Although we’re recently seeing cybercriminals focusing more on currently popular communication platforms, such as social media, mobile devices, etc, they do still attempt some more old fashioned approaches too.
And why wouldn’t they, if time and time again, computer users keep clicking and infecting themselves with malware. ESET researcher David Harley blogged more on the topic.
G20 servers attacked by cybercriminals
The French finance ministry has revealed that hackers subjected one of its main server farms to a barrage of attacks last December, apparently in a bid to download documents ahead of the G20 summit in Paris. Infosecurity reports.
USB driver bug exposed as “Linux plug&pwn”
The H Security reports the bug is caused by the device name being copied into a memory area with a size of 80 bytes using strcpy() without its length being tested. A crafted device with a long device name could thus write beyond the limits of this buffer, allowing it to inject and execute code. Because the driver is included, and automatically loaded, in most Linux distributions, to execute code in kernel mode an attacker would merely have to connect such a device to a Linux system’s USB port.
ESET Ireland 