Sunday, February 21, 2010

Hackers target unpatched Adobe Reader, Acrobat flaw

Adobe Systems Inc. said Monday it is investigating reports that attackers are exploiting a previously unidentified security hole in its Acrobat and PDF Reader software to break into vulnerable computers.

The acknowledgment coincided with an alert published by the Shadowserver Foundation, a nonprofit group that tracks the spread of malicious programs that criminals use to control infected systems remotely. Shadowserver member Steven Adair said the flaw is present in the most recent versions of Adobe Acrobat and Reader.

Adair warned that security experts have observed cyber crooks using the vulnerability in targeted attacks since at least Dec. 11, but that more widespread attacks are likely to emerge over the next few weeks. In addition, few anti-virus vendors currently detect malicious PDF files harboring this exploit.

At the moment, there is no patch available for this flaw, and Adobe's brief advisory offers little in the way of mitigation advice.

However, Internet users can protect themselves from this attack in a couple of ways. First, this exploit doesn't work unless users have Javascript enabled in Adobe Acrobat/Reader.To disable Javascript, click "Edit," then "Preferences" and then "Javascript," and uncheck "Enable Acrobat Javascript."

As an alternative to Adobe, I generally recommend the free and lightweight Foxit Reader. But there are other free PDF readers, including Sumatra PDF and PDF-XChange Viewer.

Monday, August 24, 2009

TJX Hacker Indicted in Heartland, Hannaford Breaches

A federal grand jury has indicted three individuals for allegedly hacking into credit and debit card payment processing giant Heartland Payment Systems last year, as part of an investigation the Justice Department is calling the largest identity theft case ever prosecuted.

According to indictments returned Monday in a New Jersey federal court, the government believes the same individuals were involved in a string of high-profile data breaches between October 2006 and May 2008, including intrusions at Hannaford Brothers Co., and 7-Eleven, Inc.

In total, the government alleges the hackers stole data on more than 130 million credit and debit cards from Princeton, NJ-based Heartland.

Read the full story, at this link here. A copy of the indictment is available here.

Security Patch Catchup: Java, Safari & OS X

Security Fix took a mini-vacation last week, but that's all it takes to fall behind in important software security updates. Here's a quick pointer to some recent updates that have recently happened.
The last time I wrote about Java updates was at Update 13, but as several readers have pointed out, the latest version is now Update 16. Near as I could tell, Updates 14 and 16 did not include security updates. Indeed, Java maker Sun Microsystems says users who have Java SE 6 Update 15 have the latest security fixes and do not need to upgrade to version 16 to be current on security fixes.

However, Update 15 shipped fixes for a number of serious security holes, so if you've got an earlier version of this program installed, take a few minutes to update. Don't know whether you have Java or what version you may have? Visit this link.

Unfortunately, Sun still hasn't made the process of updating Java as easy as it should be. When I tried to update one of my Vista machines from Update 13 using the Windows Control panel (by clicking the Java icon, then the Update tab, and then the "Update Now" button), the updater told me I had the latest version installed.

To grab the latest version, I have to download and run a full installer from The installer by default tries to install one of several programs the company has a deal with (mine offered the Yahoo! toolbar), so if you don't want the extra software be sure to deselect that option.

Apple also recently released several important updates. Among them was an update for the Safari Web browser that fixes at least six security holes. This patch brings Safari to version 4.0.3. Updates are available for Mac and Windows versions. Mac users can grab the update from Apple Downloads or Software Update, while Windows Safari users will need to use the bundled Apple Software Update tool.

In addition, Apple has released an update that corrects an important security vulnerability in Mac OS X 10.4 and 10.5 systems. That update is available through the Mac's built-in Apple Software Update feature.

Induc Virus Abuses Delphi Compiler

The W32/Induc virus has been in the wild for at least a year. During this period it has succeeded in infecting a lot of Delphi installations, including manufacturers of some pretty popular software packages.

On a victim’s machine this virus searches for the presence of a specific version (4.0, 5.0, 6.0 and 7.0) of the Delphi compiler. The virus gathers this information using the registry entry below.

Read More ...

Scammers Love Your Money

We generally classify email messages pretending to be from a family member of a (often African) dignitary or from a desperate young woman as scams. In the first case, the sender sometimes explains that following the death of an influential dignitary a large sum of money is blocked in a bank account somewhere. With the recipient’s help and using his or her financial backing for a money transfer, the sender says that it would be possible to release the money. Substantial compensation is offered to whoever agrees. In the second case, the unknown beauty becomes a friend with the victim and suddenly has a terrible money problem.

For some individuals, these swindles, called advance fee fraud (also known as 419 fraud) and romance scam, are a primary source of revenue. They also employ lottery and fake price scams.

Read More ...

Introducing the IEEE Industry Connections Security Group

Agreement and collaboration have been two of the greatest challenges the security community has faced from the very beginning. In an effort to address this, The Industry Connections Security Group (ICSG), a new offering from the IEEE, allows like-minded companies to come together to solve industry or business problems that center on information security. Industry Connections is a program under the IEEE that allows for a fast start-up toward industry collaboration. It also offers the support and infrastructure of an established and well known brand—the IEEE itself. This effort will allow the group to focus on the work of security standards and problem solving, rather than being slowed down with issues such as incorporation or intellectual property matters. McAfee is proud to be a founding member of this effort.

Read More ...

Saturday, April 25, 2009

AVG Internet Security SBS Edition 8.5.322 + Serial

AVG Internet Security SBS ensure complete security protection against all of the most serious Internet threats, including viruses, worms, trojans, spyware, adware, hackers and spam. AVG Internet Security SBS 8.5, includes the most recent anti-virus, anti-spyware, anti-spam , Anti-Rootkit , Web Shield & LinkScanne and firewall technologies with reliable automatic updates while consuming a low level of computer resources for convenient use.