ESET: Advanced bootkit attacks Rovnix banking system
Updated malicious code can simultaneously perform DDoS-attacks and send attackers found on the victim’s computer confidential data.
According to the researchers of ESET, they have found a new version of bootkit Rovnix, able to carry out attacks on remote banking and transfer funds from the accounts of victims of hackers on the servers.
Earlier Rovnix was detected in the Trojan Carberp. Its function was to create a botnet through which hackers made DDoS-attacks or send spam. In addition, Rovnix create a backdoor on the infected computer, allowing to download any malicious software.
Experts discovered a new version is more complex than its predecessor. So, now Rovnix received an improved system of protection against detection by antivirus programs, and also became a multifunctional – it can simultaneously carry out DDoS-attack and transmit confidential data stolen by hackers.
«Rovnix – this is the first bootkit, who used the technique of bypass detection by anti-virus products with modifications VBR (Volume Boot Record). We are now witnessing a new stage of development for the development of this freymforka bootkits. In the new version you can use multiple components of the installation of malware running on the user level, and store them in a hidden file system, which greatly complicates the forensic examination “, – summed up the center’s director of virus research and analytics ESET Alexander Matrosov. More results from studies of ESET can be found here.
mSeven Software: Customers remember an average of 4 combinations that are used as passwords
Using the same password to access the various web-sites leads to a compromise of many accounts in the event that one of them is broken.
According to research company mSeven Software, more than 75% of Internet users remember passwords to their accounts, instead of burning them, or stored in electronic form. According to the results of that study, a password can be used to access dozens of user accounts on various web-resources.
According to experts, the practice of storing three or four combinations, which are used for access to various resources, is extremely unsafe because breaking one account, a hacker gains access to the accounts of victims to other Internet resources.
“Either these people have developed over the memory, or they remember a small number of combinations that are used as passwords for accessing various web-sites. The habit of using one password for access to dozens of resources creates a risk of compromising all user accounts at breaking one of them “- said director of marketing mSeven Software Pfeiffer, David.
Facebook: 8,7% social network accounts – fake
Social Network blocks every 20 thousand accounts.
Representatives from Facebook have prepared a report for the Securities and Exchange Commission USA, which indicated that the number of fake accounts in a social network is 83 million out of 955 million users. Of these 83 million 4.8% of accounts are duplicates, 2.3% were created by mistake or deliberately have not been properly filled with users, and 1.5% – are used to send spam.
According to the Facebook, daily blocks of about 20 thousand records. In addition, 600 thousand are considered as suspicious. Note that the total number of active users of social networks is fixed at 872 million
Recall that in the last month of the year BBC journalists found that the fake “husky” in Facebook impact on the effectiveness of advertising campaigns in a social network. In particular, a large car General Motors has ceased to advertise on Facebook, telling about its inefficiency.
The network has pirated version of Windows 8
The day after the announcement of RTM-version illegal copies of the product began to appear in the public domain.
August 1 this year, Microsoft has released the final version of the Windows operating system 8, which began sending the industry partners. To market the new OS Windows is due out October 26th of this year. As the representatives of Microsoft, this period is necessary to synchronize the partners of the company of their applications with the new operating system.
The next day, after the appearance of a blog post on the company’s file-sharing resources began to appear pirated copies of Windows 8 Enterprise. 64-bit distro is loaded with the index N, which means there is no complete player Windows Media Player, under the terms of antitrust agreement Microsoft and the European Commission by 2004.
Note that the official update software with Windows XP, Vista and Windows 7 to the latest version will cost users $ 40. According to developers, Windows 8 should be the first product on the basis of which can work as computers, and tablets, as it fixes some problems when working with touch screens faced by its predecessor, Windows 7.
Microsoft announced the release of Attack Surface Analyzer 1.0
Microsoft has released a tool designed for the analysis of security incidents.
According to a report to Microsoft, the software giant released the first tool for the analysis of security incidents – Attack Surface Analyzer 1.0.
This software is an analog instrument used by the security departments of the company to identify changes in the system when you install new programs.
Attack Surface Analyzer makes “snapshots” of systems, organizations, and provides a comparative analysis of the changes. The tool does not analyze the system based on signatures and known vulnerabilities. Instead, the application searches for the class gap, as installation of applications on the operating system Windows.
The instrument contains a built-in user guide, which can provide substantial support for the inexperienced user in the process of scanning and analysis. In the console version implemented the ability to automate processes, and also adds support for earlier versions of Windows. In addition, IT-experts can share the console version with other similar software. Download Attack Surface Analyzer here.