Information Security News
Apple suspended the password-reset functionality for its iCloud and iTunes services following a published report that hackers could exploit it to hijack other people's accounts.
The password reset page stopped loading a few hours after The Verge reported there was an online tutorial that provided detailed instructions for taking unauthorized control of Apple accounts. The report didn't identify the website or the precise technique, except to say it involved "pasting in a modified URL while answering the DOB security question on Apple's iForgot page."
"It's a process just about anyone could manage, and The Verge has confirmed the glaring security hole firsthand," reporter Chris Welch wrote. "Out of security concerns, we will not be linking to the website in question."
by Jacqui Cheng
A day after Russian anti-virus firm Doctor Web highlighted an adware Mac trojan called "Yontoo," Apple has moved to block it. Confirmed by Intego, Apple has updated the definitions included in OS X's Xprotect.plist in order to detect the adware, meaning users don't need to run anything special in order to be protected.
"In testing, it appears this detection is very specific and potentially location-dependent," wrote Intego. "This extra specificity is likely there so as to catch only the surreptitious installations of this file."
As we wrote on Thursday, the Yontoo adware socially engineers users into installing it as a browser plugin. Once it's installed into Safari, Firefox, and Chrome, the plugin injects advertising into the websites you're visiting—including those that don't even normally show ads.
If you play EA's popular Battlefield Play4Free game on an older version of Windows, a pair of researchers say they can hijack your system by luring you to a booby-trapped website.
The proof-of-concept exploit, demonstrated last week at the Black Hat security conference in Amsterdam, allows attackers to surreptitiously execute malicious code on default systems running Windows XP or Windows 2003 that have the Play4Free title installed. There are close to 1 million players of the first-person shooter game, and about 39 percent of Windows users are still on XP.
The webpage used in the exploit opens the game on a victim's computer and instructs it to load a malicious "MOD" file used to customize game settings and features, according to a document the researchers published Friday. Using some nonstandard behavior of a programming interface version found only in older versions of Windows, the MOD file is able to upload a malicious batch file that will be executed the next time the computer is restarted. The technique is successful because it overrides a whitelist that's supposed to restrict the sites that are permitted to load the Play4Free game.
Posted by InfoSec News on Mar 21http://www.theregister.co.uk/2013/03/22/finland_scada_vulnerabilities/
Posted by InfoSec News on Mar 21http://www.wired.com/threatlevel/2013/03/logic-bomb-south-korea-attack/
Posted by InfoSec News on Mar 21http://healthitsecurity.com/2013/03/21/analyzing-foreign-health-data-breaches/
Posted by InfoSec News on Mar 21http://www.thesmokinggun.com/buster/hacking/john-doerr-hacked-by-guccifer-098742
Posted by InfoSec News on Mar 21https://www.computerworld.com/s/article/9237777/Defense_spokesman_says_DoD_not_dumping_BlackBerry