Cyber attack on German parliament still active, could cost millions

A cyber attack on the German Bundestag lower house of parliament reported last month is still stealing data and could force officials to spend millions of euros replacing the entire computer system, German media reported on Wednesday

Attack for Flash 0day goes live in popular exploit kit

kafeine

If you've been meaning to disable Adobe Flash, now might be a good time. Attacks exploiting a critical vulnerability in the latest version of the animation software have been added to a popular exploitation kit, researchers confirmed. Attackers often buy the kits to spare the hassle of writing their own weaponized exploits.

Prolific exploit sleuth Kafeine uncovered the addition to Angler, an exploit kit available in underground forums. The zero-day vulnerability was confirmed by Malwarebytes. Malwarebytes researcher Jérôme Segura said one attack he observed used the new exploit to install a distribution botnet known as Bedep.

Adobe officials say only that they're investigating the reports. Until there's a patch, it makes sense to minimize use of Flash when possible. AV software from Malwarebytes and others can also block Angler attacks.

PROMOTED COMMENTS

• DayvidArs Praetorian

  jump to post
  dhay wrote:

  All these years, all these bugs in Adobe products. The code must be god awful inside.
  
  You would think that the bugs follow patterns, and they could proactively remove them with code reviews. Or it is just that bad.

  
  
  It's just that getting security absolutely right is almost impossibly hard - security issues in these sorts of products are very often not simple bugs. The core issue is that adobe has a couple incredibly popular web facing components which also happen to be very complex products and thus are fantastic targets.
  517 posts | registered Jun 30, 2012
•   Source: arstechnica.com

Analysis of the malware that was used in the attack on Sony Pictures

Last week FBI internal document  got into open acess ? which contains an analysis of malicious code, with the help of  which was "brought to its knees," the company Sony Pictures.
The description says the "destructive malware, was used by unknown operators." It is able to erase all data on infected computers under Windows and spread through the network to attack servers under Windows. To spread use built-in operating system file-sharing service.
Representatives of the company Sony Pictures characterized the program as "very difficult", and independent experts from Mandiant confirmed that at the moment оf its work were spreading determined antivirus software.

Billions of dollars are spending by USA on cyber war with China

According to the head of the FBI, the Chinese hackers special feature is  aggressiveness with the help of which they are trying to crack the security system  of the United States.

China pursues an aggressive cyber war against the United States, which is estimated to cost America billions of dollars. It was said by FBI Director James Comey in the program CBS «60 Minutes» on the 5^th of October,2014. According to him, the American big companies can be divided into two categories: those who had been under cyber attacks from China, and those who do not know about that there are targets of cyber attacks from China.

JP Morgan reveals data breach affected 76 million households

SAN FRANCISCO — The cyberattack on JPMorgan Chase & Co., first announced in July, compromised information from 76 million households and 7 million small businesses, the company revealed Thursday in a filing with the Securities and Exchange Commission.

Contact information, including name, address, phone number and e-mail address, as well as internal JPMorgan Chase information about the users, was compromised, the filing said. However the bank said no customer money appears to have been stolen. 

Those who you do not know, know you

It's time to put before the IT-service a question, how the company's infrastructure is  secure, and the extent whom it is prepared to respond to the actions of malefactors.

Nowadays, cyber attacks affect all industries without exception. If a business or a government has a  sensitive information it is obviously that it will be  interesting to third parties, such as competitors or terrorists. It is easy to recall the sensational story of industrial espionage Boeing according to the closest competitor Lockheed Martin or Renault employees, who passed secrets to the Chinese side who to produce an electric car.