Domain: securityaffairs.co
Stories and comments across the archive that link to securityaffairs.co.
Stories · 4
-
Microsoft Won't Patch 20-Yr-Old SMBv1 Vulnerability (You Should Just Turn the Service Off) (onmsft.com)
An anonymous reader shares a news post: Following the recent WannaCry and Petya ransomware attacks, Microsoft recommended all Windows 10 users to remove the unused but vulnerable SMBv1 file sharing protocol from their PCs. This is because both variants of the ransomware actually used the same SMBv1 exploit to replicate through network systems, even though it seems that Petya mostly affected Windows PCs in Ukraine. Anyway, if you haven't turned off the protocol on the PC already, you really should: Not only because new WannaCry/Petya variants could once again use the same vulnerability again to encrypt your files, but because another 20-year-old flaw has just been unveiled during the recent DEF CON hacker conference. The SMB security flaw called "SMBLoris" was discovered by security researchers at RiskSense, who explained that it can lead to DoS attacks affecting every version of the SMB protocol and all versions of Windows since Windows 2000. More importantly, a Raspberry Pi and just 20 lines of Python code are enough to put a Windows server to its knees. -
IoT Devices With Default Telnet Passwords Used As Botnet (securityaffairs.co)
Slashdot reader stiebing.ja writes: IoT devices, like DVR recorders or webcams, which are running Linux with open telnet access and have no passwords or default passwords are currently a target of attacks which try to install malware which then makes the devices a node of a botnet for DDoS attacks. As the malware, called Linux/Mirai, only resides in memory, once the attack has been successful, revealing if your device got captured isn't so easy, and also analyzing the malware is difficult, as it will vanish on reboot.
Plus the malware lays low at first, though "it is obvious that the main purpose is still for a DDoS botnet," according to MalwareMustDie, and it's designed to spread rapidly to other IoT devices using a telnet scanner. "According to the experts, several attacks have been detected in the wild," according to the article, which warns that many antivirus solutions are still unable to detect the malware, and "If you have an IoT device, please make sure you have no telnet service open and running." -
Can Author Obfuscation Trump Forensic Linguistics? (webis.de)
An anonymous reader writes: Everyone possesses their own writing style, which may be used to identify authors even if they wish to remain anonymous: linguists employ stylometry to settle disputes over the authorship of historic texts as well as more recent cases, and are called to verify the authors of suicide notes or threatening letters. Computer linguists carry out research on software for forensic text analyses, and a recent study shows many of these approaches to be reproducible. Now, a competition has been announced to develop obfuscation software to hide an author's style with the task: "Given a document, paraphrase it so that its writing style does not match that of its original author, anymore." We'll see what comes out of that. Meanwhile, the question remains: Who will win in the long run? Forensic linguists, or obfuscation technology? -
High-Tech Attack Alert For 2016 Super Bowl (thestack.com)
An anonymous reader writes with news about a Homeland Security memo concerning potential technological attacks during the Super Bowl. The forthcoming Super Bowl event on 7th February could be at risk of a high-tech attack against fans both inside and outside the San Francisco 49ers Stadium. A security memo issued by the FBI and the Department of Homeland Security has warned that the annual game could be a target not just at the stadium, but at other commemorative events taking place in San Francisco and in the Silicon Valley. One of the chief concerns is the various sabotages committed against fibre cables in the area. As the fibre optic cable networks function as back up communication systems in emergency situations, these are a possible target for the attackers. By destroying these cables, response times could be slowed down.