Security News: US report blasts China, Russia for cybercrime; Duqu Malware: Still No Patch; MIT server hijacked in drive-by download campaign

US report blasts China, Russia for cybercrime

By LOLITA C. BALDOR, Associated Press – 4 hours ago

WASHINGTON (AP) — Cyberattacks by Chinese and Russian intelligence services, as well corporate hackers in those countries, have swallowed up large amounts of high-tech American research and development data, and that stolen information has helped build their economies, U.S. intelligence agencies have concluded.

Source: USAToday

 

Duqu Malware: Still No Patch

Malware exploits Microsoft Windows kernel zero-day vulnerability. Installer file is a Word document.
By Mathew J. Schwartz InformationWeek
November 02, 2011 11:30 AM

The recently discovered Duqu malware can exploit a zero-day Windows kernel vulnerability, which would help it to infect PCs and spread without being detected.

That revelation came after researchers at CrySyS Lab at the Budapest University of Technology and Economics managed to recover a dropper file, aka installer, for Duqu. Droppers are typically the first malicious files to infect a computer, and then they download and install further malicious files onto the computer.

Source: InformationWeek.com

 

MIT server hijacked in drive-by download campaign

Hackers used the MIT server to compromise other websites

A server belonging to the Massachusetts Institute of Technology was commandeered by hackers who used it to launch attacks against other websites as part of a larger drive-by download campaign, according to antivirus vendor BitDefender.

“One MIT server (CSH-2.MIT.EDU) hosts a malicious script actively used by cyber-crooks to scan the web for vulnerable websites,” the BitDefender researchers who spotted the attack said in a blog.

Source: InfoWorld.com

 

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.