March 25, Securityweek – (International) Over 15,000 vulnerabilities detected in 2014: Secunia. Secunia released its annual vulnerability review and found that 15,435 vulnerabilities across 3,870 applications from 500 vendors were discovered in 2014, 11 percent of which were considered highly critical, while .3 percent were rated extremely critical. The report also states that over 60 percent of attacks occurred through remote networks, making it the most common attack vector, among other trends. Source
March 25, Help Net Security – (International) Half of all Android devices vulnerable to installer hijacking attacks. Security researchers at Palo Alto Networks discovered that a critical Android vulnerability discovered over a year ago and dubbed “Android Installer Hijacking” can allow attackers to completely compromise devices, by changing or replacing seemingly legitimate applications with malware during installation, without users’ knowledge. The flaw affects all devices running Android versions 4.2 and earlier, and some running version 4.3. Source
March 24, Softpedia – (International) Yebot backdoor built for wide range of malicious operations. Security researchers from Dr.Web discovered that a backdoor trojan dubbed Yebot can run file transfer protocol (FTP) and socket secure (SOCKS) 5 proxy servers, gain remote access to systems through a remote desktop protocol (RDP), capture keystrokes and screenshots, intercept system functions, change code of running processes, search for private keys, and intercept all features associated with Web browsing. The trojan infects computers by injecting code into four Microsoft Windows processes before downloading and decrypting its contents and running in memory. Source
March 24, Softpedia – (International) Leaked full version of NanoCore RAT used to target energy companies. Security researchers at Symantec identified that approximately 40 percent of systems infected by the widely-available NanoCore remote access trojan (RAT) delivered by a malicious rich text format (RTF) or Microsoft Word file that exploits an old vulnerability in Windows Common Controls ActiveX component since January 2014 were in the U.S., while cyber-criminals have been employing the malware in targeted attacks on energy companies in Asia and the Middle East since March 6. Source
March 24, Softpedia – (International) Over 22.5 million PUAs detected last month by antivirus vendor. Germany-based Avira reported that the company’s antivirus software detected over 22.5 million potentially unwanted applications (PUAs) and highlighted five as the most prevalent in February that could inject malicious code, request sensitive information from users, or extract information without their consent. Source
March 23, NJ.com – (International) Alleged hacker brought to N.J. on charges of large-scale identity theft. A Romanian national was extradited to the U.S. March 20 to face charges that he allegedly oversaw a large-scale computer hacking scheme in which he breached computer systems of retailers, medical offices, security companies, and individuals’ online accounts to obtain several thousand user names, passwords, and payment card numbers from 2011 – 2014, including 10,000 credit and debit cards from one victim alone. Source