Security Alerts & News
by Tymoteusz A. Góral

History
#1633 Project management tips: Five ways to keep your project and your team on target
The ongoing Australian Federal Court case between music studios and internet service providers (ISPs) has seen Telstra, Optus, TPG, and Foxtel argue that they should be reimbursed for the costs associated with blocking access to KickAss Torrents and its related proxy sites that infringe or facilitate the infringement of copyright.

During the hearing in Sydney on Tuesday morning, counsel representing the four music studios -- Universal Music Australia, Sony Music Entertainment Australia, Warner Music Australia, and J Albert & Son -- said this case differs from the piracy site-blocking case between Foxtel/Roadshow and ISPs that is also currently facing Federal Court judgment in two important respects: The nature of the blocking, or specifically whether it should be domain name server (DNS) or internet protocol (IP) blocking; and "the way of dealing with future infringements".
#1632 Microsoft: Beware this fake Windows BSOD from tech support scammers' malware
Microsoft has sounded the alarm over a fake installer for its Security Essentials, which attempts to trick victims into contacting bogus help centers.

Tech-support scammers have stepped up their technical game, prompting a "severe" warning from Microsoft over new Windows malware that mimics Microsoft's free Security Essentials antivirus, and then displays a fake blue screen of death, or BSoD, with an error message and a suggestion to call a 1800 number that is not a Microsoft support center.

The malware, which Microsoft calls Hicurdismos, disables Task Manager to prevent the user from terminating the fake BSoD and hides the mouse cursor to make the user think Windows is not responding.
#1631 Android phones rooted by “most serious” Linux escalation bug ever
There's a new method for rooting Android devices that's believed to work reliably on every version of the mobile operating system and a wide array of hardware. Individuals can use it to bypass limitations imposed by manufacturers or carriers, but it could also be snuck into apps for malicious purposes.

The technique comes courtesy of a Linux privilege-escalation bug that, as came to light last week, attackers are actively exploiting to hack Web servers and other machines. Dirty Cow, as some people are calling the vulnerability, was introduced into the core Linux kernel in 2007. It's extremely easy to exploit, making it one of the worst privilege-elevation flaws ever to hit the open-source OS.

Independent security researcher David Manouchehri told Ars that this proof-of-concept code that exploits Dirty Cow on Android gets devices close to root. With a few additional lines, Manouchehri's code provides persistent root access on all five of the Android devices he has tested.
#1630 The “notification” ransomware lands in Brazil
It’s unusual for a day to go by without finding some new variant of a known ransomware, or, what is even more interesting, a completely new one. Unlike the previously reported and now decrypted Xpan ransomware, this same-but-different threat from Brazil has recently been spotted in the wild. This time the infection vector is not a targeted remote desktop intrusion, but a more massively propagated malicious campaign relying on traditional spam email.

Since the infection is not done manually by the bad guys, their malware has a higher chance of being detected and we believe that is one of the reasons for them to have added one more level of protection to the code, resorting to a binary dropper to launch the malicious payload.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12