Voat is being kicked by a botnet right now.

Reddit-rival, Voat announced today that it is currently being hit in a DDoS (Distributed Denial of Service) attack by hackers unknown.  For those who are unfamiliar with the sites; both Reddit and Voat act, in essence, as online bulletin boards.  Users can post images, text and direct links, which are then voted up or down to determine their position on the board.  The main selling point of Voat is that, unlike its Reddit counterpart, in it maintains no censorship. 

The Swiss company posted on Twitter at midnight this morning that it is being hit by an ongoing “layer 7 DDoS attack”, adding on its website that this is the indirect reason for the halt in functionality of most of third party apps for Voat. 

They have “bumped up CloudFlare security settings...in order to keep Voat at least somewhat responsive”.  Unfortunately this “essentially breaks most Voat third party apps currently on the market.”  They ended with the question “What doesn't kill you - makes you stronger, right?". 

Currently the website is loading temperamentally; however some users still see the message "Voat is being kicked by a botnet right now.”  

Read the original articles here:  

http://uk.businessinsider.com/reddit-rival-voat-attacked-by-hackers-2015-7?

http://www.ibtimes.co.uk/reddit-alternative-voat-knocked-offline-by-ddos-cyberattack-1510581

Cybercriminals exploit Flash zero-day flaw

Last Tuesday Adobe Systems released a patch for the Flash Player vulnerability, CVE-2015-3113.  However just four days later a malware researcher, who goes by Kafeine, spotted the Magnitude exploit kit being used for a drive-by download attack, exploiting the vulnerability. 

The Common Vulnerabilities and Exposures database tracked the flaw known as CVE-2015-3113.  It turns out that CVE-2015-3113 had zero-day status and had been targeted for several weeks by a China-based cyberespionage group prior to the patch being released.  These attacks were targeted against organisations in a broad range of industries from aerospace, defence and technology to construction, transportation, engineering and telecommunications. 

The goal of the exploiters is to compromise sophisticated defence systems and to remain undetected for as long as possible.  For this reason it is not uncommon for Flash Player and other popular applications to be targeted in zero-day exploits. 

Despite this, incidents of non-selective, widespread attacks using zero-day exploits are uncommon; predominantly due to the value of zero-day vulnerabilities to the attackers.  Financially it is not sensible for such brash campaigns to be used as this draws attention to the vulnerability and makes it more likely for it to be discovered and patched quickly. 

Instead the exploiters usually prefer to integrate their exploits into already patched vulnerabilities, working on the principle that many users will not install patches speedily enough.  The creators of these exploit kits, however, are dramatically reducing the time they need to incorporate the attack.  As such, users are being left with a much shorter time frame to deploy the patch in before the exploits are integrated.  In the case of the CVE-2015-3113 vulnerability this was only 4 days.  This causes issues in organisations who typically install updates in schedules often separated by more than a week. 

Another Flash Player exploit occurred earlier this year by the Nuclear EK exploit kit.  This was integrated a mere week after the patch was released.  A decreasing trend in patch window size is emerging. 

Currently the Magnitude attacks on the CVE-2015-3113 vulnerability install the Cryptowall ransomware, if successful.  This could be changed at any time by the attackers.  

Hackers can use Blu-Ray discs to breach networks.

An innocent-looking Blu-ray disc can be used by malicious actors to get a foothold in a targeted network, a researcher has warned.

According to Stephen Tomkinson of the NCC Group, both hardware and software Blu-ray players are plagued by vulnerabilities that can be leveraged to execute arbitrary files stored on the disc.

The advanced features provided by Blu-ray discs, such as dynamic menus and Web access, are built using BD-J (Blu-ray Disc Java). The specification is used to create interfaces and embedded applications called Xlets. Xlets are similar to Java applets, but they are specially designed for digital TV environments.

Xlets run in a Java VM and they use the SecurityManager class to implement security policies. Tomkinson noted that, in general, these security policies prevent discs from accessing elements outside of the virtual file system and prevent interaction with the underlying operating system.

In his tests, Tomkinson targeted PowerDVD, a popular Blu-ray player application developed by CyberLink. The researcher has found a way to disable the SecurityManager developed by CyberLink and gain access to methods that can be used to launch arbitrary executable files stored on the disc.

On systems where PowerDVD is installed, Blu-ray discs are automatically played with the application, which enables attackers to bypass autorun attack mitigations in Windows, the expert said.

As for physical Blu-ray players, the researcher used an exploit previously developed by Malcolm Stagg to get a shell on the device. From there, Tomkinson managed to come up with a way to execute arbitrary files located on the disc.

Both software and physical players can be targeted with a single disc, the researcher said. An attacker can create a disc that detects the player type and executes a malicious file specific to that platform. In order to avoid raising suspicion, a legitimate video file can be played right after the malicious files are launched.

“[The malicious] executables could be used by an attacker to provide a tunnel into the target network or to exfiltrate sensitive files, for example,” Tomkinson explained in a blog post.

The researcher has pointed out that in the case of physical Blu-ray players, an attacker needs to ensure that the device doesn’t go to sleep after the victim has stopped viewing the video. This can be achieved by intercepting the power off request and by switching off the power LED in order to avoid raising suspicion.

In an attack targeted at a corporate network, if the player is configured for Wi-Fi access, malicious actors can easily obtain Wi-Fi settings because the information is stored on the device unencrypted.

The NCC Group says it’s working with affected vendors to get the vulnerabilities fixed, but “with varying degrees of success.” Until the vulnerabilities are addressed, Tomkinson advises users not to utilize discs from untrusted sources, and disable the autoplay feature. In the case of hardware players, they should not be connected to the network or the Internet unless necessary.

Using removable media to distribute malware is not unheard of. The Equation Group, an entity that is believed to have ties to the NSA, reportedly replaced CD-ROMs sent out by the organizers of a scientific conference with ones containing malware.

(Article Taken from SC Magazine)

Hackers Steal $1bn from Banks.

British banks are thought to have lost tens of millions of pounds after a gang of Russian based hackers spent the last two years orchestrating the largest cybercrime ever uncovered.

As much as £650 million is thought to have gone missing after the gang used computer viruses to infect networks in more than 100 financial institutions worldwide.

The hackers managed to infiltrate the bank’s internal computer systems using malware, which lurked in the networks for months, gathering information and feeding it back to the gang.

The illegal software was so sophisticated that it allowed the criminals to view video feeds from within supposedly secure offices as they gathered the data they needed to steal.

Once they were ready to strike, they were able to impersonate bank staff online in order to transfer millions of pounds into dummy accounts.

While the criminals behind the audacious electronic raid are thought to be based in Russia, the scale of their crime was truly global with banks in Japan, China, the United States and throughout Europe having been hit.

The scale of the losses by UK based financial institutions has not yet been disclosed, but is thought to run into tens of millions of pounds.

The scam was uncovered by the Russian cybersecurity firm, Kaspersky Lab, which was called in to investigate after a cash machine in Ukraine was found to have been spitting out money at random times.

As investigators began to look into the problem they were staggered by the scale of the crime they uncovered.

A spokesman for Kaspersky Lab said: “The plot marks the beginning of a new stage in the evolution of cybercriminal activity, where malicious users steal money directly from banks, and avoid targeting end users.”

Despite the fact the plot has been uncovered, it is feared that banks may still find themselves falling victim as once installed the malware can operate almost independently and is extremely difficult to identify.

The cybercriminals would gain entry to an employee’s system through a process called spear phishing, where they would send an email which appeared to come from a trusted source.

Once the email was opened, the malware would infect their system allowing the hacker to jump into the bank’s network.

They would then gain access to an administrator’s computer providing video surveillance of everything on in the office.

They were able to monitor the screens of staff that serviced the cash transfer systems and after watching how they operated were able to mimic the process needed to move money around.

It is thought the largest sums stolen were taken in bold electronic raids, where hackers would break into computer system and transfer tens of millions of pounds in one go.

On average, each bank robbery took between two and four months, from infecting the first computer at the bank’s corporate network to making off with the stolen money.

Another method used was where the criminals would gain access to someone’s account and inflate the balance many times over.

They would then withdraw the amount they had increased it by and the person would never suspect because their original balance remained the same.

Sergey Golovanov of Kaspersky Lab said: “These bank heists were surprising because it made no difference to the criminals what software the banks were using.

“So even if its software is unique, a bank cannot get complacent. The attackers didn’t even need to hack into the banks’ services. Once they got into the network, they learned how to hide their malicious plot behind legitimate actions. It was a very slick and professional cyber-robbery.”

(Article taken from www.telegraph.co.uk)

DDoS Attacks On Sony and Microsoft are just the beginning...

Sony's online PlayStation store was inaccessible to users for a short time on the 8th of December in the latest possible cyberattack on the electronics and entertainment company.

Sony Computer Entertainment in Tokyo said the problem lasted two hours before it was fixed globally. It said the cause is under investigation, but there is no sign of any material being stolen.

The previous week, the computer systems of Sony Pictures Entertainment were disrupted by a cyberattack and confidential information including unreleased movies was leaked on the Internet.

North Korea was among the suspects, but it has denied responsibility.

The FBI is investigating threatening emails sent to some employees of Sony Pictures Entertainment, and is trying to identify the person or group responsible.

There was no indication of a link between the PlayStation and Sony Pictures incidents.

A hacker group calling itself Lizard Squad appeared to take responsibility for the attack on its Twitter account, tweeting "PSN Login #offline."

Earlier this year, Lizard Squad warned that explosives might be on a flight that included a Sony executive among its passengers, and claimed responsibility for a disruption to the PlayStation network. American Airlines diverted the domestic US flight to a nearby airport.

In that incident, hackers orchestrated a so-called denial-of-service attack against Sony, which involved overwhelming the company's game network with fake visits so that legitimate users couldn't get through.

In 2011, hackers compromised the company's network including the personal data of 77 million user accounts. Since then, the company has repeatedly said its computer security has been upgraded.

A Denial-Of-Service attack (DDoS) attack is  Form of electronic attack involving multiple computers, which send repeated HTTP requests or pings to a server to load it down and render it inaccessible for a period of time.

Protection from these attacks is difficult because, as one expert put it: "DDoS is...simple, cheap, unsophisticated, and effective." 

Because of this simplicity, attacks could come from anywhere at anytime. If attacked, "folks that don't take active measures to ensure the resilience of their networks are going to get knocked over," said another expert. "They need to do everything they can to increase resiliency and availability." Accordingly, he recommends implementing "all of the industry best and current practices for their network infrastructure, as well as applications, critical supporting services, including DNS."

The Worst Of Shellshock Might Have Already Passed...

Shellshock is continuing to make waves in the digital world, but if new research is any indication, scans for the bug seem to be slowing down and attacks might have already peaked.

Attacks on domains reached its height in the days following the bug's disclosure on Sept. 24. One study by Akamai researchers found that targeted domain attacks reached a high of 8,021 only three days later. The following day, Sept. 28, those domain attacks were cut nearly in half, dropping to 4,576.

Michael Smith, CSIRT director at Akamai, attributes the drop to users scanning their own systems immediately after finding out about the bug. The tapering off could be indicative of more effective patching, or a clear assessment of affected devices already being performed. However, Smith wasn't completely sure this was the case.

“But it [the drop] also reminds me that correlation is not causation,” Smith said in an interview with SCMagazine.com. “Although it indicates that might be what's happening.”

The same was also seen in the unique payload attacks per day. On Sept. 27, the number peaked at 20,753. A day later, it was down to 15,071.

For attackers, Bash bug might have initially seemed to open up a new playing ground to explore post-Heartbleed, but in reality, vulnerable systems are difficult to find in the wild.

“It's more difficult to exploit the bash bug, but if you're successful, it can be more severe,” said Ben Feinstein, director of operation and development for the Dell SecureWorks Counter Threat Unit, in an interview with SCMagazine.com

If an exploitable device is found, attackers can execute commands, whereas with Heartbleed, a successful attack could turn over information, such as passwords or encryption keys, wrote Dennis Dwyer, senior security researcher for the Counter Threat research team, in an email correspondence with SCMagazine.com. Attackers can use recycled script, for instance, but ultimately, finding those devices proves difficult. This could become an attack deterrent.

Still, compared to Heartbleed, the level of expertise required to exploit Bash is significantly less, which could make it attractive to attackers. Some experts expect the attacks might dwindle, though.

“Potentially, people have completed their scans and learned what they wanted to learn,” Dwyer said. “There will always be threat actors out there exploiting the Bash vulnerability, and it will slowly taper off over time.”

(Article taken from SC Magazine)

BadUSB - The Security Weakness of Your USB

The seriousness of a USB security weakness, which could potentially allow hackers to reprogram USB drives, has been ratcheted up a notch, with the release of prototype code.

Researchers Karsten Nohl and Jakob Lell, from German security skunkworks SR Labs, demonstrated how it might be possible to reprogram the firmware within some flash drives with malicious code at the Black Hat conference in Las Vegas, back in July. They dubbed the attack BadUSB.

Then just last week, Adam Caudill and Brandon Wilson went one step further during a talk at the DerbyCon hacker conference in Louisville, Kentucky, by not only demonstrating the flaw but also publishing proof of concept code on Github. The move was designed to push USB makers into formulating a fix.

The release of the prototype code that accompanied Caudill and Wilson's Making BadUSB Work For You talk is controversial, as Nohl previously described BadUSB as practically unmatchable. Caudill argues that the security community and manufacturers need to know exactly how bad the problem is, and what form it takes, in order to build defences.

We believe all of this should be public, Caudill told DerbyCon delegates Wired reports. "It shouldn’t be held back. So we’re releasing everything we’ve got."

"This was largely inspired by the fact that [SR Labs] didn’t release their material. If you’re going to prove that there’s a flaw, you need to release the material so people can defend against it," he added.

Both pieces of research came from reverse engineered USB firmware. The threat of malicious USB thumb drives more generally has been well understood for years, even giving rise to the observation from cyber security types that USB devices are "plug and prey" (a security-themed spin on "plug and play").

"The idea of re-flashing the firmware of devices such as PCs bios or HIDs for malicious purposes has been around for some time now," said Egemen Tas, engineering veep at Comodo Group. "For example, fraudsters have been using hacked firmware to sell USB drives which shows higher storage capacity than they actually have."

Moreover, intelligence agencies have been modifying USB controller firmware to hide and encrypt data within USB drives, added Tas. "It is only a natural evolution that somebody would make use of the same technique for malicious purposes."

BadUSB is nastier than typical malware that might happen to infect a USB drive. For one thing, it's capable of infecting anything based on a compatible micro-controller. Moreover, it's also a lot stealthier (especially in its capability to avoid detection by anti-virus scanners) than conventional malware.

(Article taken from theregister.co.uk)