SECURITY WARNINGS & Notices - Please post them here

[polonus]

The most favorite exploit being abused by the so-called "exploit packs" at the moment is Java-atomic exploit. This is a so-called 1-day exploit, just patched.
Please be protected against it by updating and patching your OS and third party software.
Go online and check your software here: http://secunia.com/vulnerability_scanning/online/
Overview of recent exploit pack exploits: http://contagiodump.blogspot.com/2010/06/overview-of-exploit-packs-update.html  link article author = Mila

polonus

[CharleyO]

***

Apple Patches Java Bug

Apple released Wednesday a patch for multiple Java vulnerabilities, a couple of days after a security vendor reported that password-stealing malware exploiting the flaws was floating about the Web.

Apple launched Java for OS X Lion 2012-001 and Java for Mac OS X 10.6 Update 7 almost two months after patches for the same exploits were released for Windows. Experts often criticize the Mac maker for taking too long to patch Java vulnerabilities.

http://www.crn.com/news/security/232800301/apple-patches-malware-targeted-java-bug.htm;jsessionid=6kAI4rxOXrN6u+7N+A+N8g**.ecappj02?cid=nl_crn


***

[Asyn]

Microsoft Security Bulletin Advance Notification for April 2012
http://technet.microsoft.com/en-us/security/bulletin/ms12-apr

[CharleyO]

***

Malicious Malware: Six Ways Cybercriminals Beat Security

The tactics of cybercriminals has evolved from using malware-carrying spam in a shotgun-like approach to finding doorways into corporate networks to studying the prey like a methodical marksman, learning security controls and figuring out ways to bypass them.

http://www.crn.com/slide-shows/security/232800295/malicious-malware-six-ways-cybercriminals-beat-security.htm;jsessionid=uqNTJ4UWKBhfSOA41w1cPw**.ecappj02?cid=nl_sec


***

[CharleyO]

***

Seven Cybercrime-Fighting Steps For Small Businesses

These steps can also be used by administrators of home networks and individuals.

Cybercrime represents a $2 trillion annual business, representing 15 percent of the global production of goods and services, according to the United Nations. Each year, criminals hone their skills and tools to become more adept at penetrating computer systems to steal credit-card numbers and corporate as well as government secrets.

http://www.crn.com/slide-shows/security/232800231/seven-cybercrime-fighting-steps-for-small-businesses.htm?cid=nl_sec


***

[CharleyO]

***

Mac Botnet Infects More Than 600,000 Apple Computers

More than 600,000 Apple Mac computers worldwide—more than half of them in the United States—have been hit by a new fast-moving variant of the Flashback Trojan malware that uses Javascript code rather than relying on user interaction, according to security researchers.

Officials with security software company Intego said in an April 3 blog post that they found samples of the new Flashback Trojan March 23, and noted that the new malware—like the previous version discovered last year—uses two Java vulnerabilities, they said, one of which was patched by Apple April 3. The malware attacks Macs running the Mac OS X operating system. It was ... noted that 274 of the infected Macs were found in Cupertino, Calif., where Apple keeps its headquarters.

http://www.eweek.com/c/a/Security/Mac-Botnet-Infects-More-Than-600000-Apple-Computers-699749/?kc=EWKNLEDP04062012B


***

[Pondus]

more on the above
http://www.theregister.co.uk/2012/04/05/flashback_trojan_botnet/

Attackers first began to exploit two earlier Java vulnerabilities (CVE-2011-3544 and CVE-2008-5353) to spread malware in February 2012, before switching to another exploit (CVE-2012-0507) on 16 March – to devastating effect. ®

appel is not the fastest to patch java bugs
http://www.computerworld.com/s/article/9134442/Apple_finally_patches_six_month_old_Java_bugs
http://www.crn.com/news/security/232800152/mac-malware-exploits-apple-delay-with-java-patch.htm
http://www.theregister.co.uk/2012/04/04/apple_java_update/

[Pondus]

Fake cop Trojan 'detects offensive materials' on PCs, demands money - Crooks exploit those embarrassing files we all have
http://www.theregister.co.uk/2012/04/05/police_themed_ransomware/


Trojan:W32/Reveton
http://www.f-secure.com/v-descs/trojan_w32_reveton.shtml

[Asyn]

Prenotification Security Advisory for Adobe Reader and Acrobat
http://www.adobe.com/support/security/bulletins/apsb12-08.html

[Marc57]

***

Mac Botnet Infects More Than 600,000 Apple Computers

More than 600,000 Apple Mac computers worldwide—more than half of them in the United States—have been hit by a new fast-moving variant of the Flashback Trojan malware that uses Javascript code rather than relying on user interaction, according to security researchers.

Officials with security software company Intego said in an April 3 blog post that they found samples of the new Flashback Trojan March 23, and noted that the new malware—like the previous version discovered last year—uses two Java vulnerabilities, they said, one of which was patched by Apple April 3. The malware attacks Macs running the Mac OS X operating system. It was ... noted that 274 of the infected Macs were found in Cupertino, Calif., where Apple keeps its headquarters.

http://www.eweek.com/c/a/Security/Mac-Botnet-Infects-More-Than-600000-Apple-Computers-699749/?kc=EWKNLEDP04062012B


***

I've been reading about this, Now they're saying it's bigger(On Macs) than Conficker was on Windows..

http://www.pcworld.com/businesscenter/article/253403/mac_malware_outbreak_is_bigger_than_conficker.html#tk.nl_dnx_h_crawl

If a Mac user has this, There's manual removal instructions here:

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml

[Asyn]

Anonymous targets UK Government sites with DDoS
http://www.h-online.com/security/news/item/Anonymous-targets-UK-Government-sites-with-DDoS-1517438.html

[CharleyO]

***

Utah Data Breach of 181,000 Records Blamed on Configuration Error

Nearly 200,000 people who receive benefits from the Medicaid and Child Health Insurance Plan in Utah have had their personal information--including Social Security numbers in some cases--compromised as part of an intrusion on the network at the Utah Department of Technology Services. The 181,000 estimated victims is nearly eight times higher than the 24,000 people that the department initially thought were affected by the attack.

http://www.crnbuzz.com/index.php?r88r=/story/v1_left/html/CRN.v1.security/5364332f5556424673347879364448333555556a50413d3d


***

[CharleyO]

***

FBI: Smart Meter Hacks Likely to Spread

A series of hacks perpetrated against so-called “smart meter” installations over the past several years may have cost a single U.S. electric utility hundreds of millions of dollars annually, the FBI said in a cyber intelligence bulletin obtained by KrebsOnSecurity. The law enforcement agency said this is the first known report of criminals compromising the hi-tech meters, and that it expects this type of fraud to spread across the country as more utilities deploy smart grid technology.

http://krebsonsecurity.com/2012/04/fbi-smart-meter-hacks-likely-to-spread/


***

[CharleyO]

***

Watch Out, White Hats! European Union Moves to Criminalize ‘Hacking Tools’

The European Union is continuing a push to criminalize the production or sale of “hacking” tools, a move that civil liberties advocates argue could make criminals out of legitimate security researchers.

The proposal is intended to create stiffer penalties across Europe for hacking and denial of service attacks, imposing a maximum sentence of up to five years for hacking into a site or using a botnet to flood a site with fake traffic.

In my opinion, 5 years is way too lenient. The sentence should be, at the least, 2x that amount for real criminals.

On the other hand, legitimate security researchers should not be charged.

http://www.wired.com/threatlevel/2012/04/hacking-tools


***

[CharleyO]

***

Selling You on Facebook

Many popular Facebook apps are obtaining sensitive information about users—and users' friends—so don't be surprised if details about your religious, political and even sexual preferences start popping up in unexpected places.

http://online.wsj.com/article/SB10001424052702303302504577327744009046230.html


***