Archive for February 26, 2016

Bug in Linux’s open source leaves number of apps and software under attack

Catastrophic flaw has been discovered in Linux operating hardware and software's by a group of researchers. The flaw has affected hundreds or thousands of apps and hardware devices.

The vulnerability was first introduced in 2008 in GNU C Library, which is a open source code that powers thousands of standalone applications and most distributions of Linux, including those distributed with routers and other types of hardware.

A function getaddrinfo() performs domain-name lookup which contains a buffer overflow bug that allows attackers to remotely execute malicious code.  It could be exploited when the device make queries to attacker-controlled domain names or domain name servers.

All versions of glibc after 2.9 are vulnerable. Every Linux-based software or hardware that performs domain name lookup should install it as soon as possible.

"It's a big deal," Washington, DC-based security researcher Kenn White told Ars, referring to the vulnerability. "This is a core bedrock function across Linux. Things that do domain name lookup have a real vulnerability if the attacker can answer."

One of the Linux-based package that's not vulnerable is Google's Android mobile operating system. It uses a glibc substitute known as Bionic.

"This was an amazing coincidence, and thanks to their hard work and cooperation, we were able to translate both teams’ knowledge into a comprehensive patch and regression test to protect glibc users," the Google researchers wrote.

Horry County school paying for computer virus ransom

Several servers system of the Horry County school remains locked after a ransom computer virus invaded the system.

Charles Hucks, executive director of technology for Horry County Schools, is trying hard to restore locked data by working non-stop 20 hour day. Once the virus was discovered last Monday, the servers were immediately shut down  to  further stop the malware from spreading, that affected with online services.

According to the Hucks, the server systems were not targeted to gain access to data, but the hackers used a high-level encryption to unlock the schools’ servers.  However, nothing was stolen or removed, and staff and student information is safe.

They have been able to retrieve most of the lost data, but  25 elementary school servers are still encrypted with no solution to solve it.

“And the only way we’ll get it back is to pay,” said Hucks.

Till now the administrators approved an $8,500 ransom to unlock the servers as the ransom is to be paid in bitcoins so they’ve had trouble making the payment.

“In the next few days we should know. We’re going server by server, back up by back up, to see exactly what we have and the time that it takes to back up, so that will be a business decision,” said Hucks.

Hucks says viruses and malware are more and more common, so they are stepping up their security.

“That’s most technology management folks worst nightmare is, for there to be something in the network and you don’t know it’s there. External visibility of servers and access and account level changes,” he said.

Twitter’s bug could expose contact numbers of users

Micro-blogging website, Twitter had squashed its password recovery bug on Wednesday (February 17) which had affected its password recovery systems last week.

The bug which had affected the systems for about 24 hours had the intensity to extract a user’s personal information including the e-mail address and contact number.  

The company has notified affected users, though it’s believed to have impacted fewer than 10,000 of Twitter’s more than 320 million monthly active users.

If a user has no received a mail, then it implies that there account is safe.

The company would also call on law enforcement officials to investigate any users who they find exploited the security bug to access someone else’s account information.

The issue reminds of the practice what the company refers to as “good security hygiene,” including double authentication.

While the issue did not impact user security, it illustrates the trouble users face with protecting their own data. 

While users could have strong passwords, use two-factor authentication, and employ other security techniques but if a company’s network is hacked, there’s little customers can do but watch their information fall into the hands of malicious parties.

Hackers hold a Hollywood hospital for Ransom

A hacker who has attacked the computers of Hollywood Presbyterian Medical Center is demanding a ransom of 9,000 bitcoins to remove the ransomware which is holding the hospital’s computers hostage, since a week and is preventing the staff from accessing essential data like patient files and test results.

The issue came to forefront when the hospital’s President and CEO, Allen Stefanek told NBC Los Angeles that the hospital’s computer network was suffering from IT issues since February 05 which is posing a big problem in day to day activities and the hospital is forced to turn away new patients.

The staff is using fax machines and telephones to communicate between different departments as they do not have access to email. Doctors also are unable to access patient’s information, including past medical records, newly admitted record and medical test results.

Registrations and medical records are being logged on paper and staff has been instructed to leave their systems offline until told otherwise.

The malware has resulted in a typical chaos within the hospital as some outpatients are missing on their treatments while new patients are being transferred to other hospitals.

Though no patient information has been compromised but the hospital has given the charge to Los Angeles Police department (LAPD) and law enforcement agency, Federal Bureau of Investigation (FBI) to trace the identity of the attackers so that hospital does not lose out more.

In earlier hospital e -attacks, the hackers generally focused on stealing personal data but in this case nothing as such happened and the attack looks more to extract a big payout.

A bitcoin presently costs about $397.07 USD, making the ransom demand worth about $3,573,630 USD.
It is not been made clear if the hospital plans to pay the ransom or not if the solution to attack isn’t found.

The critical data needs to be stored in a tape backup as these sorts of attacks are becoming common with every increasing day.



Bug: Not beyond January 1, 1970 for Apple users

Its truly said you cannot go back in time, but you can  definitely change the date on your mobile phones. However, with iPhone you cannot go back to January 1, 1970.

An Apple user  recently was playing with his iPhone's Date & Time settings, "Hello, I was playing around with my Date & Time settings and I changed the time to January 1st 1970. I shutdown my phone and restarted it, the result is a bricked iPhone. I've tried restoring, updating, but nothing seems to be working."

After he reported this fault,  A tech website 9to5mac posted a a video demonstrating the fault. It appear that this fault only affects the Apple devices which have 64-bit processors — meaning iPhone 5S, iPad Air, iPad Mini 2 and the sixth-generation iPod Touch, or newer models of those devices.

According to the video posted when you change the date to January 1, 1970, and then restart your device, you will only see the Apple logo on the screen, where it apparently gets permanently stuck.

NBC News has conntacted Apple but they haven't responded to their queries.