TechBlog

Code could be injected through (fake) custom locations Facebook has closed various cross-site scripting (XSS) holes that were discovered by security firm Break Security and which have now been described in greater detail. Break Security’s CEO, Nir Goldshlager, explains that the social network was vulnerable to attacks through its Chat feature as well as its “Check in” and Messenger for Windows components. ...

A former LulzSec hacker has been jailed for a year for ransacking Sony Pictures Entertainment’s computer systems. Cody Kretsinger, 25, from Decatur, Illinois – better known to his fellow LulzSec cohorts as “Recursion” – was also ordered to carry out 1,000 hours of community service, and a year of home detention, following his release from prison. He was sentenced by a Los Angeles court on Thursday, Reuters reports. ...

ISC Handler Rob V pointed out a blog post from Oracle’s Mark Reinhold stating that Oracle has “mounted an intense effort to address those issues in a series of critical-patch update releases” and that they’ve also upgraded their “development processes to increase the level of scrutiny applied to new code, so that new code doesn’t introduce new vulnerabilities.” Framing statements state that Oracle: ...

PCMag: My social media accounts and email inbox are full of links to stories about the horrific incident in Boston earlier this week. I am reading about the victims, the bystanders and first responders that rushed to help, and looking for updates on the investigation. It turns out I should be careful about what links I click on, as cyber-criminals have already started exploiting the tragedy for their own nefarious purposes, security experts told SecurityWatch. ...

Microsoft’s Patch Tuesday on 9 April will be an important spring cleaning day; the company plans to implement nine security bulletins. One of the bulletins deals with vulnerabilities in Windows Defender for Windows 8 and RT; the hole is rated as important and can be exploited to achieve elevated privileges. The headline bulletins will be the two critical security holes, one of which affects all versions of Windows and Windows Server, and another critical vulnerability which can be found in all versions of Internet Explorer. Whether the Internet Explorer fix will be addressing the IE vulnerability revealed at the recent Pwn2Own contest is unclear though. Both critical holes allow for remote code execution. ...

Security firm Group-IB has identified a malware program called Dump Memory Grabber that can take debit and credit card data from point-of-sale (POS) terminals and ATMs. The researchers say that the program has already been used to steal data from clients of US banks including Chase, Capital One, Citibank, and Union Bank N.A. as well as from clients with Nordstrom-branded cards. SecurityWeek reports the author of Dump Memory Grabber has put a video online to teach other hackers how it works. The Windows program written in C++ reads the target system’s memory using an external tool called mmon.exe. ...

With its rich functionality and accessibility, Evernote is a popular note-taking tool for its many users. Unfortunately, it may also provide the perfect cover for cybercriminals’ tracks. We recently uncovered a malware that appears to be using Evernote as a communication and control (C&C) server. The malware attempts to connect to Evernote via https://evernote.com/intl/zh-cn, which is a legitimate URL. ...

I recently came across the file “FlashPlayer.exe” during the course of regular research. The file had been distributed with the file name FlashPlayer.exe and not surprisingly, when executed, it shows the following GUI, partly written in Turkish: Obviously, it’s disguised as an Adobe Flash Player 11 installer. Here is more info about the file: ...

The Internal Revenue Service today reminded taxpayers that there are plenty of scam artists and cybercriminals that want your money. The tax collection agency issued its “Dirty Dozen” list of tax scams that it says peak at this time of year and include: Identity theft Tax fraud through the use of identity theft tops this year’s Dirty Dozen list. Identity theft occurs when someone uses personal information such as your name, Social Security number (SSN) or other identifying information, without your permission, to commit fraud or other crimes. In many cases, an identity thief uses a legitimate taxpayer’s identity to fraudulently file a tax return and claim a refund, the IRS said. ...

An anti-Israel hacking collective affiliated with Anonymous says it has initiated a widespread cyber attack against the Jewish state, penetrating websites affiliated with the Mossad security service and a slew of related entities. The hackers claimed late Friday that they have obtained and released personal information relating to 35,000 Israeli government officials, including politicians, military leaders, and police officers, according to a Twitter feed associated with the hackers. ...