Slashdot Mirror

An anonymous reader writes: Often working in isolation, IT teams are still considered to be supporting players in many workplaces, yet the responsibility being placed on them is huge. In the event of a cyber attack, network outage or other major issue, they will typically drop everything to fix the problem at hand. Almost all the respondents (95%) to a new AlienVault survey said that they have fixed a user or executive's personal computer issue during their work hours. In addition, over three-quarters (77%) said that they had seen and kept secret potentially embarrassing information relating to their colleagues' or executives' use of company-owned IT resources.

An anonymous reader writes: PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market. Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time. The platform can go through millions of events per day and can make an increasingly better evaluation of whether they are anomalous, malicious or benign.

An anonymous reader writes: Check Point researchers have discovered a severe vulnerability in eBay's online sales platform, which allows criminals to distribute malware and do phishing campaigns. This vulnerability allows attackers to bypass eBay's code validation and control the vulnerable code remotely, to execute malicious Javascript code on targeted eBay users.

An anonymous reader writes: Juniper Research predicts that at least 1 in 3 home routers will be used as public Wi-Fi hotspots by 2017, and that the total installed base of such dual-use routers will reach 366 million globally by the end of 2020. Major broadband operators such as BT, UPC and Virgin Media in Europe and several of the biggest cable TV operators in the U.S. such as Comcast and Cablevision have adopted the homespot model as a low-cost way of rapidly expanding their domestic Wi-Fi coverage.

An anonymous reader writes: A new spam campaign is targeting Facebook users. It uses the same approach as the recent one aimed at WhatsApp users, and Comodo researchers believe that the authors of both campaigns are likely the same. The fake emails are made to look like an official communication from the popular social network, and their goal is to make the victims believe they have received a voice message. The attachment that the recipients are urged to download and open contains a malicious executable — a variant of the Nivdort information-stealing Trojan.

An anonymous reader writes: They might seems small and relatively insignificant, but cheap wireless web cams deployed in houses and offices (and connected to home and office networks) might just be the perfect way in for attackers. Researchers from the Vectra Threat Lab have demonstrated how easy it can be to embed a backdoor into such a web cam, with the goal of proving how IoT devices expand the attack surface of a network. They bought a consumer-grade D-Link WiFi web camera for roughly $30, and cracked it open. After installing a back-door to the Linux system that runs the camera, and then turning off the ability to update the system, they had an innocent seeming but compromised device that could be stealthily added to a network environment.

An anonymous reader writes: You can add terrorist-controlled drones to the list of dangers we need to be prepared for, says the Oxford Research Group. Its new report contains information about over 200 current and upcoming unmanned aerial, ground and marine systems, and evaluates their capabilities for delivering payloads (e.g. explosive devices), imaging capabilities (e.g. for reconnaissance purposes), and their general capabilities. Even though the report notes that commercial drones have a limited flight time, range of movement, and payload capacity, and that their operators still have to be relatively close to a potential target, the researchers are particularly worried about the possibility of drones being used as remotely controlled explosive devices. They say, "The technology of remote-control warfare is impossible to control; the ultimate defence is to address the root drivers of the threat in the first place."

An anonymous reader writes: OAuth 2.0 is one of the most used single sign-on systems on the web: it is used by Facebook, Google, Microsoft, GitHub and other big Internet companies. A group of researchers from University of Trier, Germany, have performed the first formal security analysis of the OAuth 2.0 standard, and have discovered two previously unknown attacks that could be mounted to break authorization and authentication in OAuth. However, says the article, "[w]ith these problems solved, the researchers ultimately concluded that OAuth 2.0 is secure enough to provide both authorization and authentication -- if implemented correctly."

An anonymous reader writes: Hackers have set up a clever new clickjacking campaign taking advantage of pop-up alerts that European users are (by now) accustomed to see: the "EU Cookie Law" notifications. The criminals are placing a legitimate ad banner on top of the warning message via an iframe. The trick is to make the ad invisible by setting its opacity to zero. So, each time a user clicks anywhere on the legitimate message, he or she clicks also on the hidden ad.

An anonymous reader writes: In the wake of the discovery of two backdoors on Juniper's NetScreen firewall devices, Cisco Systems has announced that they will be reviewing the software running on their devices, just in case. Anthony Grieco, a Senior Director of the Security and Trust Organization at Cisco, made sure to first point out that the popular networking equipment manufacturer has a "no backdoor" policy. According to Grieco, Although our normal practices should detect unauthorized software, we recognize that no process can eliminate all risk. Our additional review includes penetration testing and code reviews by engineers with deep networking and cryptography experience. The reviewers will be looking for backdoors, hardcoded or undocumented account credentials, covert communication channels and undocumented traffic diversions.

An anonymous reader writes: Twitter has sent out unexpected warning notices to a number of users, informing them that their account might have been targeted by state-sponsored hackers. This is the first time Twitter is known to have sent out such notifications, and they're also recommending Tor and other privacy-oriented measures to these users. Among known recipients of the message are Coldhak, a Winnipeg-based nonprofit; Coldhak director Colin Childs; privacy and security researcher Runa Sandvik; activists and cryptoparty organizer Cassie Traun; security researcher Noris Fabio; Tech writer and programmer David Robinson; and banker and mathematics student Jens Kubieziel (also the author of a book about anonymity on the Internet).

An anonymous reader writes: On Wednesday, Valve introduced a new "trade hold" system that should prevent scammers from stealing items from Steam users' hijacked account, or at least minimize the occurrence of such incidents. Anyone using the Steam Guard Mobile Authenticator to confirm trades is able to continue trading as always. Users who haven't enabled it, or can't, can still trade, but they'll have to wait up to 3 days for the trade to go through. The system was, understandably, not welcome by some users, and it didn't take long for scammers to take advantage of this discontent.

An anonymous reader writes: For this December Patch Tuesday, Microsoft has released twelve security bulletins, eight of which have been rated critical. Those refer to the cumulative security updates for Internet Explorer, Microsoft Edge, JScript and VBScript, and updates for Microsoft Windows DNS, Microsoft Graphics Component, Silverlight, Microsoft Office, and Microsoft Uniscribe. Microsoft also released a security advisory announcing the removal of a digital certificate from the Certificate Trust list (CTL).

An anonymous reader writes: Transport and energy companies will have to ensure that the digital infrastructure that they use to deliver essential services, such as traffic control or electricity grid management, is robust enough to withstand cyber-attacks, under new rules provisionally agreed by internal market MEPs and the Luxembourg Presidency of the EU Council of Ministers on Monday. In addition, some internet services providers, such as online marketplaces (e.g. eBay, Amazon), search engines (e.g. Google) and clouds, will also have to ensure the safety of their infrastructure and to report on major incidents. Micro and small digital companies will get an exemption, the deal says.

An anonymous reader writes with this lead from Help Net Security's story on a topic we've touched on here many times: the broad powers arrogated by the Federal government in the form of National Security Letters: On Monday, after winning an eleven-year legal battle, Nicholas Merrill can finally tell the public how the FBI has secretly construed its authority to issue National Security Letters (NSLs) to permit collection of vast amounts of private information on US citizens without a search warrant or any showing of probable cause. The PATRIOT Act vastly expanded the domestic reach of the NSL program, which allows the FBI to compel disclosure of information from online companies and forbid recipients from disclosing they have received an NSL. The FBI has refused to detail publicly the kinds of private data it believes it can obtain with an NSL. A key sentence from the same story: "Merrill is now able to reveal that the FBI believes it can force online companies to turn over the following information simply by sending an NSL demanding it: an individual’s complete web browsing history; the IP addresses of everyone a person has corresponded with; and records of all online purchases." Reader Advocatus Diaboli adds this, from The Intercept: One of the most striking revelations, Merrill said during a press teleconference, was that the FBI was requesting detailed cell site location information — cellphone tracking records — under the heading of "radius log" information. Traditionally, radius log refers to a user's attempts to connect to a server or a DSL line — a sort of anachronism given the progress of technology. "The notion that the government can collect cellphone location information — to turn your cellphone into a tracking device, just by signing a letter — is extremely troubling," Merrill said.

An anonymous reader writes: Embedded devices of some 50 manufacturers has been found sharing the same hard-coded X.509 certificates (for HTTPS) and SSH host keys, a fact that can be exploited by a remote, unauthenticated attacker to carry out impersonation, man-in-the-middle, or passive decryption attacks. SEC Consult has analyzed firmware images of more than 4000 embedded devices of over 70 vendors — firmware of routers, IP cameras, VoIP phones, modems, etc. — and found that, in some cases, there are nearly half a million devices on the web using the same certificate.

An anonymous reader writes with a report from Help Net Security that the credential management system used by Pearson VUE (part of education company and publisher Pearson) has been breached "by an unauthorized third party with the help of malware." Pearson VUE specializes in computer-based assessment testing for regulatory and certification boards. From the story: Over 450 credential owners (including IT organizations such as IBM, Adobe, etc.) across the globe use the company's solutions to develop, manage, deliver and grow their testing programs. The company is still assessing the scope of the breach, and says that they do not think that US Social Security numbers or full payment card information were compromised. But because the PMC is custom designed to fit specific customer requirements, they are still looking into how this incident affected each of their customers. According to a note on Pearson's site, the system remains down for the time being.

An anonymous reader writes: The Federal Trade Commission has approved final amendments to its Telemarketing Sales Rule (TSR), including a change that will help protect consumers from fraud by prohibiting four discrete types of payment methods favored by scammers. The TSR changes will stop telemarketers from dipping directly into consumer bank accounts by using certain kinds of checks and "payment orders" that have been "remotely created" by the telemarketer or seller. In addition, the amendments will bar telemarketers from receiving payments through traditional "cash-to-cash" money transfers – provided by companies like MoneyGram, Western Union, and RIA.

An anonymous reader writes: Have Carnegie Mellon University researchers been paid by the FBI to unmask a subset of Tor users so that the agents could discover who operated Silk Road 2.0 and other criminal suspects on the dark web? Tor Project Director Roger Dingledine believes so, and says that they were told by sources in the information security community that the FBI paid at least $1 million for the service. From the article: "There is no indication yet that they had a warrant or any institutional oversight by Carnegie Mellon's Institutional Review Board. We think it's unlikely they could have gotten a valid warrant for CMU's attack as conducted, since it was not narrowly tailored to target criminals or criminal activity, but instead appears to have indiscriminately targeted many users at once," noted Dingledine. "Such action is a violation of our trust and basic guidelines for ethical research. We strongly support independent research on our software and network, but this attack crosses the crucial line between research and endangering innocent users," he pointed out.

An anonymous reader writes: Ivan Ristic is well-known in the information security world, and his name has become almost a synonym for SSL Labs, a project he started in early 2009. Before that, he was mostly known for his work with OWASP and the development of the wildly popular open source web application firewall ModSecurity. While SSL Labs was something Ristic worked on in his spare time, over time it became his main focus. In fact, over the years, the project incorporated a great number of checks that are impossible to perform manually. It's a game changer because, to assess your TLS configuration, you don't need to be an expert. Read the story about the project's evolution on Help Net Security.

An anonymous reader writes: After several days of intense work, Switzerland-based end-to-end encrypted e-mail provider ProtonMail has largely mitigated the DDoS attacks that made it unavailable for hours on end in the last week. The attacks exceeded 100Gbps, and are still going on, but they are no longer capable of knocking ProtonMail offline for extended periods of time. The ProtonMail community of users proved to be invaluable for the company. In fact, in just a few days, they donated over $50,000 to the company's "defense fund," providing the resources to resist further attacks against email privacy.

An anonymous reader writes: Ransomware comes in various forms, and not all ransomware encrypts files — some just block computers until the ransom is paid. When the file encryption feature is included, the encryption key is usually sent to the malware's C&C server, which is controlled by the crooks — but not always. Researchers have recently analyzed a crypto-ransomware sample that demonstrated an alternative method of encrypting files and delivering the key (i.e., the information required to discover the right key) to the criminal behind the scheme — it doesn't need to contact a C&C to receive an encryption key or to send it to the crook.

An anonymous reader writes: Sharing genomic information among researchers is critical to the advance of biomedical research. Yet genomic data contains identifiable information and, in the wrong hands, poses a risk to individual privacy. If someone had access to your genome sequence — either directly from your saliva or other tissues, or from a popular genomic information service — they could check to see if you appear in a database of people with certain medical conditions, such as heart disease, lung cancer or autism. Work by a pair of researchers at the Stanford University School of Medicine makes that genomic data more secure. Researches have demonstrated a technique for hacking a network of global genomic databases and how to prevent it. They are working with investigators from the Global Alliance for Genomics and Health on implementing preventive measures.

An anonymous reader writes: The recent approval of CISA (the Cybersecurity Information Sharing Act) by the US Congress and Senate is paving the way for broader security collaboration. If and when CISA is ratified into law, the chief obstacles to cybersecurity collaboration within the private sector will remain. CISA promotes sharing – but when dealing with cyber threat data companies are also concerned about other mandates which may govern the information being shared. These include anti-trust, privacy, sectorial directives and data protection regulations that affect many multi-national organizations.

An anonymous reader writes: A recent network forensic examination of popular messaging service WhatsApp at the University of New Haven's Cyber Forensics Research & Education Group is offering new details on the data that can be collected from the app's network from its new calling feature: such as phone numbers and phone call duration, and highlights areas for future research and study. The researchers provided an outline of the WhatsApp messaging protocol from a networking perspective, making it possible to explore and study WhatsApp network communications. (Also noted at The Register.)

An anonymous reader writes: When in 2010 a team of computer scientists at Cambridge University demonstrated how the chip and PIN system used on many modern payment cards can be bypassed by making the POS system accept any PIN as valid, the reaction of the EMVCo and the UK Cards Association was to brand the attack as "improbable." After all, the researchers used a bulky tech setup that had to be carried around in a backpack but, as it ultimately turned out, a year later an engineer based in France found a less obvious way to perform the attack.

An anonymous reader writes: When in 2010 a team of computer scientists at Cambridge University demonstrated how the chip and PIN system used on many modern payment cards can be bypassed by making the POS system accept any PIN as valid, the reaction of the EMVCo and the UK Cards Association was to brand the attack as "improbable." After all, the researchers used a bulky tech setup that had to be carried around in a backpack but, as it ultimately turned out, a year later an engineer based in France found a less obvious way to perform the attack.

An anonymous reader writes: Unmanned aerial vehicles — so-called drones — can be helpful, malicious, or simply disruptive, depending on the intentions of those who use them. But while regular folks have to be worried about law suits if they shoot one down, law enforcement officers have a better solution, and one that's currently legal (for them): stop one mid-flight. This can be achieved with DroneDefender, a recently made available "gun" that uses radio control frequency disruption technologies to safely stop drones in the air, before they can pose a threat to military or civilian safety.

An anonymous reader writes: Plugging in random USB sticks in your computer has never been more dangerous, as a researcher who goes by the name Dark Purple has demonstrated his new device: USB Killer 2.0. When plugged into a computer, the deadly USB draws power from the device itself. With the help of a voltage converter the device's capacitors are charged to 220V, and it releases a negative electric surge into the USB port. This surge "fries" the USB port and, in the researcher's demonstration, the motherboard — perhaps not always after the first surge, but the malicious USB device repeats the process until no more power can be drawn.

An anonymous reader writes with this report about just how easy it is to disrupt if not entirely kill modern consumer-grade networks -- not just Wi-Fi, but Bluetooth and Zigbee networks, too. Crucial to determining the likelihood of any given kind of attack, though, is how much it would cost the attacker to attempt. The bad news for network owners and users is that it doesn't cost much at all: "According to Mathy Vanhoef, a PhD student at KU Leuven (Belgium), it can easily be done by using a Wi-Fi $15 dongle bought off Amazon, a Raspberry Pi board, and an amplifier that will broaden the range of the attack to some 120 meters."

An anonymous reader writes: Whenever people think of APTs and targeted attacks, they ask: who did it? What did they want? While those questions may well be of some interest, a potentially more useful question to ask is: what information about the attacker can help organizations protect themselves better? Let's look at things from the perspective of a network administrator trying to defend an organization. If someone wants to determine who was behind an attack, maybe the first thing they'll do is use IP address locations to try and determine the location of an attacker. However, say an attack was traced to a web server in Korea. What's not to say that whoever was responsible for the attack also compromised that server? What makes you think that site's owner will cooperate with your investigation?

An anonymous reader writes: LogMeIn has agreed to acquire LastPass, the popular single-sign-on (SSO) and password management service. Under the terms of the transaction, LogMeIn will pay $110 million in cash upon close for all outstanding equity interests in LastPass, with up to an additional $15 million in cash payable in contingent payments which are expected to be paid to equity holders and key employees of LastPass upon the achievement of certain milestone and retention targets over the two-year period following the closing of the transaction.

An anonymous reader writes: After examining 122 used mobile devices, hard disk drives and solid state drives purchased online, Blancco Technology Group and Kroll Ontrack found 48% contained residual data. In addition, 35% of mobile devices contained emails, texts/SMS/IMs, and videos. From the article: "Upon closer examination, Blancco Technology Group and Kroll Ontrack discovered that a deletion attempt had been made on 57 percent of the mobile devices and 75 percent of the drives that contained residual data. Even more compelling was the discovery that those deletion attempts had been unsuccessful due to common, but unreliable methods used, leaving sensitive information exposed and potentially accessible to cyber criminals. The residual data left on two of the second-hand mobile devices were significant enough to discern the original users' identities. Whether it's a person's emails containing their contact information or media files involving a company's intellectual property, lingering data can have serious consequences."

An anonymous reader writes: Malware called YiSpecter is infecting iOS devices belonging to Chinese and Taiwanese users, and is the first piece of malware that successfully targets both jailbroken and non-jailbroken devices, Palo Alto Networks researchers warn. What's more, the techniques it uses for hiding are making it difficult to squash the infection. YiSpecter's malicious apps were signed with three iOS enterprise certificates issued by Apple so that they can be installed as enterprise apps on non-jailbroken iOS devices via in-house distribution. Through this kind of distribution, an iOS app can bypass Apple's strict code review procedures and can invoke iOS private APIs to perform sensitive operations.

An anonymous reader writes: A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers to compromise a machine on which the software is installed. "The issue is located in the 'Text and Icon' function of the 'Text to display in SFX window' module," Vulnerability Lab explained in a post on on the Full Disclosure mailing list. "Remote attackers are able to generate own compressed archives with malicious payloads to execute system specific codes for compromise."

Some attacks on computers and networks are subtle; think Stuxnet. An anonymous reader writes with a report at Net Security of researcher Grigorios Fragkos's much more direct approach to compromising a network: zap the hardware from an unattended ethernet port with a jolt of electricity. Fragkos, noticing that many networks include links to scattered and unattended ethernet ports, started wondering whether those ports could be used to disrupt the active parts of the network. Turns out they can, and not just the ports they connect to directly: with some experimentation, he came up with a easily carried network zapping device powerful enough to send a spark to other attached devices, too, but not so powerful -- at least in his testing -- to set the building on fire. As he explains: I set up a network switch, and over a 5 meters Ethernet cable I connected an old working laptop. Over a 3 meters cable I connected a network HDD and over a 100 meters cable I connected my “deathray” device. I decided to switch on the device and apply current for exactly 2 seconds. The result was scary and interesting as well. The network switch was burned instantly with a little “tsaf” noise. There was also a buzzing noise coming from the devices plugged-in to the network switch, for a less than a second. There was a tiny flash from the network HDD and the laptop stopped working. It is not the cheapest thing in the world to test this, as it took all of my old hardware I had in my attic to run these experiments. I believe the threat from such a high-voltage attack against a computer infrastructure is real and should be dealt with.

An anonymous reader writes: As the list of apps infected with the XcodeGhost malware keeps expanding, Apple, Amazon and Baidu are doing their best to purge their online properties of affected apps, malicious Xcode installers, and C&C servers used by the attackers to gather the stolen information and control the infected apps/devices. China-based jailbreaking Pangu Team claims that the number of infected app is higher than 3,400, and have offered for download a free app that apparently detects the Trojanized apps.

An anonymous reader writes with an alert for anyone who uses the WhatsApp Web application. Check Point researcher Kasif Dekel, according to NetSecurity.Org, has discovered that "to exploit the vulnerability, an attacker simply needs to send a WhatsApp user a seemingly innocent vCard contact card, containing malicious code." When this card is opened from within the app, the executable it contains is run, "further compromising computers by distributing malware including ransomware, bots, remote access tools, and other types of malicious code." Not all users need to panic about this vulnerability, though: the company has rolled out a fix, contained in all versions of WhatsApp Web after v0.1.4481. But with an estimated 200 million users of the web-based version, many users aren't yet using the updated version.

An anonymous reader writes: Rocket Kitten, a cyber espionage group that mostly targets individuals in the Middle East, has been spotted attempting to impersonate security researchers. "We feel fairly certain that Rocket Kitten's prime targets are not companies and political organizations as entire bodies but individuals that operate in strategically interesting fields such as diplomacy, foreign policy research, and defense-related businesses. We believe the espionage factor and political context make their attacks unique and very different from traditional targeted attacks," researchers noted in a recently published new paper (PDF).

An anonymous reader writes: Researchers from Palo Alto Networks and WeipTech have unearthed a scheme that resulted in the largest known Apple account theft caused by malware. All in all, some 225,000 valid Apple accounts have been compromised. The theft is executed via variants of the KeyRaider iOS malware, which targets jailbroken iOS devices. Most of the victims are Chinese — the malware is distributed through third-party Cydia repositories in China — but users in other countries have also been affected (European countries, the U.S., Australia, South Korea, and so on). "The malware hooks system processes through MobileSubstrate, and steals Apple account usernames, passwords and device GUID by intercepting iTunes traffic on the device," Palo Alto researcher Claud Xiao explained. "KeyRaider steals Apple push notification service certificates and private keys, steals and shares App Store purchasing information, and disables local and remote unlocking functionalities on iPhones and iPads."

An anonymous reader writes: The Core Infrastructure Initiative (CII), a project managed by The Linux Foundation, is developing a new free Badge Program, seeking input from the open source community on the criteria to be used to determine security, quality and stability of open source software. The first draft of the criteria is available on GitHub and is spearheaded by David A. Wheeler, an open source and security research expert who works for the Institute for Defense Analyses and is also coordinating the CII's Census Project, and Dan Kohn, a senior adviser on the CII.

An anonymous reader writes: A group of researchers have discovered some of the most popular BitTorrent applications, including uTorrent, Mainline, and Vuze are vulnerable to a newly discovered form of distributed denial of service attack that makes it easy for a single person to bring down large sites. The weaknesses allow an attacker to insert the target's IP address instead of their own in the malicious request. To mount a Distributed Reflective DoS (DRDoS) attack, an attacker sends this malformed requests to other BitTorrent users, which then act as reflectors and amplifiers and flood the intended victim with responses.

An anonymous reader writes: Most security interfaces today leave a lot to be desired, and many security pros are gaming enthusiasts, accustomed to a sharp and engaging virtual world. ProtectWise CEO Scott Chasin and CTO Gene Stevens wanted to give them a helpful security tool with an interactive visual dashboard that looks straight out of Call of Duty. The UI is called ProtectWise Visualizer, and its creator is Jake Sargeant, FX pro and a visual designer at MN8 Studio. If his name sounds familiar, it's because he was the Lead Animated Graphics Artist for the movie TRON: Legacy. There's plenty of inspiration available for movie-style UIs; the problem with much of it is that not everyone likes an interface that looks like an especially busy video game.

An anonymous reader writes: Facebook has awarded $100,000 to a team of researchers from Georgia Tech University for their discovery of a new method for identifying "bad-casting" vulnerabilities that affect programs written in C++. "Type casting, which converts one type of an object to another, plays an essential role in enabling polymorphism in C++ because it allows a program to utilize certain general or specific implementations in the class hierarchies. However, if not correctly used, it may return unsafe and incorrectly casted values, leading to so-called bad-casting or type-confusion vulnerabilities," the researchers explained in their paper.

An anonymous reader writes: Closely behind the discoveries of the Stagefright flaw, the hole in Android's mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that of an Android serialization vulnerability that affects Android versions 4.3 to 5.1 (i.e. over 55 percent of all Android phones). The bug (CVE-2015-3825), discovered by IBM's X-Force Application Security Research Team in the OpenSSLX509Certificate class in the Android platform, can be used to turn malicious apps with no privileges into "super" apps that will allow cyber attackers to thoroughly "own" the victim's device. In-depth technical details about the vulnerabilities are available in this paper the researchers are set to present at USENIX WOOT '15.

An anonymous reader writes: Closely behind the discoveries of the Stagefright flaw, the hole in Android's mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that of an Android serialization vulnerability that affects Android versions 4.3 to 5.1 (i.e. over 55 percent of all Android phones). The bug (CVE-2015-3825), discovered by IBM's X-Force Application Security Research Team in the OpenSSLX509Certificate class in the Android platform, can be used to turn malicious apps with no privileges into "super" apps that will allow cyber attackers to thoroughly "own" the victim's device. In-depth technical details about the vulnerabilities are available in this paper the researchers are set to present at USENIX WOOT '15.

An anonymous reader writes: Closely behind the discoveries of the Stagefright flaw, the hole in Android's mediaserver service that can put devices into a coma, and the Certifi-gate bug, comes that of an Android serialization vulnerability that affects Android versions 4.3 to 5.1 (i.e. over 55 percent of all Android phones). The bug (CVE-2015-3825), discovered by IBM's X-Force Application Security Research Team in the OpenSSLX509Certificate class in the Android platform, can be used to turn malicious apps with no privileges into "super" apps that will allow cyber attackers to thoroughly "own" the victim's device. In-depth technical details about the vulnerabilities are available in this paper the researchers are set to present at USENIX WOOT '15.

An anonymous reader writes: Cyberwar and its ramifications have been debated for some time and the issue has been wrought with controversy. Few would argue that cyber-attacks are not prevalent in cyberspace. However, does it amount to a type of warfare? Let's break this down by drawing parallels from a treatise by 6th century military general, Sun Tzu, who authored one of the most definitive handbooks on warfare, "The Art of War." His writings have been studied throughout the ages by professional militaries and can be used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

An anonymous reader writes: Per Thorsheim, the founder of PasswordsCon, created and trained a biometric profile of his keystroke dynamics using the Tor browser at a demo site. He then switched over to Google Chrome and not using the Tor network, and the demo site correctly identified him when logging in and completing a demo financial transaction. Infosec consultant Paul Moore came up with a working solution to thwart this type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM. A Firefox version of the plugin is in the works.

An anonymous reader writes: Google researchers have asked 231 security experts and 294 web-users who aren't security experts about their security best practices, and the list of top ones for each group differs considerably. Experts recognize the benefits of updates, while non-experts are concerned about the potential risks of software updates. Non-experts are less likely to use password managers: some find them difficult to use, some don't realize how helpful they can be, and others are simply reluctant to (as they see it) "write" passwords down. Another interesting thing to point out is that non-experts love and use antivirus software.