Other News

Bit9 Defends Response To Hack, Promises More Details

Bit9 Defends Response To Hack, Promises More Details

The security firm Bit9 defended its response to a hack of its own network last week and promised to release more information to the public about what happened – just not quite yet. In a blog post dated Saturday, February 9, the company’s CTO, Harry Sverdlove, said that the company responded promptly to the attack and contacted customers as soon as it completed its own investigation of the hack, which allowed unknown assailants to sign malicious programs using a Bit9 code signing server. That malware was subsequently released on networks of Bit9 customers. Sverdlove said the company’s “first and foremost priority was to inform our customers quickly and directly,” and that the company did so “as soon as we understood and had mitigated the attack, and we were able to provide actionable advice.” The blog post by Sverdlove, just a day after a post by Bit9 CEO Patrick Morley that disclosed […]

Whitelist Goes Black: Security Firm Bit9 Hacked

Whitelist Goes Black: Security Firm Bit9 Hacked

Application “whitelisting” offers an alternative to signature based malware protection. Rather than trying to spot the bad guys, the thinking goes, just identify a list of approved (whitelisted) applications, then block everything else. But what happens when the whitelist, itself, becomes compromised? That’s the scenario that’s playing out with customers of whitelisting firm Bit9, which acknowledged a breach of its corporate network that allowed unknown assailants to gain control of an application code signing server. The acknowledgement came after Bit9 was contacted regarding the breach by Brian Krebs of Krebsonsecurity.com, which broke the news Friday. Little is known about the incident. In a blog post, Bit9’s CEO, Patrick Morley, said that only three of the company’ s customers were affected. Those customers identified malware on their networks that had been signed by one of Bit9’s code signing servers. The lapse was the result of a breach on Bit9’s own network. […]

Adobe Pushes Fix For Flash Player, Cites Attacks On Windows, Mac, Android

Adobe Pushes Fix For Flash Player, Cites Attacks On Windows, Mac, Android

Adobe released an urgent fix on Thursday for recent versions of Flash Player, citing ongoing attacks against both Windows, Apple Mac, Linux and Android systems. Adobe released the security updates to fix a vulnerability, CVE-2013-0633 in Flash Player, noting that the vulnerability is being exploited “in the wild” (that is: on the public Internet) in targeted attacks. The attacks involve both web based attacks via malicious or compromised web sites and e-mail based attacks. The web based attacks use malicious Flash (SWF-format) content and target vulnerable versions of the Flash Player for the Firefox and Safari web browsers. The e-mail attacks use a malicious Microsoft Word document delivered as an e-mail attachment. The document contains malicious Flash (SWF) content and the email tries to trick the recipient into opening it. The vulnerability in question, CVE-2013-0633 is described as a buffer overflow in Adobe Flash Player that “allows remote attackers to execute […]

Wealthy Countries Better At Protecting Citizens…From Malware

Wealthy Countries Better At Protecting Citizens…From Malware

To paraphrase a quote attributed to the great American novelist F. Scott Fitzgerald: ‘Rich countries aren’t like you and me. They have less malware.’ That’s the conclusion of a special Security Intelligence Report released by Microsoft on Wednesday, which found that the rate of malware infections was relatively lower in countries that were wealthy than those with lower gross income per capita. The study, “Linking Cybersecurity Policy and Performance” investigated the links between rates of computer infections and a range of national characteristics including the relative wealth of a nation, observance of the rule of law and the rate of software piracy. The conclusion: wealthier nations, especially in Europe, do a better job preventing malware infections than poorer and developing nations. The report marks an effort by Microsoft to dig into some of the underlying causes of cyber insecurity globally. Using data gathered from its Malicious Software Removal Tool (MSRT) […]

New Malware Takes ‘Extended Naps’ To Avoid Detection

New Malware Takes ‘Extended Naps’ To Avoid Detection

It’s a truism that even the bleakest circumstances look a bit brighter after a good nap. Well, that wisdom isn’t lost on malware authors either. A newly discovered Trojan Horse program, dubbed Trojan Nap, is programmed to use extended sleep cycles to fool behavior based anti-malware tools, according to a report from the firm FireEye. In a blog post Tuesday, researchers Abhishek Singh and Ali Islam said the new malware has a function, dubbed SleepEx() that can be used to configure long “naps” that the malware takes after it is installed on a compromised system. The default value, 600,000 milliseconds – or 10 minutes – seems designed to fool automated analysis systems that are programmed to capture a sample of behavior for a set time frame. “By executing a sleep call with a long timeout, Nap can prevent an automated analysis system from capturing its malicious behavior,” FireEye said. Like other […]