WiFi security, botnets and security vulnerabilities led the past week's security news.
WiFi hacking, botnets and zero-days led the news this past week in security.
The release of the
Firesheep
extension for Firefox put the spotlight on protecting Internet users. The
tool, which was released at the ToorCon 12 conference, allows attackers to
hijack the sessions of social network users on open wireless networks.
Firesheep set off a bit of a firestorm, and prompted another developer to
release a tool
known
as Idiocy that targets sessions on Twitter and sends a warning to victims
that their session has been compromised.
Firesheep's appearance also prompted IBM
to discuss its concept of "
Secure
Open Wireless."
While attackers may have gotten some new toys in the past week, they also
were put on the defensive when Dutch authorities led a takedown of a botnet of
PCs infected with the Bredolab Trojan. Bredolab is a Trojan downloader that is
used to infect the machines it's on with other malware.
But
the effect of the takedown, which culminated in an arrest, did not last
long.
"The key point here is that although a large botnet was
taken
down by the Dutch National Crime Squad on Monday, in only a matter of days
Bredolab is back on our radars as a different strain or variant," said
Paul Wood, MessageLabs Intelligence senior analyst at Symantec Hosted Services.
"This demonstrates both the increasing strength and robustness of botnets,
in addition to highlighting the scale of the challenge faced by our industry,
and the global law enforcement community."
Bredolab, Wood noted, is a breed of pay-per-install malware, and attackers
can buy Bredolab-infected bots in bulk and install their chosen malware.
In
an article here, eWEEK found that the bot-for-sale business is going
strong, with botnets being rented for distributed denial-of-service attacks for
as little as $50 a day.
Compromising computers of course typically relies on vulnerabilities. Adobe
Systems patched several vulnerabilities in Shockwave Player, but was also
forced to issue an advisory on a new zero-day in Adobe Flash Player. Adobe also
reported that one of the Shockwave bugs, CVE-2010-3653, is being exploited
in the wild.
"This
vulnerability
(CVE-2010-3654) could cause a crash and potentially allow an attacker to
take control of the affected system," Adobe warned. "There are
reports that this vulnerability is being actively exploited in the wild against
Adobe Reader and Acrobat 9.x. Adobe is not currently aware of attacks targeting
Adobe Flash Player."
Email
Print
