Weekly infosec snipper

ClickSSL Weekly Infosec Snipper – 7th July 2014

This entry is part 7 of 151 in the series Weekly Infosec Snipper

Weekly Infosec Snipper
The time has come for a common web user whether you have a PC or a Smartphone, if you fail to take precautions of your dearer device, then you may fall victim to cyber culprits. ClickSSL brings weekly Infosec Snipper to alert readers about evolving cyber crime around us. In this article, we have focused on new variant of malware, phishing development, vulnerable Word Press plug-in etc. so sit back and ride the most happening cyber events in the last week.

Android Smartphones Need no Security, Says Adrian Ludwig

Recently, Android Engineer named Adrian Ludwig has spoken about Android that users does not need antivirus security for their devices. Adrian Ludwig said that people have wrong perception about the review of applications laid in at Google Play store. He added that people buy security protection would likely get no protection from such software.

Dragonfly group targets Energy organizations in US and Canada

Symantec has found out a cyber espionage group named Dragonfly who has been in cyber espionage since 2011 that targets energy operations, electricity generation firms, petroleum pipeline operators, and equipments providers related energy industry. With sabotage capability, the group initially targeted defense and aviation companies in the US and Canada but now Dragonfly was targeting energy firms in early 2013. The group uses RAT (Remote Access Tool) that aim at compromised computers. Dragonfly appears to use phishing and watering hole attacks against energy organizations.

Bing Search Engine used by phishers for Deceptive advertising

Netcraft revealed a phishing attack, in which phishers are placing deceptive advertising on Bing search engine. This phishing fraud targets blockchain users and redirects them on another website. On this phishing website users are being told to provide their login credentials. When user types “Blockchain” keyword in Bing search engine, it appears two ads out of which one says to “click this one” and other says, “Another one ad is a phishing site”.

Cheap SSL

Oversized Cookies can create DDoS attack Situation, says Acunetix

Recently a security firm found that if a server sends large amount of cookies with a large header line, the page rejects the request and shows “400 Bad Request” error while some server show “413 Request Entity Too Large” error. The server also informs user by showing a message “Your Browser sent a request that this server could not understand. Size of a request header field exceeds server limit.” This oversized header can be a simple way to perform DDoS situation on a particular server.

“MailPoet” plug-in of WordPress found vulnerable

Sucuri – a security company has found WordPress plug-in named “MailPoet” is a vulnerable, which allows an attacker to upload any files to the compromised website. An attacker with MailPoet can post notification, send newsletters also can get auto respond from WordPress equipped websites. There are more than 1.7 million people have downloaded this plug-in. An attacker can upload PHP file on victim’s website; further attackers can abuse website with phishing fraud, spreading spam, and infect shared servers.

Android Malware dubbed as HijackRAT targets Banking Mobile Users

Security researchers at FireEye have discovered a new android application, which equipped with malware dubbed as HijackRAT. This malicious android app can perform private data theft, banking credential theft, spoofing, and remote access features. A malicious application targets mobile banking users and it can send SMS messages, steal contacts, start malicious updates, and can also disable antivirus software on android device.

Series Navigation<< ClickSSL Weekly Infosec Snipper – June 30, 2014ClickSSL Weekly Infosec Snipper – July 14, 2014 >>