Security Alerts & News
by Tymoteusz A. Góral

#670 Kaspersky DDoS Intelligence Report for Q1 2016
* In Q1, resources in 74 countries were targeted by DDoS attacks (vs. 69 in Q4 of 2015).
* 93.6% of the targeted resources were located in 10 countries.
* China, the US and South Korea remained the leaders in terms of number of DDoS attacks and number of targets. France and Germany were newcomers to the Top 10.
* The longest DDoS attack in Q1 2016 lasted for 197 hours (or 8.2 days) which is far less than the previous quarter’s maximum (13.9 days). Multiple attacks on the same target became more frequent (up to 33 attacks on one resource during the reporting period).
* SYN DDoS, TCP DDoS and HTTP DDoS remain the most common DDoS attack scenarios, while the number of UDP attacks continues to fall from quarter to quarter.
* Overall, command servers remained located in the same countries as the previous quarter, but Europe’s contribution increased – the number of C&C servers in the UK and France grew noticeably.
#669 American Samoa domain registry was exposing client data since the mid-1990s
A British security researcher that goes online only by the name of InfoSec Guy revealed today that American Samoa domain registry ASNIC was using an outdated domain name management system that contained a bug allowing anyone to view the personal details of any .as domain owner.

The researcher also claims that anyone knowing of this bug would have been able to edit and delete any .as domain, just by altering the ASNIC domain info URL.

"By simply Base64 encoding an .as domain name and appending it to an URL on the website, it was possible to view the entire domain record for the domain (including unencrypted passwords for domain owners, technical contacts, and billing contacts)," the researcher wrote on his blog two days ago.
#668 Malware and non-malware ways for ATM jackpotting.
Cash machines have been part of our lives since 1967 when a London branch of Barclays Bank unveiled the first ATM. Millions of people around the world now use ATMs every day to withdraw cash, pay in to their account or make a variety of payments. When using ATMs people give little or no thought to the hardware, software or security of the machines. Unfortunately, ATM manufacturers and their primary customers – banks – don’t pay much attention to the security of cash machines either. This is confirmed by the increasing number of thefts from ATMs using non-destructive methods, i.e. without the use of metal cutting tools or explosives.
#667 Users are patching Windows, but QuickTime and Java vulnerabilities remain, says Secunia
In the January-March quarter, 93.9 percent of UK users had patched their Windows operating system, and 96.2 percent had patched other Microsoft software, such as Microsoft Office (PDF). However, 11.9 percent still had unpatched third-party software. The figures for the USA were slightly worse: 93.5 percent had patched the OS, 96.1 percent had patched other Microsoft software, and 12.7 percent had unpatched third-party software (PDF).

The major problems are Apple's QuickTime and iTunes, Oracle Java JRE, and Adobe Reader.

In the UK, for example, unpatched Java installations climbed from 36 to 41 percent compared with the first quarter of last year, and unpatched QuickTime installations increased from 55 to 61 percent. Fortunately, for most users, both programs can be uninstalled without a significant penalty. (Adobe Creative Suite users may have a QuickTime problem.)
#666 Former Tor developer created malware for the FBI to hack Tor users
Matt Edman is a cybersecurity expert who worked as a part-time employee at Tor Project, the nonprofit that builds Tor software and maintains the network, almost a decade ago.

Since then, he's developed potent malware used by law enforcement to unmask Tor users. It's been wielded in multiple investigations by federal law-enforcement and U.S. intelligence agencies in several high-profile cases.

“It has come to our attention that Matt Edman, who worked with the Tor Project until 2009, subsequently was employed by a defense contractor working for the FBI to develop anti-Tor malware,” the Tor Project confirmed in a statement after being contacted by the Daily Dot.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12