THE CURRENT NEWS OF HACKING WORLD

Facebook is moving a step ahead from others and making its social media service as an information sharing platform in serious situations as well. The social networking giant has announced a new tool, which lets users notify their family and friends that they are safe during or after natural disasters. 
As part of monthly patch update, Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw reportedly being exploited by Russian hackers to target NATO computers and a pair of zero-day Windows vulnerabilities that attackers have been exploiting to penetrate major corporations' networks.

Just a day before yesterday, our team reported you about a Zero-day vulnerability discovered by the cyber intelligence firm iSight Partners affecting all supported versions of Microsoft Windows and is being exploited in a five-year old cyber-espionage campaign against the Ukrainian government and U.S organisations.

Researchers at FireEye found two zero-day flaws, used in separate, unrelated attacks involving exploitation of Windows kernel, just a day after iSight partners disclosed zero-day in Windows. The pair of zero-day vulnerabilities could allow an attacker to access a victim's entire system.
According to the researchers at FireEye, the two of three so-called zero-day flaws are being actively exploited in the wild by hackers and are being used as "part of limited, targeted attacks against some major corporations."

Microsoft updates for the month of October 2014 Patch Tuesday address several vulnerabilities in all currently supported versions of Windows, Internet Explorer, Office, Sharepoint Server and the .Net framework. Three of the bulletins are marked "critical" and rest are "important" in severity. Systems administrators are recommended to apply the patches immediately for the critical updates.

The zero-day flaw (CVE-2014-4114) discovered by iSight partners in all supported versions of Microsoft Windows and Windows Server 2008 and 2012 that is being exploited in the "Sandworm" cyberattack, are patched as part of MS14-060. Microsoft rated Bulletin MS14-060 as important rather than critical because it requires a user to open a Microsoft Office file to initiate the remote code execution.
"The vulnerability [exists in Windows OLE] could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object," Microsoft warned in its bulletin. "An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user." (OLE is Microsoft technology for creating complex documents that contain a combination of text, sound, video and other elements.)
However, the two zero-days discovered by FireEye are patched as part of MS14-058 and are marked critical. They are designated CVE-2014-4148 and CVE-2014-4113.
"We have no evidence of these exploits being used by the same actors. Instead, we have only observed each exploit being used separately, in unrelated attacks,FireEye explained.
CVE-2014-4148 exploits a vulnerability in TrueType Font (TTF) processing. TTF processing is performed in kernel mode as part of the GDI and has been the source of critical vulnerabilities in the past as well.

The vulnerability affects Windows 8.1/Windows Server 2012 R2, Windows 8/Windows Server 2012, Windows 7/Windows Server 2008 R2 (Service Pack 0 and 1) and Windows XP Service Pack 3. It affects both 32-bit and 64-bit versions of the Operating System, but the attacks have only been observed against 32-bit systems.

However, CVE-2014-4113 is a local Elevation of Privilege (EoP) vulnerability that affects all versions of Windows including Windows 7, Vista, XP, Windows 2000, Windows Server 2003/R2, Windows Server 2008/R2, Windows 8.x and Windows Server 2012/R2.

Out of remaining bulletins, two are rated critical, both address remote code execution vulnerability in Internet Explorer and Microsoft .NET Framework respectively. Remaining bulletins are rated important in severity, include elevation of privilege bugs, Security Feature Bypass, and a remote code execution flaw.
Internet users have faced a number of major privacy breaches in last two months. Major in the list are The FappeningThe Snappening and now the latest privacy breach in Dropbox security has gained everybody’s attention across the world.

Dropbox, the popular online locker service, appears to have been hacked by an unnamed hacker group. It is still unclear how the account details of so many users were accessed and, indeed, if they are actually legitimate or not. However, the group claims to have accessed details from nearly 7 million individual accounts and are threatening to release users’ photos, videos and other files.

HACKERS CLAIMED TO RELEASE 7 MILLION USERS’ PERSONAL DATA
A thread surfaced on Reddit today that include links to files containing hundreds of usernames and passwords for Dropbox accounts in plain text. Also a series of posts with hundreds of alleged usernames and passwords for Dropbox accounts have been made to Pastebin, an anonymous information-sharing site.
Hackers have already leaked about 400 accounts by posting login credentials, all starting with the letter B, and labelled it as a "first teaser...just to get things going". The perpetrators are also promising to release more more password details if they're paid a Bitcoin ransom.
"More Bitcoin = more accounts published on Pastebin. As more BTC is donated, More pastebin pastes will appear."
The security breach in Dropbox would definitely have bothered its millions of users and since passwords are involved in this incident, so it has more frightening consequences on its users. Reddit users have tested some of the leaked username and password combinations and confirmed that at least some of them work.

DROPBOX DENIED THE HACK - THIRD PARTY IS RESPONSIBLE
However, Dropbox has denied it has been hacked, saying the passwords were stolen apparently from third-party services that users allowed to access their accounts. In a statement to The Next Web, Dropbox said:
"Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have expired as well."
The incident came just few days after the Snappening incident in which the personal images of as much as100,000 Snapchat users were leaked online, which was the result of a security breach in the its third-party app.

Snapchat has denied that its service or server was ever compromised, but the servers of a third-party app designed to save Snapchat photos, which became the target for hackers to obtain personal photographs.

DROPBOX - "HOSTILE TO PRIVACY" SAYS SNOWDEN
Dropbox was in the news earlier this week when, in a recent interview with The Guardian, NSA whistleblowerEdward Snowden called Dropbox a "targeted, wannabe PRISM partner" that is "very hostile to privacy" — referring to its ability to access your data itself, which is yet another security consideration when it comes to web services.

Snowden suggested web users to stop using Dropbox and warned them that the cloud storage service does not safeguard users’ privacy because it holds encryption keys and can therefore be forced by governments to hand over the personal data they store on its servers. He suggested people to use an alternative cloud storage provider that do not store any encryption keys, so that the users’ data cannot be read by anyone.
USERS ARE ADVISED TO CHANGE PASSWORDS
Until the full scope of the problem is known, it’s probably worthwhile changing your password. But whether the attack is confirmed or not, it’s a good idea to change your password just to be on a safer side — especially for those users who use same password for multiple services.

Users are also recommended to turn on two-factor authentication, which Dropbox now supports and install a time-based, one-time password app on a mobile device.

Update: Dropbox has issued a statement on its blog further clarifying that the Dropbox passwords were stolen from "unrelated services."
"The usernames and passwords...were stolen from unrelated services, not Dropbox," the company said in a blog post. "Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place that detect suspicious login activity and we automatically reset passwords when it happens."
"Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on your account."

Comments

Post a Comment

Popular posts from this blog

Image
Chrome Flaw Allows Sites to Secretly Record Audio/Video Without Indication What if your laptop is listening to everything that is being said during your phone calls or other people near your laptop and even recording video of your surrounding without your knowledge? Sounds really scary! Isn't it? But this scenario is not only possible but is hell easy to accomplish. A UX design flaw in the Google's Chrome browser could allow malicious websites to record audio or video without alerting the user or giving any visual indication that the user is being spied on. AOL developer Ran Bar-Zik  reported  the vulnerability to Google on April 10, 2017, but the tech giant declined to consider this vulnerability a valid security issue, which means that there is no official patch on the way. How Browsers Works With Camera & Microphone Before jumping onto vulnerability details, you first need to know that web browser based audio-video communication relies on WebR...
Read more
Image
This tutorial will walk you through a step by step guide to crack WPA2 and WPA secured wireless networks. Please note that this is not the Reaver attack. If you want to crack WPA/WPA2 using Reaver then read this post. The process is done by airmon-ng suite. Many steps are same for WEP cracking and WPA/WPA2 too. What You’ll Need For this you will require all the basic things like a computer, spare time, etc. But important things are as follows: BackTrack OS.  Backtrack is a bootable Linux distribution with lots of pen-testing tools and is almost needed for all my tutorials. So, if you have not installed it please read this article on  how to install it. A compatible wireless network adapter.  If you are live booting BackTrack then the internal adapter will work but I recommend an external wireless adapter. Let’s Get Started Step 1:Boot into BackTrack You can use any method to boot into backtrack; like from live cd, VMware, dual boot, etc. So, just boot it fi...
Read more
The tool, named " Safety Check, " will soon be available globally to over 1.32 billion Facebook users on Android, iOS, feature phones and the desktops. The tool is designed to be activated after a natural disaster and by using either the city you lived in or your last location - if you have checked in on “ Nearby Friends ”, it let’s you alert your friends and family that you are safe, while also tracking the status of others. “ In times of disaster or crisis, people turn to Facebook to check on loved ones and get updates, ” wrote the company in a  blog post  about the feature. “ It is in these moments that communication is most critical both for people in the affected areas and for their friends and families anxious for news. ” According to Facebook, this new move is in sake of 2011 earthquake and tsunami disaster took place in Japan when a deadly tsunami set off 30-foot tidal waves that crashed into the shores of Japan, flooding entire cities and damaging nuclear po...
Read more