Even Microsoft Was Hit By Malware Attack

Status
Not open for further replies.

xpeh

Distinguished
Jun 25, 2011
27
0
18,580
Why do the Americans always call Ukraine "The Ukraine?" Ukraine isn't exactly a part of Russia anymore.
 
G

Guest

Guest
During our investigation, we found a small number of computers, including some in our Mac business unit

Already curbing those mac "no viruses ever" fanboys I see. Nice.
 

twelve25

Honorable
Oct 8, 2012
9
0
10,510
It only takes one idiot to click on a link in an email and you have your backdoor in. With these huge companies, finding one idiot is all but assured.
 

RazorBurn

Distinguished
Feb 7, 2011
9
0
18,510
[citation][nom]seuifrhysdyfug[/nom]During our investigation, we found a small number of computers, including some in our Mac business unitAlready curbing those mac "no viruses ever" fanboys I see. Nice.[/citation]

As this malware is using a Java exploit, it doesn't really matter if it is Mac, Linux, or Windows.. It will get infected, Java is available on all OS even android and iOS.. Clever malware authors if u ask me..
 

twelve25

Honorable
Oct 8, 2012
9
0
10,510
[citation][nom]xpeh[/nom]Why do the Americans always call Ukraine "The Ukraine?" Ukraine isn't exactly a part of Russia anymore.[/citation]

What is even called "The Ukraine" when it was a Soviet member? I think it's just some local flavor. Why do we call it Japan when it is Nippon?

 

madjimms

Distinguished
Mar 7, 2011
90
0
18,580
[citation][nom]twelve25[/nom]What is even called "The Ukraine" when it was a Soviet member? I think it's just some local flavor. Why do we call it Japan when it is Nippon?[/citation]
Because its a county..... Generally countries have names attached to them.
 
G

Guest

Guest
Ukraine was called "the Ukrainian Soviet Socialist Republic" during USSR, it even had a ministry of External Affairs separate from the Soviet one, and was one of the founding members of the United Nations. One doesn't say "the England" or "the Japan", or "the Russia" (though it is OK to say "the United Kingdom", "the Empire of Japan", or "the Russian Federation"). Ukraine is a proper name and therefore doesn't get the definite article "the". Author Fail.
 

CaedenV

Distinguished
Jun 14, 2011
532
0
18,960
[citation][nom]seuifrhysdyfug[/nom]During our investigation, we found a small number of computers, including some in our Mac business unitAlready curbing those mac "no viruses ever" fanboys I see. Nice.[/citation]
Mac is based on unix, and therefore is nearly impossible to infect the OS. Heck, even Windows Vista/7/8 are extremely difficult to infect the core OS. But that does not mean that periphrial software such as Flash, Java, web browsers, or other bits of software cannot be compromised, and those often work over several platforms. Even cell phones suffer from this. Android may be very difficult to compromise, but when the UI is made by a manufacturer, or software is made by a carrier, then it does not matter how secure the core OS is because there are other easier ways in. That is one thing I like about iOS and WP, there is a minimum of 3rd party involvement, and the apps are checked out more before being made available on the store.
I trust apple and MS to write software more than I trust ATT, VZW, HTC, or Samsung to do anything right.
 
G

Guest

Guest
I really don't use Java that much so I just decided to remove it. One less thing to make me a target.
 

-Jackson

Distinguished
Feb 2, 2012
65
0
18,580
[citation][nom]CaedenV[/nom]Mac is based on unix, and therefore is nearly impossible to infect the OS. Heck, even Windows Vista/7/8 are extremely difficult to infect the core OS. But that does not mean that periphrial software such as Flash, Java, web browsers, or other bits of software cannot be compromised, and those often work over several platforms. Even cell phones suffer from this. Android may be very difficult to compromise, but when the UI is made by a manufacturer, or software is made by a carrier, then it does not matter how secure the core OS is because there are other easier ways in. That is one thing I like about iOS and WP, there is a minimum of 3rd party involvement, and the apps are checked out more before being made available on the store.I trust apple and MS to write software more than I trust ATT, VZW, HTC, or Samsung to do anything right.[/citation]
That is exactly why I own a Windows Phone. :)
 

f-14

Distinguished
Apr 2, 2010
774
0
18,940
http://www.dailymail.co.uk/news/article-2262540/Homeland-Security-STILL-warning-Americans-disable-Java-Oracle-says-problem-fixed.html
By Jim Finkle
Fri Jan 11, 2013 4:53pm EST
(Reuters) - The U.S. Department of Homeland Security urged computer users to disable Oracle Corp's Java software, amplifying security experts' prior warnings to hundreds of millions of consumers and businesses that use it to surf the Web.

Hackers have figured out how to exploit Java to install malicious software enabling them to commit crimes ranging from identity theft to making an infected computer part of an ad-hoc network of computers that can be used to attack websites.

"We are currently unaware of a practical solution to this problem," the Department of Homeland Security's Computer Emergency Readiness Team said in a posting on its website late on Thursday.

"This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered," the agency said. "To defend against this and future Java vulnerabilities, disable Java in Web browsers."

Oracle declined on Friday to comment on the warning.

the price you pay for not vetting your software.
 

f-14

Distinguished
Apr 2, 2010
774
0
18,940
Homeland Security STILL warning Americans to disable Java even as Oracle says problem fixed
By DAILY MAIL REPORTER
PUBLISHED: 20:43 EST, 14 January 2013 | UPDATED: 20:43 EST, 14 January 2013

Oracle Corp. said Monday said it has fixed the problem it its Java software that raised an alarm from the U.S. Department of Homeland Security last week, but the federal agency still recommends that users disable Java in their Web browsers.
'This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered,' DHS said in a statement Monday. 'To defend against this and future Java vulnerabilities, consider disabling Java in Web browsers until adequate updates are available.'
The alert follows on the department's warning late Thursday.

Security experts said that special code to take advantage of the weakness is being sold on the black market through so-called 'Web exploit packs' to Internet abusers who can use it to steal credit card data, personal information or cause other harm.
The packs, sold for upwards of $1,500 apiece, make complex hacker codes available to relative amateurs.
This particular flaw even enables hackers to compromise legitimate websites by taking over ad networks.


The sale of the packs means malware exploiting the security gap is 'going to be spread across the Internet very quickly,' said Liam O'Murchu, a researcher with Symantec Corp. 'If you have the opportunity to turn it off, you should.'
Oracle said it released two patches — to address the flaw highlighted by the government, as well as another flaw that the government said was "different but equally severe."
As well, the patches set Java's default security level to 'high' so that users will automatically be shown a prompt and given a chance to decline malicious software before it loads onto their computers.

Many programmers are avoiding Java altogether, and its use in Web browsers is on the decline, he said.
Kaspersky Lab estimated that last year 50 percent of all website exploitations were due to vulnerabilities in Java. Adobe's Acrobat Reader accounted for another 28 percent of vulnerabilities.


Read more: http://www.dailymail.co.uk/news/article-2262540/Homeland-Security-STILL-warning-Americans-disable-Java-Oracle-says-problem-fixed.html#ixzz2M21Yvntd

i have to pile on my hate for oracle and java, they just make their adware worse not better with every update as well as bandwidth hogging and autoplay ads and give them sounds, it was bad enough when they made ads flash and give people with epilepsy seizures, now i have to endure commercials on a computer when i am required to touch one that is not mine own to beat into permission submission
 

f-14

Distinguished
Apr 2, 2010
774
0
18,940
At least one server being used by this group – possibly based out of Russia -- is located in the Ukraine.
also forgot Mr Parrish:
you need to get with the 21st century the USSR collapsed under less debt than america has today, Ukraine is it's own country again, no longer a soviet satellite state for Russia
 

robochump

Distinguished
Sep 16, 2010
350
0
18,930
[citation][nom]Macl[/nom]I really don't use Java that much so I just decided to remove it. One less thing to make me a target.[/citation]

Which is fine for personal systems but unfortunately JAVA is still integrated in many business applications. My work MAC requires JAVA for VPN and other web based applications. Can be very frustrating :p
 
Status
Not open for further replies.