Who else didn’t see this coming?
It was so obvious as I stressed earlier that the Let’s Encrypt free HTTPS certificates would not just help legitimate website operators to encrypt its users’ traffic, but also help criminals to bother innocent users with malware through secure sites.
Let’s Encrypt allows anyone to obtain free SSL/TLS (Secure Socket Layer/Transport Layer Security)
After several controversial data mining and privacy invasion features within Microsoft’s newest operating system, Microsoft continued convincing its users that Windows 10 is not spying on anyone and that the company is not collecting more data than it needs.
In addition, Microsoft also updated its privacy policy in order to clear how and when Windows 10 utilizes users’ data.
But wait,
Ransomware is now a common practice for money-motivated cyber criminals. It’s basically a type of software written in any system-based programming language that has the ability to hijack victim’s computer, encrypts files and then ask for a ransom amount to get them back.
One such ransomware dubbed Linux.Encoder targets Linux-powered websites and servers by encrypting MySQL, Apache, and
Every morning, without fail, you log onto your computer and check your emails, read the news, and have a look at your social media accounts. While you do this it is likely that you’ll come across a few pop-up advertisements which you quickly close as they do little more than annoy you.
However, it’s likely that you haven’t stopped to think that these annoying ads could install a malware onto your computer without you, or the company that manages banners and advertisements, even realizing it.
Malvertising is the name that has been given to this technique that is quickly gaining popularity with cybercriminals. According to security experts, Malvertising has grown by 325% in the last year alone.
As opposed to Adware, which fills your pages with toolbars that aren’t usually malicious, cybercriminals use Malvertising to hide malicious coding in an advertisement and it isn’t even necessary for you to click on it to become infected.
How they carry out this attack is remarkably simple – the cybercriminal enters the network of the company that looks after selling advertising space online, taking advantage of the shared information between the company and its clients. The attacker then passes itself off as a different client and posts its own advertisement, albeit one that may contain a malicious coding in Javascript.
Once the user loads the page, the seemingly innocent ad will appear. Without even clicking on it, the exploit will start to carry out its job by installing a malware on the computer. You may even end up having to deal with a banking Trojan, which is designed to steal your bank details while you are entering them online.
Cybercriminals have been using Malvertising for the past few years, and in 2009, The New York Times suffered an attack by this means when a pop-up passed itself off as an antivirus scanner and infected the users’ computers.
Last September, The Huffington Post was also a victim of Malvertising. Not long after, The Daily Mail, a British tabloid, also inadvertently redirected its readers to exploit kits designed to install malware on their computers. Yahoo and Forbes have also suffered similar problems, just like the famous adult sites YouPorn and Pornhub.
As these cases show, cybercriminals are opting to carry out their attacks on popular websites that see a large number of traffic so as to infect as many computers as possible.
So, if cybercriminals are using advertisements on websites that we generally trust to be safe, what are the advertising agencies doing to stop this and what can we do to protect ourselves?
The well-known platform Doubleclick, which is run by Google, shut down 524 million malicious advertisements in 2014 alone. Its spokespeople made reference to using malware protection tools in their fight against the cyber attackers.
For their part, the websites that have been infected could create their own ads or use sponsored content to protect their readers, although at the moment it doesn’t seem a viable solution as external advertising is necessary for them to survive.
Therefore, the best way to protect yourself against these attacks is to install an ad blocker, like Adblock, update Java from the official website, keep your web browser updated, and always use an antivirus. We need to take measures to keep these cybercriminals at bay, as even a simple advertisement could be dangerous.
The post All you need to know about the worrying popularity of Malvertising appeared first on MediaCenter Panda Security.
Posted by RedTeam Pentesting GmbH on Jan 07
Advisory: AVM FRITZ!Box: Remote Code Execution via Buffer Overflow
RedTeam Pentesting discovered that several models of the AVM FRITZ!Box
are vulnerable to a stack-based buffer overflow, which allows attackers
to execute arbitrary code on the device.
Details
=======
Product: AVM FRITZ!Box 3272/7272, 3370/3390/3490, 7312/7412,
7320/7330 (SL), 736x (SL) and 7490
Affected Versions: versions prior to 6.30 (all models) [0]…
Posted by RedTeam Pentesting GmbH on Jan 07
Advisory: AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated
Firmware Images
The firmware upgrade process of the FRITZ!Box 7490 is flawed. Specially
crafted firmware images can overwrite critical files. Arbitrary code can
get executed if an attempt is made to install such a manipulated
firmware.
Details
=======
Product: AVM FRITZ!Box 7490, possibly others
Affected Versions: versions prior to 6.30 [0]
Fixed Versions: >=…
If you dream of making it big in the IT security community, the CISSP certification is a necessary milestone.
Having this certification to your credit portrays a sense of commitment to the security profession and shows potential employers that you have a strong knowledge base to excel in this domain.
So if you’re considering a certification, read on – we’ve answered a few questions that
As ever, ESET is once again in attendance at CES in Las Vegas, offering you expert insight into all the security aspects of this year’s show, which, from what have seen so far, is a key focus for CES in 2016.
The post CES 2016: Day 1 – surviving the swarm appeared first on We Live Security.
Time Warner Cable, one of the biggest cable telecommunications companies in the US, has revealed that some of its customer data ‘may have been compromised’.
The post Time Warner Cable: Customer data ‘may have been compromised’ appeared first on We Live Security.
Android mediaserver malware resembles Stagefright
Android owners may recall the Stagefright bug, the “worst ever Android vulnerability yet discovered”. That malware exposed a billion (that’s nearly every) Android device on the face of the earth to malware.
The latest critical bug has similarities to Stagefright, but exists in Android’s mediaserver. Google warns that an attacker could use the bug to remotely run malware hidden in video or audio.
In an announcement published in the Nexus Security Bulletin for January, Google said it has fixed 12 vulnerabilities affecting Android versions 4.4.4 to 6.0.1. Five are rated as critical security bugs. Partners were notified about and provided updates for the issues on December 7, 2015 or earlier, said the post.
“The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files.”
The good news is that Google says, “We have had no reports of active customer exploitation of these newly reported issues.” Because of enhancements in newer versions of the Android platform, exploitation for many issues on Android is made more difficult. Regardless, Google encourages all users to update to the latest version of Android where possible.
Follow Avast on Facebook, Twitter, YouTube e Google+ where we keep you updated on cybersecurity news every day.
