15946 matches found
Rich Mogull on the Target Data Breach
Dennis Fisher talks with Rich Mogull of Securosis about the Target data breach, how the attack may have worked, why these breaches are still so common and what can be done to improve the situation...
Icefog Cyberespionage Campaign Hit 3 US Oil, Gas Companies
When the curtain was peeled back on the Icefog targeted espionage campaign in September, a new type of operator was unveiled, one that took the persistence out of advanced persistent threats APT. Researchers at Kaspersky Lab noted in uncovering Icefog that the attacks against the defense supply...
Syrian Electronic Army Hacks Microsoft Social Media Accounts
Just a few days after it hacked Microsoft’s Skype blog and Twitter account, the Syrian Electronic Army SEA took to some of the company’s other social media accounts over the weekend, hacking both its @MSFTNews and @XboxSupport Twitter handles along with the company’s official blog. It all started...
Remotely Exploitable 'Test Interface' Found in Cisco Wireless Routers
There is a serious vulnerability in several Cisco wireless routers that could give an attacker root level access. The bug is the result of a backdoor in the routers that was set up as a test interface, and Cisco does not yet have patches available to fix it. Cisco officials said the vulnerability...
Target Data Breach Total Could Reach 110 Million
UPDATE: The latest on Target’s Black Friday data breach plunged the incident to uglier depths. The giant Minneapolis-based retailer today revealed new details culled from a forensic investigation that the attackers not only stole credit and debit card information, but also names, mailing addresse...
RAM Scrapers and the Target Data Breach
The retail and hospitality industries have a painful history with wonky point-of-sale systems and malware known as RAM scrapers. These attacks, which date back as many as six years, are designed to be injected into running processes and steal payment card data before it’s encrypted by a...
Dennis Fisher and Mike Mimoso Discuss the Target Data Breach and More
Dennis Fisher and Mike Mimoso discuss the news of the weird in the security industry since the holidays, including the latest revelations about the Target data breach and the decision by some speakers to boycott the RSA Conference because of the NSA revelations. Target image via imprint777‘s Flic...
Oracle, Adobe Announce First Critical Patches of 2014
As expected, Oracle and Adobe will release critical patches alongside Microsoft on Tuesday to kick off the year’s inaugural Patch Tuesday batch of security updates. Adobe is slated to release updates to fix critical vulnerabilities in its Reader and Acrobat products for Windows and Macintosh...
Former NSA Officials Detail Failures of Agency Programs in Letter to Obama
In the weeks and months leading up to 9/11, the National Security Agency had been working on a new information-gathering and analysis system known as THINTHREAD, a system that was built in-house and was meant to replace the uncountable number of stand-alone collection systems and attendant...
iOS Mobile Banking Applications Vulnerable to Attack
An alarming percentage of mobile banking applications for iOS fail to implement basic protections that would safeguard against man-in-the-middle attacks, session hijacking, memory corruption, and credential theft. Ariel Sanchez, a researcher with IOActive based in Argentina, put 40 mobile apps fr...
CREDO Mobile Publishes Industry's First Transparency Report
Credo Mobile, the small San Francisco mobile provider that is reportedly the unnamed plaintiff in a suit that challenged the legality of national security letters, yesterday published its first transparency report, the first such report published by a mobile provider. Credo, which has raised tens...
Microsoft to Patch Zero Day in January 2014 Security Updates
Microsoft announced Thursday that it plans to release four bulletins next week as part of the year’s first batch of Patch Tuesday security updates, none of which are rated critical. Despite the relatively light load, the patches do address a zero-day vulnerability in Windows XP and Windows Server...
Setting Up a Secure and Private Twitter Account
To kick off the new year, we are restarting our tutorial screencast series where we attempt to briefly walk users through the process of locking down their various online accounts. Today’s video, which is just slightly longer than we had hoped, thoroughly details the steps necessary to ensure tha...
Yahoo Encryption Slammed for Lack of Forward Secrecy, HSTS
Yahoo, as promised, rolled out HTTPs by default this week for its email service, bringing it in line with other Internet companies that have been securing users’ communication for years. But if Yahoo expected applause from security experts, it can think again. The response from those well-versed ...
Siemens Fixes Authentication Bugs in Scalance X-200 Switches
Researchers have discovered two serious vulnerabilities in industrial Ethernet switches manufactured by Siemens that could enable attackers to perform unauthorized actions on the switches without authentication. One of the bugs allows attackers to hijack Web sessions and the other enables them to...
OpenSUSE Forums Hacked, User Email Addresses Compromised
The forums for the Linux-based operating system openSUSE remain down today and for the foreseeable future following a hack earlier this week that appears to have compromised some of its users’ email addresses. OpenSUSE claims the hacker was able to exploit a vulnerability in the forum’s software,...
List of Canceled RSA Talks Continues to Grow
A relatively small but influential list of speakers for the upcoming RSA Conference have decided to withdraw from the show in the wake of stories implicating RSA as a co-conspirator in the NSA’s surveillance efforts. The group is a tiny fraction of the hundreds of speakers scheduled to talk next...
Sierra Wireless industrial gateways security vulnerabilities
A wireless gateway suitable for a number of industrial applications is vulnerable to remote exploit because of a lack of encryption in its update and reprogramming processes, an advisory from the Industrial Control Systems Cyber Emergency Response Team said yesterday. The Sierra Wireless AirLink...
Linux Kernel, Font Bugs Fixed in Ubuntu
A huge number of security vulnerabilities have been fixed in Ubuntu, including a remotely exploitable font flaw that an attacker could use to run arbitrary code on vulnerable machines. A number of Linux kernel flaws also were patched in some versions of the operating system. The font vulnerabilit...
Blackhole Exploit Kit Successor Years Away
It should shock no one that a viable successor to the Blackhole exploit kit has yet to emerge in the criminal underground. It’s been less than three months since the arrest of its alleged creator Paunch sent cybercriminals reliant on the toolkit scrambling for a replacement. And like any profitab...
DailyMotion Hosting Malvertising Leading to Fake AV Attack
Video-sharing site DailyMotion, one of the most popular destinations on the Web, is in the throes of an attack where it is serving malicious ads redirecting users to a fake AV scam. Security firm Invincea reported the issue to the website, and as of 4 p.m. ET, DailyMotion was still serving the fa...
IRTF Chair Refuses Removal of NSA Employee as Co-Chair of Crypto Working Group
An NSA employee who is the co-chairman of a cryptography working group affiliated with the IETF will remain in that position despite calls from members to have him removed. The chairman of the Internet Research Task Force, the body that oversees the research group, rejected requests for the remov...
How to Create a Better Malware Warning Through Psychology
It turns out the best way to get people to pay attention to those malware warnings that pop up in browsers may be to stop tweaking them, scrap them entirely and rebuild from scratch. According to a study on the subject published last week, efficient malware warnings shouldn’t scare users away, th...
Narrative Authentication System an Alternative to Passwords
Remember the age of text-based gaming where natural language phrasing would help you maneuver a character through scenes in a virtual world? In a gaming context, that has long been a dinosaur, replaced by intricate and massive online role-playing games. But researchers from Carleton University in...
2013: What We've Learned
They say that your worst fears and your fondest dreams are rarely realized. That may well be true in most walks of life, but in the information security world, 2013 was the year that our worst fears were not only confirmed, but so were some things that few but the most paranoid among us thought...
PrisonLocker Ransomware Emerges From Criminal Underground
Security researchers from Malware Must Die uncovered new ransomware called PrisonLocker, and said the malware author is either a legitimate security researcher or is posing as one via a personal blog and Twitter handle. Malware Must Die has monitored PrisonLocker’s development since spotting it f...
Yahoo Removes Ads Redirecting to Magnitude Exploit Kit
The race to replace the Blackhole Exploit Kit as the web exploit pack of choice for cybercriminals seems to have an early leader in Magnitude. Researchers at Dutch security firm Fox-IT reported over the weekend that European visitors to Yahoo were falling victim to malicious ads hosted on the sit...
Bruce Schneier Joins Startup Co3 Systems
UPDATE—Bruce Schneier, the famed cryptographer and author who recently left his longtime post at BT, has taken a new position as CTO of Co3 Systems, a startup that provides incident response systems. Schneier, a central figure in the security industry for more than two decades, said he is excited...
NSA Metadata Program Likely Not Cost-Effective, Researchers Say
While much of the coverage of the surveillance programs revealed by Edward Snowden have focused on the legality and constitutionality of the collection of metadata and Internet traffic in the name of counter-terrorism and national security, the question of whether these programs are actually cost...
Weak Password Used to Access Hypervisor, Deface OpenSSL Site
The OpenSSL Project blames a weak password used at its hosting provider for its recent site defacement. The organization that hosts the ubiquitous open source encryption implementation updated a notice on its website yesterday informing users that attackers used the weak credential to gain contro...
Linksys Backdoor Port 32764 Probes On The Rise
The SANS Institute’s Internet Storm Center reports a surge in probes against port 32764, which matches the port used by an alleged backdoor in Linksys routers that was reported over the New Year’s Day holiday. “At this point, I urge everybody to scan their networks for devices listening on port...
Academics Call for End to Mass Surveillance
A group of hundreds of academics from countries around the world have started a petition that demands Western governments, such as those in the United States and UK, stop the mass surveillance programs they have in place and “effectively protect everyone’s fundamental rights and freedoms”. The...
2013: The Security Year in Review
Dennis Fisher and Mike Mimoso talk about the year that was in the security industry, including the last six months of NSA drama, the Microsoft bug bounty program, exploit sales and attacks against major banks...
4.6 Million Usernames, Phone Numbers Leaked in Snapchat Hack
It didn’t take long for hackers to exploit a previously disclosed vulnerability in the popular photo sharing application Snapchat. As yet unidentified hackers spent yesterday’s New Year’s holiday dumping 4.6 million of the service’s usernames and partial phone numbers and posting them online for...
Use of 3DES to Encrypt Stolen Target PIN Data Invites Worry
Target Corp.’s admission that encrypted PIN data was stolen in the Black Friday breach was bad news for consumers. For security experts, especially cryptographers, particular exception was taken to the retail giant’s use of Triple DES 3DES encryption to keep the PIN data safe. With all crypto...
Syrian Electronic Army Hacks Skype Twitter Account With Anti-Surveillance Message
The Syrian Electronic Army took advantage of the relative calm of New Year’s Day to make a loud statement about the NSA’s surveillance program and Microsoft’s alleged participation in it. The group compromised the Twitter account and blog of Microsoft’s Skype service and posted anti-surveillance...
Federal Election Committee Audit Finds Security Deficiencies
The Federal Election Commission FEC, the government agency that keeps track of money raised each term by candidates and political action committees, is highly vulnerable to intrusions and data breaches according to a recent audit that discovered “significant deficiencies” in the FEC’s IT security...
MicroSD Cards Vulnerable to MITM, Hacking
Researchers demonstrated yesterday at the Chaos Communication Congress in Hamburg that they could write arbitrary code onto various SD memory cards, a hack that could give attackers the ability to perform man-in-the-middle attacks on devices housing the cards, as well as give users access to an...
Unencrypted Windows Error Reporting Crash Reports a Treasure
One of the revelations from latest Snowden document leaks described how the U.S. National Security Agency was able to intercept Microsoft Windows Error Reporting logs in order to fingerprint machines for potential compromise. The German publication Der Spiegel says the documents indicated the NSA...
Jacob Appelbaum 2013 30c3 keynote on NSA Surveillance
Cryptographer, developer and activist Jacob Appelbaum took to the pages of Germany’s Der Spiegel and the keynote dais of the 30th Chaos Communication Congress this weekend to deliver a damning expose of the catalog of backdoors, monitoring programs and products that potentially have and could be...
OpenSSL Hacked and Defaced
UPDATE: A Turkish hacking group compromised and defaced over the weekend the website of OpenSSL, an open-source SSL and TLS encryption implementation resource. The website Zone-H is hosting a mirror of the defacement, in which the hacking group responsible for the attack posted the following...
The Year in NSA
It’s that most wonderful time of the year, the time when everyone with access to an email machine puts together a list of the best or worst of whatever happened in the last 12 months. In the computer security world, there is no doubt that such a list would find NSA stories in places one through...
SnapChat Vulnerable to Two Exploits
After claiming the makers of SnapChat repeatedly ignored their disclosures over a period of four months, Gibson Security recently published the full details of a pair of bugs in the photo and video sharing application. One could give an attacker the ability to connect phone numbers with usernames...
NSA Bulk Telephony Metadata Collection Program Legal
A federal court today shot down a challenge by the American Civil Liberties Union ACLU to the National Security Agency’s bulk phone metadata collection program, determining that the spy agency’s actions are legal. The ruling by U.S. District Court judge William Pauley contradicts a Dec. 16 D.C...
Encrypted PINs Stolen in Target Data Breach
Target confirmed this morning that encrypted PIN data was stolen in the Black Friday data breach that exposed 40 million accounts to fraud. Spokesperson Molly Snyder said the ongoing forensics investigation confirmed that PIN data was accessed as well, contrary to previous claims made by the reta...
eBay Open to Cross-Site Request Forgery, Account Hijacking
EBay is vulnerable to a hack that would allow an attacker to hijack an account and make unauthorized purchases from the victim’s account that would be difficult to disprove. The vulnerability was discovered and reported to eBay in August, and despite three separate communications from the online...
Feedburner Hosting Malicious JavaScript Dropper
A sub-domain of Google’s Feedburner RSS management platform is hosting a string of malicious JavaScript embedded with an iFrame, all of which is designed to upload a Trojan onto user machines and redirect visitors to a series of malicious sites. According to a report published by the security fir...
Samsung Knox Vulnerable to Data Intercept
An Israeli security researcher from the Ben-Gurion University of the Negev’s Cyber Security Labs claims to have uncovered a serious security flaw in Samsung Knox. Knox is a security- and privacy-centric platform built into certain Samsung devices running Android. The Knox architecture, tailored f...
Malware Infections on the Rise in Turkey
In its latest Security Intelligence Report, the Microsoft Malware Protection Center MMPC determined that the malware encounter rate in Turkey is far greater than that of any other country in the entire world, let alone the other countries among the top 10 in malware infections. Encounter rate, pe...
VMware Patches Vulnerabilities in ESX, ESXi
VMware has patched a vulnerability in its ESX and ESXi hypervisors that could allow unauthorized local access to files. “This issue may allow an unprivileged vCenter Server user with the privilege ‘Add Existing Disk’ to obtain read and write access to arbitrary files on ESXi or ESX,” the company...