15946 matches found
Koler Android Ransomware Infrastructure Complex and Agile
While the Koler ransomware may be a simplistic money-generating malware scam, the infrastructure standing up its campaigns is anything but. Researchers at Kaspersky Lab published a report today that not only explained details of how the attackers—possibly the group behind the Reveton...
EFF Files Motion Asking Judge to Rule NSA Data Collection Unconsitutional
The EFF has asked a federal judge to rule that the NSA’s collection of massive amounts of upstream user data is unconstitutional, violating the Fourth Amendment. The motion for partial summary judgment in the case of Jewel v. NSA, a six-year-old lawsuit related to NSA data collection on AT&T’s...
Siemens Patches Five Vulnerabilities in SIMATIC System
Siemens released an update for two builds of its SIMATIC automation system this week, addressing a quintet of vulnerabilities, four of which are remotely exploitable. The German company’s SIMATIC WinCC, a SCADA system and SIMATIC PCS7, a distributed control system DCS are directly affected by the...
Microsoft Exec Says Company Has Never Been Asked to Backdoor a Product
One of Microsoft’s top security executives said the company has never been asked by the United States government to build a backdoor into any of its products, and if the company was asked, it would fight the order in the courts. Since the Edward Snowden revelations began last summer, there have...
TAILS Team Recommends Workarounds for Flaw in I2P
The developers of the TAILS operating system say that users can mitigate the severity of the critical vulnerability researchers discovered in the I2P software that’s bundled with TAILS with a couple of workarounds, but there is no patch for the bug yet. The vulnerability that affects TAILS is in...
Onion Ransomware Demands Bitcoins, Uses Tor, Advanced Encryption
More details about a new family of encryption ransomware that uses the anonymous network Tor and requires users pay by Bitcoin have emerged. The ransomware, known in some circles as Critoni or CTB-Locker, has been dubbed Onion by researchers at Kaspersky Lab as its creators use command and contro...
Mozilla Improves Malware Blocking in Firefox 31
Attackers have any number of methods for getting their malware onto users’ machines, but one of the easier and more effective ones is through drive-by downloads. Browser vendors have been adding defenses to mitigate this threat for some time, and the newest version of Mozilla Firefox includes an...
Phony Googlebots Becoming a Real DDoS Attack Tool
Even an enterprise with the harshest, strictest blocking rules in place is likely to leave the door ajar for Google’s search bot software known as a Googlebot. Googlebots crawl websites collecting data along the way in order to build a searchable index that assures a site will be listed and ranke...
Research Shows Increase in Internet Filtering and Usage of FireChat App in Iraq
Researchers at Citizen Lab have taken a close look at the extent of Internet filtering in Iraq, as well as the security of a popular offline chat app used there, and found an increase in the number of services blocked by the government and identified serious privacy and security problems with the...
Bugcrowd Releases Open Source Vulnerability Disclosure Framework
The problems that come from doing security research on modern Web applications and other software aren’t just challenging for researchers, but also for the companies on the receiving end of their advisories. Companies unaccustomed to dealing with researchers can find themselves in a difficult...
Wordpress Sites Seeing Increased Malware, Brute Force Attacks This Week
A glut of WordPress sites have fallen victim to both malware infections and a series of brute force attacks that have been making the rounds over the past several days, researchers claim. According to Peter Gramantik, a malware researcher at Sucuri, highly obfuscated malware payloads have been...
Researchers Demo TAILS Flaw Exploit, Disclose Details to Developers
The critical vulnerability in the TAILS operating system discovered by researchers at Exodus Intelligence lies in the I2P software that’s bundled with the OS and the company has released some details and a video demonstrating an exploit against the bug. Exodus researchers said that the...
Firefox 31 Patches 11 Security Flaws
Mozilla has released a new version of Firefox, which includes patches for 11 security vulnerabilities. Three of the bugs fixed in Firefox 31 are critical, including a use-after-free vulnerability and a handful of memory safety issues. There are actually several separate use-after-free...
Researchers Plan to Disclose Critical Bugs to TAILS Team Soon
The developers of the TAILS operating system are poised to release a new version of the software–which is designed to preserve privacy and anonymity–and it includes several security fixes. However, there are several other security issues that aren’t patched in the new release, vulnerabilities...
Trio of Flaws Haunts OleumTech Wireless Monitoring System
Researchers have identified several remotely exploitable vulnerabilities in a wireless remote monitoring product from OleumTech that is used in energy, water and other critical infrastructure sectors. Two of the three flaws are related to the encryption implementation in the affected products,...
Privacy Badger Extension Blocks Tracking Through Social Icons
Online tracking has been a thorny problem for years, and as Web security companies, browser vendors and users have become more aware of the problem and smarter about how to defend themselves, ad companies and trackers have responded in kind. The advent of social networks has made it far easier fo...
Third-Party Software Library Risks Scrutinized at Black Hat
Enterprise application developers are under real pressures to push projects out the door quickly and cheaply, and each new version certainly has to be better than the last. This forces them to make decisions that, at a minimum, improve efficiency—and also introduce additional risks. Of particular...
IBM Fixes Code Execution, Cookie-Stealing Vulnerabilities in Switches
IBM recently patched a handful of vulnerabilities in some of its KVM switches that, if exploited, could have given an attacker free reign over any system attached to it. The problem specifically affects builds of IBM’s Global Console Managers; keyboard, video and mouse KVM switches that let end...
Researcher Identifies Hidden Data-Acquisition Services in iOS
There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users’ personal data. Several of these features began as benign services but have evolved in recent years to become powerful...
EFF Releases Open Wireless Router Firmware
The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure. The Open Wireless Router project, which the organization announced at the HO...
Point-of-Sale Dealers Need a Security Sit-Down
The travails of small retail and hospitality businesses struggling with hackers have been documented for years in the annual Verizon Data Breach Investigations Report. Mom-and-pop businesses, small restaurants and regional hotel chains are perfect targets of opportunity for attackers adept at...
New Unblockable Mechanism Found Tracking Users
The rise of sophisticated new online tracking mechanisms, including one known as ‘canvas fingerprinting’ that’s been infiltrating the Internet, could soon raise the ire of privacy conscious users. A recent study, a collaborative effort between researchers at Princeton University and researchers...
CryptoLocker Infections Continue as New Rasomware Evolves
U.S. and European law enforcement officials last month, performed a coordinated takedown of the GameOver Zeus botnet. At the time, they claimed that the operation also neutralized the infamous CryptoLocker ransomware, which criminals had distributed using GameOver’s infrastructure. However, Tyler...
Siemens Working on Patches for OpenSSL Bugs Under Exploit
Siemens says it is working on patches for four critical vulnerabilities in the OpenSSL libraries it uses in a number of its industrial control products, flaws that are being exploited in the wild. The Industrial Control Systems Cyber Emergency Response Team ICS-CERT cautioned too that critical...
Critroni Crypto Ransomware Seen Using Tor for Command and Control
There’s a new kid on the crypto ransomware block, known as Critroni, that’s been sold in underground forums for the last month or so and is now being dropped by the Angler exploit kit. The ransomware includes a number of unusual features and researchers say it’s the first crypto ransomware seen...
Apple Implements Email Encryption For iCloud
Apple quietly began encrypting virtually all of the email flowing in and out of its servers for its iCloud.com, mac.com and me.com domains, a move that throws up an important roadblock for attackers and others attempting to snoop on those transmissions. The change from Apple comes as security...
Chrome for Android Update Patches URL Spoofing Bug
The latest update to Chrome on Android – pushed yesterday – fixes two bugs, including a critical flaw in the browser that could have let an attacker trick a user into visiting a malicious site. The problem, marked high priority by Google, was discovered by Japanese app developer Keita Haga. The...
Cisco Patches Wireless Residential Gateway Vulnerabilities
US-CERT issued an advisory yesterday warning of a critical vulnerability in Cisco’s Wireless Residential Gateway. Cisco has patched the vulnerability and also released its own warning, informing customers of a remote code execution vulnerability in the web server used by the gateway that is prese...
Five Vulnerabilities Fixed in Apache Web Server
There are five vulnerabilities fixed in the latest release of the Apache Web server, including a buffer overflow and several denial-of-service vulnerabilities. Fixes for these flaws have landed in the developer release of the server, 2.4.10-dev. The buffer overflow vulnerability is rated moderate...
Content Security Policy Mitigates XSS, Breaks Sites
Content Security Policy CSP is an effective, browser-based deterrent against cross-site scripting attacks. Despite this, the vast majority of websites do not deploy the standard, and the majority of those that do, deploy it improperly. The goal of CSP is to mitigate content injection attacks...
Microsoft Passwords Research on Re-Use
Forget what you’ve been told about password re-use and weak credentials. If we’re to believe collaborating researchers from Microsoft and Carelton University, neither is such a bad idea. Flying in the face of conventional pleading from experts that “password” is a bad password, new research puts...
OpenVPN Warns Customers of CSRF Bug in Access Server Desktop Client
OpenVPN is advising users of its Desktop Client to upgrade as soon as possible to avoid attacks against a CSRF vulnerability that can allow remote code execution. The vulnerability lies in a product that the company no longer supports and considers obsolete. An attacker could exploit the...
Large-Scale DDoS Attacks Continue to Spike
Although the average size of a given DDoS attack is going down, the number of attacks at the upper end of the scale is increasing, with researchers at Arbor Networks reporting more than 100 attacks of 100 Gbps in the first half of this year. In order for a DDoS attack to be effective, bad guys us...
LibreSSL PRNG Vulnerability Patched
The OpenBSD project late last night rushed out a patch for a vulnerability in the LibreSSL pseudo random number generator PRNG. The flaw was disclosed two days ago by the founder of secure backup company Opsmate, Andrew Ayer, who said the vulnerability was a “catastrophic failure of the PRNG.”...
Early Review of LibreSSL Finds Problematic PRNG
When the OpenBSD foundation sent LibreSSL out the door last weekend, it was with the full intention of getting some feedback and scrutiny in return, all in the name of making the crypto library stable and secure. What they likely didn’t expect were claims surfacing that LibreSSL shared some of th...
SSL Black List Aims to Publicize Certificates Associated With Malware
Malware and botnet operators are always adapting their tactics, trying to stay a step or two ahead of defensive technologies and techniques. One of the methods many attackers have adopted is using SSL to communicate with the infected machines they control, and a researcher has started a new...
Google to Change Malware, Phishing Warnings
In the not too distant future, Google will change the way it displays malware and phishing warnings in its Chrome browser. Instead of a white warning on a red background, the entire page will be red, with a prominent X featured at the top of the display. Both the malware warning and the phishing...
New Kronos Banking Malware Advertised On Russian Forums
Criminals are advertising a new banking Trojan on Russian forums, one going for a hefty price and being marketed as a method of evading detection and analysis. To date, however, security researchers have yet to obtain a sample of Kronos, which is available on a few forums for pre-order at a cost ...
Google Project Zero a Big Win for Security
Billions of people–not to mention a decent portion of the world’s economies–depend upon the Internet in a way that is both amazing and terrifying. We rely on the network in a way that perhaps we have never relied on anything in the course of human history. The Internet is a wonderful resource, bu...
Five Year Old Phishing Campaign Unveiled
UPDATE: A previous version of this story reported that Cyphort found 300,000 stolen credentials on a Gmail server. This figure was incorrectly reported by the firm and has been corrected to the adjusted number, 2,500 stolen credentials, in this story. Details have been disclosed on a five-year-ol...
Outside Panel Finds Over-Reliance on NSA Advice Led to Dual EC Problems
A group of outside experts found that the process that led to the inclusion of the weakened Dual ECDRBG random number generator in a NIST standard was flawed and there were several failures along the way that led to its approval. The committee also recommended that the National Institute of...
Oracle July 2014 Critical Patch Update
Never one to skimp on patches, Oracle is expected to release 113 of them tomorrow as part of its quarterly Critical Patch Update. The company also clarified that Java 7 versions will continue to work on the end-of-life Microsoft Windows XP platform and Oracle security updates for Java on XP...
LibreSSL Portable Fork Of OpenSSL Released
After months of code cleanup and rewriting, the OpenBSD Foundation this weekend sent LibreSSL out the door. The slimmed down OpenSSL fork works on a number of platforms beyond OpenBSD, including several Linux flavors, Solaris, Mac OS X and Free BSD. “I firmly believe that LibreSSL is in a better...
LastPass Fixes a Pair of Security Flaws
LastPass, the popular password manager for most of the top Web browsers, has fixed a couple of vulnerabilities that could have allowed an attacker to target users and generate his own one-time passwords for the victim’s account. The company said that its security team hasn’t seen any active attac...
Possible New Version of GameOver Zeus Malware Emerges
It’s only been a little more than a month since the FBI and Europol took down the GameOver Zeus botnet, taking control of its command-and-control infrastructure and effectively cutting off the malware’s head. But researchers say that there are some indications that a new strain of the malware may...
Digital First Aid Kit Guide For Activists, First-Responders
A coalition of worldwide non-governmental organizations has compiled a guide for individuals at risk for cyberattacks as well as for anyone charged with helping activists, human rights organizations and journalists identify and respond to threats. The Digital First Aid Kit is available on Github...
Apple Updates OSX Blacklist Following Flash Vulnerability
Apple acknowledged on Thursday that it has updated its OSX plugin blacklist to reflect a critical vulnerability in Adobe Flash made public earlier this week. Going forward in Safari, Apple will block any versions of the mechanism prior to 14.0.0.145 and 13.0.0.231, on older systems. An advisory o...
No Certificate Pinning Exposes Encrypted iOS Gmail Comms
UPDATE: Updated with comment and clarification from Google. Researchers say that Google’s Gmail application for iOS fails to perform a task called certificate pinning under certain conditions, which could expose the users of affected devices to man-in-the-middle attacks capable of monitoring...
Tinba Banker Trojan Source Code Posted
The source code for Tinba, known as the smallest banker Trojan in circulation, has been posted on an underground forum. Researchers say that the files turned out to be the source code for version one of Tinba, which was identified in 2012, and is the original, privately sold version of the...
Brute-Forcing Botnet Sniffs Out Lax POS Systems
Over a two-week time span earlier this year, a botnet composed of thousands of computers actively sought out and broke into exposed point of sale POS systems that used poor or default passwords. The botnet, dug up and dubbed BrutPOS by security firm FireEye, leveraged more than 5,000 machines and...