April 16, Softpedia – (International) Current threat prevention systems are not enough protection for enterprises. Findings from a recent study in automated breach detection carried out by security researchers at Seculert revealed that gateway solutions at participating Fortune 2000 enterprises only blocked 87 percent of communications from compromised devices within their networks. The report also found that about 2 percent of devices in organizations were compromised by malware, while nearly 400,000 interactions that were generated went undetected, among other findings. Source
April 16, Softpedia – (International) Company employees not sufficiently trained to avoid phishing, study finds. A survey commissioned by Intel Security of 700 respondents in businesses across multiple continents revealed that 38 percent of information technology and security professionals believe vulnerability to social engineering is a significant factor in the success of attacks, and that threat actors’ use of multiple attack vectors, exploits, and payloads makes defending against attacks difficult, among other findings. Source
April 16, Help Net Security – (International) TeslaCrypt ransomware pushed by several exploit kits. Security researchers discovered that threat actors are distributing a new ransomware called TeslaCrypt via the Angler, Sweet Orange, and Nuclear exploit kits (EKs), which encrypts the typical assortment of file types along with those related to video games and game-related software, and iTunes-related files. Users have been targeted via redirects to compromised WordPress Web sites and hosts running vulnerable out-of-date Adobe Flash plugins. Source
April 15, IDG News Service – (International) AirDroid app fixes severe authentication vulnerability. AirDroid fixed a severe authentication software flaw in its Web interface affecting versions 3.0.4 and earlier, that could have allowed attackers to take over a device running the software by sending targets a malicious link over short message service (SMS) which exploit the app’s use of JavaScript Object Notation (JSONP) to request data from a server in a different domain. Source
April 15, Softpedia – (International) Victim of cyber-attack replies with own backdoor. Security researchers at Kaspersky Lab reported that it observed two cyberespionage advanced persistent threat (APT) groups called Hellsing and Naikon engage in deliberate APT-on-APT attacks through spear-phishing emails containing custom malware, signaling a potential new trend. Hellsing was previously linked to other APT groups and the group has targeted diplomatic organizations in the U.S. Source
April 15, Help Net Security – (International) Adobe fixes Flash Player zero-day exploited in the wild. Adobe released a new version of Flash Player for Windows, Macintosh, and Linux that addresses 22 critical vulnerabilities, including one that is exploited in the wild and could lead to code execution and an attacker taking control of the affected system. A security bypass vulnerability that could lead to information disclosure and memory leak flaws that could be leveraged to bypass address space layout randomization (ALSR) also received fixes. Source
April 15, Computerworld – (International) With latest patches, Oracle signals no more free updates for Java 7. Oracle released patches addressing 14 vulnerabilities in Java as part of a 98 security-issue fix that covered multiple product lines and marked the end of free Java 7 updates. Three of the Java vulnerabilities were high severity and could be exploited over networks without authentication and could lead to a complete compromise of affected systems’ confidentiality and integrity, and 12 others could be exploited from the Web through the Java browser plug-in. Source
April 15, Securityweek – (International) Google fixes 45 security flaws with release of Chrome 42. Google released Chrome 42 for Windows, Mac, and Linux, which included fixes for 45 security issues, including a cross-origin bypass flaw in the HTML parser, a type confusion in V8, a use-after-free vulnerability in inter-process communication (IPC), and an out-of-bounds write bug in the Skia graphics engine, among others. The update also removed support for the Netscape Plugin Application Programming Interface (NPAPI). Source
April 14, Network World – (International) Microsoft Patch Tuesday April 2015 closes 0-day holes: 4 of 11 patches rated critical. Microsoft released 11 security bulletins that address 26 vulnerabilities, including critical remote code execution (RCE) flaws in Microsoft Office, a critical RCE vulnerability in HTTP.sys that could allow an attacker to use a malicious HTTP request to Windows Server to gain full remote control of a system, and 9 critical security holes in Internet Explorer, among others. Source
April 14, IDG News Service – (International) Web app attacks, PoS intrusions and cyberespionage leading causes of data breaches. Findings from Verizon’s recently released annual Data Breach Investigations Report revealed that the top industries affected by data breaches in the last year were public administration, financial services, manufacturing, accommodations, and retail, and that over two-thirds of cyberespionage incidents since 2013 involved phishing attacks. The report also determined that banking information and credentials were the most common records stolen, among other findings. Source
April 14, Threatpost – (International) Apple fixes cookie access vulnerability in safari on billions of devices. A recent Apple update patched a cookie cross-domain vulnerability in all versions of the Safari Web browser on iOS, OS X, and Windows, that affected up to 1 billion devices, and was a result of the way Safari handled its file transfer protocol (FTP) uniform resource locator (URL) scheme, which could allow attackers to call upon documents to access and modify cookies belonging to Apple.com via JavaScript (JS). The update also patched a proxy manipulation vulnerability in iOS and multiple kernel vulnerabilities in OS X. Source