Tuesday, March 26, 2013

Security Brief: China Retaliates Against Accusations, More Java Vulnerabilities

SHARE:
Adjust text size:

More Java vulnerabilities uncovered
Enlarge picture
Ever since The New York Times reported being attacked by Chinese hackers, news started pouring in about similar breaches.

This week we’ve learned that the Chinese military is also suspected of targeting 23 US natural gas pipeline operators. In addition, Chinese hackers are also accused of breaching the European Aeronautic Defense and Space Company (EADS), and German steel producer ThyssenKrupp.

However, not a day goes by without reports in which Chinese officials deny being involved in these cyberattacks. This week, they've not only highlighted the impact of these accusations on international cooperation, but they've also made some accusations of their own.

The Chinese military said that over 62% of the attacks launched against its computer systems in 2012 originated from US IP addresses.

In the meantime, the FBI director revealed that closing vulnerabilities is not the right approach to cybersecurity. Instead, the US should focus on identifying and deterring the attackers.

This week, we’ve also heard of two new Java zero-day vulnerabilities. The first set of issues was identified and reported by Security Explorations.

Oracle has confirmed a Java 7 sandbox bypass vulnerability, but downplayed the importance of one of the issues being used in the exploit. Experts say that if Oracle sticks to its assessment, they will publish the flaw’s details to let the security community decide who is right.

The second issue was identified by FireEye and it affects Java 6 Update 41 and Java 7 Update 15. Unfortunately, this zero-day is being exploited in the wild by cybercriminals.

As far as hacks are concerned, Anonymous hacktivists took aim at Bank of America. The hackers discovered that the financial institution has been monitoring them and Occupy activists.

To back up their claims, they’ve leaked 14 GB of information related to Bank of America, Bloomberg, Reuters, TEKSystems and ClearForest.

The Australian Broadcasting Corporation (ABC) also suffered a data breach. A hacker wanted to protest against the fact that the company offered controversial Dutch politician Geert Wilders a platform to “to voice anti-Islam anti-Muslim hatred.”

Around 50,000 easy-to-crack passwords were leaked from ABC’s “Making Australia Happy” website.

We’ve also learned some interesting things about pieces of malware. It turns out that the notorious Stuxnet is much older than initially believed. Symantec experts have identified the 0.5 variant that’s been in development since as early as 2005.

Another sophisticated piece of malware, dubbed MiniDuke, has been identified by experts from Kaspersky. The threat has been used in cyberattacks against high-profile organizations from 23 countries.

Bitdefender has analyzed an early variant of the malware and found it was “interested” in learning the date in China. However, experts say this is not conclusive evidence to the origin of the attacks.

Here are some other articles worth reading, in case you’ve missed them:

Interesting interview with DeadMellox of Team GhostShell. The hacker says he’s taking a break from hacking.

Flaw in Chrome, Safari, IE and Opera could be abused to flood your hard drives with data.

AFP Twitter account hacked by the Syrian Electronic Army.

Sentencing of Sabu postponed once again.

Bit9 says its systems were compromised in July 2012.

Izz ad-Din al-Qassam Cyber Fighters will resume attacks on March 5.

No comments:

Post a Comment