15946 matches found
Tech Companies Join Reform Government Surveillance Alliance
Eight massive technology companies including Facebook, Apple and Google make up a new coalition calling for a reform of surveillance practices, which the companies say are undermining trust in not only their respective services, but of the Internet as a medium for communication and commerce. The...
ZeroAccess Peer To Peer Botnet Takedown Incomplete
Microsoft trumpeted its disruption of the ZeroAccess peer-to-peer botnet late last week, but some experts are holding off on scheduling a celebratory ticker-tape parade. With numerous successful takedowns of botnets with a centralized command and control infrastructure in its back pocket, Microso...
French Government Impersonates Google Digital Certificate
Google last week revoked digital certificates for some of its domains that had been fraudulently signed by an intermediate certificate authority with links to France’s cyber-defense agency. The Agence Nationale de la Sécurité des Systèmes d’Information ANSSI claims that the spoofed Google...
The Biggest Security Stories of 2013
As 2013 comes to a close, security experts are looking back at the major stories and developments of the year, including the Edward Snowden NSA leaks and major malware attacks. In this video, Vitaly Kamluk of Kaspersky Lab examines the biggest security news of 2013 and talks about the lasting...
Apple Starts iBeacon Tracking System in Stores
If you’re still wondering when the future will get here, stop looking to the skies for flying cars and look down at your iPhone the next time you walk into an Apple store. The company has just kicked off a new in-store tracking initiative that uses Bluetooth to push offers and notifications to...
microsoft disrupts zeroaccess botnet
Microsoft’s crusade against botnets raged on yesterday as the Redmond, Wash., computer giant and a coalition of law enforcement agencies and Internet security companies disrupted the notorious ZeroAccess botnet. ZeroAccess, or Sirefef as Microsoft likes to call it, is a malware platform that...
Siemens Patches Authentication Bypass Flaw in SINAMICS ICS Software
Siemens has patched a serious remotely exploitable vulnerability in its SINAMICS S/G ICS software that could enable an attacker to take arbitrary actions on a vulnerable installation without having to authenticate. The vulnerability affects all versions of the Siemens SINAMICS S/G products with...
TIFF Zero Day Patch Among December 2013 Microsoft updates
Microsoft will, next week, patch a zero-day vulnerability in its GDI+ graphics component being exploited in targeted attacks in the Middle East and Asia. The zero day has sat unpatched since it was made public Nov. 5; Microsoft did release a FixIt tool as a temporary mitigation. The patch is one ...
New Dexter Point-of-Sale Malware Campaigns Discovered
The pesky Dexter point-of-sale malware, discovered more than a year ago, remains active primarily in Russia, the Middle East and Southeast Asia, while its cousin Project Hook is finding similar success in the United States, prompting experts to sound an alarm as holiday commerce ramps up...
Half Million Users Affected in JP Morgan Ucard data breach
An attack on the computer networks of banking giant JP Morgan Chase & Co. may have exposed sensitive information belonging to 465,000 prepaid cash-card holders, according to a Reuters report. JP Morgan said the attack targeted Web servers handling its Ucard program in mid-September and that the...
Microsoft Expands Encryption Use in Cloud Services to Thwart Surveillance
In response to the growing set of revelations about the NSA’s surveillance methods and alleged compromise of some large technology vendors’ services, Microsoft is taking a number of steps to try and reassure customers about the integrity of the company’s offerings and to greatly expand the use of...
IE Reflective Cross-Site Scripting Filter Bypass Discovered
UPDATE – A weakness has been discovered in the reflective cross-site scripting filter present in Internet Explorer since IE 8 that could enable an attacker to trick the browser into executing malicious code as trusted. The problem going forward is twofold: everything occurring in the bypass metho...
counterfeit merchandise domains seized
In an attempt to curb the rampancy of fraud throughout the holiday shopping season, a coalition of international law enforcement agencies seized 706 Internet domains allegedly involved in the sale of counterfeit merchandise. The United States Homeland Security Investigations’ HSI National...
VMware Patches Fix Privilege Escalation Vulnerability
Virtualization software company VMware pushed out patches for some builds of its Workstation, Fusion, ESXi and ESX products this week, fixing a vulnerability that could have led to a privilege escalation in older Windows operating systems running in a virtual environment. The main problem is the...
IG Report Shows DHS Making Progress, But Still Has Room to Improve on Information Security
Although there are still a number of issues that need to be addressed with the Department of Homeland Security’s information security efforts, the department is improving in many areas and making strong progress toward implementing better security controls, a new report from the Inspector General...
Pony Botnet Controller Has 2 Million Stolen, Weak Passwords
So what’s worse: Finding two million passwords harvested by a botnet, or learning that most of the stolen passwords are terribly weak? Researchers at Trustwave found another Pony botnet controller recently that oversees a trove of close to two million website logins, email account credentials, as...
Matthew Green on How NSA Breaks SSL
In order for the National Security Agency to collect the massive amounts of communication it has from email and Web traffic, it needs to elude, leapfrog or bash through the barrier that is SSL. How it’s doing so is the real question, one that noted Johns Hopkins cryptographer Matthew Green wants...
$100 Million Worth of Bitcoins Stolen
UPDATE: As if Bitcoin malware and Bitcoin mining malware weren’t enough to worry about, there was more trouble for the users of the digital crypto-currency last week as 96,000 Bitcoins disappeared from the Sheep Marketplace. Bicoin’s value has surged in recent weeks, peaking at an astonishing...
How to Skyjack Drones for $400
UPDATE–The skies may soon be full of drones–some run by law enforcement agencies, others run by intelligence agencies and still others delivering novels and cases of diapers from Amazon. But a new project by a well-known hacker Samy Kamkar may give control of some drones to anyone with $400 and a...
Acoustical Mesh Network Used to Infect Air-Gapped Computers
The soundest security advice managers of critical computing systems have been given is to air gap those machines. Don’t network them and don’t expose them to the Internet, and there’s no way hackers reach them from the Web and no way a direct infection replicates. Recently, there’s been reason fo...
Proof-of-Concept App Released for Android Jelly Bean Security Bypass Bug
The researchers who discovered a serious vulnerability in Android 4.3 Jelly Bean that enables a malicious app to disable the security locks on a vulnerable device have published a proof-of-concept app that exploits the bug, as well as source code for the app. The vulnerability in question lies in...
UN Says US Surveillance Violates Human Rights
The United Nations has joined the growing chorus of people, organizations and activists denouncing government mass surveillance of citizens without cause and says that such programs are a violation of basic human rights. The Social, Humanitarian, and Cultural – Third Committee of the United Natio...
Google Nexus Phones Vulnerable to SMS Denial-of-Service
Google is reportedly looking into a problem with the latest versions of Nexus smartphones that could force the devices to restart, lock or fail to connect to the Internet. All Galaxy Nexus, Nexus 4 and Nexus 5 devices that run Android 4.0 contain a flaw that can render the phones vulnerable to a...
D-Link Patches Backdoor Vulnerabilities in Routers
D-Link has patched a backdoor present in a number of its routers that was publicized almost two months ago and could allow an attacker to remotely access the administrative panel on the hardware, run code and make any number of changes. The Thanksgiving patch parade addressed the issue in a numbe...
Phishing Email Exposes Patient Data of 90,000
After opening a malicious attachment in a phishing email, an employee at University of Washington Medicine in Seattle may have exposed the personal information of more than 90,000 Harborview Medical Center and University of Washington Medical Center patients. The breach took place in October...
Windows XP Zero Day Tied To Reader Flaw, Exploited in Wild
If your organization needed more incentive to move off Windows XP, a new zero-day vulnerability made public recently may be it. The bug, which is being exploited in the wild, allows local privilege escalation and kernel access. But in the bigger picture, it’s another indicator that attackers migh...
Bug Allows Apps to Bypass Android Security Locks
There is a vulnerability in Android 4.3 Jelly Bean that enables a malicious app to disable all of the security locks on a given device, leaving it open to further attacks. Jelly Bean is the most widely deployed version of Android right now. The vulnerability in Android exists in the way that the...
CryptoLocker Ransomware Forensics Leads to Encrypted Files
If CryptoLocker is teaching enterprise IT and security people anything, it’s that backup is king. The ransomware is unforgiving; it will find and encrypt documents on local and shared drives and it will not give them back. Experts don’t advise victims to pay the ransom, which means infected...
European Commission Urges U.S to Reform Surveillance Methods
The European Commission is urging the United States government to make some changes to the way it handles surveillance to help restore the trust in the relationship between the EU and the U.S. The commission is asking for the U.S. to promote privacy rights internationally, adopt the EU’s data...
Privacy, Human Rights Groups Form New Anti-Surveillance Coalition
A large group of privacy and digital rights organizations has put together a new effort to urge politicians to curtail the mass surveillance operations that have been exposed in the last few months. The new coalition has developed a set of 13 principles for governments to follow in their...
Nearly 2000 Sites Vulnerable to Ruby on Rails Cookie Problem
A lingering security issue in Ruby on Rails that stems from a setting in the framework’s cookie-based storage mechanism is still present in almost 2,000 websites. Sites using an old version of Ruby on Rails that relies on CookieStore, the framework’s default cookie storage mechanism, are at risk...
Neverquest Banking Trojan Targets More Than 100 Banks
Banking malware with a particular liking for Fidelity Investments has infected several thousand victims worldwide, and has the capacity for much greater harm, in particular during the upcoming holidays, according to researchers at Kaspersky Lab. A report released today describes the threat posed ...
Blackhole and Cool Exploit Kits Nearly Extinct
When authorities in Russia arrested Paunch, the alleged creator of the Blackhole exploit kit, last month, security researchers and watchers of the malware underground predicted that taking him off the board would put a dent in the use of Blackhole and force its customers onto other platforms. Six...
Atrax Kit Boasts Tor Connectivity, Bitcoin Extraction
Yet another commercial crimekit has been spotted making the rounds on the underground malware forums that uses the anonymity network Tor to stealthily communicate with its command and control servers. While it isn’t the first of its kind to use Tor, the kit, nicknamed Atrax, is cheap and comes wi...
Twitter Implements Perfect Forward Secrecy
Twitter took another step toward not only securing the privacy of its users’ communication over the social network, but in warding off the prying eyes of government surveillance with the implementation of Perfect Forward Secrecy. The technology thwarts the efforts of anyone who may be collecting...
Grand Theft Auto Panda APT Espionage Attack Platform
Researchers have discovered a mature attack platform that’s enjoyed great success eluding detection and made good use of an exploit present in a number of espionage campaigns. The attacks have concentrated largely on the automotive industry, hitting large companies primarily in Asia and only afte...
Account Recovery Vulnerability Patched in Gmail
A recent set of Google patches included a fix for a serious Gmail account recovery vulnerability, the details of which have been disclosed. Researcher Oren Hafifi of Israel points out in his disclosure that unlocking a Google password opens the door to much more than email, elevating the risk. “D...
Microsoft to Roll Out Encrypted Message Service for Office 365
Encryption, once a tool used mainly by security professionals, activists and others with reason to suspect their communications may be at risk, has been moving ever deeper into the mainstream in recent months. Now, Microsoft is planning to roll out a new encrypted email service on its Office 365...
Dennis Fisher and Mike Mimoso Discuss Do Not Track, We Are the Cavalry and more
Dennis Fisher and Mike Mimoso discuss the major security stories of the last two weeks, including the BGP route hijacking, why Do Not Track doesn’t work and the We Are the Cavalry movement. Download: digitalunderground135.mp3...
Debian Patches Flaws in Nginx, Perl Module
Debian has released patches for a pair of security vulnerabilities in the free operating system, including a security bypass flaw in the Nginx Web server. The other vulnerability lies in a Perl module used in the OS. The vulnerability in the HTTP: :Body Perl module could allow an attacker to run...
Stuxnet Had Older, More Complex Variant
Stuxnet was a two-headed beast as it turns out, one that could have laid waste to the Natanz nuclear facility which it infected, and one that should have, by expert accounts, remained undetected if not for the noisier yet less complex second attack routine that is now familiar to the world...
Members of We Are the Cavalry on Security Research
Dennis Fisher talks with several members of the We Are the Cavalry project, including Josh Corman, Robert Hansen, Space Rogue and John Dickson, about the movement’s origins, its goals to promote research on topics such as medical device security and how to help change the perception of security...
Replacing Security Best Practices With Things That Work
NEW YORK–The term “best practices” is high on the list of overused and nearly meaningless phrases that get thrown around in the security field. It forms the basis for regulations such as HIPAA and PCI DSS and yet if you asked a random sample of 10 security people what the phrase meant, you’d like...
Gaming Company Settles on Bitcoin Mining Allegations
The ESEA League, an online competitive gaming community, has decided to settle with the state of New Jersey after the acting attorney general there alleged that the gaming community operator infected user-machines with malware designed to mine Bitcoins. The league is owned and managed by E-Sports...
'Let's Do Security That Matters'
NEW YORK–A small group of influential security researchers and executives are putting together a grass-roots movement to encourage more research on the emerging breed of connected and potentially vulnerable devices such as pacemakers, insulin pumps and others and help educate users about the...
i2Ninja Financial Malware Communicates on I2P Darknet
The Mevade botnet made news when it was found to be using the Tor anonymity network to communicate with its command and control infrastructure. Running C&C on Tor, however, turned out to be a fatal mistake when Tor usage spiked alerting administrators to the unusual activity. A group of Russian...
Moving From Do Not Track to Can Not Track
NEW YORK–The movement in the security and privacy communities to push the Do Not Track standard as an answer to the problem of pervasive online tracking by ad companies and other entities has resulted in the major browser vendors including DNT as an option for users, giving them a method for...
Illegal Online Marketplaces Booming
A complete bundle of personal information hackers require to steal identities is available on the underground for as little as $25. The data, known as Fullz in underground parlance, includes name, address, phone number, date of birth, Social Security or EIN numbers, email address with password an...
EFF Encrypt the Web Report Shows Crypto Leaders, Laggards
There’s nothing like a little peer pressure to nudge someone toward doing the right thing. That’s the philosophy behind the Electronic Frontier Foundation’s Encrypt the Web Report, which examines the encryption capabilities of 18 leading Internet companies, including large carriers, social...
Github Resets Users' Passwords Follow Brute Force Attack
The web hosting development site GitHub reset a number of users’ passwords and revoked a slew of user security authorizations this week following a wave of brute-force attacks. According to a blog entry by GitHub’s Security Manager Shawn Davenport yesterday, the incident involved login attempts...