Skip to main content

Home/ Indie Nation/ Group items tagged server

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
John Lemke

Hackers Using 'Shellshock' Bash Vulnerability to Launch Botnet Attacks - 0 views

thehackernews.com/...ash-Vulnerability-exploit.html

2014.09.29-TNN indienationnews vulnerability bash hackers security vunerability

shared by John Lemke on 27 Sep 14 - No Cached
  • Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (Bash), dubbed "Shellshock" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well.
  • the vulnerability is already being used maliciously by the hackers.
  • There is as of yet no official patch that completely addresses both vulnerabilities, including the second, which allows an attacker to overwrite files on the targeted system.
  • ...3 more annotations...
  • It's things like CGI scripts that are vulnerable, deep within a website (like CPanel's /cgi-sys/defaultwebpage.cgi)," Graham wrote in a blog post. "Getting just the root page is the thing least likely to be vulnerable. Spidering the site and testing well-known CGI scripts (like the CPanel one) would give a lot more results—at least 10x." In addition, Graham said, "this thing is clearly wormable and can easily worm past firewalls and infect lots of systems. One key question is whether Mac OS X and iPhone DHCP service is vulnerable—once the worm gets behind a firewall and runs a hostile DHCP server, that would be 'game over' for large networks."
  • 32 ORACLE PRODUCTS VULNERABLE
  • PATCH ISSUED, BUT INCOMPLETE
  • John Lemke on 27 Sep 14
     
    "Researchers on Thursday discovered a critical remotely exploitable vulnerability in the widely used command-line shell GNU Bourne Again Shell (Bash), dubbed "Shellshock" which affects most of the Linux distributions and servers worldwide, and may already have been exploited in the wild to take over Web servers as part of a botnet that is currently trying to infect other servers as well."
John Lemke

DDoS attacks on major US banks are no Stuxnet-here's why | Ars Technica - 0 views

arstechnica.com/...inst-major-us-banks-no-stuxnet

attacks 2012 ddos banks security hacking

shared by John Lemke on 12 Oct 12 - No Cached
  • More unusually, the attacks also employed a rapidly changing array of methods to maximize the effects of this torrent of data. The uncommon ability of the attackers to simultaneously saturate routers, bank servers, and the applications they run—and to then recalibrate their attack traffic depending on the results achieved—had the effect of temporarily overwhelming the targets."This very well could be a kid sitting in his mom's basement in Ohio launching these attacks." "It used to be DDoS attackers would try one method and they were kind of one-trick ponies," Matthew Prince, CEO and founder of CloudFlare, told Ars. "What these attacks appear to have shown is there are some attackers that have a full suite of DDoS methods, and they're trying all kinds of different things and continually shifting until they find something that works. It's still cavemen using clubs, but they have a whole toolbox full of different clubs they can use depending on what the situation calls for."
John Lemke

Rent-to-own PCs surreptitiously captured users' most intimate moments | Ars Technica - 0 views

arstechnica.com/...ed-users-most-intimate-moments

2012 security malware spyware fraud USA Canada Australia

shared by John Lemke on 26 Sep 12 - No Cached
  • The software, known as PC Rental Agent, was developed by Pennsylvania-based DesignerWare. It was licensed by more than 1,617 rent-to-own stores in the US, Canada, and Australia to report the physical location of rented PCs. A feature known as Detective Mode also allowed licensees to surreptitiously monitor the activities of computer users. Managers of rent-to-own stores could use the feature to turn on webcams so anyone in front of the machine would secretly be recorded. Managers could also use the software to log keystrokes and take screen captures.
  • In some cases, webcam activations captured images of children, individuals not fully clothed, and people engaged in sexual activities, the complaint alleged. Rental agreements never disclosed the information that was collected, FTC lawyers said.
  • PC Rental Agent also had the capability to display fake registration pages for Microsoft Windows, Internet Explorer, Microsoft Office, and Yahoo Messenger. When customers entered their names, addresses, and other personal information in the forms, the data was sent to DesignerWare servers and then e-mailed to the rent-to-own licensees.
John Lemke

Java-based malware driving DDoS botnet infects Windows, Mac, Linux devices | Ars Technica - 0 views

arstechnica.com/...ects-windows-mac-linux-devices

2014 malware ddos windows mac linux technology tech security botnet

shared by John Lemke on 29 Jan 14 - No Cached
  • takes hold of computers by exploiting CVE-2013-2465, a critical Java vulnerability that Oracle patched in June. The security bug is present on Java 7 u21 and earlier. Once the bot has infected a computer, it copies itself to the autostart directory of its respective platform to ensure it runs whenever the machine is turned on. Compromised computers then report to an Internet relay chat channel that acts as a command and control server.
  • The botnet is designed to conduct distributed denial-of-service attacks on targets of the attackers' choice. Commands issued in the IRC channel allow the attackers to specify the IP address, port number, intensity, and duration of attacks.
John Lemke

2 million Facebook, Gmail and Twitter passwords stolen in massive hack - Dec. 4, 2013 - 0 views

money.cnn.com/...index.html

2013 passwords hack million

shared by John Lemke on 05 Dec 13 - No Cached
  • The massive data breach was a result of keylogging software maliciously installed on an untold number of computers around the world,
  • The virus was capturing log-in credentials for key websites over the past month and sending those usernames and passwords to a server controlled by the hackers.
  • Of all the compromised services, Miller said he is most concerned with ADP. Those log-ins are typically used by payroll personnel who manage workers' paychecks. Any information they see could be viewed by hackers until passwords are reset.
  • ...1 more annotation...
  • But in a statement, ADP said that, "To [its] knowledge, none of ADP's clients has been adversely affected by the compromised credentials."
John Lemke

Microsoft Announces Windows 10 | TechCrunch - 0 views

techcrunch.com/...microsoft-announces-windows-10

microsoft 2014 indienationnews tech Windows OS

shared by John Lemke on 01 Oct 14 - No Cached
  • Starting tomorrow, Microsoft will launch a Windows Insider Program that will give users who are comfortable with running very early beta software access to Windows 10. This first preview will be available for laptops and desktops. A build for servers will follow later.
  • The company went on to detail that its new operating system will have a tailored user experience between different screen sizes — that’s to say that if you are on a smaller device, you will see a different sort of user interface. The code will run across all device categories: “One product family. One platform. One store.”
  • Put more bluntly, the company is going for the enterprise crown.
  • ...4 more annotations...
  • bringing back a few features of Windows 7
  • ncluding a redesigned start menu that combines the basic Windows 7 menu with the (resizable) tiles of the Windows 8 start screen. Windows 8 Metro apps can now also open in a windowed mode on the desktop, so you aren’t taking into the full-screen mode by default and you can use a “modern” Windows 8 side by side with a standard Windows desktop app.
  • multiple desktops
  • command line, too, which has also been improved quite a bit.
  • John Lemke on 01 Oct 14
     
    "the last 943 people to cover the operating system got the name wrong."
John Lemke

Shellshock: Code injection vulnerability found in Bash | LIVE HACKING - 0 views

www.livehacking.com/...on-vulnerability-found-in-bash

2014.09.29-TNN code bash hacking indienationnews 2014 technology tech security

shared by John Lemke on 26 Sep 14 - No Cached
  • A code injection vulnerability in the Bourne again shell (Bash) has been disclosed on the internet. If exploited then arbitrary commands can be executed, and where Bash is used in relation to a network service, for example in CGI scripts on a web server, then the vulnerability will allow remote code execution.
  • The problem is that Bash does not stop after processing the function definition; it continues to parse and execute any shell commands following the function definition
  • The vulnerability is deemed as critical because Bash is used widely on many types of UNIX-like operating systems including Linux, BSD, and Mac OS X.
  • ...1 more annotation...
  • The most prominent attack vector is via HTTP requests sent to CGI scripts executed by Bash. Also, if SSH has been configured to allow remote users to run a set of restricted commands, like rsync or git, this bug means that an attacker can use SSH to execute any command and not just the restricted command.
John Lemke

Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks | Ars Technica - 0 views

arstechnica.com/...-months-tapped-iran-nuke-talks

2015 kaspersky iran ars stuxnet malware cyber warfare espionage blackhat attack virus zero-day

shared by John Lemke on 10 Jun 15 - No Cached
  • Since some time in the second half of 2014, a different state-sponsored group had been casing their corporate network using malware derived from Stuxnet, the highly sophisticated computer worm reportedly created by the US and Israel to sabotage Iran’s nuclear program.
  • the malware was more advanced than the malicious programs developed by the NSA-tied Equation Group that Kaspersky just exposed. More intriguing still, Kaspersky antivirus products showed the same malware has infected one or more venues that hosted recent diplomatic negotiations the US and five other countries have convened with Iran over its nuclear program.
  • We see this battle or arms race emerging and now it involves some kind of confrontation between the security industry and nation-state sponsored spies
  • ...3 more annotations...
  • Kaspersky officials first became suspicious their network might be infected in the weeks following February's Security Analyst Summit, where company researchers exposed a state-sponsored hacking operation that had ties to some of the developers of Stuxnet. Kaspersky dubbed the highly sophisticated group behind the 14-year campaign Equation Group. Now back in Moscow, a company engineer was testing a software prototype for detecting so-called advanced persistent threats (APTs), the type of well-organized and highly sophisticated attack campaigns launched by well-funded hacking groups. Strangely enough, the developer's computer itself was having unusual interactions with the Kaspersky network. The new APT technology under development, it seemed, was one of several things of interest to the Duqu attackers penetrating the Kaspersky fortress. "For the developer it was important to find out why" his PC was acting oddly, Kamluk said. "Of course, he did not consider that machine could be infected by real malware. We eventually found an alien module that should not be there that tried to mask behind legitimate looking modules from Microsoft. That was the point of discovery."
  • What they found was a vastly overhauled malware operation that made huge leaps in stealth, operational security, and software design. The Duqu actors also grew much more ambitious, infecting an estimated 100 or so targets, about twice as many as were hit by the 2011 version.
  • So the Duqu 2.0 attackers pulled an audacious feat that Kaspersky researchers had never seen before. Virtually all of the malware resided solely in the memory of the compromised computers or servers. When one of them was restarted, the infection would be purged, but as the rebooted machine reconnected to the network, it would be infected all over again by another compromised computer in the corporate network. The secret lynchpin making this untraceable reinfection scheme possible was the Windows vulnerability Microsoft patched only Tuesday, which has been designated
John Lemke

U.S. Court Grants Order to Wipe Pirate Sites from the Internet | TorrentFreak - 0 views

torrentfreak.com/nes-remove-pirate-sites-140818

2014 indienationnews u s court order legal IP copyright

shared by John Lemke on 18 Aug 14 - No Cached
  • A U.S. federal court in Oregon has granted a broad injunction against several streaming sites that offer pirated content. Among other things, the copyright holder may order hosting companies to shut down the sites' servers, ask registrars to take away domain names, and have all search results removed from Google and other search engines.
  • ABS-CBN requested power to take the sites offline before the owners knew that they were getting sued, and without a chance to defend themselves. While that may seem a lot to ask, Judge Anna Brown granted the request.
  • The preliminary injunction is unique in its kind, both due to its broadness and the fact that it happened without due process. This has several experts worried, including EFF’s Intellectual Property Director Corynne McSherry.
John Lemke

Self-repairing software tackles malware -- ScienceDaily - 0 views

www.sciencedaily.com/...141113140011.htm

software malware 2014 technology self-healing virus

shared by John Lemke on 17 Nov 14 - No Cached
  • Unlike a normal virus scanner on consumer PCs that compares a catalog of known viruses to something that has infected the computer, A3 can detect new, unknown viruses or malware automatically by sensing that something is occurring in the computer's operation that is not correct. It then can stop the virus, approximate a repair for the damaged software code, and then learn to never let that bug enter the machine again.
  • To test A3's effectiveness, the team from the U and Raytheon BBN used the infamous software bug called Shellshock for a demonstration to DARPA officials in Jacksonville, Florida, in September. A3 discovered the Shellshock attack on a Web server and repaired the damage in four minutes, Eide says. The team also tested A3 successfully on another half-dozen pieces of malware.
1 - 13 of 13
Showing 20 items per page