15946 matches found
Adobe Patches Shockwave, Fixes Two Vulnerabilities
Adobe joined Microsoft in releasing security patches today, sending out a fix for its Shockwave Player. The patch repairs critical vulnerabilities in the platform that could allow an attacker to remotely takeover an affected system. According to a post on its Product Security Incident Response Te...
Attacking ICS Systems 'Like Hacking in the 1980s'
PUNTA CANA–Here’s how nuts the world of ICS security is: Jonathan Pollet, a security consultant who specializes in ICS systems, was at a Texas amusement park recently and the ride he was waiting for was malfunctioning. The operator told him the ride used a Siemens PLC as part of the control syste...
NTP Amplification Blamed for 400 Gbps DDoS Attack
For those of you who thought the infamous Spamhaus distributed denial-of-service attack set an ugly bar for the volume of spurious traffic sent at a target, gird yourself for worse. A massive DDoS attack, reaching at its peak 400 Gbps of bad traffic, was detected late yesterday against a number o...
Detecting Car Hacks
PUNTA CANA–The car that you drive every day isn’t really a car. It’s mostly a collection of small computers with a bunch of wires and metal and plastic attached. And like any other computer, the ones in your car can be hacked, as researchers Charlie Miller and Chris Valasek have demonstrated in...
Five OAuth Bugs Lead to Github Hack
A Russian security researcher was able to take five low severity OAuth bugs in the coding site Github and string them together to create what he calls a “simple but high severity exploit” that gave him unfettered access to users’ private repositories. Bangkok-based researcher Egor Homakov –...
LinkedIn Intro Service to Shut Down March 7
LinkedIn announced on Friday it was shuttering its four-month-old Intro service which stirred up a privacy meltdown shortly after its release in October. Intro was an integrated service for iOS which sat as a proxy between the built-in iOS mail client and the user’s email provider. Intro would...
Realistic Risk Assessment Key to Security Management
PUNTA CANA – Although it may not be the most thrilling part of a security team’s job, the idea of operational risk assessment and management is perhaps the most important aspect of organizational security. Steve Adegbite, senior vice president in charge of enterprise information security program...
'Our Threat Model Has Changed'
PUNTA CANA–The golden era of bulk surveillance through the acquisition of phone records and other data from telecommunications companies may already be fading, but the larger threat to privacy and security is just beginning to emerge: the use of legal tools and coercion to get around encryption a...
New APT Campaign Dubbed The Mask Called Most Sophisticated Seen to Date
PUNTA CANA–A group of high-level, nation-state attackers has been targeting government agencies, embassies, diplomatic offices and energy companies with a cyber-espionage campaign for more than five years that researchers say is the most sophisticated APT operation they’ve seen to date. The attac...
Mac OSX Bitcoin Trojan malware Steals Wallet Credentials
A small number of Bitcoin wallets have been raided by a newly discovered Trojan that gobbles up credentials used to guard the digital currency. OSX/CoinThief.A was found in the wild by a security consultancy specializing in Apple security called SecureMac; the malware was spreading on GitHub via ...
Bugging the Bug Market
PUNTA CANA–The Microsoft bug bounty program, started last year as a way to encourage researchers to develop new offensive and defensive techniques, has been a success so far and the company is looking for new ways to expand it in the future. Katie Moussouris, the security strategist at Microsoft...
The Internet is Owned--Act Accordingly
PUNTA CANA—Costin Raiu is a cautious man. He measures his words carefully and says exactly what he means, and is not given to hyperbole or exaggeration. Raiu is the driving force behind much of the intricate research into APTs and targeted attacks that Kaspersky Lab’s Global Research and Analysis...
HVAC Vendor: Data Connection to Target was Billing System
The heating, ventilation and air conditioning contractor linked to the Target breach said its data connection to the giant retailer was “exclusively for electronic billing, contract submission and project management,” the company’s president and owner said yesterday. Ross E. Fazio said in a...
EE Patches Two of Three Brightbox Vulnerabilities
Everything Everywhere has released patches for a pair of vulnerabilities discovered by a UK researcher, but have yet to fix a risky cross-site request forgery flaw that could result in traffic sent from the home and small business router being redirected to a malicious site. Scott Helme, an...
Governments Need to Discuss Use of Cyber Weapons
PUNTA CANA–Attacks on critical infrastructure have been grabbing headlines for years now, long before sophisticated operations such as Stuxnet and Flame hit the scene. But we’re probably still in the early stages of the evolution of such attacks, and the use of so-called cyber weapons in these...
NullCrew Hackers Take Credit for Comcast Mail Server Hack
Hackers broke into at least 34 servers belonging to Comcast yesterday, dumping what appears to be a list of the company’s mail servers, passwords and a link to the root file that contains the vulnerability they used to penetrate the system. The hacktivist collective NullCrew has claimed to have...
February 2014 Microsoft Patch Tuesday Security Bulletins
February’s Microsoft Patch Tuesday promises to be a relatively straightforward set of bulletins, but more noteworthy is that it’s the same day Microsoft officially deprecates the MD5 hash algorithm. Announced last August, Microsoft will officially restrict the use of digital certificates with MD5...
Twitter Transparency Report January 2014 Released
Color Twitter unimpressed with the Justice Department ruling that eased a gag order on technology companies and service providers with regard to the reporting of FISA orders and National Security Letters. Twitter released a transparency report today on government and law enforcement requests for...
Cost of Doing APT Business Dropping
PUNTA CANA–The term APT often is used as a generic descriptor for any group–typically presumed to be government-backed and heavily financed–that is seen attacking high-value targets such as government agencies, critical infrastructure and financial systems. But the range of targets APT groups are...
Jeremiah Grossman on His New Role as CEO of WhiteHat Security
Dennis Fisher talks with Jeremiah Grossman, the new interim CEO of WhiteHat Security, about taking on the new role, how things have changed since he was CEO 10 years ago and what the biggest challenges will be. Image via @biatch0‘s Flickr photostream, Creative Commons...
Google Bug Bounty Program to Include Chrome Extensions
Google has announced it will retool its bounty program and extend its scope to include Chrome apps and extensions branded as “by Google,” including extensions tied to popular products such as Gmail and Hangouts. According to a post by Google’s Michal Zalewski and Eduardo Vela Nava on the company’...
Poor Patching, Passwords Plague Government Computers
A damning report on the security of government computers paints an unflattering picture of lax or non-existent patching efforts, poor password policies, configuration errors and a general lack of confidence that exposes critical services and systems to attack. The report, “The Federal Government’...
Kaspersky Provides Details on Latest Adobe Flash Zero Day
Exploits for a newly reported zero-day vulnerability in Adobe’s Flash Player drop a password-grabbing Trojan that targets the email and social media accounts of users and organizations in China, researchers at Kaspersky Lab said today. The attacks appear to be an isolated campaign and there is no...
Tech Giants Update Transparency Reports with FISA Requests
Google, Microsoft, Facebook, Yahoo and LinkedIn wasted little time in disclosing what they could about requests for customer data made under the secret Foreign Intelligence Surveillance Act. One week after the Justice Department eased a gag order on reporting of FISA requests, the five tech giant...
PNG Image Metadata Found Leveraging iFrame Injections
Researchers have discovered a relatively new way to distribute malware that relies on reading JavaScript code stored in an obfuscated PNG file’s metadata to trigger iFrame injections. The technique makes it highly unlikely a virus scanner would catch it because the injection method is so deeply...
Emergency Adobe Flash Player Security Update Patches 0Day
Adobe today released an out-of-band security update for Flash Player that patches a vulnerability the company said is currently being exploited. Adobe Flash Player version 12.0.0.43 and earlier for Windows and Mac are affected as is 11.2.202.335 and earlier on Linux. The vulnerability,...
Facebook Conceal Java Crypto LIbrary Open Sourced
Facebook has released to open source its Conceal Java crypto libraries for Android devices. Conceal, according to Facebook, offers developers a lightweight and efficient crypto library. The social media giant developed Conceal to handle encryption of storage on removable SD cards, something that...
Extension Spam in Google Chrome Web Store
UPDATE: Twelve seemingly legitimate Chrome browser extensions installed by more than 180,000 users are injecting advertisements on 44 popular websites. According to a Barracuda Labs report, the extensions can be found in the official Chrome Web Store. They advertise themselves and operate as game...
GameOver Zeus Now Using Encryption to Bypass Detection
Cybercriminals have begun to tweak the way the GameOver Zeus Trojan is being delivered to users’ machines, making it easier for the banking malware to evade detection and steal victims’ credentials. To get the job done the malware has been working in tandem with the malware Upatre. For about a we...
Pwn2Own To Pay $150,000 Grand Prize for Microsoft EMET Bypass
Microsoft has not been shy in the past nine months about advising users to install and use its Enhanced Mitigation Experience Toolkit EMET as a temporary mitigation until zero-day vulnerabilities are patched. Experts have advised enterprises and smaller organizations to deploy EMET as a proactive...
Chrome Pop-Up Warns Windows Users of Browser Hijacking
A rising number of online scams involve the modification of browser settings where a hacker spikes a free download or website with malware. The end result is generally a click-fraud scheme of some kind where the new browser settings might include spiked search engine pages or a new home page...
Scammers Using World Cup as Phishing Lure
The World Cup is still four months away, but attackers already are ramping up their efforts to defraud fans. As with most major events, such as the Super Bowl, the Olympics and others, attackers are using fans’ enthusiasm for the event as a lure to separate them from their money. When a major eve...
DailyMotion Still Serving FakeAV Malware Scam
More than three weeks after notifying video-sharing site DailyMotion that it was compromised, security company Invincea reports the popular website is still infected. A spokesperson told Threatpost that Invincea’s original notification was not acknowledged and the company suspects this is a...
Boasting Better Encryption, Bug Fixes, OpenSSH 6.5 Released
The OpenBSD Project pushed out a new build on Thursday of the OpenSSH security suite, adding a new private key format, a new transport cipher and fixing 15 bugs in the Secure Shell. OpenSSH version 6.5 adds support for the key exchange using elliptic-curve Diffie Hellman within cryptographer Dani...
Chewbacca Tor-Based Malware Targets Point of Sale Systems
Before you think that RAM scraper malware was a phenomenon specific to the Target breach, think again. A four-month-long crime spree targeting point-of-sale systems in a number of industries has been discovered; the campaign, however, is not related to the mammoth Target break-in or other recentl...
Attackers Target Yahoo Mail Accounts in 'Coordinated Effort' to Own Users
After years of focusing their attention on Gmail, it seems that attackers have finally gotten around to expending some effort hacking Yahoo mail accounts. Yahoo officials said Thursday that they have reset the passwords on an unspecified number of mail accounts after detecting what they call a...
Wikipedia Remote Execution Vulnerability Patched
A serious remote code execution vulnerability was recently patched by the Wikimedia Foundation. The flaw could have put at risk any of the foundation’s sites running MediaWiki software, including Wikipedia. Researchers within Check Point Software Technologies’ Vulnerability Research Group...
Mobile Malware Captures Keystrokes and Screengrabs
New proof-of-concept mobile malware logs keystrokes and captures screen-grabs on jailbroken iOS and Android devices in order to steal online log-in credentials and other sensitive information from targeted devices. In an interview with Threatpost, Trustwave senior security consultant Neal Hindoch...
GitHub Launches Bug Bounty Program
Bug bounty programs are springing up in more and more places every day, and the latest site to join the list is GitHub. The site is offering bounties of up to $5,000 to researchers who find vulnerabilities in the main GitHub Web property or some other applications. The program is similar to ones...
Hardcoded Vendor Credentials Used in Target Data Breach
Attorney General Eric Holder told members of a Senate Judiciary Committee yesterday that the U.S. Justice Department is investigating the Target data breach. Target has already brought in the Secret Service and a computer forensics company to look into the break-in, which reportedly lasted betwee...
Researcher Warns of Critical Flaws in Oracle Servers
There are two vulnerabilities in some of Oracle’s older database packages that allow an attacker to access a remote server without a password and even view the server’s filesystem and dump arbitrary files. Oracle has not released a patch for one of the flaws, even though it was reported by a...
Honey Encryption Deceives Hackers with Plausible Data
Traps are constantly set on the Internet to snare hackers in order to research their behavior and tactics. Many of these traps are honeypots or honeynets that take the form of deliberately unpatched computers or infrastructure exposed to the Internet that lure attackers to break in while their...
Using USB Modems to Phish and Send Malicious SMS Messages
Some USB modems can be leveraged to send malicious SMS messages and even carry out spear-phishing attacks – sometimes in conjunction with each other – thanks to a cross-site request forgery vulnerability present in the device’s web interfaces. According to Swedish security researcher Andreas Lind...
SpyEye creator pleads guilty in U.S Federal Court
Aleksandr Andreevich Panin, one of the alleged masterminds behind the notorious SpyEye banking trojan, pleaded guilty in an Atlanta courtroom yesterday to conspiracy charges relating to the development and distribution of the the malware. Panin pleaded guilty to conspiring to commit wire and bank...
High-Traffic Denial-of-Service Amplification Attacks Remain
It seems the exaggerated volume of bad traffic used in politically motivated DDoS attacks last year was not an isolated phenomenon. Distributed denial-of-service attacks that congest Internet connectivity and disrupt online services topped unprecedented levels in 2013, shoving aside stealthier...
Senators Question Intelligence Officials About Snowden, Domestic Surveillance
In a hearing before the Senate Intelligence Committee to discuss the public portions of a new national security threat assessment, top intelligence and law enforcement officials said that attacks against financial networks and the critical infrastructure are major threats to the United States’...
Android VPN Bypass Bug Affects KitKat As Well as Jelly Bean
The Israeli researchers who last week discovered a VPN bypass bug in Android’s Jelly Bean 4.3 build have done some further testing and said the vulnerability also affects Android’s most recent variety of the operating system, KitKat 4.4. Like the Jelly Bean bypass bug, this vulnerability allows a...
Malicious Java App is Cross-Platform Botnet
Java-related security issues have remained relatively quiet during the past few months, especially after a rocky start to 2013 seemingly had one Java flaw after another in the news. Things might be starting to ramp up again with the discovery of a cross-platform Java-based botnet. Researchers at...
Edward Snowden and the Death of Nuance
As the noise and drama surrounding the NSA surveillance leaks and its central character, Edward Snowden, have continued to grow in the last few months, many people and organizations involved in the story have taken great pains to line up on either side of the traitor/hero line regarding Snowden’s...
Gag Order Eased on NSA surveillance Transparency Reporting
A gag order has been eased that prevented technology and telecommunications companies from reporting requests for customer data made under the Foreign Intelligence Surveillance Act FISA. The move comes on the heels of announced surveillance reforms by President Obama on Jan. 17. Obama, during an...