Подписаться Бесплатная «Серебряная» новостная рассылка . Подписчиков 8.345 RSS

←   Апрель 2014   →
	1 01.04.2014 06:15:52 17:15:19	2 02.04.2014 06:15:44 17:16:08	3	4 04.04.2014 06:15:38 17:16:15	5	6
7	8 08.04.2014 06:15:38 17:15:53	9 09.04.2014 06:15:50 17:16:13	10 10.04.2014 06:15:48 17:15:56	11 11.04.2014 06:15:50 17:15:53	12	13
14	15 15.04.2014 06:15:40 17:16:36	16 16.04.2014 06:15:52 17:16:27	17	18	19	20
21	22 22.04.2014 06:15:47 17:16:28	23 23.04.2014 06:15:36 17:16:14	24 24.04.2014 06:15:45 17:16:35	25 25.04.2014 06:15:37 17:16:39	26	27
28	29 29.04.2014 06:15:18 17:25:25	30 30.04.2014 06:15:46 17:16:57

За последние 60 дней ни разу не выходила

Сайт рассылки: http://av-host.net
Открыта: 09-03-2012

Автор

kmm

Статистика

8.345 подписчиков
0 за неделю

• Выпуски
• Статистика

←   Все выпуски   →

The Heartbleed Bug: A Critical Vulnerability in OpenSSL

2014-04-08 21:18 The Heartbleed Bug: A Critical Vulnerability in OpenSSL 2014-04-09 01:17 New Zeus Variant with Digital Certificate

Антивирусный "хостинг" Клуб пользователей антивирусных услуг (Saas, Cloud) Антивирусы и безопасность (SaaS, Cloud ...) The Heartbleed Bug: A Critical Vulnerability in OpenSSL 2014-04-08 21:18 KMM поделился ссылкой The Heartbleed Bug: A Critical Vulnerability in OpenSSL Independent researchers have discovered a critical vulnerability in the widely popular cryptographic software library, OpenSSL. As stated by the discovering parties, this vulnerability “allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software.” What Has Been Compromised? According to researchers, exploitation of CVE-2014-0160, or the Heartbleed Bug, allows attackers to steal: Primary Key Material - These are the secret keys that allow websites to unlock the encrypted information their users send during transmissions secured by TLS/SSL. Secondary Key Material - These are user credentials transferred in TLS/SSL transmissions, such as usernames and passwords. Protected Content – This is the content that is transferred during a TLS/SSL transmission and that is supposed to be protected by cryptographic secret keys. This is alarming because most encrypted data – such as financial information – is encrypted because it is sensitive. Collateral – This is all of the technical information related to an OpenSSL user account, such as memory addresses and user specific security settings. How Can I Fix This? Anyone using OpenSSL 1.0.1 through 1.0.1f (inclusive) is vulnerable, and needs to upgrade to OpenSSL 1.0.1g immediately. If this is not possible, users may also recompile OpenSSL with -DOPENSSL_NO_HEARTBEATS. It is also crucial to invalidate all compromised primary and secondary key material with your Certificate Authority. Although the Heartbleed bug was discovered by independent security researchers at Codenomicon, the vulnerability had actually been out in the wild since March 14th, 2012. No one knows if Heartbleed was exploited during that time, and even if it was the nature of the vulnerability allows attackers to hide all evidence of memory access. What is most alarming is that OpenSSL is the most popular open source cryptographic security service in use on the Internet today. Combined with its time in the wild of over 2 years, Heartbleed may have compromised a massive amount of information — or, it might not have compromised anything at all. The true extent of the breach really depends on whether anyone else knew about Heartbleed. Now that the vulnerability has been made public, service providers using an affected version of OpenSSL absolutely must address the issue; otherwise, all the information on their server will remain at high risk of compromise. Where Can I Find More Information? Codenomicon has published a detailed treatment of Heartbleed at http://heartbleed.com/ There readers may find official information about the bug, how to get rid of  it, and additional links to commentary from other authorities, including statements from Cloudfare, The Tor Project, and Ubuntu. Have a nice (malware-free) day. Related Posts: Emsisoft Alert: Kickstarter Data Breach Firmware Vulnerabilities Discovered on Linksys and ASUS… ALERT: 18 Million Email Accounts Compromised Microsoft Word Zero Day Alert! Adobe Flash Zero Day: Operation GreedyWonk New Zeus Variant with Digital Certificate 2014-04-09 01:17 KMM поделился ссылкой New Zeus Variant with Digital Certificate Reports indicate that Zeus has struck again – this time adding a fraudulent digital certificate to its bag of tricks. Like its predecessors, the financial Trojan is being dropped by malicious email attachments and drive-by downloads. Installation is initiated when users double-click an icon that appears on the desktop and that is made to look like an innocent Internet Explorer document. Users who initiate install are subsequently infected by both a malware that can allow its author to snag information from online financial transactions through “Man-in-the-Middle” attacks and a rootkit designed to hide said malware. If this sounds pretty nasty, what’s even worse is that this nothing new! Zeus has been around for quite some time, and in fact in 2013 it was responsible for approximately one-third of all computerized attacks on financial institutions. This particular variant has made recent headlines however because it adds a little extra trick that contributes to its already deceptive design. A Fraudulent Digital Certificate Legitimate software developers utilize digital certificates to validate their identity and to prove that they are not creating malware or perpetuating scams. The most common way to create a Digital Certificate is with Public Key Infrastructure (PKI). With PKI, Certificate Authorities (CAs) issue certification to software vendors after the vendors have verified their identity and proven that their product is not malicious. The Certificate Authority signs this certification with their unique, cryptographic “digital signature” and keeps a record of this certification on file. A software that is “Digitally Certified” is therefore supposed to be a software created by a legitimate developer that has passed a Certificate Authority’s set of standards. As malware, one would think that this new variant of Zeus would be flat out denied certification, and in a perfect world, it very well would have been. Certificate Authorization is a sprawling business, however, and many of the largest players distribute their certificates through retailers. As a result, certificates leak through, as monitoring the behavior of each and every retailer is quite impossible. In fact, in malware-land, digital certificates are bought and sold on a regular basis, and applying them to malware is really nothing new. That a new variant of Zeus uses one isn’t all that surprising, however to the untrained eye it can be deceptive. To the average user, who is not running a comprehensive anti-malware, adding a real Digital Certificate to a malicious program basically works like a fake ID. Imagine your computer is a party and you are the doorman. With this new Zeus, the appearance of what looks like a new Internet Explorer document on your desktop raises suspicion, so you ask for Identification. Your skepticism leads you to Right Click > Properties > Digital Signatures, and voila: The Document is Certified by a Trusted CA. Combine this with the curiosity one is bound to have upon the appearance of something new and mysterious on their desktop, and even the most tech-savvy among us are tempted to Double-Click. Where the author of this particular Zeus variant obtained a fraudulent certificate is really anybody’s guess. The most important thing to realize here is that this an all too common social engineering tactic and that relying on Digital Certification alone as a means of preventing malware infection simply doesn’t cut it. A Bit More on Encryption – Man-in-the-Middle Attacks Multiple variants of Zeus have seen success because they utilize man-in-the-middle attacks. Like Digital Certification, a man-in-the-middle attack is related to cryptography. This is a highly technical arena, however at its basis cryptography relies on pairs of keys and really is not too difficult to understand. Say for example you want to perform a secure, encrypted transaction with your bank, online. Your bank will send you what is known as a public key to encrypt all data that you send them during the transaction. A public key is essentially a lock, and it can only be opened by the person who holds the matching, private key. Stealing a private key from a bank would be quite the feat indeed, so instead malware authors use man-in-the-middle attacks. Malware like Zeus is designed to “wake up” when an infected user engages communication with their banking website and requests a public key for data encryption. Zeus is designed to intercept this request and send the user a fake public key, instead. That way, when the user sends what they think is encrypted information to their bank, they are actually sending encrypted information to the attacker – and the attacker, having used his own public key, can open it with his matching, private key and take a look inside. Protecting Yourself from Zeus, Be He Certified or Not Much of the press surrounding this latest variant of Zeus has focused on its legitimate Digital Certificate and how this might allow it to bypass antivirus software. Certified or not, Emsisoft Anti-Malware detects malware from the Zbot/Zeus family as Trojan.Win32.Zbot. Additionally, users should remain extremely cautious with mysterious desktop icons of any kind and unsolicited banking emails with attachments and links. If you are worried that you may have become a victim of this latest exploit, please don’t hesitate to contact our experts in the “Help, my PC is infected!” Emsisoft Forum. Our removal service is free, even if you are not an Emsisoft customer yet. Now that you know a little bit more about cryptography, we might also suggest our recent post on the OpenSSL Heartbleed Bug. Researchers have uncovered a massive vulnerability that allows anyone on the Internet to accesses OpenSSL secured servers and steal encrypted information, including private keys. This bug went undetected for over 2 years, and very well may change open source encryption technology forever. Have a Great (Zeus-Free) Day! Related Posts: Alert! Monster.com Serving Gameover Zeus Zeus Found Crawling through Salesforce.com The Heartbleed Bug: A Critical Vulnerability in OpenSSL E-mail encryption: this is how it works Encryptie – een simpele methode om uw berichten te…

---

В избранное

{#template MAIN} <div id="loginForm" style="display:none;" class="subscriberu_popup"> <div class="popup_register"> {#include js_tmpl_auth_reg_tab} {#if $P.login_register_tab == 1} <form class="authentication-form" method="post" action="/MEMBERLOGIN_authen_cred"> <dl class="rg_block_options"> <dt id="js_tap_panel_auth"> <h1>Войти на сайт</h1> {* {#include js_tmpl_auth_reg_button} *} {#include js_tmpl_auth_reg_action} <hr class="logreg_line noPhones"> <div class="logreg_descr noPhones"><p>{#include js_tmpl_auth_reg_descr} </p></div> <div class="logreg_advice noPhones"> Если вы еще не с нами, то начните с <a href="#" onclick="rgNav('js_tab_reg');return false;" class="dashed" data-func="registr">регистрации</a> </div> <br><br> <a class="dashed auth-enter" href="/manage/author/"><b>Вход для авторов</b></a> </dt> </dl> </form> {#/if} {#if $P.login_register_tab == 2} <div class="rg_block_options"> <div id="js_tap_panel_auth"> <h1>Регистрация</h1> <div class="social_reg"> {* <div class="rg_description">{#include js_tmpl_soc_auth_reg_descr}</div> *} {#include js_tmpl_auth_reg_soc} <div class="rg_soc_auth_agree">{#include js_tmpl_auth_reg_agree}</div> </div> <div class="subscribe_reg"> {* <div class="rg_description"> #include js_tmpl_auth_reg_descr </div> *} {#include js_tmpl_auth_reg_action} </div> {* {#include js_tmpl_auth_reg_button} *} <div class="clr"> </div> <hr class="logreg_line noPhones"> <div class="logreg_descr noPhones">{#include js_tmpl_auth_reg_descr} {#include js_tmpl_soc_auth_reg_descr} </div> </div> </div> {#/if} </div> {* <div class="gray_bg register_shadow"></div> *} </div> {#/template MAIN} {#template js_tmpl_auth_reg_tab} <ul class="rg_nav"> <li id="js_tab_auth" class="{#if $P.login_register_tab == 1} rg_active_nav {#/if} rg_first_nav"><a onclick="rgNav('js_tab_auth');return false;" href="">Вход на сайт</a></li> <li id="js_tab_reg" class="{#if $P.login_register_tab == 2} rg_active_nav {#/if}"><a onclick="rgNav('js_tab_reg');return false;" href="">Регистрация </a></li> </ul> <span onclick="hidebo();" class="rg_closed"> </span> {#/template js_tmpl_auth_reg_tab} {#template js_tmpl_auth_reg_action} {#if $P.login_register_tab == 1} {#include js_tmpl_auth_reg_soc} {#/if} <div class="rg_forms"> <input type="hidden" id="login_register_destination" value="{$P.login_register_destination}"/> {#if $P.login_register_tab == 1} <div class="rg_for_input"> <span class="rg_text_inner">E-mail или код подписчика</span> <input id="credential_0" class="js_keydown_selector rg_input_text" data-js_submit="no" data-js_next_input_name="credential_1" name="" type="text" /> </div> <div class="rg_for_input"> <span class="rg_text_inner">Пароль</span> <input id="credential_1" class="js_keydown_selector rg_input_text" data-js_submit="yes" data-js_action="js_loginFormBut" name="" type="password" onkeyup="showAttention(this,!!window.event.shiftKey)" /> <span class="pswd_attention" id="attention_pswd"> <span class="icon_attention"></span> <span class="pswd_attention-text" id="attention-text_pswd1">Русская раскладка клавиатуры!</span> <span class="pswd_attention-text" id="attention-text_pswd2">У вас включен Caps Lock!</span> <span class="pswd_attention-text" id="attention-text_pswd3">У вас включен Caps Lock и русская раскладка клавиатуры!</span> </span> </div> <div class="rg_for_input input-alien"> <span class="chk noPhones"><input id="chk_alien" name="" type="checkbox" /></span><label for="chk_alien" class="noPhones"> Чужой компьютер</label> <a class="forgot_pass" href="/member/totalrecall">Забыли пароль?</a> </div> <div class="rg_for_input"> <em id="auth_msg" class="reg_error"></em> <input id="lf_typeauthid" value="email" type="hidden"> <input type="submit" class="button button-red logreg_submit" id="js_loginFormBut" value="Войти"> <!--</a>--> <div class="loading loading-cover" style="display: none;"><div class="loader"></div></div> </div> {#/if} {#if $P.login_register_tab == 2} <div class="rg_for_input"> <span class="rg_text_inner">E-mail</span> <input id="arfemail" class="js_keydown_selector rg_input_text" name="" type="text" data-js_submit="yes" data-js_action="js_regFormBut"/> </div> <div class="rg_for_input rg_set_lineh rg_for_input_wide"> <label class="js_tap_panel_checkbox"> <span class="chk"><input name="" id='js_tap_panel_checkbox_terms' type="checkbox" data-js_submit="yes" /></span> Я ознакомился и согласен с <a class="link_txd logreg_accLink" href="/faq/vereinbarung.html">условиями сервиса Subscribe.ru</a> </label> <br /> <label class="js_tap_panel_checkbox"> <span class="chk"><input name="" id='js_tap_panel_checkbox_personal' type="checkbox" data-js_submit="yes" /></span> Нажимая на кнопку "Готово!", я даю <a class="link_txd logreg_accLink" href="/faq/persverordnung.html">согласие на обработку персональных данных</a> </label> </div> {* <div style="float: left;position: absolute;left: 11em;"> <img src="http://www.kupivip.ru/images/vip/logo.png?1604" style="width: 86px; vertical-align: middle;display: block;"> </div> <div class="rg_for_input rg_set_lineh"> <label class="js_tap_panel_checkbox"><input name="" id="js_tap_panel_checkbox_kupivip" type="checkbox" data-js_submit="yes"> Я хочу получать новости о скидках на одежду</label> </div> *} <div class="rg_for_input"> <em id="reg_msg" class="reg_error rg_for_input_wide"></em> <em id="reg_msg2" class="reg_error rg_for_input_wide"></em> <input id="rf_typeauthid" value="email" type="hidden"> <a class="button button-red logreg_submit" id="js_regFormBut" href="#">Готово!</a> <div class="loading loading-cover" style="display: none;"><div class="loader"></div></div> </div> {#/if} </div> {#/template js_tmpl_auth_reg_action} {#template js_tmpl_auth_reg_agree} <div class="rg_for_input rg_set_lineh rg_for_input_wide"> <label class="js_tap_panel_checkbox"> <span class="chk"><input name="" id='js_tap_panel_checkbox_terms_reg' type="checkbox" data-js_submit="yes" /></span> Я ознакомился и согласен с <a class="link_txd logreg_accLink" href="/faq/vereinbarung.html">условиями сервиса Subscribe.ru</a></label> <em id="reg_msg_soc" class="reg_error rg_for_input_wide"></em> </div> {#/template js_tmpl_auth_reg_agree} {#template js_tmpl_auth_reg_button} <div class="rg_butons_socials"> {#if $P.login_register_tab == 1} <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="auth_email" href="#"><span><i></i>Email</span></a> <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="auth_openid" href="#"><span><i></i>OpenID</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="auth_vkontakte" href="#"><span><i></i>Вконтакте</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="auth_mailru" href="#"><span><i></i>Mail.Ru</span></a> {#/if} {#if $P.login_register_tab == 2} <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="reg_email" href="#"><span><i></i>Email</span></a> <a class="rg_btn_soc rg_bs_01 js_tap_panel_selector" action="reg_openid" href="#"><span><i></i>OpenID</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="reg_vkontakte" href="#"><span><i></i>Вконтакте</span></a> <a class="rg_btn_soc rg_bs_02 js_tap_panel_selector" action="reg_mailru" href="#"><span><i></i>Mail.Ru</span></a> {#/if} </div> {#/template js_tmpl_auth_reg_button} {#template js_tmpl_auth_reg_descr} {#if $P.login_register_tab == 1} Для оформления подписки на выбранную рассылку, работы с интересующей вас группой или доступа в нужный вам раздел, просим авторизоваться на Subscribe.ru {#/if} {#if $P.login_register_tab == 2} Для регистрации укажите ваш e-mail адрес. Адрес должен быть действующим, на него сразу после регистрации будет отправлено письмо с инструкциями и кодом подтверждения. {#/if} {#/template js_tmpl_auth_reg_descr} {#template js_tmpl_soc_auth_reg_descr} Или зарегистрируйтесь через социальную сеть. {#/template js_tmpl_soc_auth_reg_descr} {#template js_tmpl_auth_reg_soc} <div class="rg_soc"> {#if $P.login_register_tab == 1} <a onclick="return _checkSocConfirm(event)" href="https://oauth.vk.com/authorize?client_id=3954260&scope=wall,offline,photos,groups,video,audio,email&redirect_uri={location.protocol+'//'+location.host}/member/login/vk/&response_type=code&v=5.15" class="login_register_vk_button"> <span class="login_register_vk_icon"></span> </a> {#/if} {#if $P.login_register_tab == 2} <a onclick="return _checkSocConfirm(event)" href="https://oauth.vk.com/authorize?client_id=3954260&scope=wall,offline,photos,groups,video,audio,email&redirect_uri={location.protocol+'//'+location.host}/member/join/vk&response_type=code&v=5.15" class="login_register_vk_button"> <span class="login_register_vk_icon"></span> </a> {#/if} </div> {#/template js_tmpl_auth_reg_soc}

{#template MAIN} <div id="loginForm" style="display:none;" class="subscriberu_popup"> <div class="popup_register"> {#include js_tmpl_auth_reg_tab} <dl class="rg_block_options"> <dt id="js_tap_panel_auth"> <p class="rg_description">{#include js_tmpl_auth_reg_descr}</p> <div class="clr"> </div> {#include js_tmpl_auth_reg_action} <div class="clr"> </div> </dt> </dl> </div> <!-- <div class="gray_bg register_shadow"></div> --> </div> {#/template MAIN} {#template js_tmpl_auth_reg_tab} <ul class="rg_nav"> <li id="js_tab_reg" class="rg_active_nav rg_first_nav"><a href="" onclick="return false;" >Регистрация</a></li> </ul> <span onclick="hidebo();" class="rg_closed"> </span> {#/template js_tmpl_auth_reg_tab} {#template js_tmpl_auth_reg_descr} <strong>Пожалуйста, подтвердите ваш адрес.</strong><br><br>Вам отправлено письмо для подтверждения вашего адреса {$P.register_confirm_mail}.<br>Для подтверждения адреса перейдите по ссылке из этого письма. {#/template js_tmpl_auth_reg_descr} {#template js_tmpl_auth_reg_action} <div class="rg_forms confirm_code_from_letter"> <div class="rg_for_input"> <span class="rg_inp_descr" style="width:15em;">Или введите код из письма:</span> <input type="text" value="" id="confirm_code" name="" data-js_submit="yes" data-js_action="js_confirmFormBut" class="js_keydown_selector rg_input_text_conf" > </div> <div class="rg_for_input"><label>Не пришло письмо? <b>Пожалуйста, проверьте папку Спам</b><br /> (папку для нежелательной почты).</label><br />  <a href="" onclick="ajax_recall_code();return false" >Вышлите мне письмо еще раз!</a></div> <div class="rg_for_input"> <em class="reg_error" id="confirm_msg"></em> <a href="#" class="button button-red" id="js_confirmFormBut">Готово</a> <div class="loading loading-cover" style="display: none;"><div class="loader"></div></div> <br> </div> </div> {#/template js_tmpl_auth_reg_action}