Hacking

A flaw has been found on Intel chips and hackers can exploit that vulnerability to gain access to your computer using the operating system. So far hackers exploited the vulnerability on Windows 7 64bit, Free BSD, NetBSD and there is a big chance to be exploited also in OS X. Attackers can use the flaw to execute code on your system with kernel privileges. AMD processors do not have that flaw as they don’t use the buggy SYSRET instruction. Affected operating systems are aware of that and they are preparing a fix, some of them were even pushed an update so there is a big chance that your system is safe (if your OS is up to date).

Part of LinkedIn database was leaked and millions of (encrypted) passwords are now in the hands of hackers with potential malicious use. Even though encryption is strong this doesn’t mean your password is safe. They can find your password with a brute force attack and they will do it because they are not cracking one password which might not be worth the time but they can crack millions of passwords simultaneously. It is a matter of time until they crack the passwords and the best protection now is to change your password so even if they find which was the password it will now be different and don’t be able to access your account. If you don’t change the password and your account is hijacked then don’t complain about it because is your fault.

Iran has invested a lot in cyber capabilities, both offensive and defencive. They moved all government websites to local servers to protect them from attacks few months ago. Now they are hiring an army of hackers in order to become a cyber super power. According to rumors, they are building their arsenal and they will target US facilities like power grid and water systems. They will not attack just yet but they are being prepared for a future confrontation with the United States. One of the main reasons of Iran cyber decisions is the Stuxnet trojan and I can’t blame them. The soldiers of the future are hackers and the next war will most probably be electronic targeting valuable facilities.

Anonymous were using PasteBin as a tool to post and share information they acquired or exploits they found. PasteBin was their first choice until it decided to censor its content and comply with law enforcement requests. Anonymous decided to create their own, uncensored alternative called AnonPaste. The site is based on the open source project ZeroBin. AnonPaste server has no knowledge of the pasted data. Stored data is encrypted and decrypted by the browser with 256 bits AES encryption algorithm. Anyone can paste anything anonymously just by opening the site and paste your content. The only thing you set is the expiration limit with minimum 10 minutes and no maximum. The maximum is when the website is closed or decide otherwise but until then your pasted data will be there. If you want to share your information, now there is a secure way to do this.

As me mentioned in a previous post Flashback infected more than 600000 Macs. F-Secure released manual steps on how to remove the trojan from your computer. Now they have turned those steps into a tool that can check and remove the trojan for you automatically. On the other hand, Apple announced that they are working on a fix but until now there is no response. Maybe they are still working on it. Maybe they are still working on a Java vulnerability patch too. It seems that trojans and viruses are not Apple’s strong points. Visit the source link and download the Flashback removal tool, you can get rid of the trojan in 4 simple steps.

Several months ago I have written a post, with some history in it, about Mac and Trojan Horses. That post was about Flashback too (Flashback.C), a modification of the original Flashback. I bet that some Mac users didn’t get the memo or they still think that viruses and trojans are only for PC users. Today more than 600.000 Macs are infected with Flashback (original and variations), that’s a 6 followed by many zeros. Flashback.I spreads through infected sites exploiting Java vulnerabilities. When a user visits one of the infected sites a JavaScript loads a Java applet which infects user’s system. After Flashback is installed to a system, it injects malicious code into web browsers and other applications in order to gather user information and passwords.

Kaspersky experts were called to investigate Duqu and they discovered that its framework was written in a programming language they didn’t recognize. The mystery of the unknown programming language is solved. Duqu framework is (most likely) written in an custom object-oriented extension of the programming language C called “OO C”. That code it is compiled with Microsoft Visual Studio Compiler 2008 with some special options (“/O1″ and “/Ob1″) that optimizes the code size and the inline expansion. Despite the fact that it is a malicious software, the developers have done an excellent job and they make the life of security expert difficult.