Posted on

Microsoft Issues Stopgap Fix for IE 0-Day Flaw

Microsoft today released a stopgap fix for a critical security flaw in most versions of Internet Explorer that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21.

The company released a “fix it” tool, designed to blunt the threat of attack on this flaw for users of IE 7, 8 and 9. In a blog post, Microsoft’s Yunsun Wee said the one-click solution should not affect users’ ability to browse the Web, and it does not require the reboot of your computer. Users should not need to uninstall the fix to apply the full security patch when Microsoft releases it.

I’m glad to see Microsoft take this step. The company keeps downplaying the threat, stating that “there have been an extremely limited number of attacks,” against that this flaw and that “the vast majority of Internet Explorer users have not been impacted.” Nevertheless, as I noted in previous stories this week, a reliable exploit for this vulnerability has already been rolled into free, easy-to-use attack tools, so IE users should not delay in applying this fix-it tool.

Original article at krebsonsecurity

Posted on

Point-Of-Sale Hackers Plead Guilty To Scheme, Face Prison Time

Two hackers who took part in a hacking scheme that involved more than 146,000 compromised cards leading to more than $10 million in losses, pleaded guilty today in a New Hampshire court. One agreed to spend seven years behind bars, while the other agreed to spend 21-months locked up.

Iulian Dolan and Cezar Butu, both Romanian nationals, admitted that between 2009 and 2011, they cooperated with co-conspirator Adrian-Tiberiu Oprea, who is awaiting trial after being extradited to the U.S.  in May, to hack into hundreds of U.S.-based point of sale (POS) systems to steal credit and debit card numbers and then use the stolen payment card data to make unauthorized charges or sell the stolen card data to others who would do the same.

Click for complete article >>

Written by: jpeterson at https://www.teamshatter.com/topics/database-security/point-of-sale-hackers-plead-guilty-to-scheme-face-prison-time/

Posted on

Massachusetts Eye And Ear Associates Inc. To Pay $1.5 Million For Potential Violations Of The HIPAA Security Rule

Another HIPAA data breach settlement has been reached, this time with the Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates Inc. (MEEI), which will pay $1.5 million to the Department of Health and Human Services (HHS) for potential violations of the HIPAA Security Rule.

HHS officials announced Monday that the settlement also requires MEEI to take corrective action to improve policies and procedures to safeguard the privacy and security of its patients’ protected health information.

Click for complete article >>

Written by: jpeterson at https://www.teamshatter.com/topics/compliance/hipaa/massachusetts-eye-and-ear-associates-inc-to-pay-1-5-million-for-potential-violations-of-the-hipaa-security-rule/

Posted on

How to restore individual files from System Restore points

Today I noticed that all of the files that I had saved on the desktop in Windows 7 were gone. The only icon that I saw on the desktop was the Recycle Bin. Since I needed to access the files, I started to investigate the issue. First thing that I did check was to make sure that I had not unchecked the show desktop files option. I verified that despite the fact that I saw the Recycle Bin icon on the desktop.

The option to show desktop icons was checked, so that was not it. Next thing on the list was to search for the files on the system, which turned up that they were not anymore on it. I also fired up Office 2013 to load some of the recent files but that did result in an error message that the documents could not be found on the system, and that I should check whether they had been moved.

Research on the Internet showed me that I was not the only user with the issue. Not all issues were resolved in the various forum threads on the Internet, but some solutions included scanning the file with up to date antivirus software to make sure that malware was not to blame for the disappearance of files on the desktop.

Scans with Malwarebytes Anti-Malware and Dr. Web Cure It did not find malware on the system that could have been responsible for the removal of the desktop files.

Next try System Restore. I had multiple System Restore points at my disposal. The last ones were created after Windows Updates, the installation of the ramdisk software, and SlimCleaner.

I restored the points but the desktop items did not return. Last chance file recovery right? Recuva found some of the documents but not all. I was about to give up when I decided to browse some of the System Restore points just to find out if one of them had the documents listed. They should have, considering that I have been working with the documents yesterday.

I have used System Restore Explorer for that. You can use the program to mount system restore points so that you can browse and restore individual files.

restore individual system restore files

And guess what, the first system restore backup that I mounted contained the files and folders that I had stored on the desktop. I’m not entirely sure why the files have not been recovered when I restored the backup that contained them though. It could be a issue with files on the desktop, but that is just a guess. I can create new icons and files on the desktop, and they remain there even after reboots.

system restore files

I already did a sfc /scannow on the console to make sure that no important files were corrupted that caused this. I also checked the disk which required no repairs as well.

If you have an idea what could have caused this let me know please, I’d really like to find an answer for the issue. I’m also not sure why restoring the System Restore point did not restore the files on the desktop, as they were included in the backup.

Original article at Ghacks

Posted on

BMW Cars Vulnerable To Blank Key Attack

Techmeology writes “Thieves have discovered how to steal BMW cars produced since 2006 by using the onboard computer that is able to program blank keys. The device used — originally intended for use by garages — is able to reprogram the key to start the engine in around three minutes. The blank keys, and reprogramming devices, have made their way onto the black market and are available for purchase over the Internet.”


Share on Google+

Read more of this story at Slashdot.

Written by: timothy at https://tech.slashdot.org/story/12/09/13/142245/bmw-cars-vulnerable-to-blank-key-attack?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot+%28Slashdot%29

Posted on

Reliance Net Connect website Defaced by Hackers

Reliance Net Connect , a venture of Reliance Communications , one of the leading CDMA & GSM Service providers in India website was Defaced by Hackers two days back. No reason mentioned by hackers but on deface page, Hackers wrote “Hacked by Dr-FreaK and Napsters Cr3w”.<!– adsense –>
Defaced site link – https://reliancenetconnect.co.in , but at the time of writing this post, site has been 

Written by: noreply@blogger.com (Mohit Kumar) at https://thehackernews.com/2012/09/reliance-net-connect-website-defaced-by.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Daily+Cyber+News+Updates%29