Pwn2Own 2012: IE 9 hacked with two 0day
vulnerabilities
By Ryan Naraine | March 8, 2012, 3:42pm PST

Summary: The code execution attack, which required
no user action beyond browsing to a rigged web
site, also works on Internet Explorer v10 (consumer
preview) running on Windows 8.

Microsoft’s Internet Explorer 9 browser has fallen.

A team of French researchers exploited two
different IE zero-day flaws to break into a fully
patched Windows 7 SP1 machine and take an almost
unassailable lead in this year’s CanSecWest Pwn2Own
competition.

The hacking team, from French security research
outfit VUPEN, used an unpatched heap overflow bug
to bypass DEP and ASLR and a separate memory
corruption flaw to break out of the browser’s
Protected Mode sandbox.

The code execution attack, which required no user
action beyond browsing to a rigged web site, also
works on Internet Explorer v10 (consumer preview)
running on Windows 8....

The Cridex Trojan Targets 137 Financial
Organizations in One Go

...This Trojan’s capability is basically similar to
Zeus and SpyEye. It collects information from the
user’s machine and sends it to the C&C server. This
information can include, for example, cookies, FTP
credentials and email accounts....The
cybercriminals can track specific Web sites that
are accessed by the user by taking screenshots of
every page the user accessed in real time. They can
also blacklist URLs, redirect URLs and more. Same
as with the Zeus Trojan, the administrators can
supply a code to be injected into Web pages. The
Cridex Trojan intercepts browser requests and
changes the displayed content according to the
configuration, written by the administrator of the
botnet. This way the cybercriminal can trick the
user to enter valuable information the
cybercriminal is looking for, without raising
suspicion...Cridex has a “WORLD BANKER CENTER”
plug-in which includes a database of 137 banks.
Yes, one hundred, thirty seven different banks or
financial organizations from all over the world!.

..

MasterCard, VISA Warn of Processor Breach

VISA and MasterCard are alerting banks across the
country about a recent major breach at a U.S.-based
credit card processor. Sources in the financial
sector are calling the breach “massive,” and say it
may involve more than 10 million compromised card
numbers.

In separate non-public alerts sent late last week,
VISA and MasterCard began warning banks about
specific cards that may have been compromised. The
card associations stated that the breached credit
card processor was compromised between Jan. 21,
2012 and Feb. 25, 2012. The alerts also said that
full Track 1 and Track 2 data was taken – meaning
that the information could be used to counterfeit
new cards....

Teacher’s aide fired for refusing to hand over
Facebook password

This all started in April 2011, when Hester was
using Facebook on her own time (when she wasn’t
working at the school). She jokingly posted a
picture of a co-worker’s pants around her ankles
and a pair of shoes, with the caption “Thinking of
you.”

A parent and Facebook friend of Hester’s saw the
photo and complained to the school. A few days
later, Lewis Cass ISD superintendent Robert Colby
asked her three times for access to her Facebook
account. Hester refused each of the district
superintendent’s requests.

Soon after, Colby wrote Hester a letter, a part of
which said the following, according to WSBT: “…in
the absence of you voluntarily granting Lewis Cass
ISD administration access to you[r] Facebook page,
we will assume the worst and act accordingly.”
Hester says he put her on paid administrative leave
and eventually suspended her. She chose unpaid
leave, to collect workman’s compensation, and vowed
to put up a fight....