Monthly Archives: September 2012

Chinese Hackers Blamed for Intrusion at Energy Industry Giant Telvent

September 26, 2012

A company whose software and services are used to remotely administer and monitor large sections of the energy industry began warning customers last week that it is investigating a sophisticated hacker attack spanning its operations in the United States, Canada and Spain. Experts say digital fingerprints left behind by attackers point to a Chinese hacking group tied to repeated cyber-espionage campaigns against key Western interests.

Espionage Hackers Target ‘Watering Hole’ Sites

September 25, 2012

Security experts are accustomed to direct attacks, but some of today’s more insidious incursions succeed in a roundabout way — by planting malware at sites deemed most likely to be visited by the targets of interest. New research suggests these so-called “watering hole” tactics recently have been used as stepping stones to conduct espionage attacks against a host of targets across a variety of industries, including the defense, government, academia, financial services, healthcare and utilities sectors.

Microsoft Fixes Zero-Day, Four Other Flaws in IE

September 21, 2012

Microsoft has released an emergency update for Internet Explorer that fixes at least five vulnerabilities in the default Web browser on Windows, including a zero-day flaw that miscreants have been using to break into vulnerable systems.

The patch, MS12-063, is available through Windows Update or via Automatic Update. If you installed the stopgap “fix it” tool that Microsoft released earlier this week to blunt the threat from the zero-day bug, you need not reverse or remove that fix it before applying this update. The vulnerability resides in IE 7, 8, and 9, on nearly all supported versions of Windows, apart from certain installations of Windows Server 2008 and Windows Server 2012.

Malware Dragnet Snags Millions of Infected PCs

September 19, 2012

Last week, Microsoft Corp. made headlines when it scored an unconventional if not unprecedented legal victory: Convincing a U.S. court to let it seize control of a Chinese Internet service provider’s network as part of a crackdown on piracy.

I caught up with Microsoft’s chief legal strategist shortly after that order was executed, in a bid to better understand what they were seeing after seizing control over more than 70,000 domains that were closely associated with distributing hundreds of strains of malware. Microsoft said that within hours of the takeover order being granted, it saw more than 35 million unique Internet addresses phoning home those 70,000 malicious domains.

Internet Explorer Users: Please Read This

September 18, 2012

Microsoft is urging Windows users who browse the Web with Internet Explorer to use a free tool called EMET to block attacks against a newly-discovered and unpatched critical security hole in IE versions 7, 8 and 9. But some experts say that advice falls short, and that users can better protect themselves by using an alternative browser until Microsoft can issue a proper patch.

Exploit Released for Zero-Day in Internet Explorer

September 17, 2012

A working exploit that takes advantage of a previously unknown critical security hole in Internet Explorer has been published online. Experts say the vulnerability is being actively exploited in the wild, and that it appears to be connected to the same group of Chinese hackers responsible for unleashing a pair of Java zero-day exploits late last month.

Microsoft Disrupts ‘Nitol’ Botnet in Piracy Sweep

September 13, 2012

Microsoft said Thursday that it convinced a U.S. federal court to grant it control over a botnet believed to be closely linked to counterfeit versions Windows that were sold in various computer stores across China. The legal victory also highlights a Chinese Internet service that experts say has long been associated with targeted, espionage attacks against U.S. and European corporations.