Chris Brook

About

"Distrust and caution are the parents of security" - Benjamin Franklin

PlugX is Becoming Mature

By Dmitry TarakanovRecently, a new Remote Administration Tool has been discovered that started appearing here and there in targeted attacks. This tool is “PlugX”. Researchers have even tracked someone suspected of creating that malware – one of the members of the Chinese hacking group NCPH, which is allegedly in the service of PLA. Among others, this group has been accused of attacking high-profile US organizations.

eBay Patches Critical XSS, SQL Holes

Developers at the popular online auction site eBay recently patched two potentially critical vulnerabilities, a cross-site scripting bug and a SQL injection vulnerability.

Mozilla Releases Firefox 17 with Click-to-Play, Updates Firefox for Android

Mozilla pushed out the latest build of its flagship browser, Firefox 17, today, adding a new click-to-play blocklisting feature that will help prevent users from running out-of-date or vulnerable versions of plug-ins or extensions.The update tweaks click-to-play in Firefox prompting users to either update or abandon old versions of software like Adobe’s Reader and Flash and Microsoft Silverlight.


New malware targeting Windows 8 appears to be using Google Docs as a proxy server instead of directly connecting to a command and control (C&C) server. According to research done by Symantec and discussed in the company’s Security Response blog late last week, a Trojan, Backdoor.Makadocs, targets Windows 8 – along with Windows Server 2012 – yet doesn’t use any of the software’s particular functions as an exploit vector.

Google has divulged more information about its forthcoming application verifier for the Android operating system. The feature is being rolled out over the air alongside the latest build of the OS, Jelly Bean 4.2, on Nexus 7 and Galaxy Nexus devices as of yesterday.While it can be disabled, the app verifier feature is turned on by default according to a new description from Google/Nexus that describes the process as follows:

As part of what it’s calling “Project Blackstar,” the hacking collective Team Ghostshell posted approximately 2.5 million records it claims belong to Russian individuals who work across the political, educational and law enforcement spectrum online earlier this morning.

Fourteen individuals were charged late last week after the Federal Bureau of Investigation, along with the Los Angeles Police Department and the Glendale, Calif. Police Department found they were behind a scheme that extracted more than $1 million from Citibank cash-advance kiosks in Southern California and Nevada between 2009 and 2010.

CyanogenMod, a popular open source firmware replacement for Android phones, has patched a hole in its code that was locally logging swipe gestures used to unlock phones. The problem, which stemmed from a line of code that was never intended for release, was fixed in an update posted for download on the firmware’s review site earlier this week.

Microsoft announced Wednesday it will tweak the release of its forthcoming Windows 8 operating system to comply with the European Commission, which argues that in its current state, the software fails to offer customers a browser choice screen to let them “easily choose their preferred web browser.”