PROJET AUTOBLOG

The Hacker News

Site original : The Hacker News

⇐ retour index

Mise à jour

Mise à jour de la base de données, veuillez patienter...

Adobe issues Emergency Flash Player update to patch critical zero-day threat

mercredi 5 février 2014 à 16:13
Flash vulnerability
Adobe is recommending that users update their Flash Players immediately. The company has published an emergency security bulletin today, that addresses vulnerabilities the Flash Player and released a patch to fix a vulnerability which is currently being exploited in a sophisticated cyber espionage campaign.

"Adobe is aware of reports that an exploit for this vulnerability exists in the wild, and recommends users apply the updates referenced in the security bulletin."

The vulnerability (CVE-2014-0497), allows an attacker to remotely take control of the targeted system hosting Flash. "These updates address a critical vulnerability that could potentially allow an attacker to remotely take control of the affected system" advisory said.

The security hole affects the version 12.0.0.43 and earlier for both Windows and Mac OSs and Adobe Flash Player 11.2.202.335 and earlier versions for Linux.

The vulnerability was discovered by two researchers at Kaspersky Lab, Alexander Polyakov and Anton Ivanov.

The story started some month ago, when the Kaspersky Team discovered a new sophisticated cyber espionage operation which has been going on at least since 2007. The operation dubbed “The Maskhit systems in 27 countries leveraging high-end exploits, the attackers adopted an extremely sophisticated malware which includes a bootkit and rootkit

The malicious code used is able to infect also Mac and Linux versions and included a customized attack against Kaspersky products.
This is putting them above Duqu in terms of sophistication, making it one of the most advanced threats at the moment. Most interesting, the authors appear to be native in yet another language which has been observed very rarely in APT attacks. We will present more details about the “Mask” APT next week at the Kaspersky Security Analyst Summit 2014 (on Twitter, #TheSAS2014). ” Reports a post on SecureList blog.
Kaspersky Lab provides technical analysis of the exploits and payload. They discovered a total of 11 exploits, using same vulnerability and all are unpacked SWF files in  the following versions of Adobe Flash Player:
11.3.372.94
11.3.375.10
11.3.376.12
11.3.377.15
11.3.378.5
11.3.379.14
11.6.602.167
11.6.602.180
11.7.700.169
11.7.700.202
11.7.700.224
These exploits only work with Windows XP, Vista, 2003 R2, 2003, Windows 7, Windows 7x64, Windows 2008 R2, Windows 2008, 8, Windows 8x6, Mac OS 10.6.8.

Researchers discovered that these exploits had been detected on three different user machines, one of which worked under Mac OS 10.6.8 and the other two under Windows 7. They found that .docx document with the 0-day exploit was distributed via a targeted email mailing.
There are total three types of Shellcode:
First one is a primitive shellcode that reads an executable named a.exe from an SWF file and drops it to the hard drive. Only one of the 11 exploits in our possession included a payload.
The second type downloads and executes a file from a URL passed in the SWF file’s parameters. The third shellcode type, which is only present in some of the files, is the most interesting.
Adobe was informed of the availability of an exploit in the wild used to hit systems running the Flash Player, it recommends users update product installations to the latest versions:
  1. Users of Adobe Flash Player 12.0.0.43 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.44.
  2. Users of Adobe Flash Player 11.2.202.335 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.336.
  3. Adobe Flash Player 12.0.0.41 installed with Google Chrome will automatically be updated to the latest Google Chrome version, which will include Adobe Flash Player 12.0.0.44 for Windows, Macintosh and Linux.
  4. Adobe Flash Player 12.0.0.38 installed with Internet Explorer 10 will automatically be updated to the latest Internet Explorer 10 version, which will include Adobe Flash Player 12.0.0.44 for Windows 8.0.
  5. Adobe Flash Player 12.0.0.38 installed with Internet Explorer 11 will automatically be updated to the latest Internet Explorer 11 version, which will include Adobe Flash Player 12.0.0.44 for Windows 8.1.
Adobe flash player download

'The Hacker News' Magazine - Relaunching New Editions

mardi 4 février 2014 à 11:15
The Hacker News Magazine
Dear Readers,  After publishing 15 informative editions of 'The Hacker News' magazine in past 2 years; we at THN are again planning to relaunch the new Chapters of 'The Hacker News Magazine'.

The Hacker News (THN) Monthly Magazine is the most comprehensive and informative collection of IT Security, Hacking and innovative technological notions since about 2011. THN Magazine is a free monthly magazine designed to spread awareness and knowledge about cyber security.

Now on the demand of our readers, we are going to launch our new Monthly editions of the THN Magazine with some new sections, innovative themes in addition with some interactive interview sessions, from the month of March this year.

We cordially invite IT adepts and specialists to contribute as Authors with their new researches and knowledgeable articles, as the goal of our Free Hacking Magazine is to provide the most up-to-date information on a wide variety of topics that relate to hackers and security experts worldwide.

Simply submit your idea or article to us and your submission could be featured in our next edition. Please contact us at: admin@thehackernews.com

Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection

mardi 4 février 2014 à 09:06
The year begins with the number of new variants of malware that were discovered by various security researchers. The new variants are more complex, sophisticated and mostly undetectable. Two years back in 2012, the FBI warned us about the ‘GameOver’ banking Trojan, a variant of Zeus financial malware that spreads via phishing emails. GameOver makes fraudulent transactions from your bank

Google Chrome added pop-up warning to prevent users from Browser hijacking

mardi 4 février 2014 à 08:14
GOOGLE, one of the most trusted brands continuously trying to keep its products more robust and secure for keeping its users safe. Google honors vulnerability hunters under its Bug bounty program and not only that, the company also offer a huge amount of reward to hackers in 'Pwnium' hacking competition for finding critical vulnerability. Google Chrome, Browser from Google product family

DuckDuckGo Goodies that every SysAdmin Should Know

mardi 4 février 2014 à 07:28
DuckDuckGo, a private search engine that doesn't track your data over the internet and respects your online privacy, offers hundreds of Goodies that let you quickly do certain things like Programming, Math, Geek, Music related things. In our previous article, we have posted Cryptography hacks using DuckDuckGo search engine and today we are going to give another tutorial on DuckDuckGo Goodies
Error happened! 0 - count(): Argument #1 ($value) must be of type Countable|array, null given In: /var/www/ecirtam.net/autoblogs/autoblogs/autoblog.php:428 http://ecirtam.net/autoblogs/autoblogs/plusgooglecom108722708627977273008_4b868befb999be8d4a12cee6eafcf1d5f929d04b/?1918 #0 /var/www/ecirtam.net/autoblogs/autoblogs/autoblog.php(999): VroumVroum_Blog->update() #1 /var/www/ecirtam.net/autoblogs/autoblogs/plusgooglecom108722708627977273008_4b868befb999be8d4a12cee6eafcf1d5f929d04b/index.php(1): require_once('...') #2 {main}