The Hacker News

on Tuesday, 5 November 2013
 

 

The Hacker News
The Hacker News has been internationally recognized as a leading news source dedicated to promoting awareness for security experts and hackers // via fulltextrssfeed.com

CVE-2013-3906 : Zero Day Vulnerability in Microsoft Graphics Component
11/6/2013 5:31:00 AM

Microsoft has issued a temporary fix for a 0day vulnerability that can be exploited to install malware via infected Word documents.
A Zero-day Remote code execution flaw, which has been dubbed CVE-2013-3906, exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office users running Windows Vista and Windows Server 2008."The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images," it said in the post.  Vulnerability was reported to Microsoft by McAfee Labs senior security researcher Haifei Li.
A successful infection can give an attacker complete control over a system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Currently the company is only aware of targeted attacks mostly in the Middle East and South Asia, with attackers sending unsuspecting victims crafted Word documents with a tainted attachment.

"An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, open a specially crafted file, or browse specially crafted web content."

According to Microsoft, the exploit combines multiple techniques to bypass exploit mitigation techniques such as ASLR (DEP) and address space layout randomization (ASLR). 

The affected products are:
  • Windows Vista x86, x64
  • Windows Server 2008 x86, x64, Itanium, Server Core
  • Microsoft Office 2003
  • Microsoft Office 2007
  • Microsoft Office 2010 x86, x64
  • Microsoft Office Compatibility Pack
  • Microsoft Lync 2010 x86, x64
  • Microsoft Lync 2010 Attendee
  • Microsoft Lync 2013 x86, x64
  • Microsoft Lync Basic 2013 x86, x64
Windows 7 and 8 and Office 2013 and Office 365 are not affected.

Microsoft released a temporary 'Fix it' workaround that could block the attack by blocking rendering of the vulnerable TIFF graphic format by way of a registry key.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Gdiplus\DisableTIFFCodec = 1


The Enhanced Mitigation Experience Toolkit (EMET) helps mitigate the exploitation of this vulnerability by adding additional protection layers that make the vulnerability harder to exploit.

 

Rise in website Defacement attacks by Hackers around the World
11/5/2013 3:14:00 PM

Last week we noticed a rise in cyber attacks particularly - website Defacement attacks on many governments and organizations of different countries by the hackers around the world.

Targeted countries include Singapore, Mexico, Philippines, Australia, Egypt, United States, Syria and many more. Out of all these targets, most controversial were Philippines and Australia, hacked by Activist group Anonymous.

Last Sunday, Anonymous hackers from Indonesia defaced hundreds of websites belonging to the Australian Government, saying the action was in response to reports of spying by Australia. The websites, defaced with a message reading "Stop Spying on Indonesia". We have shared the list of all targeted website on a pastebin note.

In a separate incident, Anonymous hackers defaced more than 38 Philippine Government websites, and called on the public to support an anti-corruption protest "Million Mask March" at the Batasang Pambansa on November 5. "The government, in many ways, has failed its Filipino citizens," the hackers added. "We have been deprived of things which they have promised to give; what our late heroes have promised us to give."

National and local government agencies and the website of the Office of the Ombudsman, Philippine Embassy in Seoul, Insurance Commission, Vigan and Cardon Cities Official Website, 3rd District of Laguna were among those hacked by Philippines hackers.

On the other end, Algerian hacker named as DZ27 hacked and defaced three Egyptian government websites. Targeted websites include the Information System Institute for Egyptian Armed Forces, a subdomain of the Armed Forces and website of Tourism Development Authority Egypt.

Anonymous hacker who went by the moniker "The Messiah" breached a blog linked to Singapore's leading newspaper 'Straits Times' and the hacker claimed a journalist published a "very misleading" blog post about a threat purportedly issued by Anonymous against Singapore's government to protest contentious online licensing regulations.

A message left on the blog page demanded that the journalist resign or apologize within 48 hours to the citizens of Singapore for trying to mislead them. Hackers also accused the government of extending censorship to the Internet in a country where the media have long been tightly supervised. 

In a separate incident, The website of the Seletar Airport in Singapore was also hacked by an unknown hacker, and the defaced page designed with a black and green background with a skull wearing a hood in the middle. But it was fixed within half an hour.

The cyber attack on Syrian, where three Government websites from Syria and around thousands of commercial websites were defaced by Syrian hackers introducing themselves as RBG Homs, Silent Injector and Syrian Hexor. The hack is a part of an operation called #opSyria and complete list of hacked websites published online at pastebin.
Another separate attack, where an Anonymous hacker defaced the website of a law firm that defended a US Marine who faced charges in connection with the 2005 killing of 24 Iraqi civilians. Puckett served as the lead defense lawyer for Staff Sergeant Frank Wuterich, who faced a US military court martial last month in connection with the killings in the Iraqi town of Haditha. Hackers claimed that they have published online 3GB Data of private email messages of attorneys Neal Puckett and Haytham Faraj.
Also, Hundreds of Mexican web sites defaced by a hacker named as ExpirED brain Cyber army. The complete list of targeted websites is listed in a pastebin note. Here the reason of the attack is not clear, neither mentioned by the hacker.

Stay tuned to The Hacker News for more latest Hacking news updates.

Photo of Wang Wei Hacker News - Security consultant for the government, financial Securities & Banks. Malware Analyst, Penetration Tester, Security Researcher at 'The Hacker News'. ()

Popular Stories

 

You are receiving this email because you subscribed to this feed at feedmyinbox.com

If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)