise FinFisher modules. ...

iol scitech: London – A British computer hacker accused by the United States of breaking into top secret military and space agency networks will learn the result of his six-year fight against extradition within three months, a court heard on Tuesday. Gary McKinnon faces up to 60 years in jail if convicted in American courts for what one US prosecutor has described as the “biggest military computer hack of all time”. ...

h-Online: The developers of the VirusTotal online virus scanner service are currently testing a new sandbox feature to provide users with more meaningful scan results. In a post on the company’s blog, software architect and developer Emiliano Martinez says that, for this purpose, samples uploaded to the service are executed in a controlled sandbox environment where their actions can be “recorded in order to give the analyst a high level overview of what the sample is doing”. ...

Computer World: Security software vendor Symantec said Wednesday that Enrique Salem, its president and chief executive officer, had stepped down with immediate affect, after the company reported that its revenue for the quarter ended June 29 grew 1% year-over-year to $1.7 billion. Symantec said its board of directors has appointed Steve Bennett, the current chairman of the board, to also hold the posts of president and chief executive officer. The board’s decision to make a leadership change was not based on any particular event or impropriety but was instead made after ongoing consideration and a deliberative process, said Dan Schulman, Symantec’s newly-appointed lead director, in a statement. Bennett however said that in his view “Symantec’s assets are strong and yet the company is underperforming against the opportunity.”