A take on the security news, week 41

A take on the security news, week 41

Tue 07 October 2014

A take on the security news, week 41 / 2014. I summarize some of the news that I considered noteworthy related to information security this week.

  • Monday

iWorm method of infection

The attack vector of the iWorm Mac Malware seems to be infected Adobe CC 2014 installers downloaded from Piratebay. The pirated software does install, but it also install more than Adobe CC

As part of the installation process the user are prompted for the administrator user/password, and at the moment its filled in and you click ok, the malware is installed.

There has been an XProtect update to block this malware, and the moral of the story should be clear.

http://www.thesafemac.com/iworm-method-of-infection-found/

A Bash Shellshock update

An update on the Bash Shellshock bug with some new proof-of-concetps exploits.

http://lcamtuf.blogspot.no/2014/10/bash-bug-how-we-finally-cracked.html

https://isc.sans.edu/forums/diary/Shellshock+More+details+released+about+CVE-2014-6277+and+CVE-2014-6278+Also+Does+Windows+have+a+shellshock+problem+/18769

  • Tuesday
  • Wednesday

Adobe spying on users ebook libraries

Its reported that Adobes Digital Edition ebook reader is sending statistics from the program back to Adobe. It is tracking what the user is doing in the app and report back.

The application also index your harddrive for ebooks (not neccessary related to the DE reader) and upload the list to Adobe.

And to top the story, all the reports that are sent back to Adobe is sent unencrypted!

http://the-digital-reader.com/2014/10/06/adobe-spying-users-collecting-data-ebook-libraries/#.VDjeRytRWcj

  • Thursday

Malware turn ATMs into cash-spitting devices

Tyupkin malware enables attackers to control the ATMs in a degree that make it spit out money when told to. The article outlines the details.

http://www.theregister.co.uk/2014/10/08/atm_hack_report/

Bug in Bugzilla

Its been discovered a bug in the popular bugtracker that enables an attacker to masquerade as another user. This in turn can give the attacker escalated priviliges (if masquerading as a user with priviliges), and possibly access to otherwise private bugs.

Bugzilla administrators are urged to deploy the patch and upgrade their software immediately.

http://www.checkpoint.com/blog/bug-bug-tracker/

  • Friday

Microsoft Advance Notification

This months patches from Microsoft contains 3 critical, 1 moderate and a few important ones. Amongst the important ones are an update for Office for Mac.

https://technet.microsoft.com/library/security/ms14-oct