Information Security News
Microsoft has released an emergency update to patch a security bug that allows attackers to remotely execute malicious code on computers running every supported version of Windows.
The critical vulnerability, which is present in all supported version of Windows, involves the way the Windows Adobe Type Manager Library handles fonts that use Microsoft's OpenType format. The bug allows attackers to take complete control of vulnerable computers. Attackers can exploit it by luring targets to booby-trapped websites or by tricking a target into opening a malicious file.
There are no indications at the moment that the vulnerability is being actively exploited in the wild. Still, the unscheduled issuance on Monday is an indication that the chances of exploitation are high enough to merit installation as soon as possible.
Google joins chorus against infosec export controls proposal
Google has come out strongly against proposed new export control rules for exploits and software, arguing they could have a disastrous outcome and result in billions of users worldwide becoming less safe as security research is stymied. In a blog entry ...
Italian prosecutors have begun a criminal investigation of six former employees of the embattled company Hacking Team, according to a Reuters' report citing anonymous sources.
Hacking Team was hacked two weeks ago and had its data published all over the Internet. The leaked cache includes hundreds of gigabytes of company e-mails as well as some of its source code; the police allegedly suspect the involvement of former company insiders.
According to Reuters, the new criminal inquiry is in addition to the fact that the before the hack, several former employees were being privately accused of allegedly violating their contracts and using secrets to benefit competitors.
Microsoft just released a special out fo band security bulletin with a patch for a remote code execution vulnerability in Windows OpenType font drivers. The update replaces a patch released last week (MS15-077). Microsoft rates the vulnerability critical for all currently supported versions of Windows. Microsoft says in its bulletin, that it had information that the vulnerability was public, but had no indication that it was actively exploited. MS15-077">Critical: Anything that needs little to become interesting">Less Important patchesfor servers that donot useoutlook, MSIE, word etc. to do traditional office or leisure work.
Security firm Netragard has suspended its exploit acquisition program two weeks after it was found selling a potent piece of attackware to the Italian malware developer Hacking Team.
Netragard has long insisted that it sold exploits only to ethical people, companies, and governments. An e-mail sent in March and leaked by one or more people who compromised Hacking Team networks, however, showed Netragard CEO Adriel Desautels arranging the sale of an exploit that worked against fully patched versions of Adobe's Flash media player. Hacking Team in turn has sold surveillance and exploit software to a variety of repressive governments, including Egypt, Sudan, and Ethiopia.
"Our motivation for termination revolves around ethics, politics, and our primary business focus," Desautels wrote in a blog post published Friday. "The Hacking Team breach proved that we could not sufficiently vet the ethics and intentions of new buyers. Hacking Team unbeknownst to us until after their breach was clearly selling their technology to questionable parties, including but not limited to parties known for human rights violations."
by Sebastian Anthony
Ashley Madison, an online dating website that specifically targets people looking to have an affair, has been hacked by a group that calls itself Impact Team. A cache of data has been released by the Impact Team, including user profiles, company financial records, and "other proprietary information." The company's CEO, Noel Bilderman, confirmed with KrebsOnSecurity that they had been hacked, but did not speak about the extent of the breach.
The Impact Team claims to have a "complete set of profiles" from the Ashley Madison user database, though so far it appears to only have released a small number of them. The hackers seem to have taken umbrage at both the concept of the site—the site's slogan is "Life is short. Have an affair."—and also the site's "full delete" feature. Ashley Madison charges users $19 (£12) to completely erase their profile, but the hackers claim that the user's details aren't actually deleted.
Along with some user profiles, Impact Team also released some internal network maps, employee details and salary information, and company bank account data.
Continuing my diary entries on Sysinternals tools with VirusTotal support, I" />
Sigcheck also supports VirusTotal searches. When you use option -v, the hash of the file will be submitted to VirusTotal. The first time you run it, youll have to accept VirusTotal" />
If a hash is not present in VirusTotal" />
As can be seen from this last screenshot, files without digital signature are also checked with VirusTotal.