Slashdot Mirror

← Back to Domains

Domain: net-security.org

Stories and comments across the archive that link to net-security.org.

Stories · 444

  1. New OS X Backdoor Malware Roping Macs Into Botnet

    Apple · Macosx · · posted by timothy · from the sad-face-mac dept. · 172 comments
    An anonymous reader writes New malware targeting Mac machines, opening backdoors on them and roping them into a botnet currently numbering around 17,000 zombies has been spotted. The malware, dubbed Mac.BackDoor.iWorm, targets computers running OS X and makes extensive use of encryption in its routines, Dr. Web researchers noted. What's even more interesting is that it gets the IP address of a valid command and control (C&C) server from a post on popular news site Reddit. The malware is capable of discovering what other software is installed on the machine, opening a port on it, and sending a query to a web server to acquire the addresses of the C&C servers.

  2. jQuery.com Compromised To Serve Malware

    Developers · Opensource · · posted by timothy · from the send-you-this-query-to-have-your-advice dept. · 103 comments
    An anonymous reader writes jQuery.com, the official website of the popular cross-platform JavaScript library of the same name, had been compromised and had been redirecting visitors to a website hosting the RIG exploit kit and, ultimately, delivering information-stealing malware. While any website compromise is dangerous for users, this one is particularly disconcerting because of the demographic of its users, says James Pleger, Director of Research at RiskIQ.

  3. Microsoft Kills Off Its Trustworthy Computing Group

    Yro · Microsoft · · posted by timothy · from the but-you-can-totally-trust-it dept. · 99 comments
    An anonymous reader writes Microsoft's Trustworthy Computing Group is headed for the axe, and its responsibilities will be taken over either by the company's Cloud & Enterprise Division or its Legal & Corporate Affairs group. Microsoft's disbanding of the group represents a punctuation mark in the industry's decades-long conversation around trusted computing as a concept. The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things,' so it makes sense for this security leadership role to shift as well. According to a company spokesman, an unspecified number of jobs from the group will be cut. Also today, Microsoft has announced the closure of its Silicon Valley lab. Its research labs in Redmond, New York, and Cambridge (in Massachusetts) will pick up some of the closed lab's operations.

  4. Tinba Trojan Targets Major US Banks

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 61 comments
    An anonymous reader writes Tinba, the tiny (20 KB) banking malware with man-in-the-browser and network traffic sniffing capabilities, is back. After initially being made to target users of a small number of banks, that list has been amplified and now includes 26 financial institutions mostly in the US and Canada, but some in Australia and Europe as well. Tinba has been modified over the years, in an attempt to bypass new security protections set up by banks, and its source code has been leaked on underground forums a few months ago. In this new campaign, the Trojan gets delivered to users via the Rig exploit kit, which uses Flash and Silverlight exploits. The victims get saddled with the malware when they unknowingly visit a website hosting the exploit kit."

  5. Akamai Warns: Linux Systems Infiltrated and Controlled In a DDoS Botnet

    It · Security · · posted by timothy · from the strutting-around-like-they-own-the-place dept. · 230 comments
    An anonymous reader writes Akamai Technologies is alerting enterprises to a high-risk threat of IptabLes and IptabLex infections on Linux systems. Malicious actors may use infected Linux systems to launch DDoS attacks against the entertainment industry and other verticals. The mass infestation of IptabLes and IptabLex seems to have been driven by a large number of Linux-based web servers being compromised, mainly by exploits of Apache Struts, Tomcat and Elasticsearch vulnerabilities. Attackers have used the Linux vulnerabilities on unmaintained servers to gain access, escalate privileges to allow remote control of the machine, and then drop malicious code into the system and run it. As a result, a system could then be controlled remotely as part of a DDoS botnet. The full advisory is available for download only with registration, but the (Akamai-owned) Prolexic page to do so is quite detailed.

  6. Securing the US Electrical Grid

    It · Security · · posted by samzenpus · from the locking-things-down dept. · 117 comments
    An anonymous reader writes The Center for the Study of the Presidency & Congress (CSPC) launched a project to bring together representatives from the Executive Branch, Congress, and the private sector to discuss how to better secure the U.S. electric grid from the threats of cyberattack, physical attack, electromagnetic pulse, and inclement weather. In this interview with Help Net Security, Dan Mahaffee, the Director of Policy at CSPC, discusses critical security challenges.

  7. Securing Networks In the Internet of Things Era

    Tech · Communications · · posted by timothy · from the glad-that-someone-finally-invented-things dept. · 106 comments
    An anonymous reader writes "Gartner reckons that the number of connected devices will hit 26 billion by 2020, almost 30 times the number of devices connected to the IoT in 2009. This estimate doesn't even include connected PCs, tablets and smartphones. The IoT will represent the biggest change to our relationship with the Internet since its inception. Many IoT devices themselves suffer from security limitations as a result of their minimal computing capabilities. For instance, the majority don't support sufficiently robust mechanisms for authentication, leaving network admins with only weak alternatives or sometimes no alternatives at all. As a result, it can be difficult for organizations to provide secure network access for certain IoT devices."

  8. 51% of Computer Users Share Passwords

    It · Security · · posted by Unknown · from the rm-rf-/-of-shame dept. · 117 comments
    An anonymous reader writes Consumers are inadvertently leaving back doors open to attackers as they share login details and sign up for automatic log on to mobile apps and services, according to new research by Intercede. While 52% of respondents stated that security was a top priority when choosing a mobile device, 51% are putting their personal data at risk by sharing usernames and passwords with friends, family and colleagues. The research revealed that consumers are not only sharing passwords but also potentially putting their personal and sensitive information at risk by leaving themselves logged in to applications on their mobile devices, with over half of those using social media applications and email admitting that they leave themselves logged in on their mobile device.

  9. Research Unveils Improved Method To Let Computers Know You Are Human

    It · Security · · posted by Unknown · from the until-computers-improve dept. · 91 comments
    An anonymous reader writes CAPTCHA services that require users to recognize and type in static distorted characters may be a method of the past, according to studies published by researchers at the University of Alabama at Birmingham. Researchers focused on a broad form of gamelike CAPTCHAs, called dynamic cognitive game, or DCG, CAPTCHAs, which challenge the user to perform a gamelike cognitive task interacting with a series of dynamic images. For example, in a "ship parking" DCG challenge, the user is required to identify the boat from a set of moving objects and drag-and-drop it to the available "dock" location. The puzzle is easy for the human user to solve, but may be difficult for a computer program to figure out. The game-like nature may make the process more engaging for the user compared to conventional text-based CAPTCHAs. There are a couple research papers available: "A Three-Way Investigation of a Game-CAPTCHA: Automated Attacks, Relay Attacks and Usability" and "Dynamic Cognitive Game CAPTCHA Usability and Detection of Streaming-Based Farming."

  10. US Defense Contractors Still Waiting For Breach Notification Rules

    News · Usa · · posted by samzenpus · from the a-little-while-longer dept. · 19 comments
    An anonymous reader writes US Department of Defense contractors will have to wait until September 24 to see what specific rules they will be required to follow when it comes to the reporting of computer breaches to the DoD. This particular requirement has been mandated by the US Congress last year, in an attempt to get clear view of the type and frequency of attacks contractors face. The US Congress will require "cleared defense contractors" — i.e. those who have been granted clearance by the DoD to access, receive, or store classified information — to effect a rapid report in the wake of a successful breach, and to include in it a description of the technique or method used in the penetration, a sample of the malicious software used (if discovered), and a summary of information created for the Department in connection with any Department program that has been potentially compromised due to such penetration.

  11. A Look At Advanced Targeted Attacks Through the Lens of a Human-Rights NGO

    It · Security · · posted by Unknown · from the shotgun-network-intrusion dept. · 25 comments
    An anonymous reader writes New research was released on cyber-attacks via human-rights NGO World Uyghur Congress over a period of four years. Academic analysis was conducted through the lens of a human-rights NGO representing a minority living in China and in exile when most targeted attack reports are against large organizations with apparent or actual financial or IP theft unlike WUC, and reported by commercial entities rather than academics. The attacks were a combination of sophisticated social engineering via email written primarily in the Uyghur language, in some cases through compromised WUC email accounts, and with advanced malware embedded in attached documents. Suspicious emails were sent to more than 700 different email addresses, including WUC leaders as well as journalists, politicians, academics and employees of other NGOs (including Amnesty International and Save Tibet — International Campaign for Tibet). The study will be presented at USENIX on August 21, and the full paper is already available.

  12. Internet Explorer Vulnerabilities Increase 100%

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 137 comments
    An anonymous reader writes Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities. Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.

  13. The Psychology of Phishing

    It · Security · · posted by samzenpus · from the click-and-release dept. · 128 comments
    An anonymous reader writes Phishing emails are without a doubt one of the biggest security issues consumers and businesses face today. Cybercriminals understand that we are a generation of clickers and they use this to their advantage. They will take the time to create sophisticated phishing emails because they understand that today users can tell-apart spam annoyances from useful email, however they still find it difficult identifying phishing emails, particularly when they are tailored to suit each recipient individually. Fake emails are so convincing and compelling that they fool 10% of recipients into clicking on the malicious link. To put that into context a legitimate marketing department at a FTSE 100 company typically expects less than a 2% click rate on their advertising campaigns. So, how are the cybercriminals out-marketing the marketing experts?

  14. Pushdo Trojan Infects 11,000 Systems In 24 Hours

    It · Botnet · · posted by Unknown · from the bots-everywhere dept. · 32 comments
    An anonymous reader writes Bitdefender has discovered that a new variant of the Trojan component, Pushdo, has emerged. 77 machines have been infected in the UK via the botnet in the past 24 hours, with more than 11,000 infections reported worldwide in the same period. The countries most affected so far by the Pushdo variant are India, Vietnam and Turkey. Since Pushdo has resurfaced, the public and private keys used to protect the communication between the bots and the Command and Control Servers have been changed, but the communication protocol remains the same.

  15. Breaches Exposed 22.8 Million Personal Records of New Yorkers

    It · Security · · posted by Unknown · from the what-is-security dept. · 41 comments
    An anonymous reader writes Attorney General Eric T. Schneiderman issued a new report examining the growing number, complexity, and costs of data breaches in the New York State. The report reveals that the number of reported data security breaches in New York more than tripled between 2006 and 2013. In that same period, 22.8 million personal records of New Yorkers have been exposed in nearly 5,000 data breaches, which have cost the public and private sectors in New York upward of $1.37 billion in 2013. The demand on secondary markets for stolen information remains robust. Freshly acquired stolen credit card numbers can fetch up to $45 per record, while other types of personal information, such as Social Security numbers and online account information, can command even higher prices.

  16. Critical Vulnerabilities In Web-Based Password Managers Found

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 114 comments
    An anonymous reader writes A group of researchers from University of California, Berkeley, have analyzed five popular web-based password managers and have discovered vulnerabilities that could allow attackers to learn a user's credentials for arbitrary websites. The five password managers they analyzed are LastPass, RoboForm, My1Login, PasswordBox and NeedMyPassword. "Of the five vendors whose products were tested, only the last one (NeedMyPassword) didn't respond when they contacted them and responsibly shared their findings. The other four have fixed the vulnerabilities within days after disclosure. 'Since our analysis was manual, it is possible that other vulnerabilities lie undiscovered,' they pointed out. They also announced that they will be working on a tool that automatizes the process of identifying vulnerabilities, as well as on developing a 'principled, secure-by-construction password manager.'"

  17. Exploiting Wildcards On Linux/Unix

    Linux · Security · · posted by Soulskill · from the teaching-a-new-dog-old-tricks dept. · 215 comments
    An anonymous reader writes: DefenseCode researcher Leon Juranic found security issues related to using wildcards in Unix commands. The topic has been talked about in the past on the Full Disclosure mailing list, where some people saw this more as a feature than as a bug. There are clearly a number of potential security issues surrounding this, so Mr. Juranic provided five actual exploitation examples that stress the risks accompanying the practice of using the * wildcard with Linux/Unix commands. The issue can be manifested by using specific options in chown, tar, rsync etc. By using specially crafted filenames, an attacker can inject arbitrary arguments to shell commands run by other users — root as well.

  18. Banking Fraud Campaign Steals 500k Euros In a Week

    It · Security · · posted by Unknown · from the red-stapler dept. · 35 comments
    An anonymous reader writes The experts at Kaspersky Lab have discovered evidence of a targeted attack against the clients of a large European bank. According to the logs found in the server used by the attackers, apparently in the space of just one week cybercriminals stole more than half a million euros from accounts in the bank. The experts also detected transaction logs on the server, containing information about which sums of money were taken from which accounts. All in all, more than 190 victims could be identified, most of them located in Italy and Turkey. The sums stolen from each bank account, according to the logs, ranged between 1,700 to 39,000 euros.

  19. Replicating the NSA's Gadgets Using Open Source

    Yro · Privacy · · posted by samzenpus · from the spy-on-it-yourself dept. · 47 comments
    An anonymous reader writes "Wireless security researcher Michael Ossmann asked himself: 'Could I make the gadgets that the agency uses to monitor and locate mobile phones, tap USB and Ethernet connections, maintain persistent malware on PCs, communicate with malware across air gaps, and more, by just using open source software and hardware?' In this podcast he shares his insights on what to use — and how — to duplicate hardware devices found in the ANT catalog."

  20. DARPA's Cyber Grand Challenge Offers $3.75 Million In Prizes

    It · Security · · posted by Unknown · from the and-a-trip-to-gitmo dept. · 10 comments
    An anonymous reader writes "Computer security experts from academia, industry and the larger security community have organized themselves into more than 30 teams to compete in DARPA's Cyber Grand Challenge, a tournament designed to speed the development of automated security systems able to defend against cyberattacks as fast as they are launched. The Challenge plans to follow a 'capture the flag' competition format that experts have used for more than 20 years to test their cyber defense skills. The winning team from the CGC finals stands to receive a cash prize of $2 million. Second place can earn $1 million and third place $750,000."

  21. Ask Slashdot: What Inspired You To Start Hacking?

    Ask · Hardhack · · posted by Soulskill · from the that-stupid-turtle dept. · 153 comments
    An anonymous reader writes "What got you into hacking? This is a question that Jennifer Steffen, IOActive CEO, often asks hackers she meets on conferences around the world. More often than not, the answer is movies: War Games, Hackers, The Matrix, and so on. But today, it is the real life hacking that is inspiring the movies of tomorrow. 'Hackers are doing epic stuff,' she says, and they are now inspiring movies and comics. So, what got you started? And what makes a good hacker today?"

  22. Malvertising Up By Over 200%

    It · Advertising · · posted by samzenpus · from the protect-ya-neck dept. · 174 comments
    An anonymous reader writes "Online Trust Alliance (OTA) Executive Director and President Craig Spiezle testified before the U.S. Senate's Homeland Security and Governmental Affairs Permanent Subcommittee on Investigations, outlining the risks of malicious advertising, and possible solutions to stem the rising tide. According to OTA research, malvertising increased by over 200% in 2013 to over 209,000 incidents, generating over 12.4 billion malicious ad impressions. The threats are significant, warns the Seattle-based non-profit—with the majority of malicious ads infecting users' computers via 'drive by downloads,' which occur when a user innocently visits a web site, with no interaction or clicking required."

  23. Researchers Find, Analyze Forged SSL Certs In the Wild

    It · Security · · posted by timothy · from the they're-out-there dept. · 86 comments
    An anonymous reader writes "A group of researchers from Carnegie Mellon University and Facebook has managed to get a concrete sense of just how prevalent SSL man-in-the-middle attacks using forged SSL certificates are in the wild. Led by Lin-Shung Huang, PhD candidate at Carnegie Mellon University and, during the research, an intern with the Facebook Product Security team, they have created a new method (PDF) for websites to detect these attacks on a large scale: a widely-supported Flash Player plugin was made to enable socket functionalities not natively present in current browsers, so that it could implement a distinct, partial SSL handshake to capture forged certificates."

  24. It's World Password Day: Change Your Passwords

    It · Security · · posted by Soulskill · from the 123456-becomes-1234567 dept. · 116 comments
    An anonymous reader writes "Today is World Password Day — a day dedicated to promoting the use of strong passwords and the creation of good habits. However insecure this method of authentication is, it's not going away anytime soon, and people should be educated on how to make the best of it. To that end, last year Intel started an action-oriented campaign to raise user awareness regarding password problems, and this year their initiative has a new digital home. Passwordday.org provides the Password Blaster (a videogame that teaches good passwords using real leaked passwords), the Password Strength Meter, links to McAfee's Heartbleed Test tool, offers animated educational GIFs and tips and tricks for upgrading your passwords."

  25. It's World Password Day: Change Your Passwords

    It · Security · · posted by Soulskill · from the 123456-becomes-1234567 dept. · 116 comments
    An anonymous reader writes "Today is World Password Day — a day dedicated to promoting the use of strong passwords and the creation of good habits. However insecure this method of authentication is, it's not going away anytime soon, and people should be educated on how to make the best of it. To that end, last year Intel started an action-oriented campaign to raise user awareness regarding password problems, and this year their initiative has a new digital home. Passwordday.org provides the Password Blaster (a videogame that teaches good passwords using real leaked passwords), the Password Strength Meter, links to McAfee's Heartbleed Test tool, offers animated educational GIFs and tips and tricks for upgrading your passwords."

  26. Ask Slashdot: How Can We Create a Culture of Secure Behavior?

    Ask · Security · · posted by Soulskill · from the start-giving-$50-citations-for-bad-passwords dept. · 169 comments
    An anonymous reader writes "Despite the high news coverage that large breaches receive, and despite tales told by their friends about losing their laptops for a few days while a malware infection is cleared up, employees generally believe they are immune to security risks. They think those types of things happen to other, less careful people. Training users how to properly create and store strong passwords, and putting measures in place that tell individuals the password they've created is 'weak' can help change behavior. But how do we embed this training in our culture?"

  27. The Dismal State of SATCOM Security

    It · Security · · posted by timothy · from the my-sputnik-or-yours dept. · 54 comments
    An anonymous reader writes "Satellite Communications (SATCOM) play a vital role in the global telecommunications system, but the security of the devices used leaves much to be desired. The list of security weaknesses IOActive found while analyzing and reverse-engineering firmware used on the most widely deployed Inmarsat and Iridium SATCOM terminals does not include only design flaws but also features in the devices themselves that could be of use to attackers. The uncovered vulnerabilities include multiple backdoors, hardcoded credentials, undocumented and/or insecure protocols, and weak encryption algorithms. These vulnerabilities allow remote, unauthenticated attackers to compromise the affected products. In certain cases no user interaction is required to exploit the vulnerability; just sending a simple SMS or specially crafted message from one ship to another ship would be successful for some of the SATCOM systems."

  28. The Security of Popular Programming Languages

    Developers · Programming · · posted by Soulskill · from the new-ways-to-argue-about-your-favorite-language dept. · 189 comments
    An anonymous reader writes "Deciding which programming language to use is often based on considerations such as what the development team is most familiar with, what will generate code the fastest, or simply what will get the job done. How secure the language might be is simply an afterthought, which is usually too late. A new WhiteHat Security report approaches application security not from the standpoint of what risks exist on sites and applications once they have been pushed into production, but rather by examining how the languages themselves perform in the field. In doing so, we hope to elevate security considerations and deepen those conversations earlier in the decision process, which will ultimately lead to more secure websites and applications."

  29. Heartbleed OpenSSL Vulnerability: A Technical Remediation

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 239 comments
    An anonymous reader writes "Since the announcement malicious actors have been leaking software library data and using one of the several provided PoC codes to attack the massive amount of services available on the internet. One of the more complicated issues is that the OpenSSL patches were not in-line with the upstream of large Linux flavors. We have had a opportunity to review the behavior of the exploit and have come up with the following IDS signatures to be deployed for detection."

  30. Target Rich Environment: Mobile Malware in China

    Yro · China · · posted by timothy · from the making-it-up-on-volume dept. · 11 comments
    An anonymous reader writes with this excerpt from Help-Net Security (based on the linked Trend Micro report): "Every country's cybercriminal underground market has distinct characteristics, and with 500 million national mobile Internet users and the number continuously rising, the Chinese underground market is awash with cyber crooks buying and selling services and devices aimed at taking advantage of them. Trend Micro's senior threat researchers Lion Gu has been scouring forums, online shops and QQ chats to give us a sense of what is actually going on on this burgeoning mobile underground. Mobile apps that stealthily subscribe users to premium services are, naturally, very popular with cyber crooks in China as in the rest of the world. Premium service numbers can also be bought on underground markets. Network carriers usually assign premium service numbers to qualified service providers, but obviously some of them are not [averse to] selling them on to criminals."

  31. Major Vulnerability In Tinder Dating App Allowed User Tracking

    Yro · Privacy · · posted by timothy · from the coming-from-inside-the-building dept. · 23 comments
    An anonymous reader writes "Include Security unveiled new research showing that users of the popular online dating app Tinder were at significant risk due to a vulnerability they discovered in the geo-location feature of the application. This vulnerability allowed Tinder users to track each another's exact location for much of 2013. Anyone with rudimentary programming skills could query the Tinder API directly and pull down the co-ordinates of any user. This resulted in a privacy violation for the users of the application." Include Security has posted a video that shows how the the flaw could be exploited, before it was fixed last month.

  32. How Edward Snowden's Actions Have Impacted Defense Contractors

    Yro · Government · · posted by timothy · from the budget-suddenly-has-room-for-a-shredder dept. · 180 comments
    An anonymous reader writes "A new study sheds light on the attitudes of a very exclusive group of IT and security managers — those employed by U.S. defense contractors — at a time when national cybersecurity is under scrutiny. Most indicated that the Edward Snowden incident has changed their companies' cybersecurity practices: their employees now receive more cybersecurity awareness training, some have re-evaluated employee data access privileges, others have implemented stricter hiring practices. While defense contractors seem to have better security practices in place and are more transparent than many companies in the private sector, they are finding the current cyber threat onslaught just as difficult to deal with."

  33. Adobe Flash Remote Code Execution Flaw Exploited In the Wild

    It · Security · · posted by Unknown · from the malware-disguised-as-boring-game dept. · 187 comments
    An anonymous reader writes "Adobe has released an emergency patch for a critical vulnerability affecting Flash Player for Windows, Linux, and OS X, the exploitation of which can result in an attacker gaining remote control of the victims' systems. The flaw is being actively exploited in the wild, but apart from crediting its discovery to researchers Alexander Polyakov and Anton Ivanov of Kaspersky Labs, no details about the ongoing attack has been shared." They even updated the explicitly unsupported NPAPI GNU/Linux version.

  34. Amazon and GoDaddy Are the Biggest Malware Hosters

    Tech · Cloud · · posted by Unknown · from the spin-up-an-extortion-image dept. · 76 comments
    An anonymous reader writes "The United States is the leading malware hosting nation, with 44 percent of all malware hosted domestically, according to Solutionary. The U.S. hosts approximately 5 times more malware than the second-leading malware-hosting nation, Germany, which is responsible for 9 percent of the detected malware. The cloud is allowing malware distributors to create, host and remove websites rapidly, and major hosting providers such as Amazon, GoDaddy and Google have made it economical for malicious actors to use their services to infect millions of computers and vast numbers of enterprise systems."

  35. Senior Managers Are the Worst Information Security Offenders

    It · Security · · posted by Unknown · from the security-is-for-little-people dept. · 181 comments
    An anonymous reader writes "As companies look for solutions to protect the integrity of their networks, data centers, and computer systems, an unexpected threat is lurking under the surface — senior management. According to a new survey, 87% of senior managers frequently or occasionally send work materials to a personal email or cloud account to work remotely, putting that information at a much higher risk of being breached. 58% of senior management reported having accidentally sent the wrong person sensitive information (PDF), compared to just 25% of workers overall."

  36. Bruce Schneier Becomes CTO of Co3 Systems

    It · Business · · posted by samzenpus · from the welcome-aboard dept. · 37 comments
    An anonymous reader writes "Co3 Systems announced that Bruce Schneier has officially joined the company in the role of its first CTO. Schneier joins Co3 after spending seven years as BT's Chief Security Technology Officer and the previous seven years as CTO of Counterpane Security. Schneier's formal engagement with Co3 Systems began early last year when he joined the company's Advisory Board. His intersections with the Co3 team date much farther back to when he and Co3's CEO John Bruce worked together at Counterpane."

  37. D-Link Patches Critical Vulnerability In Older Routers

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 54 comments
    An anonymous reader writes "D-Link has released firmware patches for a number of its older routers sporting a critical authentication security bypass vulnerability discovered in October. The flaw was discovered and its exploitability proved with a PoC by Tactical Network Solutions' security researcher Craig Heffner. D-Link confirmed the existence of the problem a few weeks later."

  38. Researcher Offers New Perspective On Stuxnet-Wielding Sabotage Program

    It · Security · · posted by timothy · from the back-then-we-tied-an-onion-to-our-belts dept. · 46 comments
    An anonymous reader writes with this excerpt from Help Net Security: "Stuxnet, the malware that rocket the security world and the first recorded cyber weapon, has an older and more complex 'sibling' that was also aimed at disrupting the functioning of Iran's uranium enrichment facility at Natanz, but whose modus operandi was different. The claim was made by well-known German control system security expert and consultant Ralph Langner, who has been analyzing Stuxnet since the moment its existence was first discovered. He pointed out that in order to known how to secure industrial control systems, we need to know what actually happened, and in order to do that, we need to understand all the layers of the attack (IT, ICS, and physical), and be acquainted with the actual situation of all these layers as they were at the time of the attack."

  39. Galileo Navigation System Gets Go-Ahead From EU Parliament

    News · Earth · · posted by timothy · from the und-wo-bin-ich-jetzt? dept. · 178 comments
    An anonymous reader writes "Plans to start up the EU's first global satellite navigation system (GNSS) built under civilian control, entirely independent of other navigation systems and yet interoperable with them, were approved by MEPs on Wednesday. Both parts of this global system — Galileo and EGNOS — will offer citizens a European alternative to America's GPS or Russia's Glonass signals. The Galileo system could be used in areas such as road safety, fee collection, traffic and parking management, fleet management, emergency call, goods tracking and tracing, online booking, safety of shipping, digital tachographs, animal transport, agricultural planning and environmental protection to drive growth and make citizens' lives easier."

  40. 1.2% of Apps On Google Play Are Repackaged To Deliver Ads, Collect Info

    It · Security · · posted by timothy · from the seems-like-an-undercount-to-me dept. · 131 comments
    An anonymous reader writes "Not a month goes by without security researchers finding new malicious apps on Google Play. According to BitDefender, more than one percent of 420,000+ analyzed apps offered on Google's official Android store are repackaged versions of legitimate apps. In the long run, their existence hurts the users, the legitimate developers, and Google's reputation in general. Google Play has recently surpassed the one million mark when it comes to the apps it offers, and the researchers have analyzed a good chunk of the total in order to discover just how many are hiding their true nature."

  41. Netflix Users In Danger of Unknowingly Picking Up Malware

    It · Bug · · posted by Unknown · from the perils-of-deprecated-proprietary-software dept. · 153 comments
    An anonymous reader writes "Users of Silverlight, Microsoft's answer to Adobe Flash, are in danger of having malware installed on their computers and being none the wiser, as an exploit for a critical vulnerability (CVE-2013-0634) in the app framework has been added to the Angler exploit kit. The vulnerability could allow remote code execution if an attacker hosts a website that contains a specially crafted Silverlight application that could exploit this vulnerability and then convinces a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements." You'd think something like Silverlight would automatically upgrade itself.

  42. The Operations of a Cyber Arms Dealer

    Tech · Internet · · posted by Soulskill · from the you-can't-hug-your-children-with-cyber-arms dept. · 18 comments
    An anonymous reader writes "FireEye researchers have linked eleven distinct APT cyber espionage campaigns previously believed to be unrelated (PDF), leading them to believe that there is a shared operation that supplies and maintains malware tools and weapons used in them. The eleven campaigns they tied together were detected between July 2011 and September 2013, but it's possible and very likely that some of them were active even before then. Despite using varying techniques, tactics, and procedures, the campaigns all leveraged a common development infrastructure, and shared — in various combinations — the same malware tools, the same elements of code, binaries with the same timestamps, and signed binaries with the same digital certificates."

  43. TrueCrypt To Go Through a Crowdfunded, Public Security Audit

    Yro · Security · · posted by timothy · from the line-by-line dept. · 104 comments
    An anonymous reader writes "After all the revelations about NSA's spying efforts, and especially after the disclosure of details about its Bullrun program aimed at subverting encryption standards and efforts around the world, the question has been raised of whether any encryption software can be trusted. Security experts have repeatedly said that it you want to trust this type of software, your best bet is to choose software that is open source. But, in order to be entirely sure, a security audit of the code by independent experts sounds like a definitive answer to that issue. And that it exactly what Matthew Green, cryptographer and research professor at Johns Hopkins University, and Kenneth White, co-founder of hosted healthcare services provider BAO Systems, have set out to do. The software that will be audited is the famous file and disk encryption software package TrueCrypt. Green and White have started fundraising at FundFill and IndieGoGo, and have so far raised over $50,000 in total." (Mentioned earlier on Slashdot; the now-funded endeavor is also covered at Slash DataCenter.)

  44. TrueCrypt To Go Through a Crowdfunded, Public Security Audit

    Yro · Security · · posted by timothy · from the line-by-line dept. · 104 comments
    An anonymous reader writes "After all the revelations about NSA's spying efforts, and especially after the disclosure of details about its Bullrun program aimed at subverting encryption standards and efforts around the world, the question has been raised of whether any encryption software can be trusted. Security experts have repeatedly said that it you want to trust this type of software, your best bet is to choose software that is open source. But, in order to be entirely sure, a security audit of the code by independent experts sounds like a definitive answer to that issue. And that it exactly what Matthew Green, cryptographer and research professor at Johns Hopkins University, and Kenneth White, co-founder of hosted healthcare services provider BAO Systems, have set out to do. The software that will be audited is the famous file and disk encryption software package TrueCrypt. Green and White have started fundraising at FundFill and IndieGoGo, and have so far raised over $50,000 in total." (Mentioned earlier on Slashdot; the now-funded endeavor is also covered at Slash DataCenter.)

  45. Phone Calls More Dangerous Than Malware To Companies

    It · Security · · posted by samzenpus · from the watch-what-you-say dept. · 82 comments
    dinscott writes "During Social Engineer Capture the Flag contest, one of the most prominent and popular annual events at DEF CON 21, a pool of 10 men and 10 women, from diverse backgrounds and experience levels, tested their social engineering abilities against 10 of the biggest global corporations, including Apple, Boeing, Exxon, General Dynamics and General Electric. The complete results of the competition are in, and they don't bode well for businesses."

  46. Dangerous VBulletin Exploit In the Wild

    It · Security · · posted by Unknown · from the going-back-to-usenet dept. · 43 comments
    An anonymous reader writes "vBulletin is a popular proprietary CMS that was recently reported to be vulnerable to an unspecified attack vector. Although vBulletin has not disclosed the root cause of the vulnerability or its impact, we determined the attacker's methods. The identified vulnerability allows an attacker to abuse the vBulletin configuration mechanism in order to create a secondary administrative account. Once the attacker creates the account, they will have full control over the exploited vBulletin application, and subsequently the supported site."

  47. Cisco To Acquire Sourcefire For $2.7 Billion

    News · Business · · posted by timothy · from the billions-with-a-b dept. · 38 comments
    Orome1 writes "Cisco will acquire Sourcefire, a provider of intelligent cybersecurity solutions. Under the terms of the agreement, Cisco will pay $76 per share in cash in exchange for each share of Sourcefire and assume outstanding equity awards for an aggregate purchase price of approximately $2.7 billion, including retention-based incentives. The acquisition has been approved by the board of directors of each company. Once the transaction closes, Cisco will include Sourcefire into its guidance going forward. Prior to the close, Cisco and Sourcefire will continue to operate as separate companies."

  48. To Hack Back Or Not To Hack Back?

    It · Security · · posted by Soulskill · from the wild-wild-cyberwest dept. · 183 comments
    dinscott writes "If you think of cyberspace as a resource for you and your organization, it makes sense to protect your part of it as best you can. You build your defenses and train employees to recognize attacks, and you accept the fact that your government is the one that will pursue and prosecute those who try to hack you. But the challenge arises when you (possibly rightfully so) perceive that your government is not able do so, and you demand to be allowed to 'hack back.'"

  49. Fake Mt. Gox Pages Aim To Infect Bitcoin Users

    Yro · Bitcoin · · posted by timothy · from the gathering-their-magic dept. · 74 comments
    An anonymous reader writes "Mt. Gox is the the largest Bitcoin exchange in the world, and as such it and its users are being repeatedly targeted by attackers. Some two months ago, it battled a massive DDoS attack that was likely aimed at destabilizing the virtual currency and allow the criminals to profit from the swings. Now, according to Symantec researchers, the criminals have turned to spoofing Mt. Gox' site and tricking its customers into downloading malware — the Ponik downloader Trojan, which is also able to steal passwords."

  50. Questioning Google's Disclosure Timeline Motivations

    Tech · Google_Fb · · posted by timothy · from the comparative-advantage dept. · 73 comments
    An anonymous reader writes "The presence of 0-day vulnerability exploitation is often a real and considerable threat to the Internet — particularly when very popular consumer-level software is the target. Google's stance on a 60day turnaround of vulnerability fixes from discovery, and a 7-day turnaround of fixes for actively exploited unpatched vulnerabilities, is rather naive and devoid of commercial reality. As a web services company it is much easier for Google to develop and roll out fixes promptly — but for 95+% of the rest of the world's software development companies making thick-client, server and device-specific software this is unrealistic. Statements like these from Google clearly serve their business objectives. As predominantly a web services company with many of the world's best software engineers and researchers working for them. One could argue that Google's applications and software should already be impervious to vulnerabilities (i.e. they should have discovered them themselves through internal QA processes) — rather than relying upon external researchers and bug hunters stumbling over them."