Month: November 2014

Symantec Warns about the Severity of Regin Malware Threat; Talks About Its Links to US and UK Intelligence Services

Security threats can come to you in any form and the latest one to enter the list is Regin – a sophisticated piece of spyware that has been prying on servers for years. The existence of Regin spyware came to light from the reports published by Symantec security specialist. As per the reports released by Symantec, the Regin malware is like a cyber-espionage tool that is designed to steal the secrets of many foreign governments and businesses. This malware is in use since 2008 and is still used to infiltrate email databases, keep a check at network traffic, steal confidential data like login passwords and monitor mouse clicks.  The worst – it makes a number of changes to files and registry keys, which cannot even be detected by any antivirus. If reports are to be believed, Regin is found behind several sophisticated cyber-attacks performed by US and British intelligence agencies on the European Union and a Belgian Telecommunication company. It is so, because the security threat – Regin spyware was found on the Belgian phone provider Belgacom’s networks. The Belgian company had been targeted in surveillance operations by the British Spy Agency Government Communications Headquarters. Similar malware was also found on the exact same European Union computer systems, which had been targeted by the National Security Agency. Aren’t these details enough to measure the threat severity of Regin malware?...

Read More

Apple Responds Strongly to Masque Attack Threat Discovered by FireEye

Apple has a very strong stand in the market and thus, it strongly responded to reports released by a security firm – FireEye of potential security threat that could allow hackers to steal sensitive information from iPhones and iPads. As per Apple, its operating systems come with security advanced options and have built-in protections to ensure malware downloads are at bay. Apple responded in wake of the reports released by a security firm –FireEye, which warned it about the vulnerabilities discovered in its operating system. As per the security firm, the identified security threat is named ‘Masque Attack’ under which fake apps are designed to replicate the original ones that are installed through Apple Store. Once, the user is tricked into installing fake apps, it becomes easier for hackers to steal the user’s personal information and use it to carry out their further nefarious acts. The firm named the threat appropriately as Masque Attack, because as soon as bad apps are installed onto the user’s system, they have the capability to overwrite the existing and the original app icons, disguised to look like an app that the user trusts. As per the reports released by FireEye, the security flaw discovered is likely to affect all Apple mobile devices running iOS 7 or later. However, Apple still goes on to defend that its users are safe from such malicious downloads...

Read More

Microsoft Finally Patches the 19-Year-Old Security Bug in Its Software

All’s well that ends well – this is what every Windows computer user should be saying after Microsoft announces the fix for the 19-year-old bug with emergency patch. The bug that existed in almost every version of Windows since Windows 95 was discovered by IBM Corporation’s cyber security research team in May 2014. As described by the IBM security researcher, the bug would have allowed the attackers to exploit the victim’s to run code remotely on the user’s machine, especially when the user visits any malicious website. IBM Researcher Robert Freeman said, “The bug can be used by an attacker for drive-by attacks to reliably run code remotely and take over the user’s machine.” Robert further described the vulnerability as “rare, ‘unicorn-like bug found in the code that IE relies on but doesn’t necessarily belong to.” Making things further scary, it has also been found that the same bug has also been found in the Microsoft’s Windows Server platforms – putting the security of websites handling encrypted data at risk. This bug is specially related to Microsoft Secure Channel – also known as SChannel. To find out the severity of this security flaw, researchers compared this latest threat with other significant flaws that came to light in this year, such as the Heartbleed bug and Shellshock. After comparing these threats, researchers came to a point that its impact can...

Read More

Rootpipe – Latest Security Flaw in Mac OS X Yosemite

Apple must have fixed a huge number of security vulnerabilities in OS X and iTunes, but it would have not imagined that its newer version OS X Yosemite will too face security flaw. A security flaw named ‘Rootpipe’ has been discovered in the Apple’s latest Mac OS X Yosemite by a Swedish Security researcher – Emil Kvarnhammar. If you are running the latest Mac OS X, it is suggested not to run your computer using the administrative privileges. The security vulnerability in the OS X not only makes the hackers eligible enough to escalate the administrative privileges on compromised machines, but also allow them to gain higher level of access on machines, termed as root access. By exploiting the security flaw on the Mac OS X Yosemite, the hackers automatically get the power to bypass all the security mechanisms applied to keep them at bay. Consequence of security flaw exploitation The consequence of security exploitation of Mac OS X Yosemite is seriously threatening. Once the hacker is able to exploit the security flaw, the entire machine is opened up for him to carry out his nefarious acts. Here is the list of things a hacker can do after exploiting the security flaw: The most deadly act- can install malicious software. Alter the entire setting of your computer without the need of any password. Steal victim’s sensitive information, such as...

Read More