Security Alerts & News
by Tymoteusz A. Góral

#784 IBM scientists achieve storage memory breakthrough
ZURICH, May 17, 2016 /PRNewswire/ -- For the first time, scientists at IBM (NYSE: IBM) Research have demonstrated reliably storing 3 bits of data per cell using a relatively new memory technology known as phase-change memory (PCM).

The current memory landscape spans from venerable DRAM to hard disk drives to ubiquitous flash. But in the last several years PCM has attracted the industry's attention as a potential universal memory technology based on its combination of read/write speed, endurance, non-volatility and density. For example, PCM doesn't lose data when powered off, unlike DRAM, and the technology can endure at least 10 million write cycles, compared to an average flash USB stick, which tops out at 3,000 write cycles.

This research breakthrough provides fast and easy storage to capture the exponential growth of data from mobile devices and the Internet of Things.
#783 Banking trojan outwits Google VerifyApps scanner
Google Play’s first line of defense against malware was circumvented by attackers who managed to sneak a malicious app called “Black Jack Free” into the official app store. The app was discovered by Lookout Security and removed by Google last week. Lookout estimates that 5,000 people downloaded the app that can siphon financial data from phones, intercept SMS messages and drop additional malicious apps onto a targeted phone.

Google relies on the automated system called VerifyApps to vet apps submitted to the Google Play app store. It isn’t perfect, but security experts say they are surprised that something as glaring as a banking Trojan was able to slip past Google’s defenses.

“The greatest danger to Android users are apps downloaded from third-party stores,” said Christoph Hebeisen, manager of security research and response at Lookout. “What this Trojan shows is that people, even when behaving sensibly and only downloading apps only from Google Play, can still get hit by malware.”
#782 Symantec Antivirus products vulnerable to horrid overflow bug
Whoever thought loading an anti-virus engine into the Windows kernel was a good idea should finally have proof that they were completely and utterly wrong.

That proof has arrived from Tavis Ormandy of Google's Project Zero team, who discovered the Symantec Antivirus Engine was vulnerable to a buffer overflow when parsing malformed portable-executable (PE) header files.

"Such malformed PE files can be received through incoming email, downloading of a document or application, or by visiting a malicious web site," Symantec said in its advisory on the issue dubbed CVE-2016-2208.

"No user interaction is required to trigger the parsing of the malformed file."
#781 Groundbreaking gadget claims to fit in your ear and translate foreign languages in real-time
Trying to understand someone who doesn't speak your language could be a thing of the past, thanks to this new piece of technology.

Pilot earphones act like much like Babel Fish in 'Hitchhiker's Guide To The Galaxy' - they let two people who speak a different language understand each other.

The gadget will launch to translate between English, French, Spanish and Italian in Autumn of this year.

Pilot will cost $129 (£90) ​and will be available for pre-order on their website.

It works by being connected to two different people, speaking two different languages, and translates what they are saying in your ear.
#780 Random number generator 'improved'
The new solution takes two "weak" random sources to generate a single, high-quality random number.

That made it a faster, more practical solution for an almost-perfectly random number, said Prof Alan Woodward, of Surrey University, and it could have implications for encryption and security.
#779 Firefox tops Microsoft browser market share for first time
Firefox has gingerly pulled ahead of Microsoft’s Internet Explorer and Edge browsers for the first time across the globe.

Mozilla’s Firefox grabbed 15.6 percent of worldwide desktop browser usage in April, according to the latest numbers from Web analytics outfit StatCounter.
#778 Indian organizations targeted in Suckfly attacks
In March 2015, Symantec published a blog on Suckfly, an advanced cyberespionage group that conducted attacks against a number of South Korean organizations to steal digital certificates. Since then we have identified a number of attacks over a two-year period, beginning in April 2014, which we attribute to Suckfly. The attacks targeted high-profile targets, including government and commercial organizations. These attacks occurred in several different countries, but our investigation revealed that the primary targets were individuals and organizations primarily located in India.

While there have been several Suckfly campaigns that infected organizations with the group’s custom malware Backdoor.Nidiran, the Indian targets show a greater amount of post-infection activity than targets in other regions. This suggests that these attacks were part of a planned operation against specific targets in India.
#777 Inside the million-machine clickfraud botnet
Online advertising is a multi-billion dollar business mostly ran by Google, Yahoo or Bing via AdSense-like programs. The current generation of clickbots such as the Redirector.Paco Trojan have taken abuse to a whole new level, burning through companies’ advertising budget at an unprecedented pace.

The malware’s objective is to redirect all traffic performed when using a popular search engine (such as Google, Yahoo or Bing) and replace the results with others obtained from a Google custom search. The goal is to help cyber-criminals earn money from the AdSense program.

Google’s AdSense for Search program places contextually relevant ads on Custom Search Engine’s search results pages and shares a portion of its advertising revenue with AdSense partners.

To redirect the traffic the malware performs a few simple registry tweaks. It modifies the “AutoConfigURL” and “AutoConfigProxy” values from the “Internet Settings” registry key so that for every request that a user makes, a PAC (Proxy auto-config) file will be queried. This file tells the browser to redirect the traffic to a different address.
#776 Apple has fixed a bug that let hackers bypass iPhone lock screen
Apple has fixed a security flaw that could let a hacker access personal data on a user's iPhone.

The company fixed the flaw in a software update, iOS 9.3.2, which is rolling out to iPhone and iPad users across the globe.

Anyone with physical access to an affected phone would've been able to access the user's contacts, photos, text and picture messages, emails, and phone settings by exploiting how Siri processes data.

The vulnerability was first discovered last month by two researchers, apparently working independent of each other. But Apple credited YouTube user videosdebarraquito with finding the flaw.
#775 Ukrainian hacker pleads guilty to insider trading in US
A Ukrainian man has pleaded guilty to his role in an insider trading scheme that netted more than $30 million (£20.8 million) in illicit profits.

Vadym Iermolovych, 28, admitted to hacking into newswire agencies and using the unpublished information to gain advantage on the stock market.

Thirty-two people have been charged in connection with the global scheme.

Prosecutors said the defendants used 800 stolen news releases to make trades using the insider information.
#774 Indefinite prison for suspect who won’t decrypt hard drives, feds say
Federal prosecutors urged a federal appeals court late Monday to keep a child-porn suspect behind bars—where he already has been for seven months—until he unlocks two hard drives that the government claims contains kid smut.

The suspect, a Philadelphia police sergeant relieved of his duties, has refused to unlock two hard drives and has been in jail ever since a judge ordered him to do so seven months ago—and after finding him in contempt of court. The defendant can remain locked up until a judge lifts the contempt order.

The government said Monday he should remain jailed indefinitely until he complies. The authorities also said that it's not a violation of the man's Fifth Amendment right against compelled self incrimination because it's a "foregone conclusion" that illegal porn is on the drives, and that he is only being asked to unlock the drives, not divulge their passcodes.

"This is not a fishing expedition on the part of the government," federal prosecutors told the 3rd US Circuit Court of Appeals of Philadelphia.
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12