News: Cexx forums, with volunteers dedicated to helping you remove malware and stay protected
 
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
April 19, 2014, 21:48:32
Pages: 1 ... 8 9 [10]
 91 
 on: February 27, 2014, 02:56:19  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

Fake Amazon SPAM / 213.152.26.150
- http://blog.dynamoo.com/2014/02/amazoncom-important-for-your-online.html
27 Feb 2014 - "This fake Amazon spam leads to something bad.
   Date:      Wed, 26 Feb 2014 13:09:55 -0400 [02/26/14 12:09:55 EST]
    From:      "Amazon.com" [t1na@ msn .com]
    Subject:      Important For Your Online Account Access .
    Your Account Has Been Held
    Dear Customer ,
    We take you to note that your account has been suspended for protection , Where the password was entered more than once .
    In order to protect ,account has been suspended .Please update your Account Information To verify the account...
    Thanks for Update at Amazon .com...


Screenshot: https://lh3.ggpht.com/-I0pRhOGLLtA/Uw8FkamDDfI/AAAAAAAACp8/4wyArLqOV5o/s1600/amazon2.png

In the samples that I have seen the link in the email goes to either [donotclick]exivenca .com/support.php or [donotclick]vicorpseguridad .com/support.php both of which are currently -down- but were both legitimate sites hosted on 213.152.26.150 (Neo Telecoms, France). The fact that these sites are down could be because the host is dealing with the problem, however I would expect to see this same email template being used again in the future, so take care.."
___

Fake Royal Mail SPAM
- http://blog.dynamoo.com/2014/02/royal-mail-shipping-advisory-spam.html
27 Feb 2014 - "This -fake- Royal Mail spam has a malicious payload:
    From:     Royal Mail noreply@ royalmail .com
    Date:     27 February 2014 14:50
    Subject:     Royal Mail Shipping Advisory, Thu, 27 Feb 2014
    Royal Mail Group Shipment Advisory
    The following 1 piece(s) have been sent via Royal Mail on Thu, 27 Feb 2014 15:47:17 +0530, REF# GB36187692IE ...


Screenshot: https://lh3.ggpht.com/-Uwr252R1CT4/Uw9U1uFE1NI/AAAAAAAACq8/qAUAaBpcaYI/s1600/royalmail.png

This is a ThreeScripts attack, the link in the email goes to:
[donotclick]wagesforinterns .com/concern/index.html
and it then runs one or more of the following scripts:
[donotclick]billigast-el .nu/margarita/garlicky.js
[donotclick]ftp.arearealestate .com/telecasted/earners.js
[donotclick]tattitude .co .uk/combines/cartooning.js
in this case the payload site is at
[donotclick]northwesternfoods .com/sg3oyoe0v2
which is hosted on 23.239.12.68 (Linode, US) along with a bunch of hijacked GoDaddy sites... The payload appears to be an Angler Exploit Kit (see this example*).
Recommended blocklist:
23.239.12.68
billigast-el .nu
ftp.arearealestate .com
tattitude .co .uk
n2ocompanies .com
northerningredients .com
northwesternfoods .com
oziama .com
oziama .net
"
* http://urlquery.net/report.php?id=9660606

 Evil or Very Mad  Sad

 92 
 on: February 26, 2014, 14:24:38  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

MS releases Office 2013 SP1, KB 2817430
- http://www.infoworld.com/t/office-software/microsoft-releases-office-2013-service-pack-1-kb-2817430-237152
Feb 25, 2014 - "... advice is to -wait- before installing SP1..."

- http://support.microsoft.com/kb/2817430
Last Review: Feb 27, 2014 - Rev: 4.0 <<<

- http://support.microsoft.com/kb/2817457
Last Review: Feb 25, 2014 - Rev: 1.0

 Exclamation

 93 
 on: February 26, 2014, 14:15:53  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

- http://tools.cisco.com/security/center/publicationListing.x

Cisco Prime Infrastructure Command Execution vuln
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140226-pi
2014 Feb 26 - "Summary: A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command via a specific URL. Successful exploitation could allow an authenticated attacker to execute system commands with root-level privileges. Cisco has released free software updates that address this vulnerability. A software patch that addresses this vulnerability in all affected versions is also available. Workarounds that mitigate this vulnerability are not available..."
- http://www.securitytracker.com/id/1029832
CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0679 - 9.0
Feb 26 2014
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.2, 1.3, 1.4, 2.0 ...
Impact: A remote authenticated user can execute arbitrary commands on the target system with root privileges.
Solution: The vendor has issued a fix (1.3.0.20-2, 1.4.0.45-2, 2.0.0.0.294-2)...

 Exclamation

 94 
 on: February 26, 2014, 06:52:38  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

Fake AMEX email - phish ...
- http://www.hoax-slayer.com/amex-personal-security-key-phishing-scam.shtml
Feb 26, 2014 - "Email claiming to be from American Express instructs recipients to visit a website and create a Personal Security Key (PSK) as an account authentication measure. The email is -not- from American Express. Links in the email open a fraudulent website designed to emulate a genuine American Express webpage. The fake website asks users to provide credit card details and other information. The criminals behind the scam will use the stolen data to commit credit card fraud and hijack online accounts. If this message comes your way, do -not- click on any links -or- open any attachments that it contains.
> http://www.hoax-slayer.com/images/amex-psk-phishing-1.jpg
According to this email, which purports to be from American Express, users can increase their account security by having a Personal Security Key (PSK). The message invites recipients to click a link to create their PSK. The email is professionally presented and includes seemingly legitimate subscription and copyright information. At first glance, the message may seem like a genuine American Express notification, especially since it supposedly provides information to help customers protect themselves from fraud. American Express does offer customers a PSK system as one of several authentication measures. However, this email is not from American Express. Ironically, considering its content, the email is itself a scam designed to defraud customers. Clicking any of the links in the fake message will take users to a bogus website that asks for their credit card information. Like the email itself, the bogus website looks professional and has been built so that it closely emulates a genuine American Express page. The information provided on the fake website can be collected by scammers and used to commit credit card fraud and identity theft... scammers are likely to create new scam sites and send out more of the scam emails. Phishing scammers continually target American Express and other credit card providers. As such scams go, this is a quite sophisticated attempt. Because of the way it is presented, the scam may catch out even more experienced users. American Express will -never- send customers unsolicited emails that request them to provide their card details or other sensitive personal information by clicking a link. The American Express website* includes information about phishing and how to report scam emails."
* https://www.americanexpress.com/us/content/fraud-protection-center/identity-theft.html
___

Android - 98% of all mobile malware targeted this platform...
- https://www.securelist.com/en/analysis/204792326/Mobile_Malware_Evolution_2013#05
24 Feb 2014 - "... Android remains a prime target for -malicious- attacks. 98.05% of all malware detected in 2013 targeted this platform, confirming both the popularity of this mobile OS and the vulnerability of its architecture..."
Charted: https://www.securelist.com/en/images/vlill/mobile_treats_2013_02.png

- http://www.theinquirer.net/inquirer/news/2331127/android-is-target-for-98-percent-of-all-mobile-malware
Feb 26 2014 - "... the number of new malicious programs in 2013 -doubled- to over 100,000... The bulk of attacks, 40 percent, target people in Russia. The UK ranks fifth, with three percent of victims. Germany, which lurks just below the UK, is apparently rather susceptible to a premium charge SMS takeover attack... that is unlikely to last for long: given cybercriminals' keen interest in consumer bank accounts, the activity of mobile banking Trojans is expected to grow in other countries in 2014..."
___

Eviction Notice Spam
- http://threattrack.tumblr.com/post/77923990772/eviction-notice-spam
Feb 26, 2014 - "Subjects Seen:
   Eviction Notice
Typical e-mail details:
   Urgent notice of eviction,
    We have to inform you about the eviction proceedings against
    you and the decision of the bank to foreclose on your property.
    As a trespasser you need to move out until 20 March 2014
    and leave the property empty of your belongings and any trash.
    Please contact our office without delay to make arrangements for a move out.
    If you do not do this, you could be simply locked out of your home.
    Detailed bank statement as well as our contact information
    can be found in the attachment to this notice.
    Real estate agency,
    Helen Tailor


Malicious File Name and MD5:
    Notice_of_eviction_id65697RE.zip (26660A4FEB6D13BA67BFDBEF486A36FD)
    Urgent_notice_of_eviction.exe (1B7E61B48866A523BF5618F266AC5600)


Screenshot: https://gs1.wac.edgecastcdn.net/8019B6/data.tumblr.com/f8be68f04b21ceab153a52b83b677b8e/tumblr_inline_n1m96h2f2Y1r6pupn.png

Tagged: Eviction Notice, Kuluoz
___

Tax Season Phishing Scams and Malware Campaigns
- https://www.us-cert.gov/ncas/current-activity/2014/02/26/US-Tax-Season-Phishing-Scams-and-Malware-Campaigns
Feb 26, 2014 - "...received reports of an increased number of phishing scams and malware campaigns that seek to take advantage of the United States tax season. The Internal Revenue Service has issued an advisory* on its website warning consumers about potential scams..."
* http://www.irs.gov/uac/Newsroom/IRS-Releases-the-%E2%80%9CDirty-Dozen%E2%80%9D-Tax-Scams-for-2014;-Identity-Theft,-Phone-Scams-Lead-List

 Evil or Very Mad  Sad

 95 
 on: February 25, 2014, 13:13:40  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

OS X Mavericks v10.9.2 update
- http://support.apple.com/kb/HT6114
Feb 25, 2014 - "OS X Mavericks v10.9.2 Update is recommended for all OS X Mavericks users. It improves the stability, compatibility, and security of your Mac..."
(More detail at the URL above.)

OS X Mavericks 10.9.2 and Security Update 2014-001
- http://support.apple.com/kb/HT6150
Feb 25, 2014

- http://lists.apple.com/archives/security-announce/2014/Feb/msg00000.html

- http://www.securitytracker.com/id/1029825
CVE Reference: CVE-2014-1254, CVE-2014-1255, CVE-2014-1256, CVE-2014-1257, CVE-2014-1258, CVE-2014-1259, CVE-2014-1260, CVE-2014-1261, CVE-2014-1262, CVE-2014-1263, CVE-2014-1264, CVE-2014-1265
Feb 26 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via local system, Execution of arbitrary code via network, Modification of system information, User access via local system, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 10.7.5, 10.8.5, 10.9, 10.9.1...
Solution: The vendor has issued a fix (OS X Mavericks v10.9.2, Security Update 2014-001)...
___

Safari 6.1.2, 7.0.2
- http://support.apple.com/kb/HT6145
Feb 25, 2014

- http://lists.apple.com/archives/security-announce/2014/Feb/msg00001.html

- http://www.securitytracker.com/id/1029826
CVE Reference: CVE-2014-1268, CVE-2014-1269, CVE-2014-1270
Feb 26 2014
Impact: Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to versions 6.1.2 and 7.0.2...
Solution: The vendor has issued a fix (6.1.2, 7.0.2)...
___

QuickTime 7.7.5 released
- http://support.apple.com/kb/HT6151
Feb 25, 2014 - "Available for: Windows 7, Vista, XP SP2 or later..."

- http://lists.apple.com/archives/security-announce/2014/Feb/msg00002.html

- http://www.securitytracker.com/id/1029823
CVE Reference: CVE-2014-1243, CVE-2014-1244, CVE-2014-1245, CVE-2014-1246, CVE-2014-1247, CVE-2014-1248, CVE-2014-1249, CVE-2014-1250, CVE-2014-1251
Feb 26 2014
Impact: Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 7.7.5 for Windows...
Solution: The vendor has issued a fix (7.7.5 for Windows; on OS X apply APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 or Security Update 2014-001)...

... use Apple Software Update.

 Exclamation

 96 
 on: February 25, 2014, 07:02:33  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

Fake Westpac Bill Payment - Phish
- http://www.hoax-slayer.com/westpac-bill-payment-processed-phishing-scam.shtml
Feb 25, 2014 - "Message supposedly sent by Australian bank Westpac, notifies recipients that a payment to a biller has been successfully processed and invites them to click a link to view transaction details. Westpac did -not- send the email. The message is a phishing scam that attempts to lure Westpac customers into visiting a fraudulent website and providing their account login details. Criminals will use the stolen information to hijack Westpac bank accounts belonging to their victims.
Example:
> http://www.hoax-slayer.com/images/westpac-payment-processed-phishing-2014-1.jpg
This email, which was supposedly sent by large Australian bank Westpac, informs recipients that a payment to a biller has been successfully processed. The email includes details of the bill payment and invites recipients to follow a link to view more information about the transaction. The message includes the Westpac logo... It is a -phishing- scam that was created with the goal of tricking recipients into giving their Westpac account login details to cybercriminals. Some Westpac customers who receive the bogus notification may be panicked into clicking the link in the mistaken belief that their accounts have been compromised and used to conduct fraudulent transactions in their names... the criminals responsible for the phishing campaign will collect the submitted login credentials. The criminals can use the stolen credentials to access their victims' bank accounts, transfer funds and commit further fraudulent transactions. If you receive one of these emails, do -not- click any links -or- open any attachments that it contains. Westpac has published information about phishing scams and how to report them on its website*..."
* http://www.westpac.com.au/security/fraud-and-scams/online-fraud/
___

Fake British Airways e-ticket email - malware ...
- http://www.welivesecurity.com/2014/02/25/british-airways-e-ticket-malware-attack-launched-via-email/
Feb 25, 2014 - "If you have received an unexpected email, claiming to come from British Airways, about an upcoming flight that you haven’t booked – please be on your guard. Online criminals are attempting to infect innocent users’ computers with a variant of the malicious Win32/Spy.Zbot.AAU trojan, by disguising their attack as an e-ticket from the airline. To maximise the potential number of victims, the attackers have spammed out messages widely from compromised computers.
> http://www.welivesecurity.com/wp-content/uploads/2014/02/ba-malware-email.jpeg
... Of course, although the email claims to come from British Airways – it is nothing of the sort. In a classic example of social engineering, criminals are hoping that email recipients will worry that their credit card has been fraudulently used to purchase an air ticket, and click on links inside the email to find out more. However, if user download the supposed e-ticket, and launch its contents they will be infecting themselves with a trojan horse that can spy on their computer activity and give malicious hackers third-party access to their data... the malware has been spread via malicious links after cybercriminals forged email headers to make their messages look like they really came from British Airways’s customer service department. But it’s equally possible for attackers to spread their malware via email attachments, or for other disguises to be deployed if those behind the spam blitz believe that they have a greater chance of success. Remember to always be suspicious of clicking on links in unsolicited emails, and the social engineering tricks that are frequently used to lure computer users into making unwise decisions..."
___

WhatsApp desktop client doesn’t exist, used in Spam Attack anyway
- http://blog.trendmicro.com/trendlabs-security-intelligence/whatsapp-desktop-client-doesnt-exist-used-in-spam-attack-anyway/
Feb 25, 2014 - "The popular messaging application WhatsApp recently made headlines when it was acquired by Facebook... Cybercriminals didn’t waste much time to capitalize on this bit of news: barely a week after the official announcement, we saw a spam attack that claims that a desktop version of the popular mobile app is now being tested.
Screenshot of spammed message:
> http://about-threats.trendmicro.com/resources/images/02232014_facebookspam.jpg
... The message also provides a download link to this version, which is detected as TROJ_BANLOAD.YZV, which is commonly used to download banking malware. (This behavior is the same, whether on PCs or mobile devices). That is the case here; TSPY_BANKER.YZV is downloaded onto the system. This BANKER variant retrieves user names and passwords stored in the system, which poses a security risk for online accounts accessed on the affected system. The use of BANKER malware, coupled with a Portuguese message, indicates that the intended targets are users in Brazil. Feedback from the Smart Protection Network indicates that more than 80 percent of users who have accessed the malicious site do come from Brazil. Although the volume of this spam run is relatively low, it is currently increasing. One of our spam sources reported that samples of this run accounted for up to 3% of all mail seen by that particular source, which indicates a potential spam outbreak. We strongly advise users to be careful of this or similar messages; WhatsApp does -not- currently have a Windows or Mac client, so all messages that claim one exists can be considered -scams- ..."
___

Bitcoin exchange Mt. Gox disappears...
- http://www.reuters.com/article/2014/02/25/us-mtgox-website-idUSBREA1O07920140225
Feb 25, 2014 - "Mt. Gox, once the world's biggest bitcoin exchange, looked to have essentially disappeared on Tuesday, with its website down, its founder unaccounted for and a Tokyo office empty bar a handful of protesters saying they had lost money investing in the virtual currency. The digital marketplace operator, which began as a venue for trading cards, had surged to the top of the bitcoin world, but critics - from rival exchanges to burned investors - said Mt. Gox had long been lax over its security. It was not clear what has become of the exchange, which this month halted withdrawals indefinitely after detecting "unusual activity." A global bitcoin organization referred to the exchange's "exit," while angry investors questioned whether it was still solvent..."
- http://www.wired.com/wiredenterprise/2014/02/bitcoins-mt-gox-implodes/
___

Developers attack code bypasses MS EMET tool
- http://arstechnica.com/security/2014/02/new-attack-completely-bypasses-microsoft-zero-day-protection-app/
Feb 24, 2014 - "Researchers have developed attack code that completely bypasses Microsoft's zero-day prevention software, an impressive feat that suggests criminal hackers are able to do the same thing when exploiting vulnerabilities that allow them to surreptitiously install malware. The exploit code, which was developed by researchers from security firm Bromium Labs, bypasses each of the many protections included in the freely available EMET, which is short for Enhanced Mitigation Experience Toolkit... The Bromium exploit included an example of a real-world attack that was able to circumvent techniques designed to mitigate the damage malicious code can do when targeting security bugs included in third-party applications... The researchers privately informed security personnel at Microsoft before going public with their findings; the software giant plans to credit the research when releasing the upcoming version 5 of EMET..."

 Evil or Very Mad  Sad

 97 
 on: February 24, 2014, 08:21:07  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

Chrome 33.0.1750.14 for iOS
- https://secunia.com/advisories/57035/
Release Date: 2014-02-24
Criticality: Moderately Critical
Where: From remote
Impact: Unknown ...
Software: Google Chrome for iOS 32.x
Solution: Upgrade to version 33.0.1750.14
Original Advisory:
- https://itunes.apple.com/us/app/chrome/id535886823

 Exclamation

 98 
 on: February 24, 2014, 05:47:09  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

Fake PayPal email - wants card details ...
- http://blog.malwarebytes.org/fraud-scam/2014/02/fake-paypal-survey-program-email-wants-card-details/
Feb 24, 2014 - "Be wary of emails bearing gifts – in this case, claiming to reward those who would fill in a so-called Paypal survey to obtain a “£25 reward”. This one is flagged as -spam- in Gmail, but depending on your mail provider it may creep into the Inbox instead of the Spam folder:
> http://cdn.blog.malwarebytes.org/wp-content/uploads/2014/02/paypalsurveyspam1.jpg
... The zipfile, online_form.zip, contains a .htm page which looks like this:
> http://cdn.blog.malwarebytes.org/wp-content/uploads/2014/02/paypalsurveyspam2.jpg
Underneath the entirely pointless “survey questions”, the form asks for name, address, city, postcode, birthday, the “£25 bonus code” and full debit card information which all sits above a handy “Submit” button (top tip: -don’t- hit the submit button). While the people sending this mail have presumably tried to panic recipient into replying quickly (that is one seriously tight deadline), they may find this backfires as would-be victims see “23 February 2014” and send it straight to the trash. Take note of the following advice from the PayPal Security Center*:
* https://www.paypal.com/c2/cgi-bin/webscr?cmd=xpt/Marketing/securitycenter/general/UnderstandPhishing-outside
"“To help you better identify fake emails, we follow strict rules. We will -never- ask for the following personal information in email:
Credit and debit card numbers
Bank account numbers
Driver’s license numbers
Email addresses
Passwords
Your full name”

If it sounds too good to be true…"
___

Pony botnet steals bitcoins, digital currencies
- http://blog.spiderlabs.com/2014/02/look-what-i-found-pony-is-after-your-coins.html
Feb 24, 2014 - "... discovered yet another instance of a Pony botnet controller. Not only did this Pony botnet steal credentials for approximately 700,000 accounts, it’s also more advanced and collected approximately $220,000 (all values in this post will be in U.S. dollars) worth, at time of writing, of virtual currencies such as BitCoin (BTC), LiteCoin (LTC), FeatherCoin (FTC) and 27 others. According to our data, the cyber gang that was operating this Pony botnet was active between September 2013 and mid-January 2014.  In this ~4 month period, the botnet managed to steal over 700,000 credentials, distributed as follows:
~600,000 website login credentials stolen
~100,000 email account credentials stolen
~16,000 FTP account credentials stolen
~900 Secure Shell account credentials stolen
~800 Remote Desktop credentials stolen

... the one thing you need to know is that BitCoins are stored in virtual wallets, which are essentially pairs of private and public keys. Whoever holds the private key to a wallet is the owner of that wallet and no name, ID or history is associated with the wallet. Again, possession of the private key indicates ownership. This holds true for all the other digital currencies that grew from BTC and now live alongside it—the most popular alternative right now being LiteCoin. BTC started out as an underground currency... The value of a BitCoin fluctuates. As of February 24; a BitCoin is valued at approximately $600. Unfortunately, even though some people may have had more money in their virtual wallet than they did in their bank account, very few had the understanding of how to properly secure their wallets... cybercriminals began developing ways to steal BitCoins, each within their own field of expertise. The most obvious choice for an attacker is to go after websites that offer various trading services. Many of these websites store virtual wallets for their users. A number of attacks on trading websites have popped-up over time. One of the most famous attacks on a trading website was the Sheep Marketplace scam** because of the large amount of BTC stolen... the bots interacted directly with the command-and-control server, which provided us with a little more insight into the geographical distribution of the victims:
Stolen passwords geo location destribution
> http://a7.typepad.com/6a0168e94917b4970c01a73d793ddf970d-pi
... most popular websites for which credentials were stolen...
Stolen passwords by domains
> http://a5.typepad.com/6a0168e94917b4970c01a5116de6e5970c-pi
If you’d like to check your credentials, we’ve created a web tool that will allow you to enter your e-mail address to see whether it was included in the data cache. The tool will only send an e-mail to the address you input... You can find the tool here*..."
* https://www3.trustwave.com/support/labs/check-compromised-email.asp

** http://thehackernews.com/2013/12/Sheep-Marketplace-scam-Bitcoin-stolen-Silk-Road.html

 Evil or Very Mad  Sad

 99 
 on: February 22, 2014, 04:35:06  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

Attack code exploits critical bug in majority of Android phones
- http://atlas.arbor.net/briefs/index#610868271
Elevated Severity
Feb 20, 2014
Public exploit code has been released for a 14 month old vulnerability in a large number of Android devices. The exploit code is trivial to use and is freely available in the Metasploit Framework.
Analysis: The slow update cycle for Android devices is a serious security consideration. Combining the risks of the typical BYOD work environment and the popularity of accessing enterprise resources with personal devices, such publicly released exploit code will make it easier for targeted attacks to leverage a compromised Android device in attack campaigns. The video that demonstrates the exploit shows the -malicious- URL being delivered to the device in the form of a QR code - an attack vector previously discussed but rarely observed... Apparently using an alternate browser other than the built-in Android browser (based on WebView) such as Google Chrome will -mitigate- this vulnerability, however many users are likely to be taking advantage of the default configuration which includes a WebView based browser...
Source: http://arstechnica.com/security/2014/02/e-z-2-use-attack-code-exploits-critical-bug-in-majority-of-android-phones/

 Sad  Evil or Very Mad

 100 
 on: February 22, 2014, 02:26:32  
Started by AplusWebMaster - Last post by AplusWebMaster
FYI...

iOS 7.0.6
- http://support.apple.com/kb/HT6147
Feb 21, 2014 - "... Data Security: Available for: iPhone 4 and later, iPod touch (5th generation), iPad 2 and later...
CVE-2014-1266..."

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1266 - 6.8

iOS 6.1.6
- http://support.apple.com/kb/HT6146
Feb 21, 2014 - "... Data Security: Available for: iPhone 3GS, iPod touch (4th generation)...
CVE-2014-1266..."

- http://www.securitytracker.com/id/1029811
CVE Reference: CVE-2014-1266
Feb 21 2014
Fix Available:  Yes  Vendor Confirmed:  Yes...
Impact: A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions.
Solution: The vendor has issued a fix (6.1.6, 7.0.6)...
___

Apple TV 6.0.2
- http://support.apple.com/kb/HT6148
Feb 21, 2014 - "... Apple TV: Available for: Apple TV 2nd generation and later...
CVE-2014-1266..."

- http://www.securitytracker.com/id/1029812
CVE Reference: CVE-2014-1266
Feb 22 2014
Fix Available:  Yes  Vendor Confirmed:  Yes...  
Impact: A remote user with the ability to conduct a man-in-the-middle attack can decrypt SSL/TLS sessions.
Solution: The vendor has issued a fix (6.0.2)...
___

Apple Releases Security Updates for iOS devices and Apple TV
- https://www.us-cert.gov/ncas/current-activity/2014/02/21/Apple-Releases-Security-Updates-iOS-devices-and-Apple-TV
Feb 21, 2014

- http://support.apple.com/kb/HT1222

 Exclamation Exclamation

Pages: 1 ... 8 9 [10]
Powered by SMF 1.1.19 | SMF © 2013, Simple Machines Page created in 0.453 seconds with 16 queries.