Current Events Archives - Page 3 of 4 - West Chester Computer Doctors

The breach of Target’s system can be traced back to an HVAC services provider that was given access to the network. With this information coming to light, awareness of third-party vendor vulnerabilities is at an all time high. Security consultant John H. Sawyer has a number of recommendations for protecting your business against the vulnerabilities that can arise by giving a trusted third-party access to your network.

He recommends that you should make sure your vendors have security polices that are “regularly reviewed, updated, and enforced”. There should also be a validation of effectiveness of these policies. These vendors should also only be given access to areas of the network that are absolutely needed, and no more. Once the access is no longer needed, it should be removed.

Remember that your business data is yours to protect. Even well-trusted vendors should be considered untrusted when given access to your network. It is your responsibility ti make sure all access to your data is secure at all times.

Tech Insight: How To Protect Against Attacks Via Your Third-Party Vendors- Dark Reading

Certain models of Samsung’s Galaxy line of phones and tablets have a back door exploit that leaves them vulnerable to attackers. Researchers from the Replicant Project, a group that builds alternative versions of Android, first went public with the notice of the exploit this Wednesday. They noted that the exploit was pertaining to the devices’ radio modems, which can sometimes be capable of executing Remote File System commands. This gives hackers access to the phone or tablet’s private files as well as the ability to remotely turn on the camera and microphone in the device. With access to the user’s personal information, it is possible for hackers to copy, edit, remove, or add files to the device.
Replicant’s researchers state that the problem could be resolved with a mere software patch. Samsung has yet to comment on the exploit or release a patch. The models known to be affected are: the Nexus S, the Galaxy S, the Galaxy S 2, the Galaxy Note, the Galaxy Nexus, the Galaxy Tablet 2 7.0, Galaxy Tab 2 10.1, Galaxy S 3, and Galaxy Note 2. It is possible that other models are affected as well.
Replicant claims that the exploit does not exist on their versions of Android.
Samsung Galaxy Security Alert: Android Backdoor Discovered- Information Week

Over 300,000 routers have been compromised and used to distribute spam and malware. The manufacturers of the vulnerable routers include D-Link, Micronet, Tenda, TP-Link, and others. The vulnerability allows hackers access to the DNS settings of the router under attack. The perpetrators have ultimately been traced to a company based in Serbia using two controlling servers based in London.
It is possible for victims of infected routers to have their banking and private information intercepted and collected by those in control of the DNS settings.
The reason these routers are vulnerable is that they have not installed already released patches. Some vulnerabilities that are being exploited are more than a year old. This is a good example of why it is important to keep devices updated with the most recent firmware and software updates available. All the hacks on these routers were preventable, but hackers were able to gain access to neglected routers.
Malware-Lobbing Hackers Seize 300,000 Routers- Information Week

Over 162,000 WordPress sites with pingback enabled were utilized to conduct a massive Distributed Denial of Service Attack (DDoS). A DDoS attack is when a website receives too many requests for it to handle at the same time, effectively shutting the site down. WordPress sites with pingback enabled were being exploited in order to conduct the attack. A pingback is when a WordPress site references another WordPress site. If both sites have pingback enabled, the reference will bounce back to the original source. This feature can be exploited to send pingbacks from thousands of WordPress sites to one particular site.
This is a well known vulnerability of WordPress, and the WordPress team will not be patching the issue anytime soon.

More Than 162,000 WordPress Sites Used for Distributed Denial of Service Attack- Sucuri Blog

A vulnerability in Internet Explorer 9 and 10 is being exploited more and more each day by hackers. They are exploiting this vulnerability in order to obtain banking information and other data from unknowing victims.
Originally discovered on February 13th, the exploit has been gaining momentum in the past two weeks. It allows a rogue script to run on a victim’s computer when they visit a compromised site. The list of compromised sites contains an eclectic group of sites, including a dating site and a language education site. When successful, the script manages to dispense a Trojan onto the victim’s computer that targets their banking data.
The particular vulnerability is in the way an Internet Explorer accesses the memory of objects that have been deleted. It allows an attack to execute code in the victim’s browser without their knowledge.
Microsoft has released one of their “Fix-It” programs to solve the problem, but have yet to release a patch trough Windows Update for a more permanent solution. If possible, it is recommended that users upgrade to Internet Explorer 11, which is not vulnerable to this type of attack.

IE zero-day exploit being used in widespread attacks- IT World