15946 matches found
WhatsApp Downplays Damage of a Group Invite Bug
Research that claims WhatsApp’s group messaging feature can be compromised by an attacker is being called into question by WhatsApp and the developer of the underlying messaging technology. Last week, a team of researchers from Germany’s Ruhr University Bochum released an academic paper outlining...
FBI Director Calls Smartphone Encryption an ‘Urgent Public Safety Issue’
The debate over the government’s authority to access private encrypted data on digital devices was amplified Tuesday when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an “urgent public safety issue.” Wray said FBI was locked out of 7,775 devices in t...
Microsoft January Patch Tuesday Update Fixes 16 Critical Bugs
Thanks to Meltdown and Spectre, January has already been an extremely busy month of patching for Microsoft. Today Microsoft tackled dozens more bugs, part of its regular Patch Tuesday release covering Microsoft Edge, Windows, Office, ASP.NET and the macOS version of Office. Sixteen of Microsoft’s...
Anti-Virus Updates Required Ahead of Microsoft’s Meltdown, Spectre Patches
Microsoft said it is holding off delivering security updates to Windows PCs for Spectre and Meltdown CPU flaws until hosted anti-virus software confirms it does not make unsupported calls into Windows kernel memory. Affected are PCs running certain AV products that bypass Windows built-in Kernel...
Apple Releases Spectre Patches for Safari, macOS and iOS
Apple released iOS 11.2.2 software Monday for iPhones, iPads and iPod touch models that patch for the Spectre vulnerabilities. A macOS High Sierra 10.13.2 supplemental update was also released to bolster Spectre defenses in Apple’s Safari browser and WebKit, the web browser engine used by Safari,...
New Rules Announced for Border Inspection of Electronic Devices
The U.S. Customs and Border Patrol announced new restrictions on when agents can copy data from digital devices at border crossing points. Agents now need “reasonable suspicion” in advance of searches of phones, computers, tablets, cameras or any other digital device belonging to people entering ...
Experts Weigh In On Spectre Patch Challenges
The race to patch against the Meltdown and Spectre processor vulnerabilities disclosed last week is on. As of today, there are no known exploits in the wild impacting vulnerable Intel, AMD and ARM devices. Currently, vendors are focused on three main mitigation efforts. Patches that address the...
Google Play Removes 22 Malicious ‘LightsOut’ Apps From Marketplace
Nearly two dozen Android flashlight and related utility apps were removed from the Google Play marketplace after researchers found a malicious advertising component dubbed “LightsOut” inside them. In total, the apps were downloaded between 1.5 and 7.5 million times. Security researchers at Check...
Vendors Share Patch Updates on Spectre and Meltdown Mitigation Efforts
Intel, Amazon, Microsoft and others are playing down concerns over the impact of the massive Spectre and Meltdown vulnerabilities affecting computers, servers and mobile devices worldwide. The two flaws, Spectre and Meltdown, are far reaching and impact a wide range of microprocessors used in the...
Intel In Security Hot Seat Over Reported CPU Design Flaw
UPDATE Intel is grappling with what many experts are describing as a processor design flaw impacting CPUs used in Linux, Windows and some macOS systems. The reported flaw is tied to Intel’s kernel virtual memory system that could allow an attacker to access kernel-protected data such as passwords...
MacOS LPE Exploit Gives Attackers Root Access
A researcher that goes by the handle “Siguza” released details of a local privilege escalation attack against macOS that dates back to 2002. A successful attack could give adversaries complete root access to targeted systems. Siguza released details of the attack on Dec. 31 via Twitter, wishing...
VMware Issues 3 Critical Patches for vSphere Data Protection
VMware, a Dell Technologies subsidiary, released several patches Tuesday fixing critical vulnerabilities affecting its vSphere cloud computing virtualization platform. The bugs address three vulnerabilities in VMware’s vSphere Data Protection VDP, a backup and recovery solution used with its...
Forever 21 Says PoS Systems Exposed Customer Data for 8 Months
Fashion retailer Forever 21 confirmed a breach made public in November resulted in the theft of credit card data belonging to an undisclosed number of customers. The company had stated that a lack of encryption used on some of its point-of-sales payment terminals could have resulted in unauthoriz...
Code Used in Zero Day Huawei Router Attack Made Public
Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or...
Leaky RootsWeb Server Exposes Some Ancestry.com User Data
Ancestry.com said it closed portions of its community-driven genealogy site RootsWeb as it investigated a leaky server that exposed 300,000 passwords, email addresses and usernames to the public internet. In a statement issued over the weekend, Chief Information Security Officer of Ancestry.com...
Mozilla Patches Critical Bug in Thunderbird
Mozilla issued a critical security update to its popular open-source Thunderbird email client. The patch was part of a December release of five fixes that included two bugs rated high and one rated moderate and another low. Mozilla said Thunderbird, which is also serves as a news, RSS and chat...
Huawei Router Vulnerability Used to Spread Mirai Variant
Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...
Nissan Canada Finance Notifies 1.1 Million of Data Breach
Nissan Canada Finance notified 1.13 million customers on Thursday of a data breach impacting an unspecified number of past and present customers. The breach occurred on Dec. 11, 2017 when an unidentified third-party gained access to customer name, address, vehicle make and model, vehicle...
Crooks Switch from Ransomware to Cryptocurrency Mining
Criminals behind the VenusLocker ransomware have switched to cryptocurrency mining in their latest campaign targeting computer users in South Korea. Instead of attempting to infect targeted computers with ransomware, the group is now trying to install malware on PCs that mines for Monero, an...
Google Play Boots 3 Fake Bitcoin Wallet Apps
Google moved quickly to kick three fake bitcoin wallet apps from its Google Play marketplace earlier this month after researchers at mobile security firm Lookout discovered them. The apps pretended to be legitimate bitcoin wallets, but instead were fake. Apps were designed to trick sellers to...
CHM Help Files Deliver Brazilian Banking Trojan
Security researchers are warning of a new spam campaign targeting Brazilian institutions that contain Compiled HTML file attachments that are used to deliver a banking Trojan. Spam messages contain a malicious CHM attachment called “comprovante.chm”, wrote Rodel Mendrez, senior security researche...
U.S. Government Blames North Korea for WannaCry
The United States government is officially blaming North Korea for the WannaCry ransomware outbreak in May that infected nearly a quarter-million computers in 150 countries. Calling it a “careless and reckless” attack, White House Homeland Security Adviser Tom Bossert said Tuesday at a White Hous...
Project Zero Chains Bugs for ‘aPAColypse Now’ Attack on Windows 10
Google’s Project Zero released details of a local proof-of-concept attack against a fully patched Windows 10 PC that allows an adversary to execute untrusted JavaScript outside a sandboxed environment on targeted systems. The attack is a variation of a WPAD/PAC attack. In Project Zero’s case, the...
User ‘Gross Negligence’ Leaves Hundreds of Lexmark Printers Open to Attack
UPDATE Researchers at NewSky Security have found hundreds of Lexmark printers misconfigured, open to the public internet and easily accessible to anyone interested in taking control of targeted devices. Researchers identified 1,123 Lexmark printers traced back to businesses, universities and in...
Triton Malware Targets Industrial Control Systems in Middle East
Researchers found malware called Triton on the industrial control systems of a company located in the Middle East. Attackers planted Triton, also called Trisis, with the intent of carrying out a “high-impact attack” against an unnamed company with the goal of causing physical damage, researchers...
Synaptics Says Claims of a Keylogger in HP Laptops are False
Synaptics said reports that claim hundreds of HP laptops contain a secret keylogger made by the company are inaccurate. In a statement released Wednesday, the company said its software was being mischaracterized as a keylogger. It also said it would remove the debugging component from production...
Permissions Flaw Found on Azure AD Connect
A permissions flaw in Microsoft’s Azure AD Connect software could allow a rogue admin to escalate account privileges and gain unauthorized universal access within a company’s internal network. Microsoft issued an advisory for the vulnerability on Tuesday. Affected are Office 365 customers running...
19-Year-Old TLS Vulnerability Weakens Website Crypto
A vulnerability called ROBOT, first identified in 1998, has resurfaced. Impacted are leading websites ranging from Facebook to Paypal, which are vulnerable to attackers that could decrypt encrypted data and sign communications using the sites’ own private encryption key. The vulnerability is foun...
Microsoft December Patch Tuesday Update Fixes Six Critical Bugs
Microsoft patched 34 vulnerabilities that are part of its December Patch Tuesday release. A total of 20 vulnerabilities were rated critical and another 12 were rated important. Impacted are Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint and Exchange. Notable...
New Spider Ransomware Comes With 96-Hour Deadline
A new ransomware strain called Spider is targeting victims located in the Balkans in what is called a “mid-scale” campaign. The Spider ransomware is unique in that attackers are given a 96-hour deadline to pay. Attackers also attempt to calm victims, assuring them the ransom payment and file...
Vulnerability Found in Two Keyless Entry Locks
Researchers at Dell Secureworks are warning a vulnerability in two keyless entry products could allow local attackers to lock and unlock doors and create illegitimate RFID badges by sending unauthenticated requests to affected devices. Impacted are two AMAG Technology Symmetry IP-based access doo...
Leftover Debugger Doubles as a Keylogger on Hundreds of HP Laptop Models
HP Inc. released a software update to fix a vulnerability that allows attackers to turn debugging code, accidentally left on hundreds of model laptops, into a keylogger. Researcher Michael Myng is credited for discovering the vulnerability tied to the use of a Synaptics Touchpad driver. He said i...
Android Flaw Allows Attackers to Poison Signed Apps with Malicious Code
Among the four dozen vulnerabilities Google patched this week was a fix for a bug that allowed attackers to inject malicious code into Android apps without affecting an app’s signature verification certificate. The technique allows an attacker to circumvent device anti-malware protection and...
Apple Fixes Flaw Impacting HomeKit Devices
Apple said it has fixed an undisclosed vulnerability in its HomeKit framework that could have allowed unauthorized remote control of HomeKit devices such as smart locks and connected garage door openers. The flaw was first reported by the publication 9to5Mac on Thursday. According to the...
Banking Apps Found Vulnerable to MITM Attacks
Leading US and UK-based banks have patched a flaw found in their Android and iOS mobile apps that allowed adversaries to conduct man-in-the-middle attacks to steal customer credentials and view and manipulate network traffic. According to researchers at the School of Computer Science at the...
Google Patches Critical Encryption Bug Impacting Pixel, Nexus Phones
Google patched a critical encryption bug found on its Pixel, Pixel 2 and Nexus phones this week along with delivering 49 other fixes, part of its December Pixel / Nexus Security Bulletin. Five of the patches relate to vulnerabilities rated high. One of the patches CVE-2017-13167 is for an elevati...
TeamViewer Rushes Fix for Permissions Bug
Remote support software company TeamViewer said Tuesday it issued a hotfix for a bug that allows users sharing a desktop session to gain control of the other’s computer without permission. The bug was first publicized by a Reddit user “xpl0yt” on Monday who linked to a proof-of-concept example of...
Developers Targeted in ‘ParseDroid’ PoC Attack
Researchers have developed a proof of concept attack that could impact the millions of users of integrated development environments such as Intellij, Eclipse and Android Studio. Attacks can also be carried out against servers hosting development environments in the cloud. The attack vector was...
Google Cracks Down On Nosy Android Apps
Google is cracking down on unwanted and harmful Android apps with a new effort that will show warnings on applications and on third-party websites distributing apps that collect personal data without user consent. The effort is an expansion of the Google Safe Browsing team’s mission to enforce th...
Ursnif Trojan Adopts New Code Injection Technique
Hackers are testing a new variation of the Ursnif Trojan aimed at Australian bank customers that utilizes novel code injection techniques. Since the summer of 2017, IBM X-Force researchers report that Ursnif or Gozi samples have been tested in wild by a new malware developer. The samples are a...
Flaw Found In Dirty COW Patch
A flaw in the original patch for the notorious Dirty COW vulnerability could allow an adversary to run local code on affected systems and exploit a race condition to perform a privilege escalation attack. The flaw in the Dirty COW patch CVE-2016-5195, released in October 2016, was identified by...
Cisco Patches Critical Playback Bugs in WebEx Players
Cisco Systems issued a Critical alert on Wednesday warning of multiple vulnerabilities in its popular WebEx player. Six bugs were listed in the security advisory, each of them relating to holes in Cisco WebEx Network Recording Player for Advanced Recording Format ARF and WebEx Recording Format WR...
RAT Distributed Via Google Drive Targets East Asia
Researchers said that they are tracking a new remote access Trojan dubbed UBoatRAT that is targeting individuals or organizations linked to South Korea or the video game industry. While targets aren’t 100 percent clear, researchers at Palo Alto Networks Unit 42 said UBoatRAT threats are evolving...
Apple Announces Emergency Patch to Fix High Sierra Login Bug
Apple said on Wednesday that it will rush an emergency patch to users that fixes an embarrassing login bug in its High Sierra operating system. The patch is expected to be pushed out by Apple sometime Wednesday, according to a company spokesperson. The serious High Sierra login bug surfaced...
Critical Apple Login Bug Puts macOS High Sierra Systems at Risk
A major bug in Apple’s macOS gives anyone with physical access to a computer running the latest version of the High Sierra operating system admin access simply by putting “root” in the user name field. The bug was publicized Tuesday by developer Lemi Orhan Ergin, founder of Software Craftsmanship...
Leaky AWS Storage Bucket Spills Military Secrets, Again
For the second time in ten days, researchers at UpGuard released sensitive data belonging to the United States Defense Department that was stored insecurely online. This time it was nearly 100 GB of critical data belonging to the United States Army Intelligence and Security Command INSCOM. Some o...
Google Detects and Boots Tizi Spyware Off Google Play
The Google Play Protect team said it identified a new strain of Android spyware called Tizi found inside several apps previously available via the Google Play marketplace. The recent discovery triggered a wider investigation by Google who said apps infected by the Tizi malware date back to 2015...
Imgur Confirms 2014 Breach of 1.7 Million User Accounts
Popular image sharing community Imgur said last week it was the victim of a data breach in 2014 that exposed 1.7 million user accounts. In a breach notice posted to its website last Friday, the company said users are being notified via email that they must update their passwords immediately. “On...
Newly Published Exploit Code Used to Spread Mirai Variant
Qihoo 360 Netlab researchers reported on Friday that they are tracking an uptick in botnet activity associated with a variant of Mirai. Targeted are ports 23 and 2323 on internet-connected devices made by ZyXEL Communications that are using default admin/CenturyL1nk and admin/QwestM0dem telnet...
SAML Post-Intrusion Attack Mirrors ‘Golden Ticket’
Researchers at CyberArk Labs have created a post-intrusion attack technique known as a Golden SAML that could allow an attacker to fake enterprise user identities and forge authentication to gain access to valuable cloud resources in a federation environment. “Using this post-exploit technique,...