News has emerged that software giant Adobe information stolen in cyber attack on website
Adobe has confirmed that 2.9 million customers have had private information stolen during a “sophisticated” cyber attack on its website.
The attackers accessed encrypted customer passwords and payment card numbers, the company said.
But it does not believe decrypted debit or credit card data was removed.
Adobe also revealed that it was investigating the “illegal access” of source code for numerous products, including Adobe Acrobat and ColdFusion.
“We deeply regret that this incident occurred,” said Brad Arkin, Adobe’s chief security officer.
“Based on our findings to date, we are not aware of any specific increased risk to customers as a result of this incident,” he said.
But Chester Wisniewski, senior adviser at internet security company Sophos, told the BBC: “Access to the source code could be very serious.
“Billions of computers around the world use Adobe software, so if hackers manage to embed malicious code in official-looking software updates they could potentially take control of millions of machines.
“This is on the same level as a Microsoft security breach,” he added.
Adobe said it had been helped in its investigation by internet security journalist Brian Krebs and security expert Alex Holden.
The two discovered a 40GB cache of Adobe source code while investigating attacks on three US data providers, Dun & Bradstreet, Kroll Background America, and LexisNexis.
Mr Krebs said the Adobe code was on a server he believed the hackers used.
Adobe said that it is resetting passwords for the customer accounts it believes were compromised, and that those customers will get an email alerting them to the change.
It is also recommending that, as a precaution, customers affected change their passwords and user information for other websites for which they used the same ID.
For those customers whose debit or credit card information is suspected of being accessed, Adobe is offering a complimentary one-year subscription to a credit-monitoring programme.
Finally, the company said it had notified law enforcement officials and is working to identify the hackers.
Adobe information stolen in cyber attack on website.
This article originally appeared on the BBC News website
Scammers wasted little time after Prince William and his wife, the former Kate Middleton, announced the birth of their son, who’s now third in line to the British royal throne.
“Because it is such big news, it didn’t take long for malicious elements to misuse it,” said Kaspersky Lab security researcher Michael Molsner in a Wednesday blog post, noting that the company’s spam traps had already intercepted an email promising regular “Royal Baby” updates.
The message also included a “watch the hospital-cam” link, which appeared to resolve to a legitimate site that had been compromised.
Irish Web Design – Royal Baby Malware Attacks
This story appeared on the Information Week Website
For many years, anti-malware companies have been capturing immense numbers of new, malicious code samples every day. The actual number is controversial, but it’s in the hundreds of thousands. Not a typo.
These samples are generated programmatically by malware authors trying, by brute force, to create something that will slip through defenses. Most of them are garbage. Anti-malware programs don’t write signatures specific to them, but recognize them by more general characteristics as part of a malware family.
Roger Thompson of ICSA Labs, a security research group owned by Verizon, calls these ‘AFTs’ for ‘Another Freaking Trojan’. The term is meant to contrast with APT for ‘Advanced Persistent Threat’; there’s no standard definition of APT, but basically it’s a more sophisticated malware program which can hide in a target network and perhaps even defend itself.
I spoke with Thompson, who I have known for a long time from his pioneering work for several companies in the anti-malware industry. In a recent blog entry he notes a clear rise in the quality of malware at the very high end of the APT segment; he calls this Enterprise Malware because it is being written by enterprise-class organizations.
Security companies know from their own forensic examination of attacks that this Enterprise Malware can be traced back often to defense contractors and various branches of various governments. We know, at least since Stuxnet (although any fool knew it was going on before), that western governments were developing attack code. We know of similar activities from the PLA (People’s Liberation Army) in China, and now the FBI (with the possible assistance of the NSA) is using malware to infiltrate criminal activities. For years European governments have been open about their policy to allow police to hack into the computers of suspects without a warrant.
Not to dismiss the talents of the last generation of malware writers, but governments and defense contractors have enough budget to hire professionals; I suspect the pool of such people who are willing to work for government is much larger than the pool willing to work for criminal organizations. And with enough patience and talent, we may start seeing malware techniques which heretofore haven’t been worth the trouble. Thompson is concerned about the development of cross-platform malware. We saw an example of this in Stuxnet, which used Windows computers to find and attack Siemens industrial controllers.
As Thompson, who knows a thing or two about anti-malware technology, says, anti-malware software can find the AFTs a very, very high percentage of the time, but you can’t expect it to find these attacks, at least not when it matters. It’s for threats like these that defense-in-depth and rigorous attention to best practices is necessary. For high-value targets, there are also products and services, Solera Networks’ DeepSee series for example, which specifically attempt to find threats which are laying low in a network.
After digesting this information, I was tempted to think that this is good news for those of you under the radar; if you’re not the sort of operation that is going to merit a high-quality targeted attack, then following best practices — e.g. always updating all software and anti-malware, practicing least privilege, forcing strong passwords — then you should be OK. But that’s nothing new. It was always true. The real news is just how essential it is for those who might be the target of a high-quality, enterprise malware attack to follow those practices. And it’s discouraging to see how many organizations fall short.
This is an edited version of an article by Larry Seltzer
Malware creators go professional Irish Web Design – Website Security
The dreaded Blackhole Exploit Kit is back!
The last week has seen a resurgence of this malicious software appearing on websites around the globe.
Visitors to the sites who have AVG Anti Virus software installed on their systems receive a warning about the infection.
Website owners who do not act quickly to deal with the infection and clean up their websites may find Google blocking access to their websites.
The Blackhole Exploit Kit and it’s many variations was developed by some of the most skilled computer criminals in the world.
It is thought that these gangs originate in Russia or Eastern Europe.
The Blackhole exploit kit is now the most prevalent web threat globally.
The criminals make the software available as a kit on an outright sale or licence basis and each version is tweaked to suit the ‘end user’ criminal’s particular purposes.
In general, the kit uses hidden code to analyse the software on the computer it attacks to find any vulnerabilities.
When it finds some software which can be exploited, it will then run another piece of software, which often in the form of a pop up window.
This appears to be a warning about a malware or virus infection when in point of fact, it is a malware!
The computer is now under ‘remote control’ by the hackers, who can return and take over running the machine at any time.
What is particularly worrying about this infection is that there is at present no ‘magic bullet’ or simple cure.
Irish Web Design – the dreaded Blackhole Exploit Kit is back AKA Black hole exploit kit.
FBI and Microsoft move in on Internet Criminals
American FBI and Microsoft shut down the €375m theft botnet known as Citadel
The American FBI and Microsoft have cooperated in order to break up a massive network of hijacked home computers that have been responsible for stealing more than €375m from bank accounts around the globe.
The Citadel network was set up by a group of criminal gangs who remotely installed a keylogging program on upwards of five million machines in order to steal data.
About 1,000 of the 1,400 or so networks that made up the Citadel botnet are believed to have been shut down.
Co-ordinated action in 80 countries by police forces, tech firms and banking bodies helped to disrupt the network.
“The bad guys will feel the punch in the gut,” Richard Boscovich, a spokesman for Microsoft’s digital crimes unit said.
The cybercriminals behind Citadel cashed in by using login and password details for online bank accounts stolen from compromised computers.
This method was used to steal cash from a huge number of banks including American Express, Bank of America, PayPal, HSBC, Royal Bank of Canada and Wells Fargo.
Citadel emerged after core computer code for a widely used cybercrime kit, called Zeus, was released online.
Underground coders banded together to turn that code into a separate cybercrime toolkit that quickly proved popular with many malicious hackers.
In a blogpost detailing its action, Microsoft said Citadel had also grown because malicious code that could take over a PC had been bundled in with pirated versions of Windows.
The millions of PCs in the criminal network were spread around the globe, but were most heavily concentrated in North America, Western Europe, Hong Kong, India and Australia.
Despite the widespread action, which involved seizures of servers that co-ordinated the running of Citadel, the identity of the botnet’s main controller is unknown.
However, Microsoft has started a “John Doe” lawsuit against the anonymous controller, believing him to use the nickname Aquabox and be based in Eastern Europe.
In addition, the FBI is working with Europol and police forces in many other countries to track down and identify the 81 “lieutenants” that helped Aquabox keep Citadel running.
Microsoft has also started action to help people clean up an infected computer.
Typically, it said, machines compromised by Citadel were blocked from getting security updates to ensure those computers stayed part of the botnet.
With the network disrupted, machines should be free to get updates and purge the Citadel malware from their system.
FBI and Microsoft move in on Internet Criminals – Irish Web Design From an article on BBC News
Business Expansion Grants
Grants available for websites for businesses trading more than 18 months
The Business Expansion Grant is designed to assist the business in it’s growth phase after the initial 18 month start-up period. Micro enterprises that have availed of a Priming Grant are ineligible to apply for a Business Expansion Grant until 18 months after the final drawdown date of the Priming Grant, except in exceptional circumstances.
Business Expansion Grants may be awarded to sole traders, partnerships or limited companies that fulfil the following criteria:
- Located within the CEB’s geographic area;
- A business, which on growth, may or may not have the capacity to fit the Enterprise Ireland portfolio;
- A business employing up to 10 employees;
- A manufacturing or internationally traded service business;
- A domestically traded service business with the potential to trade internationally.
The maximum Business Expansion Grant payable must not exceed 50% of the investment or €150,000, whichever is the lesser.
Grants over €80,000 and up to €150,000 shall be the exception and shall only apply in the case of projects that clearly demonstrate a potential to graduate to Enterprise Ireland and / or to export internationally.
In all other cases, the maximum grant shall be 50% of the investment of €80,000, whichever is the lesser.
Subject to the 50% limit, a maximum grant of up to €15,000 per full time job created shall apply in respect of any employment support grant aid.
Expenditure may be considered under the following headings:
- Capital Items: These include fit out of workspace, office equipment, machinery, computer costs, hardware and software etc. (Note acquisition of building and purchase of mobile assets are excluded from grant aid).
- Salary Costs: For first year of employment. This to be paid out in two instalments. The first instalment at the commencement of employment and the second instalment once the employment has continued in existence for a period of six months. The level of grant support should reflect the salary scale proposed for the employment being generated. It is anticipated that only quality jobs attracting salaries in excess of €40,000 will be eligible for the maximum €15,000 grant support with appropriately scaled back grants offered in accordance with proposed salary for lower paid positions. Staff recruitment costs may also be considered eligible for grant aid.
- Rental / Accommodation Costs: For first year of project. (Note where rental space is already subsidised by an investment of public funds then grant support should reflect the differential between the market rate and subsidised rate). Rental costs may be paid up front subject to receipt by the Board of signed lease / rental agreements.
- Utility Costs: These include installation costs for telephone and broadband. (Note mobile phone costs are excluded).
- Marketing Costs: These include packaging, brochures, business cards, trade fairs, website design and development, and other marketing initiatives.
- Consultancy Costs: These include design fees, patent costs, architect, accountant and legal fees.
- Business Specific Training: Costs here refer to specialised management or key personnel training programmes that are required to ensure the growth of the business. Such courses should not be generally available under the Board’s general training programmes.
Grants available for websites
Grants available for websites – Irish Web Design
Irish Web Design issued a warning this week as yet another client had his preferred domain name robbed from under his nose.
We were in the process of securing the preferred .ie, .net and .com domains our client had settled on. It came as a nasty surprise to discover that the rather unusual .com domain name had been registered just days previously.
It transpired the client had been checking possible names for his new website some days previously and checked the preferred option on one of the many sites that appear at the top of Google.
There are many stories on the internet where people claim that the giant American company godaddy.com engage in this practice.
It appears that as soon as he logged out of the site automated software registered the domain name he was searching for.
The company who registered the site have no use for it, but they now own the name the client wanted.
The domain is available but first the client would need to appoint a company to negotiate for him, which is $69 to start with. Then he has to state in advance how much he is willing to pay. It is not uncommon for companies to demand thousands of Euro in order for them to hand over “your” name. If successful the ‘agent’ then adds another 10% on top
Back in the days of the James brothers you knew you were dealing with robbing low-life bandits, but this form of robbery is corporate extortion on a massive scale.
You have no idea what the connections are between the agent, the company who registered the site and the company on whose site you first carried out the search.
The only thing you can be certain of is that you have been well and truly screwed.
The moral of the story?
Under no circumstances should you check the availability of domain names unless you know exactly what you are doing.
If you fail to heed this advice it may end up costing you thousands of Euro as you are subjected to information highway robbery.
Your Domain Name Robbed an article by Irish Web Design