Blog

H-Online: Yahoo! introduced a new “browser”, Axis, last night, both as a standalone application for iPhone and iPad and as a browser extension on Chrome, Firefox, Internet Explorer and Safari. Axis is meant to offer faster, smarter searching using Yahoo’s services. Within hours of the launch, hacker and blogger Nik Cubrilovic posted on his blog that the Chrome extension came with a worrying extra, a Yahoo private certificate file which was used to sign the extension package and prove the package’s authenticity to the Google browser. ...

H-Online: Google has announced an update to the stable version of Chrome, which brings the browser version to 19.0.1084.52 on Windows, Mac OS X and Linux. The update is a pure security update that does not include any new features – it closes nine vulnerabilities with a Common Vulnerability Scoring System (CVSS) rating of “High” and fixes two problems labelled “Critical” as well as two “Medium” level issues. Many of the vulnerabilities are due to bugs in Chrome’s memory handling, such as out-of-bounds reads and use-after-free conditions, and Google points out that several of them were detected with their AddressSanitizer tool. Other bugs were fixed in Chrome’s PDF handling code and its V8 JavaScript rendering engine. ...

I don’t know where to begin, Let’s get help from my friends and start by answering them. 2 friends told me that I’m only talking of negative in my life and then asked me about positive things in my life, ok, that’s a fair question, but need some thinking to find if there are something positive. Maybe I’m missing many stuff, but I can recall that I have good cyber friends in my life which seems they care about me and it’s a good thing, maybe not all of them are who they claim to be but I’ve some good friends between them. I have a kind mother and a sister, I have a father, even though I have some words about my family. I’ve never been left hungry like the kids in Africa or I’ve never been attacked physically by my family, these are good things, see…! I tried to see positive things in my life. ...

H-Online: Users of Windows XP are reporting more problems with recent automatic updates. Three security updates for .NET Framework 2.0 and 3.5 are at the center of the problem, labeled as patches KB2518664, KB2572073 and KB2633880 in Windows XP’s automatic update feature. On affected systems, the installation of these patches proceeds without error but after a short time, the update service says it would like to install them again and will keep reinstalling the patches if allowed. Microsoft’s general advice in this situation is to reset Windows Update components, though it has yet to offer any specific advice. It is interesting to note that the three patches in question were not released on Microsoft’s official patch day.

H-Online: A new type of phishing strategy, which aims to trick unsuspecting users into installing a trojan by pretending to be an account cancellation request from Facebook, has been discovered by Sophos. The email messages link to a third party application on the site that will install a Java applet and then prompt the user to update their Flash player, but will actually deliver the trojan malware. The email messages that are sent out claim to be from Facebook and state: “We are sending you this email to inform you that we have received an account cancellation request from you.” However, Facebook never sends such account cancellation confirmation messages via email. Users who want to cancel their Facebook account can do so by visiting facebook.com/deactivate.php to deactivate their account; they may later delete it after a cool down period has passed. ...

GFI Wrote: In September, our friends at Sophos wrote about a fake BBC website offering up the “chance” to work from home for predictably large sums of money. No more than a day later, we were covering fake BBC video posts targeting Facebook users. Today we’re looking at a fake BBC URL which drops the end-user onto a “work from home and earn $10,000+ a month” fake news site, but not before it’s attempted to load up the PC with malware via a rather nasty collection of exploits. The URL in question is bbcmoneynews(dot)com: ...

No comment, The video and its feeling say it all

ISC Diary: There is a remote exploit in the wild for PHP 5.4.3 in Windows, which takes advantage of a vulnerability in the com_print_typeinfo function. The php engine needs to execute the malicious code, which can include any shellcode like the the ones that bind a shell to a port. Since there is no patch available for this vulnerability yet, you might want to do the following: Block any file upload function in your php applications to avoid risks of exploit code execution. Use your IPS to filter known shellcodes like the ones included in metasploit. Keep PHP in the current available version, so you can know that you are not a possible target for any other vulnerability like CVE-2012-2336 registered at the beginning of the month. Use your HIPS to block any possible buffer overflow in your system. Source: http://isc.sans.edu

theregister.co.uk wrote: A Brit who distributed a Trojan horse that posed as a patch for popular shoot-em-up game_Call of Duty_ has been jailed for 18 months. Lewys Martin, 20, of Deal in Kent, used the malware to harvest bank login credentials, credit card details and internet passwords from the compromised Windows PCs of his victims. Martin then apparently laundered the credentials via underground cybercrime forums, earning $5 or less for every credential, directing proceeds of his criminal activity towards an offshore account in Costa Rica, funds which remain beyond the reach of UK police. ...

File-sharing website The Pirate Bay (TPB) has been hit by a Distributed Denial of Service (DDoS) attack. The site has been largely inaccessible for the last 24 hours, and the service is intermittent in the UK. The Pirate Bay has confirmed the attack on its Facebook page, saying that it did not know who was behind it, although it “had its suspicions”. A provider of DDoS defense systems said that it was unlikely that the attack came from hacking group Anonymous. ...