Information Security News
Researchers scouring the official Google Play market have unearthed more Android apps that surreptitiously abuse end-user devices to carry out the computationally intensive process of mining Bitcoins.
The malware, dubbed "BadLepricon" by its creators, was stowed away inside
six five separate wallpaper apps that had from 100 to 500 downloads each, according to a blog post published Thursday by researchers from Lookout, an anti-malware provider for smartphones. Google employees promptly removed the offending apps once Lookout reported them. It's at least the second time in a month that third-party researchers have discovered cryptocurrency-mining apps available for download on Google servers. Four weeks ago, researchers from Trend Micro reported they found two apps downloaded one million to five million times that mined the Litecoin and Dogecoin cryptocurrencies without explicitly informing end users.
"These apps did fulfill their advertised purpose in that they provided live wallpaper apps, which vary in theme from anime girls to 'epic smoke' to attractive men," Meghan Kelly, a Lookout security communications manager, wrote in Thursday's blog post. "However, without alerting you in the terms of service, BadLepricon enters into an infinite loop where—every five seconds—it checks the battery level, connectivity, and whether the phone’s display was on."
Thanks to Gebhard for letting us know about a new vulnerability in Apache Struts.
If you recall the classloader vulnerability of few months ago, the fix for that seems to be case and punctuation sensitive (using  instead of "." was not accounted for)
In any case, they have posted a mitigation how-to here: http://struts.apache.org/announce.html#a20140424
This affects all versions up to 18.104.22.168
Find more information on this here:
(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Infosec and healthcare: Prescribing the right tablets
Infosec and healthcare: Prescribing the right tablets. 24 April 2014 • By Joanne Frearson. Information security is a fundamental part of the healthcare research industry. Joanne Frearson talks to Sarah Lawson, head of IT at one of Oxford University's ...
by Sean Gallagher
Hector Xavier Monsegur, the hacker known as “Sabu,” became a confidential FBI informant following his 2011 arrest. But he continued to direct other hackers to attack more than 2,000 Internet domains in 2012, including sites operated by the Iranian, Syrian, and Brazilian governments.
Based on documents obtained by the New York Times, those attacks were carried out with the knowledge of the FBI agents supervising Monsegur. The Times report suggests that the data obtained in the attacks—including information on Syrian government sites—was passed to US intelligence agencies by the FBI.
The attacks, which were carried out by hacker Jeremy “Anarchos” Hammond and others, targeted sites that ran on servers managed by Plesk, a commonly used “control panel” application for shared Web hosting services. In a prison interview, Hammond—who participated in the hacking of Stratfor Global Intelligence and was later arrested based on information provided by Monsegur—told the Times that he and Monsegur had learned of a vulnerability in Plesk from another hacker. Monsegur then began feeding Hammond a list of foreign websites to attempt to exploit using the bug.
The important role OpenSSL plays in securing the Internet has never been matched by the financial resources devoted to maintaining it.
The open source cryptographic software library secures hundreds of thousands of Web servers and many products sold by multi-billion-dollar companies, but it operates on a shoestring budget. OpenSSL Software Foundation President Steve Marquess wrote in a blog post last week that OpenSSL typically receives about $2,000 in donations a year and has just one employee who works full time on the open source code.Given that, perhaps we shouldn’t be surprised by the existence of Heartbleed, a security flaw in OpenSSL that can expose user passwords and the private encryption keys needed to protect websites.
OpenSSL’s bare-bones operations are in stark contrast to some other open source projects that receive sponsorship from corporations relying on their code. Chief among them is probably the Linux operating system kernel, which has a foundation with multiple employees and funding from HP, IBM, Red Hat, Intel, Oracle, Google, Cisco, and many other companies. Workers at some of these firms spend large amounts of their employers’ time writing code for the Linux kernel, benefiting everyone who uses it.
=============== Rob VandenBrink Metafore(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Posted by InfoSec News on Apr 24http://www.csoonline.com/article/2146363/security-leadership/self-taught-hackers-rule.html
Posted by InfoSec News on Apr 24http://www.nytimes.com/2014/04/24/world/fbi-informant-is-tied-to-cyberattacks-abroad.html
Posted by InfoSec News on Apr 24http://complex.foreignpolicy.com/posts/2014/04/22/it_s_not_beijing_s_hackers_you_should_be_worried_about_it_s_moscow_s
Posted by InfoSec News on Apr 24http://arstechnica.com/security/2014/04/bug-can-cause-deadly-failures-when-anesthesia-device-is-connected-to-cell-phones/
Posted by InfoSec News on Apr 24http://www.healthcareitnews.com/news/stolen-laptops-mean-2m-mega-fines