SECURITY

Win32 Dorkbot

Discovered in 2011 the Win32/Dorkbot malware has spread to over a million Windows PCs worldwide. During the last six months alone it had been infecting over 100,000 machines a month. Microsoft announced on Wednesday they had teamed up to enact a coordinated malware eradication campaign to disrupt the botnet.

The malware has been spread via a number of routes including USB drives, IM clients, Social Networks, Email and Drive-by downloads. Its primary aim was to steal online user credentials and any information that can personally identify you. It is also able to install yet more malware to your PC from command and control servers.

Dell laptops are coming preloaded with a self-signed root digital certificate that lets attackers spy on traffic to any secure website.

The reports first surfaced on Reddit and were soon confirmed by other users and security experts on Twitter and blogs. The root certificate, which has the power of a certificate authority on the laptops it's installed on, comes bundled with its corresponding private key, making the situation worse.

With the private key, which is now available online, anyone can generate a certificate for any website that will be trusted by browsers such as Internet Explorer and Google Chrome that use the Windows certificate store on affected laptops. Security experts have already generated proof-of-concept certificates for *.google.com and bankofamerica.com.

android exploit

Hackers have discovered a critical exploit in Chrome for Android reportedly capable of compromising virtually every version of Android running the latest Chrome. Quihoo 360 researcher Guang Gong demonstrated the vulnerability to the PSN2OWN panel at the PacSec conference in Tokyo yesterday. While the inner workings of the exploit are still largely under wraps, we do know that it leverages JavaScript v8 to gain full administrative access to the victim's phone.

cryptowall

The CryptoWall ransomware has been updated to make it increasingly difficult for users to recover encrypted data.

The latest version of CryptoWall, version 4.0, will now alter the file names of data that it has encrypted to prevent victims from determining exactly what has been affected by the program. In addition, ransomware will now delete all system restore points upon its installation in an effort to ensure that data remains unrecoverable. If infected, the app will be accompanied by a message to victims, shown in the screenshot posted above, which states that they will be unable to recover their data unless they pay the ransom, and that any other attempt to recover data may result in irreversible loss.

secureislands

According to the report from Globes, Microsoft is planning to acquire Secure Islands, a data security startup in Israel for about $100 – $150 million. If it happens, it will be Microsoft’s 5th acquisition in Israel in past year alone. Just few months back, Microsoft acquired Adallom, an another Israeli security startup.

Page 3 of 8

Microsoft leads FBI & Interpol coalition to destroy million strong botnet

Dell installs self-signed root certificate on laptops, endangers users' privacy

New Android exploit can hack any handset in one shot

CryptoWall 4.0 ransomware gets nastier

Microsoft To Acquire Israeli Data Security Startup Secure Islands For About $100-$150 Million

TIPS & TRICKS ICT WORLD