Information Security News, IT Security News & Expert Insights: SecurityWeek.Com. India Cracks Down on Internet Over Migrant Exodus. India has demanded social networking websites take down provocative messages and blocked some online content after anonymous threats sparked an exodus of migrants from southern cities.
OWASP India Practical Social Engineering Attacks. Facebook Spam: WhatsApp Imposter App Reportedly Phishing Users’ Data. Managed Services Growth About Security, Not Compliance – Dark Reading. Phishing for a Pay Day. Retina identifies systems that still have this vulnerability unpatched & provides visibility to known exploits for remediation prioritization.
Nigeria NIPP Boss Canvasses Protection of Electricity Infrastructure. Mac malware Crisis can spread to different environments. Nearly a month ago a number of security companies have analyzed a new Mac Trojan that opens a backdoor into the affected computer and spies on the user by monitoring mouse coordinates, instant messenger apps, the built-in webcam and microphone, clipboard contents, pressed keys, calendar data and alerts, address book contents, URLs visited by the user, and other things.
The malware - dubbed Crisis or Morcut - was not spotted in the wild, but received by the security researcher from VirusTotal in the form of a JAR file, the analysis of which revealed that it contained a .class file named WebEnhancer, and two installers - one for Windows and the other for OS X. Symantec's researchers have continued analyzing the file, and have recently discovered that the Windows version of the threat uses three methods to spread itself: to a removable disk drive, to a VMware virtual machine, and to a Windows Mobile device. India caught in crossfire of global cyber war – Times of India. V3.co.ukIndia caught in crossfire of global cyber warTimes of IndiaThere is a cyber war going on between Iran and a few other countries.
And India has been caught in the crossfire. Responses to the insider threat. Future PLC. EA investing ‘a lot of resources’ to prevent FIFA 13 hacking – Computerandvideogames.com. EA investing ‘a lot of resources’ to prevent FIFA 13 hackingComputerandvideogames.com”There’s a lot of sophisticated hacking happening in the gaming industry and it’s a continuous battle,” he said.
See on www.computerandvideogames.com. Global Financial Network. Saudi Aramco confirms serious hacking [Computer News Middle East] – Equities.com. Apache HTTP Server 2.4.3 fixes security issues. Posted on 21 August 2012.
The Apache Software Foundation and the Apache HTTP Server Project released version 2.4.3 of the Apache HTTP Server. This version of Apache is the 3rd GA release of the new generation 2.4.x branch of Apache HTTPD and represents fifteen years of innovation by the project, and is recommended over all previous releases. This version of Apache is principally a security and bug fix release, including the following 2 security fixes: SECURITY: CVE-2012-3502 mod_proxy_ajp, mod_proxy_http: Fix an issue in back end connection closing which could lead to privacy issues due to a response mixup. PR 53727. SECURITY: CVE-2012-2687 mod_negotiation: Escape filenames in variant list to prevent a possible XSS for a site where untrusted users can upload files to a location with MultiViews enabled.
Israeli firms targeted by cyber extortionists. Posted on 21 August 2012.
While Iranian systems seem mostly targeted with state-sponsored espionage malware, Israeli businesses and financial institutions mostly fear cyber extortionists. According to Haaretz' Tamir Cohen, there has recently been a wave of successful extortion attempts. But not all the attackers manage to breach their targets' internal systems - or need to, it seems. It is often enough to compromise an employee's cell phone, extract a sensitive file and send it in as a proof of breach. And while the companies do employ private security firms to investigate the matter, they often decide to pay for the attackers' silence by buying security software that is otherwise free or paying for "security consulting services". The reason behind this unexpected situation resolution tactic can be traced back to a number of factors. But even that is no guarantee, says an expert, as there is no good defense system that has proven itself, especially because of the BYOD movement.