null Bangalore Chapter - April 2013 Meet

1. Information security news
News Bytes
April 2013

2. Spamhaus DDoS attack
Spamhaus supplies lists of IP addresses for
servers and computers on the net linked to the
distribution of spam.
Between March 19 and March 22 10Gbps –
90Gbps
March 26 – 300Gbps DNS reflection attack –
congestion of Tier 1s, primarily in Europe
Cyberbunker, a hosting company that operates
out of an abandoned NATO bunker in the
Netherlands, is known for hosting almost any
website, except those involved with terrorism
and child pornography

3. 'Chameleon Botnet' takes $6-million-a-month in ad money
Researchers at Spider.io discovered a
‘human-like’ botnet counting over 120,000
infected systems, and costing advertisers
more than $6 million a month
According to Spider.io. Chameleon is the
first botnet to directly impact display
advertisers rather than text-link advertisers.
Simulating human activity, the click-fraud botnet was used to steal money from unwary
advertisers on over 200 websites, hijacking at least 65 percent of their traffic from ads

4. Samsung lock screen flaw found!!!
Similar to one that was revealed by another
researcher earlier this year on iPhones. On a
Samsung handset, users can, from the lock
screen, pretend to dial an emergency services
number, quickly dismiss it, and with some
sleight of hand, quickly gain access to any app
or widget, or the settings menu in the device.
The dialer can also be launched, allowing the
"hacker" to place a call.

5. Google rolls out initiative to help hacked sites
Google has launched "Help for Hacked
Sites" informational series, which has a
dozen articles and videos aimed to help
people avoid having their sites hacked
and also teach them how to gain back
control of compromised sites.

6. Researchers highlight potential security risk to iOS users
iOS profiles, aka mobileconfig files, are used
by mobile carriers to configure key settings
for e-mail, Wi-Fi, and other features. But
these files could be abused by attackers to
sneak past Apple's normally tight security
1) You should only install profiles from trusted websites or
applications.
2) Make sure you download profiles via a secure channel
(e.g., use profile links that start with https and not http).
3) Beware of non-verified mobileconfigs. While a verified
profile isn't necessarily a safe one, a non-verified should
certainly raise your suspicion.

7. Trojan.Yontoo.1 targets Mac OS X systems
Trojan.Yontoo.1 can also be
downloaded as a media player, a
video quality enhancement
program, or a download
accelerator, Dr. Web said.
Once launched, the Trojan generates a dialog box that offers to install Free Twit Tube. After
users presses "continue," the Trojan downloads the Yontoo adware plug-in for Safari, Chrome,
and Firefox.
The plug-in transmits information about the pages users visit and embeds third-party code into
those pages

8. Apple: Critical Update for Java for OS X Lion and Mac OS X
Apple has released a critical Java update to
mitigate multiple vulnerabilities that "may
allow an attacker to execute arbitrary code,
cause a denial-of-service condition, or
disclose sensitive information," according to
US-CERT.
The following products are included in the updates:
OS X v10.6.8
OS X server v10.6.8
OS X Lion v10.7.3
Lion Server v10.7.3

9. Microsoft Updates April 2013 - 3 Critical Vulnerabilities

11. Kali Linux Features
Complete re-build of BackTrack Linux, adhering completely to Debian development
standards
More than 300 penetration testing tools
Open source Git tree
FHS compliant
Vast wireless device support
Custom kernel patched for injection
Secure development environment
GPG signed packages and repos
Multi-language
Completely customizable
ARMEL and ARMHF support currently available for the following ARM devices:
rk3306 mk/ss808
Raspberry Pi
ODROID U2/X2
Samsung Chromebook
Kali is specifically tailored to penetration testing and therefore, all documentation on this
site assumes prior knowledge of the Linux operating system.

12. Thank You
aniket_nd@gmail.com