Go Back   DreamTeamDownloads1, FTP Help, Movies, Bollywood, Applications, etc. & Mature Sex Forum, Rapidshare, Filefactory, Freakshare, Rapidgator, Turbobit, & More MULTI Filehosts > Computer Help Info.& New Technology > General Computer/Android Help, News & Info + New Technology

General Computer/Android Help, News & Info + New Technology Find All The Latest Reports/Reviews in Here. Start a New Thread in Here if You Need Help

IMPORTANT ANNOUNCEMENT
Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site.
Post New ThreadReply
 
LinkBack Thread Tools Display Modes
Old 05-06-12, 17:50   #1
Visiting Staff/Admin
 
Join Date: May 2012
Posts: 13
Thanks: 11
Thanked 22 Times in 10 Posts
js3811 is on a distinguished road
Default Hackers Fake Microsoft Update; Spread Malware

C/P

by Brandon Dimmel

Cyber-crooks have reportedly used fake Microsoft credentials to spread the new Flame malware. In response, Microsoft has issued an 'emergency security advisory', along with a guide telling people how to protect their computer systems and networks.

The Flame virus is a bit unusual, in that it is designed to steal data rather than corrupt or take down computer systems.

Described by researchers at Kaspersky Lab as a "complete attack toolkit," the Flame virus is considered by many to be an even bigger security threat than the massive Stuxnet worm, which it closely resembles.
Flame Masquerades as Legitimate Microsoft Code

Although it was dangerous before, Flame now poses an even bigger risk. The cybercriminals behind it have successfully configured their virus to use legitimate Microsoft credentials to help it slip under network defenses.

In a recent post on the Microsoft Security Response Center blog, Microsoft stated: "We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft." (Source: pcmag.com)

Experts believe that the people behind Flame have found and exploited a new flaw in the Terminal Server Licensing Service used by many IT administrators to authorize Remote Desktop services on Windows-based networks.

Because most IT systems accept legitimate Microsoft code by default, the Flame virus -- which can now appear legit to network defenses -- is often accepted and passed through to vulnerable computer data and systems.
Microsoft Sends Emergency Security Advisory

To combat this new danger, Microsoft has now released an Emergency Security Advisory that explains in great detail exactly how IT administrators can block any of Flame's rogue security certificates from gaining unauthorized access to networks.

But for some IT administrators, this may be too little, too late. nCircle security expert Andrew Storms warns that the "discovery of a bug that's been used to circumvent Microsoft's secure code certificate hierarchy is a major breach of trust," and points out that "it's a big deal for every Microsoft user." (Source: pcworld.com)

However, Flame is a highly targeted form of malware, so the systems of most home users are not likely to be targeted by those who designed this potent virus.

Storms believes the sophisticated nature of Flame's most recent attack lends weight to the theory that the hackers behind it represent a nation-state, meaning they may have the financial backing of a powerful government.
http://www.infopackets.com/news/business/microsoft/2012/20120605_hackers_fake_microsoft_update_spread_malware.htm
Take care.
__________________
Download faster! >>>
You can help this site, by clicking on the link below to buy a Premium Account.
& Thank you for helping us. Click;



js3811 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
Reply With Quote
Old 05-06-12, 19:26   #2
The Enigma
 
photostill's Avatar
 
Join Date: Apr 2012
Posts: 9,977
Thanks: 3,009
Thanked 1,524 Times in 928 Posts
photostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant futurephotostill has a brilliant future
Default Re: Hackers Fake Microsoft Update; Spread Malware

Interesting. I've been following the Stuxnet, Du Qu, and Flame since it hit the recognition horizon.

Stuxnet was hallmarked by plug in type modules, which is what led researcher to realize this was professional programmers. That's the way professionals do. They will take premade stuff and plug it into to their work, saving time and effort. Script kiddies and part timers don't do that. They tend to write it all themselves.

Much of Stuxnet is also hallmarked by programmer teams doing the development. It's too much code for one guy working in a room by himself. Plus there is the part about the unidentified language at the time of reverse engineering. Some of the code looked to be a totally new language. Only after the public was asked to id the code, did it turn out to be older Visual C code. No recent programmers use the obsolete language and that was why no one recognized it. This means the programmers were older folk, not young ones.

Now Flame is a different animal, in that it's huge for a malware in size. It has the capability of plug in modules to be activated on command, or to download what is needed. It can take screenshots, once every second or so; it can even self-destruct, taking all evidence it was ever there.

But what is the real interest here, is that the signed certificate is now showing it's vulnerability. Not to long ago, a year or so, it was found out the dutch firm had it's certificate issuing compromised. So damaging was that the company went out of business. But signed certificates have been how much of the valid updates and security has been run. It's now proving to be a liability as much as a one legged man is to caravan.

Because it's been now shown how to look legal. Don't think for a minute they won't be reverse engineered to find out how and why they do what they do. At some point, all this malware is going to become the stock and tools of trade for the malware writers. At that time, either we better have a secure computer/connection, or we better be off the net. There won't be anywhere on line safe for computer users as they are configured and used today.
__________________

You can help this site, by clicking on the link below to buy a Premium Account.
& Thank you for helping us. Click;




photostill is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
Reply With Quote
The Following 2 Users Say Thank You to photostill For This Useful Post:
js3811 (05-06-12), pop (29-08-12)
Old 05-06-12, 20:12   #3
Visiting Staff/Admin
 
Join Date: May 2012
Posts: 13
Thanks: 11
Thanked 22 Times in 10 Posts
js3811 is on a distinguished road
Default Re: Hackers Fake Microsoft Update; Spread Malware

Hey P,
Very interesting.I didn't know about the old visual C code.Who woulda thunk it.Thanks for your input.

Take care.
__________________
Download faster! >>>
You can help this site, by clicking on the link below to buy a Premium Account.
& Thank you for helping us. Click;



js3811 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
Reply With Quote
The Following 2 Users Say Thank You to js3811 For This Useful Post:
photostill (06-06-12), pop (29-08-12)
Post New ThreadReply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.
SEO by vBSEO 3.5.2
Designed by: vBSkinworks