Slashdot Mirror

← Back to Domains

Domain: securityweek.com

Stories and comments across the archive that link to securityweek.com.

Stories · 383

  1. Saudi Government Targeting Dissidents With Mobile Malware

    Yro · Government · · posted by timothy · from the they-don't-go-in-for-a-slap-on-the-wrist dept. · 41 comments
    wiredmikey (1824622) writes Human Rights Watch on Friday demanded a clarification from Saudi Arabia over allegations from security researchers that the kingdom is infecting and monitoring dissidents' mobile phones with surveillance malware. The New York-based rights watchdog said surveillance software allegedly made by Italian firm Hacking Team mostly targeted individuals in Qatif district in Eastern Province, which has been the site of sporadic Shiite-led protests since February 2011. "We have documented how Saudi authorities routinely crack down on online activists who have embraced social media to call out human rights abuses," said Cynthia Wong, HRW's senior Internet researcher. "It seems that authorities may now be hacking into mobile phones, turning digital tools into just another way for the government to intimidate and silence independent voices." The accusations against the Saudi Government come days after researchers from Kaspersky Lab and Citizen Lab uncovered new details on advanced surveillance tools offered by HackingTeam [Note: mentioned in this earlier Slashdot story], including never before seen implants for smartphones running on iOS and Android.

  2. Saudi Government Targeting Dissidents With Mobile Malware

    Yro · Government · · posted by timothy · from the they-don't-go-in-for-a-slap-on-the-wrist dept. · 41 comments
    wiredmikey (1824622) writes Human Rights Watch on Friday demanded a clarification from Saudi Arabia over allegations from security researchers that the kingdom is infecting and monitoring dissidents' mobile phones with surveillance malware. The New York-based rights watchdog said surveillance software allegedly made by Italian firm Hacking Team mostly targeted individuals in Qatif district in Eastern Province, which has been the site of sporadic Shiite-led protests since February 2011. "We have documented how Saudi authorities routinely crack down on online activists who have embraced social media to call out human rights abuses," said Cynthia Wong, HRW's senior Internet researcher. "It seems that authorities may now be hacking into mobile phones, turning digital tools into just another way for the government to intimidate and silence independent voices." The accusations against the Saudi Government come days after researchers from Kaspersky Lab and Citizen Lab uncovered new details on advanced surveillance tools offered by HackingTeam [Note: mentioned in this earlier Slashdot story], including never before seen implants for smartphones running on iOS and Android.

  3. Clueless About Card Data Hack, PF Chang's Reverts To Imprinting Devices

    It · Security · · posted by Soulskill · from the 40-year-old-technology-will-save-us dept. · 142 comments
    wiredmikey writes: After saying earlier this week that it was investigating reports of a data breach related to payment cards used at its locations, P.F. Chang's China Bistro confirmed on Thursday that credit and debit card data has been stolen from some of its restaurants. What's interesting, and somewhat humorous, is that the company said that it has switched over to manual credit card imprinting systems for all of its restaurants located in the continental United States. The popular restaurant chain said that on Tuesday, June 10, the United States Secret Services alerted the company about the incident. Admitting that it does not know the extent or current situation and impact of the attack, the company noted in a statement: "All P.F. Chang's China Bistro branded restaurants in the continental U.S. are using manual credit card imprinting devices to handle our credit and debit card transactions," the company said. "This allows you to use your credit and debit cards safely. If it's not obvious, anyone who has visited a P.F. Chang's and used a payment card in the last several months should monitor their accounts and report any suspected fraudulent activity to their card company.

  4. Clueless About Card Data Hack, PF Chang's Reverts To Imprinting Devices

    It · Security · · posted by Soulskill · from the 40-year-old-technology-will-save-us dept. · 142 comments
    wiredmikey writes: After saying earlier this week that it was investigating reports of a data breach related to payment cards used at its locations, P.F. Chang's China Bistro confirmed on Thursday that credit and debit card data has been stolen from some of its restaurants. What's interesting, and somewhat humorous, is that the company said that it has switched over to manual credit card imprinting systems for all of its restaurants located in the continental United States. The popular restaurant chain said that on Tuesday, June 10, the United States Secret Services alerted the company about the incident. Admitting that it does not know the extent or current situation and impact of the attack, the company noted in a statement: "All P.F. Chang's China Bistro branded restaurants in the continental U.S. are using manual credit card imprinting devices to handle our credit and debit card transactions," the company said. "This allows you to use your credit and debit cards safely. If it's not obvious, anyone who has visited a P.F. Chang's and used a payment card in the last several months should monitor their accounts and report any suspected fraudulent activity to their card company.

  5. Cybercriminals Ramp Up Activity Ahead of 2014 World Cup

    Yro · Crime · · posted by samzenpus · from the crime-wave dept. · 90 comments
    wiredmikey (1824622) writes With the FIFA World Cup 2014 kicking off this week in Brazil, cybercriminals and scammers are working hard to take advantage of visitors to the World Cup in Brazil and those following the world soccer tournament online. In recent months, several security vendors have published advisories about the various scams, phishing and malware operations that target Internet users interested in the World Cup. While individuals from all over the world have been targeted, many of the malicious campaigns focus on Brazil and neighboring South American countries. While news that cybercriminals are zoning in on a large global event is no surprise, the scale and tactics being used is quite wide in scope, ranging from malware distribution and phishing scams, to fraudulent ticket sales, spam and other promising yet fraudulent schemes.For those visiting Brazil to watch the games in person, the cyber threats also include rogue wireless access points, ATMs rigged with card skimmers and Point-of-Sale malware.

  6. Heartbleed Bug Exploited Over Extensible Authentication Protocol

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 44 comments
    wiredmikey (1824622) writes "While most organizations have patched the Heartbleed bug in their OpenSSL installations, a security expert has uncovered new vectors for exploiting the vulnerability, which can impact enterprise wireless networks, Android devices, and other connected devices. Dubbed 'Cupid,' the new attack method was recently presented by Portuguese security researcher Luis Grangeia, who debunked theories that Heartbleed could only be exploited over TCP connections, and after the TLS handshake. Unlike the initial Heartbleed attack, which took place on TLS connections over TCP, the Cupid attack happens on TLS connections over the Extensible Authentication Protocol (EAP), an authentication framework typically used in wireless networks and peer-to-peer connections.

    The researcher has confirmed that default installations of wpa_supplicant, hostapd, and freeradius (RADIUS server implementation) can be exploited on Ubuntu if a vulnerable version of OpenSSL is utilized. Mobile devices running Android 4.1.0 and 4.1.1 also use wpa_supplicant to connect to wireless networks, so they're also affected. Everything that uses OpenSSL for EAP TLS is susceptible to Cupid attacks. While he hasn't been able to confirm it, the expert believes iPhones, iPads, OS X, other RADIUS servers besides freeradius, VoIP phones, printers, and various commercial managed wireless solutions could be affected."

  7. Iranian Hacker Group Created Fake News Organization For Social Engineering

    Politics · Usa · · posted by timothy · from the won't-you-be-my-neighbor dept. · 57 comments
    itwbennett (1594911) writes "A suspected Iranian hacker group seeded Facebook and LinkedIn with bogus profiles of attractive women and even created a fake online news organization to get digitally closer to more than 2,000 U.S. military members, defense contractors and lobbyists it wanted to spy on, according to a report by security consultancy iSight Partners. The group is suspected to be in Iran, based on their working patterns and the location of their command-and-control infrastructure, said Patrick McBride, vice president of iSight's marketing and communications. Their activity is consistent with government-sponsored espionage campaigns, but 'we don't have anything specific tying them back to the government,' he added." Adds reader wiredmikey (1824622): "The recently uncovered activity, which iSIGHT Partners calls NEWSCASTER, was a 'brazen, complex multi-year cyber-espionage that used a low-tech approach to avoid traditional security defenses–exploiting social media and people who are often the 'weakest link' in the security chain.' ... Working undetected since 2011, targets included senior U.S. military and diplomatic personnel, congressional personnel, Washington D.C. area journalists, U.S. think tanks, and defense contractors in the U.S. and Israel."

  8. Iran Court Summons Mark Zuckerberg For Facebook Privacy Violations

    Yro · Facebook · · posted by timothy · from the beacon-of-tolerance-and-privacy dept. · 304 comments
    wiredmikey (1824622) writes "An Iranian judge has summoned Facebook founder and CEO Mark Zuckerberg to answer allegations that his company's apps have breached people's privacy, it was reported Tuesday. The court in Fars province ordered that Zuckerberg address unspecified 'violation of privacy' claims made by Iranians over the reach of Facebook-owned apps, ISNA news agency reported. 'Based on the judge's verdict, the Zionist manager of Facebook... should report to the prosecutor's office to defend himself and make compensation for damages,' Rouhollah Momen-Nasab, a senior Iranian Internet security official, told ISNA. Access to social networks, including Twitter and Facebook, are routinely blocked by Iranian authorities, as are other websites considered un-Islamic or detrimental to the regime."

  9. Sony To Make Movie of Edward Snowden Story

    Entertainment · Movies · · posted by samzenpus · from the leaks-camera-action! dept. · 107 comments
    wiredmikey (1824622) writes "Sony Pictures Entertainment has acquired the rights to the new book by journalist Glenn Greenwald about fugitive US intelligence leaker Edward Snowden, the studio said Wednesday. James Bond franchise producers Michael Wilson and Barbara Broccoli will make the movie version of 'No Place to Hide,' described as 'a political film that will resonate with today's moviegoers.' The book, subtitled 'Edward Snowden, the NSA and the US Surveillance State,' was just recently published in Britain by Hamish Hamilton and in the United States by Metropolitan Books."

  10. Estonia Urged To Drop Internet Voting Over Security Fears

    It · Security · · posted by Unknown · from the still-better-than-a-diebold-machine dept. · 116 comments
    wiredmikey (1824622) writes "A team of global IT experts have urged Estonia to drop electronic voting from this month's European elections, saying they had identified major security risks. They also said the system's operational security is lax, transparency measures are insufficient. and the software design is vulnerable to cyber attacks. 'Estonia's Internet voting system blindly trusts the election servers and the voters' computers,' said U.S. computer scientist J. Alex Halderman, a co-author of the report released Tuesday. 'Either of these would be an attractive target for state-level attackers, such as Russia.'" The source for the voting system is available for anyone to inspect. The Estonian National Electoral Committee released a statement dismissing the researchers claims: "At this point, we can give only preliminary answers to allegations published in the Guardian, as the researchers have not shared the full results of their work with us. The researchers met with officials from the electoral committee in October 2013, and could have contacted us at any point in the last 6 months to share the initial findings of their research. ... The researchers have not discovered any new attack vectors that had not already been accounted for in the design of our system as a whole. ... It is not feasible to effectively conduct the described attacks to alter the results of the voting. ... The electoral committee has numerous safeguards and failsafe mechanisms to detect attacks against the elections or manipulated results."

  11. Europe's Cybersecurity Policy Under Attack

    It · Security · · posted by timothy · from the teenagers-are-pretty-darn-creative dept. · 22 comments
    wiredmikey (1824622) writes "As Europe powered up its most ambitious ever cybersecurity exercise this month, doubts were being raised over whether the continent's patchwork of online police was right for the job. The exercise, called Cyber Europe 2014, involved 200 organizations and 400 cybersecurity professionals from both the European Union and beyond. Yet some critics argued that herding together normally secretive national security agencies and demanding that they spend the rest of 2014 sharing information amounted to wishful thinking. Others questioned whether the law enforcement agencies taking part in the drill should be involved in safeguarding online security, in the wake of American whistleblower Edward Snowden's revelations of online spying by western governments. Eurostat figures show that, by January 2012, only 26 percent of EU enterprises had a formally defined information technology security plan in place. One industry insider said the view in Brussels is that EU cybersecurity was "like teenage sex: everyone says they are doing it but not that many actually are.""

  12. Microsoft, Google, Others Join To Fund Open Source Infrastructure Upgrades

    News · Opensource · · posted by timothy · from the and-moving-forward-henceforth dept. · 101 comments
    wiredmikey (1824622) writes "Technology giants including Microsoft, Google, Intel, and Cisco are banding together to support and fund open source projects that make up critical elements of global information infrastructure. The new Core Infrastructure Initiative brings technology companies together to identify and fund open source projects that are widely used in core computing and Internet functions, The Linux Foundation announced today. Formed primarily as the industry's response to the Heartbleed crisis, the OpenSSL library will be the initiative's first project. Other open source projects will follow. The funds will be administered by the Linux Foundation and a steering group comprised of the founding members, key open source developers, and other industry stakeholders. Anyone interested in joining the initiative, or donating to the fund can visit the Core Infrastructure Initiative site."

  13. Microsoft, Google, Others Join To Fund Open Source Infrastructure Upgrades

    News · Opensource · · posted by timothy · from the and-moving-forward-henceforth dept. · 101 comments
    wiredmikey (1824622) writes "Technology giants including Microsoft, Google, Intel, and Cisco are banding together to support and fund open source projects that make up critical elements of global information infrastructure. The new Core Infrastructure Initiative brings technology companies together to identify and fund open source projects that are widely used in core computing and Internet functions, The Linux Foundation announced today. Formed primarily as the industry's response to the Heartbleed crisis, the OpenSSL library will be the initiative's first project. Other open source projects will follow. The funds will be administered by the Linux Foundation and a steering group comprised of the founding members, key open source developers, and other industry stakeholders. Anyone interested in joining the initiative, or donating to the fund can visit the Core Infrastructure Initiative site."

  14. Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

    It · Security · · posted by timothy · from the bleeding-from-the-ears dept. · 59 comments
    wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software.

    "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated."

    After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

  15. Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

    It · Security · · posted by timothy · from the bleeding-from-the-ears dept. · 59 comments
    wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software.

    "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated."

    After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

  16. Russian Officials Dump iPads For Samsung Tablets Over Spy Fears

    Hardware · Android · · posted by timothy · from the putin-actually-invented-it dept. · 198 comments
    wiredmikey writes: "Russian government officials have swapped their iPads for Samsung tablets to ensure tighter security, the telecoms minister told news agencies on Wednesday. Journalists spotted that ministers at a cabinet meeting were no longer using Apple tablets, and minister Nikolai Nikiforov confirmed the changeover "took place not so long ago." He said the ministers' new Samsungs were "specially protected devices that can be used to work with confidential information." This isn't the first time Russian powers have had concerns over mobile. In August 2012, Russia unveiled a prototype tablet with its own "almost Android" mobile OS that has the remarkably familiar feel of an Android but with bolstered encryption. In an even more paranoid move, this past July a Russian state service in charge of safeguarding Kremlin communications was looking to purchase an array of old-fashioned typewriters to prevent leaks from computer hardware."

  17. Russian Officials Dump iPads For Samsung Tablets Over Spy Fears

    Hardware · Android · · posted by timothy · from the putin-actually-invented-it dept. · 198 comments
    wiredmikey writes: "Russian government officials have swapped their iPads for Samsung tablets to ensure tighter security, the telecoms minister told news agencies on Wednesday. Journalists spotted that ministers at a cabinet meeting were no longer using Apple tablets, and minister Nikolai Nikiforov confirmed the changeover "took place not so long ago." He said the ministers' new Samsungs were "specially protected devices that can be used to work with confidential information." This isn't the first time Russian powers have had concerns over mobile. In August 2012, Russia unveiled a prototype tablet with its own "almost Android" mobile OS that has the remarkably familiar feel of an Android but with bolstered encryption. In an even more paranoid move, this past July a Russian state service in charge of safeguarding Kremlin communications was looking to purchase an array of old-fashioned typewriters to prevent leaks from computer hardware."

  18. Russian Officials Dump iPads For Samsung Tablets Over Spy Fears

    Hardware · Android · · posted by timothy · from the putin-actually-invented-it dept. · 198 comments
    wiredmikey writes: "Russian government officials have swapped their iPads for Samsung tablets to ensure tighter security, the telecoms minister told news agencies on Wednesday. Journalists spotted that ministers at a cabinet meeting were no longer using Apple tablets, and minister Nikolai Nikiforov confirmed the changeover "took place not so long ago." He said the ministers' new Samsungs were "specially protected devices that can be used to work with confidential information." This isn't the first time Russian powers have had concerns over mobile. In August 2012, Russia unveiled a prototype tablet with its own "almost Android" mobile OS that has the remarkably familiar feel of an Android but with bolstered encryption. In an even more paranoid move, this past July a Russian state service in charge of safeguarding Kremlin communications was looking to purchase an array of old-fashioned typewriters to prevent leaks from computer hardware."

  19. Microsoft Word Zero-Day Used In Targeted Attacks

    It · Microsoft · · posted by Unknown · from the upgrade-your-word-processor dept. · 88 comments
    wiredmikey (1824622) writes "Microsoft warned on Monday of a remote code execution vulnerability (CVE-2014-1761) in Microsoft Word 2010 that is being actively exploited in targeted attacks. If successfully exploited, an attacker could gain the same user rights as the current user, Microsoft said, noting that users whose accounts are configured to have fewer user rights on the system could be less impacted than accounts with administrative privileges. 'The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer,' Microsoft explained Microsoft did not share any details on the attacks that leveraged the vulnerability, but did credit Drew Hintz, Shane Huntley, and Matty Pellegrino of the Google Security Team for reporting it to Microsoft."

  20. Symantec Fires CEO Steve Bennett

    Business · · posted by ryuzaki0 · from the moving-on dept. · 111 comments
    wiredmikey (1824622) writes "Symantec on Thursday announced that CEO Steve Bennett was terminated by the security company and has been replaced by Michael Brown as interim president and CEO. Bennett, who also resigned from Symantec's board of directors, took the top position at Symantec in July 2012, after former president and CEO Enrique Salem was pushed out by the Board of Directors. In April 2013, Bennett, told attendees at its own Vision Conference, that the company was changing, and acknowledged that Symantec 'lacked strategy' when it came to dealing with acquisitions. His plan was to move the company forward slowly, but consistently and make Symantec easier to do business with. That strategy, or at least the execution of it, hasn't impressed the board of directors, it seems."

  21. Officials: NSA's PRISM Targets Email Addresses, Not Keywords

    News · Usa · · posted by samzenpus · from the the-list-you-don't-want-to-be-on dept. · 96 comments
    wiredmikey writes "The US government's PRISM Internet spying program exposed by Edward Snowden targets suspect email addresses and phone numbers but does not search for keywords like terrorism, officials said Wednesday. Top lawyers of the country's intelligence apparatus including the NSA and FBI participated Wednesday in a public hearing on the controversial US data-mining operations that intercept emails and other Internet communications including on social media networks like Facebook, Google or Skype. 'We figure out what we want and we get that specifically, that's why it's targeted collection rather than bulk collection,' Robert Litt, general counsel at the Office of the Director of National Intelligence, told the hearing. Under authority of the Foreign Intelligence Surveillance Act, the NSA asks Internet service providers to hand over messages sent from or received by certain accounts such as terrorist@google.com, the Justice Department's Brad Wiegmann said, using a hypothetical example."

  22. Malware Attack Infected 25,000 Linux/UNIX Servers

    It · Security · · posted by Soulskill · from the sudo-configure-your-stuff-properly dept. · 220 comments
    wiredmikey writes "Security researchers from ESET have uncovered a widespread attack campaign that has infected more than 25,000 Linux and UNIX servers around the world. The servers are being hijacked by a backdoor Trojan as part of a campaign the researchers are calling 'Operation Windigo.' Once infected, victimized systems are leveraged to steal credentials, redirected web traffic to malicious sites and send as many as 35 million spam messages a day. 'Windigo has been gathering strength, largely unnoticed by the security community, for more than two and a half years and currently has 10,000 servers under its control,' said Pierre-Marc Bureau, security intelligence program manager at ESET, in a statement.

    There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren't zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present."

  23. Malware Attack Infected 25,000 Linux/UNIX Servers

    It · Security · · posted by Soulskill · from the sudo-configure-your-stuff-properly dept. · 220 comments
    wiredmikey writes "Security researchers from ESET have uncovered a widespread attack campaign that has infected more than 25,000 Linux and UNIX servers around the world. The servers are being hijacked by a backdoor Trojan as part of a campaign the researchers are calling 'Operation Windigo.' Once infected, victimized systems are leveraged to steal credentials, redirected web traffic to malicious sites and send as many as 35 million spam messages a day. 'Windigo has been gathering strength, largely unnoticed by the security community, for more than two and a half years and currently has 10,000 servers under its control,' said Pierre-Marc Bureau, security intelligence program manager at ESET, in a statement.

    There are many misconceptions around Linux security, and attacks are not something only Windows users need to worry about. The main threats facing Linux systems aren't zero-day vulnerabilities or malware, but things such as Trojanized applications, PHP backdoors, and malicious login attempts over SSH. ESET recommends webmasters and system administrators check their systems to see if they are compromised, and has published a detailed report presenting the findings and instructions on how to remove the malicious code if it is present."

  24. Sundar Pichai: Android Designed For Openness; Security a Lower Priority

    It · Security · · posted by timothy · from the not-that-they-must-contradict dept. · 117 comments
    An anonymous reader writes "Earlier this week, Google Android chief Sundar Pichai spoke at the Mobile World Congress where he explained, rather bluntly, that Android is designed to be open more so than it's designed to be safe. He also added that if he were a hacker today, he too would focus most of his efforts on Android on account of its marketshare position." Related: wiredmikey writes "Boeing is launching 'Boeing Black phone,' a self-destructing Android-based smartphone that the company says has no serviceable parts, and any attempted servicing or replacing of parts would destroy the product. 'Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,' the company explained. ... The device should not be confused with the new encrypted Blackphone, developed by the U.S. secure communications firm Silent Circle with Spanish manufacturer Geeksphone."

  25. Sundar Pichai: Android Designed For Openness; Security a Lower Priority

    It · Security · · posted by timothy · from the not-that-they-must-contradict dept. · 117 comments
    An anonymous reader writes "Earlier this week, Google Android chief Sundar Pichai spoke at the Mobile World Congress where he explained, rather bluntly, that Android is designed to be open more so than it's designed to be safe. He also added that if he were a hacker today, he too would focus most of his efforts on Android on account of its marketshare position." Related: wiredmikey writes "Boeing is launching 'Boeing Black phone,' a self-destructing Android-based smartphone that the company says has no serviceable parts, and any attempted servicing or replacing of parts would destroy the product. 'Any attempt to break open the casing of the device would trigger functions that would delete the data and software contained within the device and make the device inoperable,' the company explained. ... The device should not be confused with the new encrypted Blackphone, developed by the U.S. secure communications firm Silent Circle with Spanish manufacturer Geeksphone."

  26. Apple Fixes Dangerous SSL Authentication Flaw In iOS

    It · Security · · posted by timothy · from the are-you-telling-us-the-whole-story? dept. · 101 comments
    wiredmikey writes "Users of iOS devices will find themselves with a new software update to install, thanks to a certificate validation flaw in the mobile popular OS. While Apple provides very little information when disclosing security issues, the company said that an attacker with a 'privileged network position could capture or modify data in sessions protected by SSL/TLS.' 'While this flaw itself does not allow an attacker to compromise a vulnerable device, it is still a very serious threat to the privacy of users as it can be exploited through Man-in-the-Middle attack,' VUPEN's Chaouki Bekrar told SecurityWeek. For example, when connecting to an untrusted WiFi network, attackers could spy on user connections to websites and services that are supposed to be using encrypted communications, Bekrar said. Users should update their iOS devices to iOS 7.0.6 as soon as possible." Adds reader Trailrunner7: "The wording of the description is interesting, as it suggests that the proper certificate-validation checks were in place at some point in iOS but were later removed somehow. The effect of an exploit against this vulnerability would be for an attacker with a man-in-the-middle position on the victim's network would be able to read supposedly secure communications. It's not clear when the vulnerability was introduced, but the CVE entry for the bug was reserved on Jan. 8."

  27. IE Zero-Day Exploit Used In Attack Targeting Military Intelligence

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 58 comments
    wiredmikey writes "Security researchers from FireEye have discovered a new IE 10 Zero-Day exploit (CVE-2014-0322) being used in a watering hole attack on the US Veterans of Foreign Wars' website. According to FireEye, attackers compromised the VFW website and added an iframe to the site's HTML code that loads the attacker's page in the background. When the malicious code is loaded in the browser, it runs a Flash object that orchestrates the remainder of the exploit. Dubbed 'Operation SnowMan' by FireEye, the attack targets IE 10 with Adobe Flash. According to a recently-released report from CrowdStrike Strategic Web Compromises (SWC), where attackers infect strategic Websites as part of a watering hole attack to target a specific group of users, were a favorite attack method for groups operating out of Russia and China. FireEye believes the attackers behind the campaign, thought to be operating out of China, are associated with two previously identified campaigns: Operation DeputyDog and Operation Ephemeral Hydra. 'A possible objective in the SnowMan attack is targeting military service members to steal military intelligence,' FireEye said."

  28. Got Malware? The FBI Wants It

    Yro · Government · · posted by timothy · from the target-market-after-all dept. · 93 comments
    wiredmikey writes "The FBI has placed malware on its shopping list, and is turning to third parties to help the agency build a massive library of malicious software. According to a 'Request for a Quote' posted on the Federal Business Opportunities website, the FBI is looking for price quotes for malware for the Investigative Analysis Unit of the agency's Operational Technology Division (OTD). The unit's mission is to 'Provide technical analysis of digital methods, software and data, and provide technical support to FBI investigations and intelligence operations that involve computers, networks and malicious software,' according to the document. The FBI did not say precisely how the malware will be used, but the document calls the collection of malware from law enforcement and research sources "critical to the success of the IAU's mission to obtain global awareness of malware threat.""

  29. Obama Nominates Vice Admiral Michael Rogers New NSA Chief

    News · Usa · · posted by samzenpus · from the big-boss-man dept. · 138 comments
    wiredmikey writes "President Barack Obama has nominated a US Navy officer, Vice Admiral Michael Rogers, to take over as head of the embattled National Security Agency, the Pentagon said Thursday. Rogers, 53, would take the helm at a fraught moment for the spy agency, which is under unprecedented pressure after leaks from ex-intelligence contractor Edward Snowden revealed the extent of its electronic spying. If confirmed by lawmakers, Rogers would also take over as head of the military's cyber warfare command. Rogers, who trained as an intelligence cryptologist, would succeed General Keith Alexander, who has served in the top job since 2005. He currently heads the US Fleet Cyber Command, overseeing the navy's cyber warfare specialists, and over a 30-year career has worked in cryptology and eavesdropping, or 'signals intelligence.' His confirmation hearings in the Senate are likely to be dominated by the ongoing debate about the NSA's espionage, and whether its sifting through Internet traffic and phone records violates privacy rights and democratic values."

  30. Hackers Steal Law Enforcement Documents From Microsoft

    Yro · Microsoft · · posted by timothy · from the traffic-ticket-inquiry dept. · 53 comments
    wiredmikey writes "Microsoft on Friday said that attackers breached the email accounts of a "select number" of employees, and obtained access to documents associated with law enforcement inquiries. According to the company, a number of Microsoft employees were targeted with attacks aiming to compromise both email and social media accounts '..We have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed,' said Adrienne Hall, General Manager at Microsoft's Trustworthy Computing Group. 'It appears that documents associated with law enforcement inquiries were stolen,' Hall said. Targeted attacks like this are not uncommon, especially for an organization like Microsoft. What's interesting about this is that the incident was significant enough to disclose, indicating that a fair number of documents could have been exposed, or that the company fears some documents will make their way to the public if released by the attackers—which may be the case if this was a 'hacktivist' attack."

  31. Hackers Steal Law Enforcement Documents From Microsoft

    Yro · Microsoft · · posted by timothy · from the traffic-ticket-inquiry dept. · 53 comments
    wiredmikey writes "Microsoft on Friday said that attackers breached the email accounts of a "select number" of employees, and obtained access to documents associated with law enforcement inquiries. According to the company, a number of Microsoft employees were targeted with attacks aiming to compromise both email and social media accounts '..We have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed,' said Adrienne Hall, General Manager at Microsoft's Trustworthy Computing Group. 'It appears that documents associated with law enforcement inquiries were stolen,' Hall said. Targeted attacks like this are not uncommon, especially for an organization like Microsoft. What's interesting about this is that the incident was significant enough to disclose, indicating that a fair number of documents could have been exposed, or that the company fears some documents will make their way to the public if released by the attackers—which may be the case if this was a 'hacktivist' attack."

  32. 20 Million People Exposed In Massive South Korea Data Leak

    It · Security · · posted by timothy · from the at-least-everyone's-using-msie dept. · 53 comments
    wiredmikey writes "While the recent data breach that hit Target has dominated headlines lately, another massive data breach was disclosed this week that affected at least 20 million people in South Korea. According to regulators, the personal data including names, social security numbers, phone numbers, credit card numbers and expiration dates of at least 20 million bank and credit card users was taken by a temporary consultant working at the Korea Credit Bureau (KCB). The consultant later sold the data to phone marketing companies, but has since been arrested along with mangers at the companies he sold the stolen data to. A similar insider-attack occurred at Vodafone late last year when a contractor made off with the personal data of two million customers from a server located in Germany. According to a study from PwC, organizations have made little progress developing defenses against both internal and external attackers, and insiders pose just as great a security risk to organizations as outside attackers."

  33. 20 Million People Exposed In Massive South Korea Data Leak

    It · Security · · posted by timothy · from the at-least-everyone's-using-msie dept. · 53 comments
    wiredmikey writes "While the recent data breach that hit Target has dominated headlines lately, another massive data breach was disclosed this week that affected at least 20 million people in South Korea. According to regulators, the personal data including names, social security numbers, phone numbers, credit card numbers and expiration dates of at least 20 million bank and credit card users was taken by a temporary consultant working at the Korea Credit Bureau (KCB). The consultant later sold the data to phone marketing companies, but has since been arrested along with mangers at the companies he sold the stolen data to. A similar insider-attack occurred at Vodafone late last year when a contractor made off with the personal data of two million customers from a server located in Germany. According to a study from PwC, organizations have made little progress developing defenses against both internal and external attackers, and insiders pose just as great a security risk to organizations as outside attackers."

  34. 20 Million People Exposed In Massive South Korea Data Leak

    It · Security · · posted by timothy · from the at-least-everyone's-using-msie dept. · 53 comments
    wiredmikey writes "While the recent data breach that hit Target has dominated headlines lately, another massive data breach was disclosed this week that affected at least 20 million people in South Korea. According to regulators, the personal data including names, social security numbers, phone numbers, credit card numbers and expiration dates of at least 20 million bank and credit card users was taken by a temporary consultant working at the Korea Credit Bureau (KCB). The consultant later sold the data to phone marketing companies, but has since been arrested along with mangers at the companies he sold the stolen data to. A similar insider-attack occurred at Vodafone late last year when a contractor made off with the personal data of two million customers from a server located in Germany. According to a study from PwC, organizations have made little progress developing defenses against both internal and external attackers, and insiders pose just as great a security risk to organizations as outside attackers."

  35. 20 Million People Exposed In Massive South Korea Data Leak

    It · Security · · posted by timothy · from the at-least-everyone's-using-msie dept. · 53 comments
    wiredmikey writes "While the recent data breach that hit Target has dominated headlines lately, another massive data breach was disclosed this week that affected at least 20 million people in South Korea. According to regulators, the personal data including names, social security numbers, phone numbers, credit card numbers and expiration dates of at least 20 million bank and credit card users was taken by a temporary consultant working at the Korea Credit Bureau (KCB). The consultant later sold the data to phone marketing companies, but has since been arrested along with mangers at the companies he sold the stolen data to. A similar insider-attack occurred at Vodafone late last year when a contractor made off with the personal data of two million customers from a server located in Germany. According to a study from PwC, organizations have made little progress developing defenses against both internal and external attackers, and insiders pose just as great a security risk to organizations as outside attackers."

  36. Target Confirms Point-of-Sale Malware Was Used In Attack

    It · Security · · posted by samzenpus · from the weapon-of-choice dept. · 250 comments
    wiredmikey writes "According to Target Chairman and CEO Gregg Steinhafel, point-of-sale (POS) malware was used in the recent attack that compromised millions of credit and debit card account numbers of customers across the country. Steinfhafel told CNBC's Becky Quick in an interview that malware was used in attacks that compromised the company's point of sale registers. According to a report from Reuters, Target and Neiman Marcus may not be alone, as other popular U.S. retailers may have been breached during the busy the holiday shopping season. According sources who spoke to Reuters, attackers used RAM scraper, or Memory parser malware to steal sensitive data from Target and other retail victims. Visa issued alerts about attacks utilizing these types of malware in April 2013 and again in August 2013. Memory parser malware targets payment card data being processed 'in the clear' (unencrypted) in a system's random access memory (RAM). 'The malware is configured to hook into a payment application binary responsible for processing payment transactions and extracts the systems memory for full track data,' Visa explained in a security advisory."

  37. Target Confirms Point-of-Sale Malware Was Used In Attack

    It · Security · · posted by samzenpus · from the weapon-of-choice dept. · 250 comments
    wiredmikey writes "According to Target Chairman and CEO Gregg Steinhafel, point-of-sale (POS) malware was used in the recent attack that compromised millions of credit and debit card account numbers of customers across the country. Steinfhafel told CNBC's Becky Quick in an interview that malware was used in attacks that compromised the company's point of sale registers. According to a report from Reuters, Target and Neiman Marcus may not be alone, as other popular U.S. retailers may have been breached during the busy the holiday shopping season. According sources who spoke to Reuters, attackers used RAM scraper, or Memory parser malware to steal sensitive data from Target and other retail victims. Visa issued alerts about attacks utilizing these types of malware in April 2013 and again in August 2013. Memory parser malware targets payment card data being processed 'in the clear' (unencrypted) in a system's random access memory (RAM). 'The malware is configured to hook into a payment application binary responsible for processing payment transactions and extracts the systems memory for full track data,' Visa explained in a security advisory."

  38. Verizon and AT&T Join the 'Transparency Report' Club

    Yro · Verizon · · posted by timothy · from the not-quite-the-same-as-the-invisible-men dept. · 37 comments
    wiredmikey writes "Telecommunications giants Verizon and AT&T both announced (separately) this week that they would join a growing list of tech and telecom sector companies in publishing a 'transparency report' about demands for information from law enforcement agencies. Verizon said the first report would come in early 2014, with updates being published semi-annually. AT&T said it would also release a semiannual report starting in early 2014 with information 'to the extent permitted by laws and regulations.' The transparency reports will include things such as the total number of law enforcement agency requests in criminal cases, subpoenas, court orders and warrants. However, telecom and tech firms are still barred from releasing data on national security requests from the FBI and U.S. intelligence services."

  39. Verizon and AT&T Join the 'Transparency Report' Club

    Yro · Verizon · · posted by timothy · from the not-quite-the-same-as-the-invisible-men dept. · 37 comments
    wiredmikey writes "Telecommunications giants Verizon and AT&T both announced (separately) this week that they would join a growing list of tech and telecom sector companies in publishing a 'transparency report' about demands for information from law enforcement agencies. Verizon said the first report would come in early 2014, with updates being published semi-annually. AT&T said it would also release a semiannual report starting in early 2014 with information 'to the extent permitted by laws and regulations.' The transparency reports will include things such as the total number of law enforcement agency requests in criminal cases, subpoenas, court orders and warrants. However, telecom and tech firms are still barred from releasing data on national security requests from the FBI and U.S. intelligence services."

  40. Panel Urges Major NSA Spying Overhaul

    Yro · Government · · posted by samzenpus · from the clean-it-up dept. · 242 comments
    wiredmikey writes "A board set up to review the NSA's vast surveillance programs has called for a wide-ranging overhaul of National Security Agency practices while preserving 'robust' intelligence capabilities. The panel, set up by President Obama, issued 46 recommendations, including reforms at a secret national security court and an end to retention of telephone 'metadata' by the spy agency. The 308-page report (PDF) submitted last week to the White House and released publicly Wednesday says the US government needs to balance the interests of national security and intelligence gathering with privacy and 'protecting democracy, civil liberties, and the rule of law.' Panel members said the recommendations would not necessarily mean a rolling back of intelligence gathering, including on foreign leaders, but that surveillance must be guided by standards and by high-level policymakers."

  41. Massive Android Mobile Botnet Hijacking SMS Data

    It · Android · · posted by Soulskill · from the all-your-texts-are-belong-to-us dept. · 117 comments
    wiredmikey writes "A mobile botnet called MisoSMS is wreaking havoc on the Android platform, stealing personal SMS messages and exfiltrating them to attackers in China. Researchers at FireEye lifted the curtain off the threat on Monday, describing MisoSMS as 'one of the largest advanced mobile botnets to date' and warning that it is being used in more than 60 spyware campaigns. FireEye tracked the infections to Android devices in Korea and noted that the attackers are logging into command-and-controls in from Korea and mainland China, among other locations, to periodically read the stolen SMS messages. FireEye's research team discovered a total of 64 mobile botnet campaigns in the MisoSMS malware family and a command-and-control that comprises more than 450 unique malicious e-mail accounts."

  42. Cybercrime Marketplace Mastermind Faces 18 Years In Prison

    Yro · Crime · · posted by samzenpus · from the doing-the-time dept. · 59 comments
    wiredmikey writes "A Ukrainian national, Roman Vega, who pleaded guilty in 2009 to creating a popular online marketplace for selling stolen financial account data has been sentenced to 18 years in prison. Called one of the world's 'most prolific cybercriminals' by the Department of Justice, Vega, 49, will serve significant time in prison for his role in co-founding the notorious website CarderPlanet. In the early 2000s, Vega co-founded and became a high-ranking administrator of the notorious website, which became one of the first and busiest online marketplaces for the sale of stolen financial information, computer hacking services and money laundering. At its height, CarderPlanet had more than 6,000 members and had a hierarchical leadership structure that borrowed its leadership titles from La Cosa Nostra, US authorities said."

  43. Switzerland Wants To Become the World's Data Vault

    Yro · Privacy · · posted by samzenpus · from the leave-it-to-us dept. · 131 comments
    wiredmikey writes "Business for Switzerland's 55 data centers is booming. They benefit from the Swiss reputation for security and stability, and some predict the nation already famous for its super-safe banks will soon also be known as the world's data vault. For example, housed in one of Switzerland's numerous deserted Cold War-era army barracks, one high-tech data center is hidden behind four-ton steel doors built to withstand a nuclear attack — plus biometric scanners and an armed guard. Such tight security is in growing demand in a world shaking from repeated leaks scandals and fears of spies lurking behind every byte."

  44. New Windows XP Zero-Day Under Attack

    Tech · Windows · · posted by Soulskill · from the escalation-of-stale-operating-system-attack dept. · 241 comments
    wiredmikey writes "A new Windows kernel zero-day vulnerability is being exploited in targeted attacks against Windows XP users. Microsoft confirmed the issue and published a security advisory to acknowledge the flaw after anti-malware vendor FireEye warned that the Windows bug is being used in conjunction with an Adobe Reader exploit to infect Windows machines with malware. Microsoft described the issue as an elevation of privilege vulnerability that allows an attacker to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights."

  45. Sweden Will Deliver Pirate Bay Co-Founder To Denmark

    Yro · Crime · · posted by timothy · from the amazon-prime dept. · 56 comments
    wiredmikey writes "Sweden said it will hand over Pirate Bay co-founder Gottfrid Svartholm Warg to Denmark where he is wanted for questioning on alleged hacking charges. 'It (the extradition) will take place on November 27,' the prosecutor in charge of the case, Henrik Olin, said, adding that Sweden was responding to an arrest warrant issued by Copenhagen. In June, Danish police revealed that the 30-year-old Swedish hacker is suspected of illegally downloading police files between April and August 2012. He is currently serving a one-year sentence in Sweden for hacking into the computer systems of contractors working for the national tax authority."

  46. Sweden Will Deliver Pirate Bay Co-Founder To Denmark

    Yro · Crime · · posted by timothy · from the amazon-prime dept. · 56 comments
    wiredmikey writes "Sweden said it will hand over Pirate Bay co-founder Gottfrid Svartholm Warg to Denmark where he is wanted for questioning on alleged hacking charges. 'It (the extradition) will take place on November 27,' the prosecutor in charge of the case, Henrik Olin, said, adding that Sweden was responding to an arrest warrant issued by Copenhagen. In June, Danish police revealed that the 30-year-old Swedish hacker is suspected of illegally downloading police files between April and August 2012. He is currently serving a one-year sentence in Sweden for hacking into the computer systems of contractors working for the national tax authority."

  47. Porn-Surfing Execs Infecting Corporate Networks With Malware

    Tech · Security · · posted by Soulskill · from the IT-admins-know-your-secrets dept. · 151 comments
    wiredmikey writes "According to a recent survey of malware analysts at U.S. enterprises, 40% of the time a device used by a member the senior leadership team became infected with malware was due to executives visiting a pornographic website. The study, from ThreatTrack Security, also found that nearly six in 10 of the malware analysts have investigated or addressed a data breach that was never disclosed by their company. When asked to identify the most difficult aspects of defending their companies' networks from advanced malware, 67% said the complexity of malware is a chief factor; 67% said the volume of malware attacks; and 58% cited the ineffectiveness of anti-malware solutions."

  48. Microsoft Warns of Zero-Day Attacks

    It · Security · · posted by Soulskill · from the welcome-to-tuesday dept. · 165 comments
    wiredmikey writes "Microsoft released an advisory today warning users about a new zero-day under attack in targeted campaigns occurring in the Middle East and South Asia. According to Microsoft, the vulnerability resides in the Microsoft Graphics component and impacts certain versions of Windows, Microsoft Office and Lync. The problem exists in the way specially-crafted TIFF images are handled. To exploit the vulnerability, an attacker would have to convince a user to preview or open a specially-crafted email message, open a malicious file or browse malicious Web content. If exploited successfully, the vulnerability can be used to remotely execute code. The vulnerability affects Office 2003, 2007 and 2010 as well as Windows Server 2008 and Windows Vista. Right now, Microsoft Word documents are the current vector for attack."

  49. Rapid7 Launches Crowdsourced Security Research Project

    It · Security · · posted by samzenpus · from the mark-it-with-a-flag dept. · 39 comments
    wiredmikey writes "Vulnerability management software company Rapid7 has launched an ambitious community project to scan the public Internet, organize the results and share the data with the IT security industry. The brainchild of Metasploit creator HD Moore, the overall goal of Project Sonar is to crowdsource the discovery and reporting of security vulnerabilities of affected software and hardware vendors. 'If we try to parse the data sets ourselves, even with a team of 30 people, it would take multiple years just to figure out the vulnerabilities in the data set. It's ridiculous, really,' Moore said in an interview with SecurityWeek. To start, Rapid7 has released about 3 terabytes of raw data generated from scans across public Internet-facing systems. The data sets relate to IPv4 TCP banners & UDP probe replies, IPv4 Reverse DNS PTR records and IPv4 SSL Certificates. Moore's team also listed a set of tools used to generate the data sets. They include ZMap, an Internet-scale scanner developed at he University of Michigan; UDPBlast, a stand-alone UDP scanning utility; and MASSCAN, an Errata Security tool that claims to scan the entire IPv4 internet in three seconds."

  50. Twitter Launches Emergency Alerts

    Twitter · · posted by ryuzaki0 · from the spread-the-word dept. · 75 comments
    wiredmikey writes "Twitter on Wednesday launched a system for emergency alerts which can help spread critical information when other lines of communication are down. Twitter Alerts are designed to help communicate in natural disasters or other emergencies when traditional channels may be overloaded or unavailable. 'We know from our users how important it is to be able to receive reliable information during these times,' Twitter product manager Gaby Pena said in a blog post. Users who sign up to receive an account's Twitter Alerts will receive a notification directly to their phone for tweets marked as alerts from certain senders. Some of those able to send alerts include the American Red Cross, Federal Emergency Management Agency, World Health Organization, and government and non-government agencies in Japan and South Korea."