Cisco announces its intent to acquire OpenDNS

 
Cisco announced on June 30 its intent to acquire OpenDNS, a security company which provides advanced threat protection for any device, anywhere and anytime based in San Francisco.

It is said that the acquisition will boost Cisco's Security everywhere approach by adding broad visibility and threat intelligence from the OpenDNS cloud delivered platform.

According to the press statement issued by the organization, the OpenDNS team will join the Cisco Security Business Group. As per the agreement, Cisco will pay $635 million in cash and assumed equity awards, plus retention based incentives for OpenDNS. The acquisition is expected to close in the first quarter of fiscal year 2016, subject to customary closing conditions.

The press statement said that the burgeoning digital economy and the Internet of Everything (IoE) are expected to spur the connection of nearly 50 billion devices by 2020, creating a vast new wave of opportunities for security breaches across networks. The faster customers can deploy a solution, the faster they can detect, block and remediate these emerging security threats.

“OpenDNS' cloud platform offers security delivered in a Software-as-a- Service (SaaS) model, making it quick and easy for customers to deploy and integrate as part of their defense architecture or incident response strategies. By providing comprehensive threat awareness and pervasive visibility, the combination of Cisco and OpenDNS will enhance advanced threat protection across the full attack continuum before, during and after an attack,” the statement read.

The statement added that OpenDNS' broad visibility, unique predictive threat intelligence and cloud platform with Cisco's robust security and threat capabilities will increase awareness across the extended network, both on- and off-premise, reduce the time to detect and respond to threats, and mitigate risk of a security breach.

Hilton Romanski, Cisco chief technology and strategy officer, said that many people, processes, data and things connected because of which opportunities for security breaches and malicious threats grow exponentially when away from secure enterprise networks.

“OpenDNS has a strong team with deep security expertise and key technology that complements Cisco's security vision. Together, we will help customers protect their extended network wherever the user is and regardless of the device,” Romanski added.

A Bug allows anyone to crash the iPhone with a Message

(pc- Google images)
A new bug in the latest version of iOS shows a string of Arabic characters and symbols in a special text message which is followed by the crashing of the phone.

(pc- Google images)
It affects the Messages App so much so that the lines of the message after being copied and texted to another iPhone, shuts it off as well.

Affecting iOS 7 and iOS 8 now, it is due to the banner notifications processing the Unicode text using CoreText API.

This susceptibility of the iPhone to stop working can happen in any mode; but in Jailbreaking iOS, it enters into the safe mode.

The only patch to this vulnerability is to send a photo or text to the original dispatcher with the help of the share sheet in another app.

The Reddit website has been flooded with comments after the recent attack of the malicious iMessage on their iPhones.

Megaupload domains serve malware and scam ads to website visitors


Three years ago, the US government had seized several Megaupload domains that are now directing visitors to malware scams and ads.The domains namely Megaupload[dot]com and Megavideo[dot]com are being exploited by cybercriminals to supply malware and carry out scams.

Seized back in January 2012, the trial and hearing have been delayed since the New Zealand police raided the mansion of Kim Dotcom in Auckland and closed the online file locker storage website. US officials still hope that New Zealand will hand over him and his colleagues.

The domains redirect people to a Zero-Click advertising feed which feeds malicious links to malware installers and other malicious ads.

Many of these redirects try to trap the visitors with the chance of winning iPhones for cheap. One of the malicious ads serves as the link to a false BBC article, offering the iPhone 6 for only £1.

It is said that the reason behind the exploitation of the domains is the failure of the FBI cybercrime unit in controlling the main nameserver, which was previously registered to the Cyber Initiative and Resource Fusion Unit (CIRFU).


CIRFU.biz, the domain name for Megaupload.com, points to a server in The Netherlands hosted by LeaseWeb; and the domain CIRFU.net lists Syndk Media Limited as the registrant.

It seems that Megaupload and Megavideo are serving malicious ads run by the third party as the domain used as a nameserver by the Department of Justice has either expired or taken over via other means, and is no longer a part of the Government.

“With U.S. Assistant Attorney Jay Prabhu the DOJ in Virginia employs a guy who doesn’t know the difference between civil & criminal law. And after this recent abuse of our seized Mega domains I wonder how this guy was appointed Chief of the Cybercrime Unit when he can’t even do the basics like safeguard the domains he has seized,” Megaupload founder Kim Dotcom commented.

“Jay Prabhu keeps embarrassing the U.S. government. I would send him back to law school and give him a crash course in ‘how the Internet works’,” Dotcom adds.

Apart from these domains, various poker sites seized previously, naming absolutepoker.com and ultimatebet.com also are linked to malicious content now.

Copart.com hacked, requests all members to change passwords


Copart, a Texas-based company which provides online vehicle auction and remarketing services, is urging its member to change their password for their Copart.com account after the company discovered that an authorized person gained access to its computer network.


“As part of our efforts to address the problem, the Copart is requiring all members to change the password for their Copart.com account,” Sean Eldridge, senior vice-president & chief operating officer at the Copart, wrote in a letter.


“If you have not already recently been required to reset your password, simply sign into your Copart account and go to the Change Password option under the My Account tab. Also, if you use the same username and password for any other account, we recommend that you change your password there as well,” he added.

On 31 March 2015, when the company identified that the unauthorized person accessed to its network, the company immediately worked to block any further unauthorized access.

A leading cyber-security firm has been hired for the investigation. It helps the company to help determine what had happened to the company’s system and to assists in implementing enhanced security measures.

“Based on the investigation, we determined that the unauthorized person may have accessed the member’s name, address, driver’s license number, telephone number, e-mail address, and the username and password for their Copart.com account,” said Eldridge.

In order to protect, the company has recommended its members to remain vigilant by reviewing their account statements and credit reports for any unauthorized activity.

Similarly, the members can also get a copy of their credit report, free of charge, in every 12 months from each of the three nationwide credit reporting companies: Equifax, Experian and TransUnion.

According to the letter, in order to order the free credit report, the members should visit www.annualcreditreport.com or call toll free at 1-877-322-8228.

Eldridge said that if any member believed that his/her personal information has been misused, he/she should immediately contact the Federal Trade Commission and/or the attorney general’s office in respective Home State.

Cisco releases software updates to address serious flaws in TelePresence products

Cisco has released software updates to address several vulnerabilities that have been identified in its TelePresence products, which can be exploited by hackers to compromise a vulnerable system.

It has also urged its customers to update their TelePresence software. Similarly, they are advised to consult their maintenance providers or check the software for feature set compatibility and known issues that are specific to their environments.

Cisco said in an advisory published on May 13 that the workarounds that mitigate the vulnerabilities, which have been identified by during its internal tests and product security reviews, are not available.

“The vulnerability in the web framework of multiple Cisco TelePresence products could allow an authenticated or remote attacker to inject arbitrary commands that are executed with the privileges of the root user,” Cisco said in its advisory.

“The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected parameter in a web page."

"Administrative privileges are required in order to access the affected parameter. A successful exploit could allow an attacker to execute system commands with the privileges of the root user,” the advisory added.

Cisco said that although, this is a serious vulnerability with a CVSS score of 9.0, it hasn’t found evidence that shows flaw has been leveraged for malicious purposes.

One click scammers targeting people in Hong Kong

People running one click scams on the internet have seem to taken it one step further by creating new malware in Chinese.

Recently, one click scammers have begun targeting people in Hong Kong by using pop-up windows and registration pages that have been written in Chinese and ask for payment in Hong Kong dollars. In the last month alone, Symantec has blocked more than 8,000 such attempts.

Such scams have been primarily running on adult websites and download malicious software to a users computer.

Such scams primarily were run in Japan but hackers have come into new territory by learning Chinese.