Slashdot Mirror
Domain: softpedia.com
Stories and comments across the archive that link to softpedia.com.
Stories · 480
-
OwnCloud Server 9.0 Officially Released (softpedia.com)
prisoninmate writes: OwnCloud Server 9.0 is without any doubt the biggest release of the world's leading file sharing and sync solution, which is used by over 8 million users around the globe. It promises to bring the collaboration and federation features to new levels thanks to the addition of new, innovative tools, as well as to improve the software's scalability. One of ownCloud 9.0's new features is code signing, which promises to offer users with a safer home for all their data by verifying the integrity of their ownCloud installations during upgrades or when installing apps, which also need to follow the new code signing specifications. The community edition of ownCloud Server 9.0 is available for download right now via Softpedia as a source package that you can deploy on your Linux kernal-based server, or straight from the project's website as binary packages for various GNU/Linux operating systems. OwnCloud Server 9.0 Enterprise Edition will be released in April 2016. -
Firefox 45 Will Remove Tab Groups Today, Get This Add-on To Replace It (softpedia.com)
An anonymous reader writes: Firefox 45, set to be released today, will remove the Tab Groups feature, a feature that many people used, but Mozilla decided to ask due to buggy code. The good news is that a developer created a perfect replacement for this feature as an add-on. Users that use Tab Groups on a daily basis are urged to install the add-on before upgrading to Firefox 45. The add-on will take over from the browser's Tab Groups feature without any complex configuration. Users that update to Firefox 45 will have their tab groups moved to their Bookmarks as folders, which may be difficult to move back into the Tab Groups add-on later on, especially if some people have hundreds of URLs. -
Brazilian Coders Are Pioneering the First Cross-OS Malware Using JAR Files
An anonymous reader writes: Criminal gangs in Brazil are experimenting with the first malware families that are packaged as JAR files, capable of being deployed to Windows, Linux, Mac, and even Android from the same codebase, instead of relying on 4 different versions. Right now, only the malware dropper, a component used to infect computers with banking trojans, seems to have been coded in Java, but security experts expect a full-blown banking trojan to soon follow. -
Facebook Fixes Bug That Allowed Users To Set Other Users' Passwords
An anonymous reader writes: Facebook has paid $15,000 (€13,600) to an independent security researcher who discovered a simple way of resetting passwords for other people's Facebook accounts, setting a new passphrase and effectively taking over profiles.
The problem was in the fact that Facebook also runs a Beta platform on beta.facebook.com. This platform's "reset password" feature did not include brute-force protection and allowed anyone to guess the six-digit verification code sent to someone's phone when resetting the password. This issue also raises another question: How many unsafe features are on Facebook's beta platform that have not been patched simultaneously with the main platform? -
Fingerprint-Protected Phones Vulnerable To Inkjet Attack (softpedia.com)
An anonymous reader writes: Two researchers have come up with a new method of hacking smartphones that use fingerprint biometrics to protect and lock the user's data. Their method only needs a regular inkjet printer, three AgIC silver conductive ink cartridges, a normal black ink cartridge, and special AgIC paper. The entire attack takes no more than 15 minutes. Current tests only included a Samsung Galaxy S6 and a Huawei Hornor 7. The researchers said that while the Samsung was easy to crack, the Huawei phone needed more tries. -
WordPress Plugin Comes With a Backdoor, Steals Admin Credentials In Cleartext
An anonymous reader writes that a WordPress plugin for managing custom post types has apparently been forcibly taken over by an Indian developer who has added a backdoor to the code which lets him install files on infected sites. "This backdoor also allows him to download files which add his own admin account to the site, and even alter core WordPress files so every time a user logs in, edits his profile, or a new user account is created, the user's password is collected (in cleartext) and sent to his server. WordPress hasn't moved in to ban the plugin just yet, despite user complaints. -
Server Snafu Makes Microsoft Beg For CA Audit Data From Its Partners (softpedia.com)
An anonymous reader writes: Microsoft, just like Google, Apple, and Mozilla, is part of the CA/BForum, an organization of web browser vendors and certification authorities (CAs). As a browser vendor, Microsoft maintains a list of authorized CAs and their respective root certificates. According to a message on the CA/BForum, there was an error on the server that was running a CRM application that managed this list of trusted certificates and the adjacent details regarding each certificate and CA. The data is lost forever and Microsoft is now asking CAs to resend their most recent audits. Currently a lot of certs are broken in Edge and IE. Microsoft says that it lost audit data for 147 root certificates, which resulted in many SSL/TLS certificates showing errors inside the company's products. -
Mozilla Bans Popular Firefox Add-On That Tampered With Security Settings (softpedia.com)
An anonymous reader writes: Mozilla has banned the popular (250,000+ installs) YouTube Unblock add-on that allowed users to view YouTube clips blocked in their country. The reason for this move is because the add-on was caught disabling a Firefox security setting (code signing) which the allowed it to silent-install another add-on, which Avast (antivirus software) was detecting as malware. Earlier in 2015, the same plugin was again caught cheating when it was using an self-contained update system that was bypassing Mozilla's add-on review process. -
U8 Smartwatch Engages In Covert Traffic With Chinese IP Behind Your Back (softpedia.com)
An anonymous reader writes: In a presentation at the BSides security conferences in San Francisco, Michael Raggo from MobileIron, has revealed that he discovered a cheap smartwatch engaging in covert communications behind the users' back. The watch in question is the U8 Nucleus, a cheap smartwatch that's made in China, sold for around $17 (€15.6), which also runs its own operating system, also known as Nucleus. When the user would install the iOS/Android app that allows the owners to manage the smartwatch via their phones, the app would start an encrypted communications channel with an IP address in China. This could be telemetry or analytics data, but nothing in the U8 smartwatch manual or website even mentioned something like this was happening in the first place. -
Pirates Hacked Shipping Firm's CMS To Plan Attacks, Find Valuable Cargo (softpedia.com)
An anonymous reader writes: Verizon's most recent Data Breach Digest includes a curious hacking case. Apparently a group of sea pirates have hired a hacker who uploaded a Web shell to a shipping company's CMS that allowed them to download cargo inventories and ship routes. They then used this information to attack ships, equipped with a barcode reader (and weapons of course), searching specific crates, emptying all the high-value cargo, and making off with the loot within minutes of launching their attacks. -
Windows' Built-In PDF Reader Exposes Edge Browser To Hacking (softpedia.com)
An anonymous reader writes: Edge, Microsoft's new browser, uses the WinRT PDF library to automatically embed and present PDF files while navigating the web. This is what Java does with applets, and Flash with SWF files -- it unintentionally allows a hacker to append malicious code to PDF files and trigger drive-by attacks, which exploit WinRT vulnerabilities to target Windows 10 users. All that an attacker needs to do is to find and create a database of WinRT vulnerabilities it could leverage to distribute his malware. -
Mars Rover Code Used For Cyber-Espionage Malware
An anonymous reader writes: Two open-source libraries used in the Mars Rover software have been integrated in the source code of a malware family (nicknamed Rover) used as part of a cyber-espionage campaign against the Indian government (Indian Ambassador to Afghanistan). The two libraries are OpenCV and OpenAL, two libraries for processing image and audio information. As such, the Rover malware can take screenshots, record video and audio. -
A Third of All HTTPS Websites Vulnerable To DROWN Attack (drownattack.com)
An anonymous reader writes: The OpenSSL project has released versions 1.0.2g and 1.0.1s to address a high severity security issue known as the DROWN attack (CVE-2016-0800) which allows attackers to break HTTPS and steal encrypted information. In layman terms, the attack uses an improperly patched issue (from 1998) in SSL to attack websites using the more modern TLS protocol. Servers where admins use SSL and TLS are in danger. Additionally, servers where only TLS is used, but the admins are sharing the same certificate for other servers where they have SSL, are also vulnerable, since the attack targets RSA, employed in both SSL and TLS. The entire attack is also easy to carry out, costing only $440 on Amazon EC2. -
Anonymous Goes After Miami Police Officer Who Doxed An Innocent Woman (softpedia.com)
An anonymous reader writes: After Miami resident Claudia Castillo noticed a cop speeding down the freeway without a siren, she pulled him over and told him to stop going so fast. The cop's police union chief, Javier Ortiz, decided to take the woman's private details and put them on his Facebook account, asking friends to call her and give her a piece of their mind. Of course, harassment ensued. Now, Anonymous hackers have decided to return the favor and dox the police union chief as payback. For once, these hacktivists did something useful. -
Mozilla Breaks Its Own Promise, Allows Symantec To Issue Insecure Certificates (softpedia.com)
An anonymous reader writes: After researchers discovered that SHA-1 can be decrypted, Mozilla, together with Microsoft and Google, said they will no longer "trust" SHA-1-based certificates issued after January 1, 2016, and later stop supporting any type of SHA-1 certificates after June 30, 2016, or January 1, 2017. The foundation went back on its word this week, when Symantec begged Mozilla to allow it to issue nine new certificates for one of its clients, Worldpay PLC, which forgot to request these certificates before January 1. Symantec got what it wanted. Fortunately, other companies like Microsoft, Apple, or Google didn't cave under the pressure. -
Ubuntu 15.10 Kernel Regression That Broke Graphics Displays In VMWare Patched
prisoninmate writes: On Monday, February 22, 2016, Softpedia reported on the availability of new kernel updates for several of Canonical's supported Ubuntu Linux operating systems, including Ubuntu 15.10, for which five kernel vulnerabilities have been patched at that point in time. And from the looks of it, the respective kernel updates introduced a regression, which Canonical patched four days later, on February 26, 2016, saying that the issue was introduced along with the fixed vulnerabilities for Ubuntu 15.10 (Wily Werewolf) and it broke graphics displays for those running the OS in VMWare VMs. -
Ubuntu 15.10 Kernel Regression That Broke Graphics Displays In VMWare Patched
prisoninmate writes: On Monday, February 22, 2016, Softpedia reported on the availability of new kernel updates for several of Canonical's supported Ubuntu Linux operating systems, including Ubuntu 15.10, for which five kernel vulnerabilities have been patched at that point in time. And from the looks of it, the respective kernel updates introduced a regression, which Canonical patched four days later, on February 26, 2016, saying that the issue was introduced along with the fixed vulnerabilities for Ubuntu 15.10 (Wily Werewolf) and it broke graphics displays for those running the OS in VMWare VMs. -
Norway Becomes First NATO Country To Accuse China of Stealing Military Secrets (softpedia.com)
An anonymous reader writes: A high-ranking general in the Norwegian Army and head of the Norwegian Intelligence Service E-tjenesten (Etterretningstjenesten) has made official statements accusing the Chinese government of launching cyber-attacks against his country. Gen. Lunde says that state-sponsored hacking groups have targeted many Norwegian companies during the past year. He says that these companies are suppliers and collaborators of the Norwegian army and that hackers have stolen information considered to be state military secrets. The statements were made to Norwegian TV station TV2 by General Lt. Morten Haga Lunde, who was detailing his agency's most recent intelligence report. -
90% of All SSL VPNs Use Insecure Or Outdated Encryption
An anonymous reader writes: 90% of all SSL-based VPNs use insecure or outdated encryption. According to research conducted by information security firm High-Tech Bridge, almost three-quarters of all SSL VPNs use the outdated SSLv3 and SSLv2. In addition, another three-quarters use untrusted certificates exposing users to MitM attacks. 74% use SHA-1 to sign certificates, while 5% of all SSL VPNs still use MD5. All of a sudden, VPNs don't look that secure anymore. -
Tor Project Accuses CloudFlare of Mass Surveillance, Sabotaging Traffic (softpedia.com)
An anonymous reader writes: Tensions are rising between Tor Project administrators and CloudFlare, a CDN and DDoS mitigation service that's apparently making the life of Tor users a living hell. Tor administrators are saying that CloudFlare is making Tor users enter CAPTCHAs multiple times, tracking their Web sessions, and sharing data with other companies. Additionally, a study by some UK and US researchers found that are 1.3 million websites blocking access to Tor users, 3.67% being Alexa Top 1000 sites. -
Keylogger Authors Manage To Infect Themselves 16 Different Times
An anonymous reader writes: Last summer someone created and dumped the source code of a keylogger called KeyBase. Since then, hackers have been churning out their own versions, but as you'd expect, skids would play with it too. Palo Alto researchers found the (unprotected) Web panels of some of these keyloggers, and discovered screenshots of the hackers' computers. Some of them even had dating pics. -
Baidu Browser Acts Like a Mildly Tempered Infostealer Virus
An anonymous reader writes: The Baidu Web browser for Windows and Android exhibits behavior that could easily be categorized by a security researcher as an infostealer virus because the browser collects information on its users, and then sends it to Baidu's home servers.
Both versions collected waaaaay to much information that has nothing to do with analytics, like hard drive models, CPU serials, and personal browsing history. The browser collected and sent this information on startup, when the user started typing content in his address bar, and on any page view. Some of this was sent via unencrypted connections. Additionally, the browser update did not use code signatures, meaning you could man-in-the-middle the connection and send anything you'd like to the browser, from Pokemon games to banking trojans, and have it installed locally. -
Multimedia Powerhouse FFmpeg Hits 3.0
An anonymous reader writes: The milestone release FFmpeg 3.0 "Einstein" has been unleashed. For those who need a reminder, FFmpeg comprises several libraries and command-line tools (the main command-line tool being "ffmpeg") that encode, decode, transcode, and stream audio/visual data, etc. FFmpeg supports a multitude of codecs, filters, and container formats too numerous to mention here. FFmpeg is used by MPlayer, VLC, HandBrake, Chrome, and many other projects. Changes from 2.x to 3.0 include: a much better native AAC encoder, better hardware acceleration, and some API/ABI breakage. See this, this, this, this, and the changelog for much better descriptions of the improvements. -
Airport Experiment Shows That People Recklessly Connect To Any Free Wi-Fi Spot (softpedia.com)
An anonymous reader writes: Avast carried out a curious experiment at the Barcelona Mobile World Congress. They've set up 3 public Wi-Fi spots at the local airport and waited to see how many users would connect. In just 4 hours, more than 2,000 users used the free hotspots, despite the fact that they knew nothing about the WiFi network, if it was safe, or who was running it. Researchers randomly logged some traffic stats just to prove a point about how easy is to hack users on a public WiFi network. They also recommended using a mobile VPN app when navigating the Web via public WiFi. -
HTTP GZIP Compression Leaks Data On the Location of Tor Web Servers
An anonymous reader writes: The GZIP compression format includes a field in its header that shows the Web server's local date, at which the data was gzipped. Almost all Web servers use "zeros" to pad this field by default, citing performance issues. Around 10% of Tor site operators have removed this feature and are printing the packet's compression date. Unknown to them, this "server local date" leaks the Tor site's timezone which law enforcement can then narrow down to a specific geographical area. Coupled with other Tor protocol leaks, this could help deanonymize .onion sites. -
Timeline Of Events: Linux Mint Website Hack That Distributed Malicious ISOs (softpedia.com)
An anonymous reader writes: The Linux Mint website was hacked last night and was pointing to malicious ISOs that contained an IRC bot known as TSUNAMI, used as part of an IRC DDoSing botnet. While the Linux Mint team says they were hacked via their WordPress site, security experts have discovered that their phpBB forum database was put up for sale on the Dark Web at around the same time of the hack. Also, it seems that after the Linux Mint team cleaned their website, the hackers reinfected it, which caused the developers to take it down altogether. -
US School Agrees To Pay $8,500 To Get Rid Of Ransomware (softpedia.com)
An anonymous reader writes: Earlier this week, the media was abuzz with the case of the Hollywood hospital that almost shut down its operations because of a ransomware infection, which it eventually paid. Something similar happened around the same time in a South Carolina school district when ransomware shut down an elementary school's servers. The school had to pay $8,500. -
Comodo Antivirus Tech Support Feature Lets Anyone Connect To Your PC (softpedia.com)
An anonymous reader writes: Google Project Zero security researcher Tavis Ormandy has discovered that one of Comodo's tech support tools packed with many of the company's security products leaves the door open for attackers to connect with admin privileges on the user's PC. He discovered that to blame for this problem was a remote desktop tool called GeekBuddy, which Comodo was bundling with its security software. This tool either used no password, or used a simple system to create the password which tech support staff would use to connect to user PCs. Ormandy previously discovered a similar issue in Comodo software, related to the company's Chromodo browser. -
Linux 4.3 Reached End of Life; Users Need To Move To Linux 4.4
prisoninmate writes: As some of you may know, Linux 4.3 was not an LTS (Long Term Support) release, so the last maintenance build is now Linux kernel 4.3.6, as announced earlier by Greg Kroah-Hartman, a renowned kernel developer and maintainer. While he's telling users of the Linux 4.3 series to update to the 4.3.6 point release, he also urges them, especially OS vendors, to move to the most advanced stable series, in this case, Linux kernel 4.4 LTS, which just received its second point release the other day. However, it appears that Linux kernel 4.3.6 is quite an update, as it changes a total of 197 files, with 2310 insertions and 963 deletions, bringing some much-needed improvements. -
Anonymous Hacker Gets Lost At Sea, Rescued, Then Arrested (softpedia.com)
An anonymous reader writes: Martin Gottesfeld, 31, from Somerville, Massachusetts, was arrested by FBI agents after being rescued at sea in the Gulf of Mexico. According to the FBI, Mr. Gottsfeld was under investigation after launching a series of cyber-attacks against Boston Children's Hospital in 2014, as part of the Anonymous hacker collective. Gottesfeld and his wife were found in a sailboat, near the coast of Cuba, with lots of luggage and 3 laptops. A Disney Cruise ship took them to the Bahamas, where FBI agents took him into custody. -
Ubuntu 14.04.4 LTS Officially Released
prisoninmate writes: Ubuntu 14.04.4 LTS (Long-Term Support) builds are available for download in the form of Live and Installable ISO images for Desktop, Server, Cloud, and Core products, on both 64-bit and 32-bit platforms, and that existing Ubuntu 14.04.3 LTS users can now update their systems. But not only Ubuntu 14.04 LTS (Trusty Tahr) users can update, as all the official flavors have been updated as well, so users of Kubuntu 14.04 LTS, Edubuntu 14.04 LTS, Xubuntu 14.04 LTS, Lubuntu 14.04 LTS, Ubuntu Studio 14.04 LTS, Mythbuntu 14.04 LTS, Ubuntu GNOME 14.04 LTS, and Ubuntu Kylin 14.04 LTS can also update their systems today or grab the new ISOs. -
Backdoor In MVPower DVR Firmware Sends CCTV Stills To an Email Address In China (softpedia.com)
An anonymous reader writes: An IoT security research company has discovered that a DVR model manufactured by MVPower includes a backdoor-like feature in its code that takes a screenshot of your CCTV feed and sends it to an email address hosted somewhere in China. The device's firmware is based on an open source project from GitHub that was pulled by its developer when someone confronted him about the backdoor. -
IETF's Tips For Network Admins On How To Avoid Draining Smartphone Batteries (softpedia.com)
An anonymous reader writes: Two engineers from Cisco and Google have raised the problem of IPv6 networks that drain smartphone battery life and issued a series of tips for other network admins on why and how to properly configure their networks. The problem is because of Router Advertisements (RAs). These are periodic messages sent by the router to all network clients telling them its IPv6 address, at which it can be reached. Apparently some networks are sending these as often as every 3 seconds, while the engineers say the proper interval should be 7 per hour. Hence the reason why your battery life is often drained even if your phone is in sleep mode, but connected to a local network. -
Hackers Demand $3.6 Million From Hollywood Hospital Following Cyber-Attack (softpedia.com)
An anonymous reader writes: The Hollywood Presbyterian Medical Center has been hit by a cyber-attack and its systems are now being held hostage by hackers that are demanding a ransom of 9,000 Bitcoin, which is about $3.6 million (€3.2 million) in today's currency. Management has forbidden staff to turn on their computers, fearing the attack might spread, and the Radiation and Oncology departments have been completely shut down because they can't use their equipment." The staff were also forced to use fax machines rather than email, and to write down patient data on paper; patients had had to come in in person for results. -
Phone Hacking Group Is Trading Fake Bomb Threats For Bitcoin (softpedia.com)
An anonymous reader writes: French police arrested a suspect in connection to a group of hackers that are selling fake bomb threats for Bitcoin. The group has been terrorizing cities in France, UK, USA, and Australia for months. Police suspect they are doing this by using a anonymity XMPP service to hack into VoIP phones and make the fake bomb threats and swatting calls. The group is charging $5 worth of Bitcoin for schools and company headquarters, $10 worth of Bitcoin for courthouses and entire school districts, $20 worth of Bitcoin for sports events and major conventions, and $50 worth of Bitcoin for "major" sports events. Additionally, for an extra $5 worth of Bitcoin, the group would also frame someone else for the incident. -
Vulnerability In Font Processing Library Affects Linux, OpenOffice, Firefox (softpedia.com)
An anonymous reader writes: If an application can embed fonts with special characters, then it's probably using the Graphite font processing library. This library has several security issues which an attacker can leverage to take control of your OS via remote code execution scenarios. The simple attack would be to deliver a malicious font via a Web page's CSS. The malformed font loads in Firefox, triggers the RCE exploit, and voila, your PC has a hole inside through which malware can creep in. -
Ransomware Hits UK Website, Defaces Homepage
An anonymous reader writes: The website of the British Association for Counseling & Psychotherapy has been hit by a variant of the CTB-Locker ransomware. While the ransomware proclaims itself to be CTB-Locker, there are a ton of clues that reveal this may be a fake and this is actually the first ever ransomware family created to target websites and not computers. -
Pirate Bay Browser Streaming Technology Is a Security and Privacy Nightmare (softpedia.com)
An anonymous reader writes: Last week the Pirate Bay added support for streaming video torrents inside the browser in real-time. Kickass Torrents followed the next week. The technology they used is called Torrents Time. A security researcher has discovered that this technology which is a mix of client and server side code is actually a security and user privacy disaster. Attackers can carry out XSS attacks on TPB and KAT, the app runs on Mac as root, attackers can hijack downloads and force malicious code on the user's PC, and advertisers can collect info on any user that has Torrents Time installed. -
Researchers Discover a Cheap Method of Breaking Bitcoin Wallet Passwords (softpedia.com)
An anonymous reader writes: Three researchers have published a paper that details a new method of cracking Bitcoin "brain wallet passwords," which is 2.5 times speedier than previous techniques and incredibly cheap to perform. The researcher revealed that by using a run-of-the-mill Amazon EC2 account, an attacker would be able to check over 500,000 Bitcoin passwords per second. For each US dollar spent on renting the EC2 server, an attacker would be able to check 17.9 billion password strings. To check a trillion passwords, it would cost the attacker only $55.86 (€49.63). In the end, they managed to crack around 18,000 passwords used for real accounts. -
LibreOffice 5.1 Officially Released
prisoninmate writes: After being in development for the last three months or so, LibreOffice 5.1 comes today to a desktop environment near you with some of the most attractive features you've ever seen in an open-source office suite software product, no matter the operating system used. The release highlights of LibreOffice 5.1 include a redesigned user interface for improved ease of use, better interoperability with OOXML files, support for reading and writing files on cloud servers, enhanced support for the ODF 1.2 file format, as well as additional Spreadsheet functions and features. Yesterday, even with the previous version, I was able to successfully use a moderately complex docx template without a hitch — the kind of thing that would have been a pipe-dream not too long ago. -
Trane Takes 2 Years To Remove Hard-Coded Root Passwords From IoT Thermostat (softpedia.com)
An anonymous reader writes: It took 22 months for Trane to patch three security bugs in its ComfortLink II XL950 smart Wi-Fi thermostat product, the ComfortLink II XL950, a modern IoT device along the lines of Google Nest, which offers a simple way to manage your apartment's or building's internal temperature. Researchers contacted Trane about their three issues in April 2014, the company fixed the RCE flaws in April 2015 and recently released a firmware update at the end of January to fix the last issue. During all this time, the company barely answered emails and continued to sell an exposed product. -
Researcher Finds Tens of Software Products Vulnerable To Simple Bug (softpedia.com)
An anonymous reader writes: There's a German security researcher that is arduously testing the installers of tens of software products to see which of them are vulnerable to basic DLL hijacking. Surprisingly, many companies are ignoring his reports. Until now, only Oracle seems to have addressed this problem in Java and VirtualBox. Here's a short (probably incomplete) list of applications that he found vulnerable to this attack: Firefox, Google Chrome, Adobe Reader, 7Zip, WinRAR, OpenOffice, VLC Media Player, Nmap, Python, TrueCrypt, and Apple iTunes. Mr. Kanthak also seems to have paid special attention to antivirus software installers. Here are some of the security products he discovered vulnerable to DLL hijacking: ZoneAlarm, Emsisoft Anti-Malware, Trend Micro, ESET NOD32, Avira, Panda Security, McAfee Security, Microsoft Security Essentials, Bitdefender, Rapid7's ScanNowUPnP, Kaspersky, and F-Secure. -
Malware Targets Skype Users, Records Conversations (softpedia.com)
An anonymous reader writes: A new backdoor trojan is making the rounds, coming equipped with features that allow it to steal files, take screengrabs, and record Skype conversations. Currently detected targeting US organizations, researchers linked it to previous malware developed by a Chinese cyber-espionage group called Admin@338. Besides recording Skype conversations, the malware can also steal Office documents, and includes a complicated installation procedure that allows it to avoid antivirus software installed on the machine. -
Avast SafeZone Browser Lets Attackers Access Your Filesystem (softpedia.com)
An anonymous reader writes: Just two days after Comodo's Chromodo browser was publicly shamed by Google Project Zero security researcher Tavis Ormandy, it's now Avast's turn to be publicly scorned for failing to provide a "secure" browser for its users. Called SafeZone, and also known as Avastium, Avast's custom browser is offered as a bundled download for all who purchase or upgrade to a paid version of Avast Antivirus 2016. This poor excuse of a browser was allowing attackers to access files on the user's filesystem just by clicking on malicious links. The browser wouldn't even have to be opened, and the malicious link could be clicked in "any" browser. -
Linux Kernel 2.6.32 LTS Reaches End of Life In February 2016 (softpedia.com)
An anonymous reader writes: The oldest long-term supported Linux kernel branch finally reaches end of life next month, but before going into the deepest darkest corners of the Internet, it just dropped one more maintenance release, Linux kernel 2.6.32.70 LTS. Willy Tarreau dropped the news about the release of Linux kernel 2.6.32.70 LTS on January 29, 2016, informing all us that this will most likely be the last maintenance release in the series, as starting with February 2016 it will no longer be supported with security patches and bugfixes. Linux 2.6 first came out in December, 2003, and 2.6.16 (the first long-term release) in March 2006. -
WhatsApp Will Get Indicators To Highlight Encrypted Chats (softpedia.com)
An anonymous reader writes: WhatsApp 3.0 will come with two privacy-related changes. The first is in the Security section and is in the form of a new setting called "Show security indicators." Turning on this setting will add a lock icon to your WhatsApp whenever you're having encrypted conversations. The second new setting is in the Account section, with the addition of a new option that says "Share my account info." This setting will send the user's WhatsApp data to Facebook servers "to improve [their] Facebook experiences." -
Google Will Soon Let You Know By Default When Websites Are Unencrypted (softpedia.com)
An anonymous reader writes: Permanent changes are planned for future Google Chrome releases, which will add a big shiny red cross in the URL bar if the website you're accessing is not using HTTPS. Google says it is planning to add this to Chrome by the end of 2016, after one of its developers proposed the idea back in December 2014. Many have argued that the web is predominantly unencrypted, so they're displaying a persistent and ambiguous error message for a large portion of the Internet. Since unencrypted content is not an error state, the Chrome team should use alternate iconography, because the default error message this will just confuse average people, and it will encourage error blindness. -
Oracle To Drop Java Browser Plugin In JDK 9 (softpedia.com)
An anonymous reader writes: After Mozilla said in October that it would stop supporting Firefox plugins on the older NPAPI technology, Oracle had no choice now but to announce the deprecation of the Java browser plugin starting with the release of the JDK version 9, which is set for release in March 2017, and developers are urged to start using the Java Web Start pluginless technology instead. Security issues also had a big part in Java's demise. -
Android Ransomware Threatens To Share Your Browsing History With Your Friends (symantec.com)
An anonymous reader writes: The newly discovered Lockdroid ransomware is unique in two ways. First it uses perfectly overlaid popups to trick users into giving it admin privileges. This trick works on devices running Android versions prior to 5.0 (Lollipop), which means 67% of all Android smartphones. Secondly, after it encrypts files and asks for a ransom, it also steals the user's browsing history and contacts list, and blackmails the user to pay the ransom, or his browsing history will be forwarded to his contacts. -
Malware Operator Barters With Security Researcher To Remove Open Source Ransomware Code (softpedia.com)
An anonymous reader writes: The author of the Magic ransomware strain has agreed to release all decryption keys for free if Utku Sen, a Turkish security researcher, takes down his Hidden Tear open-source ransomware project from GitHub. Sen has released multiple open source ransomware projects, which contained backdoors and encryption flaws. The flaws disrupted the plans of several ransomware operators. This particular ransomware author is Russian, while Sen is Turkish, so just like Putin and Erdogan, the two struggled to come to an agreement. Utku Sen finally agreed to take down the Hidden Tear repository in three days, while the author of the Magic ransomware will provide all the encryption keys for free for the next 15 days.