Text messages have largely replaced seasonal (and non) greeting cards, and there are mobile apps out there that let you send prewritten witty/sweet messages to friends and family.
But there are also some that pretend to do that, and F-Secure researchers have recently spotted a Trojan targeting Chinese Android users that masquerades as just that type of app.
Check out Help Net Security for the full article
A vulnerability in ASP.NET that could allow an attacker to consume all of the resources on a vulnerable server with a single specially designed HTTP request. The vulnerability affects a wide range of Web platforms are vulnerable to this attack, and Microsoft officials said they’re releasing the patch now because they’re expecting exploit code to be released in the near future.
Passwords for document files are commonly used to prevent unauthorized access to the files by encrypting them with passwords. However, attackers are misusing the password feature to encrypt files, most likely to make it difficult for security products to detect them as malware,” say the researchers. “It also makes reverse-engineering the files difficult because they need to be decrypted before analysis can be performed.
Check out Help Net Security for the full article
Just a day after security researcher Stefan Viehbock released details of a vulnerability in the WiFi Protected Setup (WPS) standard that enables attackers to recover the router PIN, a security firm has published an open-source tool capable of exploiting the vulnerability. The tool, known as Reaver, has the ability to find the WPS PIN on a given router and then recover the WPA passphrase for the router, as well.
The vulnerability reported by Viehbock to US-CERT is related to the way that the WPS standard handles failed authentication attempts in some cases. In those scenarios, it will send back too much detailed information to the user–or attacker–about the PIN that’s required to set up the router using WPS. Viehbock found that he was able to use that information to greatly reduce the amount of time it takes to recover the PIN for a router through a brute-force attack. Once the attacker has the WPS PIN, he can take control of the router.
The full article by Threat Post
US-CERT is aware of reports that some users on the Xbox 360 video game system are receiving potential phishing attempts through an in-game messaging service. In-game message phishing is not a Microsoft issue and has nothing to do with Xbox LIVE. Games are products of third party developers that are playable on Xbox LIVE and other gaming systems.
Microsoft has posted a service alert on the Xbox LIVE status page regarding this issue.
US-CERT encourages users to take the following measures to protect themselves from these types of phishing attacks:
Sony has confirmed that a data breach was the cause for the PSN outage. In a vague letter to customers, the gaming giant warned that 70 million users’ personal information was compromised. In addition, it fears credit card details were also included in the loss.
On April 17, an unknown number of PSN and Qriocity accounts were compromised. As a result, Sony shut things down in an attempt to mitigate the situation, allowing it time to correct underlying issues and launch a full investigation. Initially, the service outage was blamed on Anonymous, considering the group’s past actions against the Japanese electronics giant.
“Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained,” Sony’s letter explained [click here for the full letter].
Patch Tuesday a staggering 17 security bulletins (nine of which have been given Microsoft’s highest severity rating of “critical”), addressing 64 security vulnerabilities. Software including bugs which are said to be fixed by the patches include Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio and .NET Framework.
One of the vulnerabilities reportedly fixed will be the MHTML redering flaw that was discovered earlier this year. Internet Explorer was one the products found to be at risk from the zero-day vulnerability that could allow maliciously crafted webpages to execute code in any “zone” regardless of which zone is specified.
Bulletin Summary Bulletin ID Maximum Severity Rating Vulnerability Impact Restart Requirement Affected Software* Bulletin 1 Critical Remote Code Execution Requires restart Internet Explorer on Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 2 Critical Remote Code Execution Requires restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 3 Critical Remote Code Execution Requires restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 4 Critical Remote Code Execution May require restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 5 Critical Remote Code Execution May require restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 6 Critical Remote Code Execution May require restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, and Office XP. Bulletin 7 Critical Remote Code Execution Requires restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 8 Critical Remote Code Execution May require restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 9 Critical Remote Code Execution Requires restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 10 Important Remote Code Execution May require restart Microsoft Excel 2002, Excel 2003, Excel 2007, Excel 2010, Office 2004 for Mac, Office 2008 for Mac, Office for Mac 2011, Open XML File Format Converter for Mac, Excel Viewer, and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats. Bulletin 11 Important Remote Code Execution May require restart Microsoft PowerPoint 2002, PowerPoint 2003, PowerPoint 2007; PowerPoint 2010, Office 2004 for Mac, Office 2008 for Mac, Office for Mac 2011, Open XML File Format Converter for Mac, PowerPoint Viewer, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats, and PowerPoint Web App. Bulletin 12 Important Remote Code Execution May require restart Microsoft Office XP, Office 2003, Office 2007, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac. Bulletin 13 Important Remote Code Execution May require restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 14 Important Remote Code Execution May require restart Microsoft Visual Studio .NET 2003, Visual Studio 2005, Visual Studio 2008, Visual Studio 2010, Visual C++ 2005 SP1 Redistributable Package, Visual C++ 2008 Sp1 Redistributable Package, and Visual C++ 2010 Redistributable Package. Bulletin 15 Important Information Disclosure Requires restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. Bulletin 16 Important Remote Code Execution May require restart Microsoft Windows XP and Windows Server 2003. Bulletin 17 Important Elevation of Privilege Requires restart Microsoft Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2. * The list of affected software in the summary table is an abstract. To see the full list of affected components please click on the “Advance Notification Webpage” link below and review the “Affected Software” section. Further information on the patches can be found in the advance notice that Microsoft has published on its website.