Slashdot Mirror

← Back to Domains

Domain: softpedia.com

Stories and comments across the archive that link to softpedia.com.

Stories · 480

  1. Ransomware Hits Three Indian Banks, Causes Millions In Damages (malwarebytes.org)

    Yro · Crime · · posted by timothy · from the pretty-soon-talking-real-money dept. · 76 comments
    An anonymous reader writes: Ransomware has locked computers in three major Indian banks and one pharmaceutical company. While the ransom note asks for 1 Bitcoin, so many computers have been infected that damages racked up millions of dollars. According to an antivirus company that analyzed the ransomware, it's not even that complex, and seems the work of some amateur Russians.

  2. Open-Source Ransomware Abused For the Second Time In Real-Life Infections (softpedia.com)

    It · Opensource · · posted by timothy · from the dark-side-wins-some-rounds dept. · 100 comments
    An anonymous reader writes: After the Hidden Tear (open-source) ransomware code was used to create the Cryptear.B ransomware, now the EDA2 open-source project was used in the same way to create the Magic ransomware. Both projects were created by the same guy. While he left an encryption flaw for Hidden Tear, he didn't for EDA2, relying on a backdoor in the ransomware's admin panel, which he planned to use to steal the encryption keys from the ransomware authors, if they ever used his tool. Unfortunately, the ransomware's C&C servers were on a free hosting service, and someone reported the account. All the data has been deleted from the servers, there's no backup, the backdoor account is useless, and victims have no way of recovering their files.

  3. IoT Security Is So Bad, There's a Search Engine For Sleeping Kids (arstechnica.com)

    Search · Communications · · posted by timothy · from the what-about-for-active-coffee-makers? dept. · 127 comments
    An anonymous reader writes: Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams. The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, front gardens, back gardens, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores. While IoT manufacturers are to blame, this also highlights the creepy stuff you can do with Shodan these days. At the start of January, Check Point recommended companies to block Shodan's crawlers. The infosec community came to defend Shodan, and even its founder said that Shodan is uselessly branded as a tool of evil, saying that attackers have their own scanning tools.

  4. Hot Potato Exploit Gives Attackers the Upper Hand On Multiple Windows Versions

    Tech · Security · · posted by timothy · from the here-you-take-it dept. · 127 comments
    An anonymous reader writes: By chaining together a series of known Windows security flaws, researchers from Foxglove Security have discovered a way to break into almost all of Microsoft's recent versions of Windows. The exploit, named Hot Potato, relies on three different types of attacks, some of which were discovered back at the start of the new millennium, in 2000. Going through these exploits one by one may take attackers from minutes to days, but if successful, the attacker can elevate an application's permissions from the lowest rank to system-level privileges. All of these security flaws have been left unpatched by Microsoft, with the explanation that by patching them, the company would effectively break compatibility between the different versions of their operating system.

  5. Symantec Disavows Business Partner Caught Running a Tech Support Scam (malwarebytes.org)

    Yro · Crime · · posted by timothy · from the one-hand-washing-the-other dept. · 85 comments
    An anonymous reader writes: Malwarebytes has caught one of Symantec's resellers running a tech support scam that was scaring users into thinking they were infected with malware and then graciously offering to sell Symantec's security software at inflated rates. Malwarebytes played along with their scam and found out the company behind it was Silurian Tech Support, located somewhere in North India. Symantec told El Reg that it terminated the reseller's contract and will work with law enforcement to defend its brand and intellectual property.

  6. Cyber-Scammers Steal €50 Million From Austrian Airplane Manufacturer (softpedia.com)

    Yro · Crime · · posted by samzenpus · from the worst-practices dept. · 39 comments
    An anonymous reader writes: FACC Operations GmbH, an Austrian company that produces various airplane parts for companies like Airbus and Boeing, has announced a cyber-incident during which cyber-fraudsters managed to steal around €50 million from their bank accounts. While CEO Fraud attacks manage to steal a few thousand dollars here and there, never has a company lost so much cash liquidity in one incident. Stock price took a tumble immediately.

  7. Microsoft Asks Node.js To Allow ChakraCore (Edge) Alongside Google's V8 Engine (softpedia.com)

    Tech · Microsoft · · posted by samzenpus · from the add-please dept. · 146 comments
    campuscodi writes: Microsoft has submitted an official pull request to the Node.js project, through which it's asking the project's maintainers to enable support for ChakraCore, the JavaScript engine packed inside Microsoft's Edge browser, as an alternative to Node's built-in V8 engine, developed by Google. Earlier in December 2015, Microsoft open-sourced ChakraCore. Microsoft has also been one of the biggest companies to adopt Node.js early on, and is also part of the Node.js Foundation's Board o Directors. The main reason to add ChakraCore support in Node.js will help the IoT version of Windows 10 to run JS apps on IoT devices, just like Samsung is also thinking about.

  8. Backdoor Account Found On Devices Used By White House, US Military (sec-consult.com)

    Yro · Government · · posted by timothy · from the nothing-to-worry-about dept. · 166 comments
    An anonymous reader writes: A hidden backdoor account was discovered embedded in the firmware of devices deployed at the White House and in various US Military strategic centers, more precisely in AMX conference room equipment. The first account was named Black Widow, and after security researchers reported its presence to AMX, the company's employees simply renamed it to Batman thinking nobody will notice. AMX did remove the backdoor after three months. In its firmware's official release notes, AMX claimed that the two accounts were only used for debugging, just like Fortinet claimed that its FortiOS SSH backdoor was used only internally by a management protocol.

  9. New Linux Trojan Can Spy on Users by Taking Screenshots and Recording Audio (drweb.com)

    It · Security · · posted by Soulskill · from the take-care-when-yelling-sensitive-personal-information-at-the-screen dept. · 130 comments
    An anonymous reader writes: Dr.Web, a Russian antivirus maker, has detected a new threat against Linux users: the Linux.Ekoms.1 trojan. It includes functionality that allows it to take screenshots and record audio. While the screenshot activity is working just fine, Dr.Web says the trojan's audio recording feature has not been turned on, despite being included in the malware's source code. "All information transmitted between the server and Linux.Ekoms.1 is encrypted. The encryption is initially performed using the public key; and the decryption is executed by implementing the RSA_public_decrypt function to the received data. The Trojan exchanges data with the server using AbNetworkMessage."

  10. Report: First Ubuntu Tablet To Be Unveiled At MWC 2016 (softpedia.com)

    Hardware · Ubuntu · · posted by Soulskill · from the no-word-on-Ubuntu-Glass dept. · 63 comments
    prisoninmate writes: Canonical has been working on expanding the capabilities of Ubuntu Touch for a long time now, and it appears the company will reportedly unveil the first dedicated Ubuntu tablet device this year, during the upcoming Mobile World Congress 2016 event. Canonical has been working on implementing support for X11 apps on its Ubuntu mobile operating system, allowing users to run any graphical software that is currently in the Ubuntu repositories, such as GIMP or Firefox.

  11. Report: First Ubuntu Tablet To Be Unveiled At MWC 2016 (softpedia.com)

    Hardware · Ubuntu · · posted by Soulskill · from the no-word-on-Ubuntu-Glass dept. · 63 comments
    prisoninmate writes: Canonical has been working on expanding the capabilities of Ubuntu Touch for a long time now, and it appears the company will reportedly unveil the first dedicated Ubuntu tablet device this year, during the upcoming Mobile World Congress 2016 event. Canonical has been working on implementing support for X11 apps on its Ubuntu mobile operating system, allowing users to run any graphical software that is currently in the Ubuntu repositories, such as GIMP or Firefox.

  12. Yahoo Fixes Bug That Could Compromise Email Accounts When Opening an Email (klikki.fi)

    Tech · Yahoo · · posted by Soulskill · from the monthly-major-xss-vulnerability dept. · 37 comments
    An anonymous reader writes: Yahoo! has fixed a cross-site scripting bug that would have allowed attackers to fully compromise email accounts just by sending a malicious email. To lose control over their accounts, victims needed only to open the email. The researcher who discovered the bug said, "The code would be automatically evaluated when the message was viewed. ... We provided Yahoo with a proof of concept email that would forward the victim user's inbox to an external website, and an email virus which infects the Yahoo Mail account and attaches itself to all outgoing emails. The bug was fixed before any known exploits 'in the wild.'" Yahoo!'s bounty program awarded $10,000 for the research.

  13. Tracking Protection In Wi-Fi Networks Coming Soon To Linux

    Tech · Networking · · posted by timothy · from the clear-your-mac-and-your-cookies dept. · 112 comments
    prisoninmate writes: Fedora contributor and NetworkManager developer Lubomir Rintel explains how your devices are being identified on a network by a unique number that most of us know by the name of MAC address. Same goes for mobile networking, as your laptop's or mobile phone's MAC address is, in most cases, broadcasted everywhere you go before you even attempt a connection to a wireless network. And that's a problem for your privacy. The solution? Randomization of the MAC address while scanning for Wi-Fi networks. Apple is already using this method on iOS 8 and later mobile operating systems, and so is Microsoft in Windows 10, so Linux users will ["likely"] get it in the upcoming NetworkManager 1.2 release.

  14. LastPass Vulnerable To Extremely Simple Phishing Attack (softpedia.com)

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 146 comments
    An anonymous reader writes: Security researcher Sean Cassidy has developed a fairly trivial attack on the LastPass password management service that allows attackers an easy method for collecting the victim's master password. He developed a tool called LostPass that automates phishing attacks against LastPass, and even allows attackers to collect password vaults from the LastPass API.

  15. Casino Sues Security Firm For Failing To Contain Malware Infection (softpedia.com)

    It · Security · · posted by samzenpus · from the keeping-it-cool dept. · 50 comments
    An anonymous reader writes: US casino chain Affinity Games is suing Trustwave Holdings, a cyber-security vendor that was brought in to investigate a card breach but failed to detect and stop a malware incident on Affinity's servers, which led to the escalation of a previous card breach. The casino chain noticed the sloppy job a few months later when it hired a penetration testing company to comply with new gaming regulation. Mandiant was brought in to mop up Trustwave's job later on. Affinity is now suing for $100,000 (or more) in damages.

  16. Fedora Linux Might Drop Incremental Upgrades (happyassassin.net)

    Linux · Opensource · · posted by Soulskill · from the how-to-save-an-hour-a-year dept. · 91 comments
    prisoninmate writes: As you might know, Fedora and many other GNU/Linux distributions require users to do an incremental upgrade when attempting to move from an older version of the operating system to the most recent one. For example, if you want to upgrade from Fedora 21 to Fedora 23, you will have first to upgrade to Fedora 22. Lately, Fedora upgrades have become more stable and reliable, mostly because of some brand-new technologies, such as the DNF package manger. Fedora's Adam Williamson theorizes about an innovative method that might support official upgrade of the Fedora Linux operating system across two releases in the future.

  17. Cryptsy Bitcoin Trader Robbed, Blames Backdoor In the Code of a Wallet (softpedia.com)

    Yro · Bitcoin · · posted by timothy · from the speculation-runs-rife dept. · 90 comments
    An anonymous reader writes: Cryptsy, a website for trading Bitcoin, Litecoin, and other smaller crypto-currencies, announced a security incident, accusing the developer of Lucky7Coin of stealing 13,000 Bitcoin and 300,000 Litecoin, which at today's rate stands more than $5.7 million / €5.2 million. Cryptsy says "the developer of Lucky7Coin had placed an IRC backdoor into the code of [a] wallet, which allowed it to act as a sort of a Trojan, or command and control unit." Coincidentally this also explains why two days after the attack was carried out, exactly 300,000 Litecoin were dumped on the BTC-e exchange, driving Litecoin price down from $9.5 to $2.

  18. "DDoS-For-Bitcoin" Blackmailers Arrested (softpedia.com)

    Yro · Bitcoin · · posted by samzenpus · from the throw-away-the-key dept. · 27 comments
    An anonymous reader writes: The DDoSing outfit that spawned the trend of "DDoS-for-Bitcoin" has been arrested by Europol in Bosnia Herzegovina last month. DD4BC first appeared in September 2015, when Akamai blew the lid on their activities. Since then almost any script kiddie that can launch DDoS attacks has followed their business model by blackmailing companies for Bitcoin.

  19. Zero-Day Vulnerability Discovered In FFmpeg Lets Attackers Steal Files Remotely

    It · Bug · · posted by timothy · from the which-point-in-the-stack dept. · 72 comments
    prisoninmate writes: A zero-day vulnerability in the FFmpeg open-source multimedia framework, which is currently used in numerous Linux kernel-based operating systems and software applications, also for the Mac OS X and Windows platforms, has been discovered recently by Russian programmer Maxim Andreev in the current stable builds of the software. It appears to let anyone with the necessary skills hack a computer to read local files on a remote machine and send them over the network using a specially crafted video file. Arch Linux devs already rebuilt their FFmpeg packages without the AppleHTTP and HLS demuxers.

  20. EU Companies Can Monitor Employees' Private Conversations While At Work (softpedia.com)

    Yro · Eu · · posted by timothy · from the whose-time-whose-dime dept. · 127 comments
    An anonymous reader writes: A recent ruling of the European Court of Human Rights has granted EU companies the right to monitor and log private conversations that employees have at work while using the employer's devices. The ruling came after a Romanian was fired for using Yahoo Messenger back in 2007, while at work, to have private conversations with his girlfriend. He argued that his employer was breaking his right for privacy and correspondence. Both Romanian and European courts disagreed.

  21. Verizon Accused of Helping Spammers By Routing Millions of Stolen IP Addresses (spamhaus.org)

    Tech · Verizon · · posted by Soulskill · from the turning-a-blind-IP dept. · 120 comments
    An anonymous reader writes: Spamhaus, an international non-profit organization that hunts down spammers, is accusing Verizon of indifference and facilitation of cybercrime because it failed for the past six months to take down stolen IP routes hosted on its network from where spam emails originated. Spamhaus detected over 4 million IP addresses, mainly stolen from China and Korea, and routed on Verizon's servers with forged paperwork. Spamhaus says, "For a start, it seems very strange that a large US-based ISP can be so easily convinced by abusers to route huge IP address blocks assigned to entities in the Asian-Pacific area. Such blocks are not something that can go unnoticed in the noise of everyday activity. They are very anomalous, and should call for an immediate accurate verification of the customer. Internal vetting processes at large ISPs should easily catch situations so far from normality."

  22. Smartwatches Can Be Used To Spy On Your Card's PIN Code (softpedia.com)

    It · Security · · posted by samzenpus · from the lucky-numbers dept. · 50 comments
    An anonymous reader writes: A researcher has developed a smartwatch app that can interpret hand motions and translate the movements to specific keystrokes on 12-key keypads, like the ones used at ATMs. The app sends the data to a nearby smartphone, which then relays it to a server, for analysis. The whole AI algorithm on which it's built has a 73% accuracy for touchlogging events, and 59% for keylogging. The entire code is on GitHub, along with his research paper, and a YouTube video.

  23. 'Get Windows 10' Turns Itself On and Nags Win 7 and 8.1 Users Twice a Day (infoworld.com)

    Tech · Windows · · posted by Soulskill · from the no-means-no-microsoft dept. · 720 comments
    LichtSpektren writes: As you may recall, Microsoft has delivered KB3035583 as a 'recommended update' to users of Windows 7 and 8.1. What this update does is install GWX ("Get Windows 10"), a program which diagnoses the system to see if it is eligible for a free upgrade to Windows 10, and if so, asks the user if they would like to upgrade (though recently, the option to decline has been removed). Some users have gotten around this by editing Windows Registry values for "AllowOSUpgrade", "DisableOSUpgrade", "DisableGWX", and "ReservationsAllowed" in order to disable the prompt altogether. This advice was endorsed by Microsoft on their support forums.

    According to a report by Woody Leonhard at InfoWorld, the newest version of the KB3035583 update includes a background process which scans the system's Windows Registry twice a day to see if the values for the four aforementioned registry inputs were manually edited to disable the upgrade prompt. If they were, the process will alter the values, silently re-download the Windows 10 installation files (about 6 GB in total), and prompt the user to upgrade.

  24. Nvidia GPUs Can Leak Data From Google Chrome's Incognito Mode (softpedia.com)

    News · Chrome · · posted by Soulskill · from the edge-cases-abound dept. · 148 comments
    An anonymous reader writes: Nvidia GPUs don't clear out memory that was previously allocated, and neither does Chrome before releasing memory back to the shared memory pool. When a user recently fired up Diablo 3 several hours after closing an Incognito Mode window that contained pornography, the game launched with snapshots of the last "private" browsing session appearing on the screen — revealing his prior activities. He says, "It's a fairly easy bug to fix. A patch to the GPU drivers could ensure that buffers are always erased before giving them to the application. It's what an operating system does with the CPU RAM, and it makes sense to use the same rules with a GPU. Additionally, Google Chrome could erase their GPU resources before quitting."

  25. Linux Kernel 4.4 LTS Officially Released

    Linux · Opensource · · posted by timothy · from the happy-new-year! dept. · 132 comments
    prisoninmate writes: January 10, 2016, will enter in the Linux history books as the day when the Linux kernel 4.4 LTS (Long-Term Support) has been officially released by Linus Torvalds and his team of hard working kernel developers. Prominent features of Linux kernel 4.4 LTS include 3D support in the virtual GPU driver, allowing for 3D hardware-accelerated graphics in virtualization guests, a leaner and faster loop device that supports Asynchronous I/O and Direct I/O, thus increasing the system's performance and saving memory, and support for Open-Channel Solid State Drives (SSDs) through LightNVM. Phoronix also took a look during the newest kernel's development cycle, and has an overview of 4.4's new features.

  26. Crypto Guru David Chaum's Private Communications Network Comes With a Backdoor (softpedia.com)

    Yro · Communications · · posted by timothy · from the perfect-for-your-carnivore-word-salad dept. · 179 comments
    An anonymous reader writes: David Chaum, father of many encryption protocols, has revealed a new anonymity network concept called PrivaTegrity. Chaum, on who's work the Onion protocol was based, created a new encryption protocol that works as fast as I2P and the Onion-Tor combo, but also has better encryption. The only downside, according to an interview, is that he built a backdoor into the darn thing, just to please governments. He says that he's not going to use the backdoor unless to unmask crime on the Dark Web. Here's the research paper (if you can understand anything of it).

  27. FTC Fines Software Vendor Over False Data Encryption Claims (softpedia.com)

    Yro · Crime · · posted by timothy · from the could-have-been-golf-ball-detectors dept. · 37 comments
    An anonymous reader writes: The US Federal Trade Commission (FTC) has fined a software vendor for lying about its product's encryption capabilities, despite being publicly warned by US Computer Emergency Readiness Team (CERT) not to do so. The software vendor is Henry Schein, who deliberately ignored CERT and FTC warnings and continued to sell its CRM for dentists, even if it knew it did not comply with HIPAA rules. The vendor got "only" a $250,000 fine.

  28. Uncooperative Russian ISP Prevents Cisco From Shutting Down Cybercriminal Gang

    · posted by ryuzaki0 · from the money-is-involved dept. · 122 comments
    An anonymous reader writes: Cisco's Talos research team has managed to identify and partially shut down a cyber-criminal group that is using the RIG exploit kit to infect users with spambots via a malvertising campaign. Their investigation led them back to Russian ISP Eurobyte, who didn't bother answering critical emails and allowed the campaign to go on even today. In October 2015, Cisco's researchers also thwarted the activity of another group of cyber-criminals that made around $30 million from distributing ransomware.

  29. Oracle Brings Real-Time Kernel Patching To Oracle Enterprise Linux

    Developers · Oracle · · posted by timothy · from the any-old-time-you-want dept. · 52 comments
    prisoninmate writes: Oracle's Unbreakable Enterprise Kernel (UEK) Release 4 is an important engineering effort and introduces performance improvements and enhancements for some of the most essential components, including CPU schedulers and Automatic NUMA Balancing, along with powerful new features, such as real-time kernel patching, which is possible thanks to the Ksplice open-source extension of the Linux kernel 4 branch, which lets users to apply patches to the running kernel without the need to reboot the system, thus improving security and simplify the management of cloud infrastructures.

  30. Oracle Named Database of the Year, MongoDB Comes In Second (softpedia.com)

    Developers · Database · · posted by Soulskill · from the headlines-from-a-parallel-universe dept. · 122 comments
    An anonymous reader writes: Oracle's database management system has seen the biggest rise in terms of popularity in the past year. Oracle didn't only see a rise in the number of deployed instances, job offerings and mentions on LinkedIn profiles, but for the first time also became a popular topic on Twitter and a constant mention on StackOverflow, a popular Q&A support forum for developers. Second on DB-Engine's popularity list was MongoDB, which barely missed winning the DBMS of the Year award for the third time in a row.

  31. Mozilla Is Developing an IoT Board Powered By Firefox OS (softpedia.com)

    Tech · Mozilla · · posted by samzenpus · from the try-it-out dept. · 84 comments
    prisoninmate writes: An SBC called Chirimen was designed from the outset to use web browser technologies in various science projects by extending the I2C and GPIO WebAPIs to control devices powered by Mozilla's Firefox OS 2.0 and higher operating system. As such, Web developers can easily use browser technologies to develop awesome things. The board is developed by MozillaFactory.org in Japan.

  32. Drupal Update Process Flawed By Multiple Bugs (softpedia.com)

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 55 comments
    An anonymous reader writes: The Drupal CMS, a favorite with large enterprises, has a few bugs in its update process, affecting both the Drupal core update and its modules. The biggest flaw of the three discovered by IOActive researchers allows an attacker to take over the sites via poisoned updates. What's worse is that Drupal's team had known of this issue since 2012, but only recently reopened discussions on fixing the problem.

  33. Android-Based Smart TVs Aren't That Smart When You Install Malware On Them (softpedia.com)

    Entertainment · Tv · · posted by timothy · from the feed-them-a-few-ted-talks dept. · 89 comments
    An anonymous reader writes: Smart TVs running older versions of the Android operating system are being infected with malware that was specifically built to target smart TVs. Infections occur via applications downloaded from a series of sites ran under the H.TV brand. These are websites that offer applications specifically built for Android smart TVs that allow users to watch TV channels from other regions of the globe. As usual, these apps are side-loaded from unofficial app stores. Fortunately, it's not a smart TV ransomware.

  34. New HTTPS Bicycle Attack Reveals Details About Passwords From Encrypted Traffic (softpedia.com)

    Yro · Encryption · · posted by samzenpus · from the protect-ya-neck dept. · 78 comments
    campuscodi writes: Dutch security researcher Guido Vranken has published a paper [PDF] in which he details a new attack on TLS/SSL-encrypted traffic, one that can potentially allow attackers to extract some information from HTTPS data streams. Attackers could extract the length of a password from TLS packets, and then use this information to simplify brute-force attacks. The new HTTPS Bicycle Attack can also be used retroactively on HTTPS traffic logged several years ago. Hello NSA!

  35. Exploit Vendor Zerodium Puts $100,000 Bounty On Flash's New Security Feature (softpedia.com)

    News · Money · · posted by Soulskill · from the all-about-the-benjamins dept. · 57 comments
    An anonymous reader writes: Zerodium, the company that buys zero-day bugs from security researchers and then sells them forward to government intelligence agencies, has put out a new bounty, this one on Adobe's Flash Player. The exploit vendor is offering $100,000 to the first researcher that finds a similar zero-day bug, capable of avoiding Flash's newly-released isolated heap memory protection feature. Previously, Zerodium offered $1 million to a security researcher for a zero-day bug in Apple's iOS 9 operating system.

  36. First Node.js-Powered Ransomware Discovered (softpedia.com)

    It · Security · · posted by samzenpus · from the protect-ya-neck dept. · 69 comments
    An anonymous reader writes: A security researcher from Emsisoft has discovered a new ransomware family coded via NW.js (formerly Node-WebKit). Why is it unique? Because it is the first of its kind to use JavaScript for the ransomware's source code, it provides cross-OS support (we may see the first universal Windows-Linux-Mac ransomware in the future), and because the security researcher describes it as "successor of CryptoLocker" when it comes to encryption quality. The ransomware, Ransom32, is offered as a RaaS service on the Dark Web, only targets Windows machines in its first version, and is currently undecryptable.

  37. Coding Styles Survive Binary Compilation, Could Lead Investigators Back To Programmers (princeton.edu)

    Yro · Programming · · posted by Soulskill · from the making-a-list-and-checking-it-twice dept. · 164 comments
    An anonymous reader writes: Researchers have created an algorithm that can accurately detect code written by different programmers (PDF), even if the code has been compiled into an executable binary. Because of open source coding repositories like GitHub, state agencies can build a database of all developers and their coding styles, and then easily compare the coding style used in "anti-establishment" software to detect the culprit. Despite all the privacy implications this research may have, the algorithm can also be used by security researchers to track down malware authors. We also discussed an earlier phase of this research.

  38. AVG Forces Chrome Extension On Users, Extension Is Woefully Insecure (google.com)

    It · Chrome · · posted by samzenpus · from the protect-ya-neck dept. · 170 comments
    An anonymous reader writes: The AVG Web TuneUp Chrome extension, forcibly added to Google Chrome browsers when users were installing the AVG antivirus, had a serious flaw that allowed attackers to get the user's browsing history, cookies, and more. "This extension adds numerous JavaScript APIs to Chrome, apparently so that they can hijack search settings and the new tab page," explains Mr. Ormandy. "The installation process is quite complicated so that they [AVG] can bypass the Chrome [Store] malware checks, which specifically tries to stop abuse of the [Chrome] Extension API." Simple XSS and MitM attacks expose data from other tabs opened in the browser, browsing history, and even manage to render SSL useless.

  39. ProxyBack Malware Turns Infected Computers into Internet Proxies (softpedia.com)

    It · Botnet · · posted by samzenpus · from the resistance-is-futile dept. · 71 comments
    An anonymous reader writes: A new malware family called ProxyBack infects PCs and transforms them into a Web proxy. ProxyBack malware works by infecting a PC, establishing a connection with a proxy server controlled by the attackers, from where it receives instructions, and later the traffic it needs to route to actual Web servers. Each machine infected with ProxyBack works as a bot inside a larger network controlled by the attackers, who send commands and update instructions via simple HTTP requests. Some of the people infected with this malware, mysteriously found their IP listed on the buyproxy.ru Web proxy service.A technical write-up of the infection steps and various malware commands is available on the Palo Alto Networks blog.

  40. Core Bitcoin Devs Leave Project, Create New Currency Called Decred (softpedia.com)

    Developers · Bitcoin · · posted by timothy · from the tough-row-to-hoe dept. · 122 comments
    An anonymous reader writes: Core developers in the Bitcoin project have left and started a new currency called Decred. Developers are citing a lack of transparency and a conflict of interests between the group that funds the actual Bitcoin software development, and the decisions taken inside the project. Jacob Yocom-Piatt, CEO at Company 0, who has funded development of Bitcoin since early 2013: "This is in part due to a lack of mechanisms and pathways for funding development work directly from the community, and as a result Bitcoin development is funded by external entities that create conflicts of interest between the developers and the representative power of the community that uses Bitcoin."

  41. Pwnd Aethra Routers Used To Brute-Force WordPress Sites (voidsec.com)

    It · Security · · posted by timothy · from the malice-in-multiple dept. · 27 comments
    An anonymous reader writes: Security researchers found around 8,000 Aethra routers (with no admin passwords) as part of a botnet that attacked WordPress sites, trying to brute-force admin accounts. Most routers were deployed in enterprise networks in Italy. Each device could have be used to launch DDoS attacks with a capability between 1 to 10 Gbps, based on the company's bandwidth. Things could be worse, though: Additional investigation also revealed that some of the routers were also susceptible to various reflected XSS and CSRF attacks that would also allow attackers to take control of the device, even if using different login credentials. Using Shodan, a search engine for locating Internet-connected devices, researchers found over 12,000 of Aethra routers around the world, 10,866 in Italy alone, and over 8,000 of these devices were of the model detected in the initial brute-force attack (Aethra Telecommunications PBX series). At that time, 70% of these Aethra routers were still using their default login credentials

  42. Somebody Tried To Convince a Raspberry Pi Exec To Install Malware On Its Devices (softpedia.com)

    News · Security · · posted by Soulskill · from the makes-you-wonder-what-companies-say-yes dept. · 119 comments
    An anonymous reader writes: Liz Upton, Director of Communications for the Raspberry Pi Foundation, has just published an email where someone was asking how much would it cost them for the Foundation to install malware on its devices in the form of a .EXE file. The email sender was asking for a PPI [price per install] quote.

  43. PhantomSquad Hackers Begin Their Xmas DDoS Attacks By Taking Down EA Servers (softpedia.com)

    Games · Games · · posted by timothy · from the bad-childhoods dept. · 127 comments
    An anonymous reader writes: The hacking crew was not kidding about their Christmas DDoS attacks on Xbox & PSN. This morning the group started warmup attacks on the EA network, taking it down for 3 hours. The attacks were severe enough to take down the network completely, and EA issued apologies on its Twitter account. Phantom Squad is now carrying out DDoS attacks on PSN. Users started reporting outages in small areas around the world.

  44. Man Arrested For Hacking 130 Celebrities (softpedia.com)

    Yro · Crime · · posted by samzenpus · from the crime-doesn't-pay dept. · 82 comments
    An anonymous reader writes: A man was arrested after trying to sell Hollywood movie scripts and social security numbers to an undercover DHS agent. The hacker known online as Jeff Moxey managed to hack the computers of 130 celebrities, from where he stole, besides scripts, nude pics and sexually-explicit videos. "The scope of the crime here is potentially quite large," Assistant U.S. Attorney Kristy Greenberg said, adding that the investigation began a few weeks ago.

  45. Porting Ubuntu For Raspberry Pi 2 Just Got a Lot Easier (softpedia.com)

    News · Ubuntu · · posted by Soulskill · from the your-way-right-away dept. · 32 comments
    prisoninmate writes: Ubuntu Pi Flavour Maker is an open source tool, a shell script that lets anyone port any of the official or unofficial Ubuntu Linux flavors for the Raspberry Pi 2. Ubuntu Pi Flavour Maker is officially supported on the Ubuntu, Ubuntu MATE, Kubuntu, Lubuntu, Xubuntu and Ubuntu GNOME flavors, and uses the traditional apt and dpkg package management systems from Debian GNU/Linux.

  46. Oracle Settles FTC Charges Regarding Deceptive Java Security Updates (ftc.gov)

    Developers · Oracle · · posted by timothy · from the why-didn't-they-use-a-crystal-ball dept. · 33 comments
    An anonymous reader writes: The FTC and Oracle have come to an agreement regarding Oracle's deceptive Java security updates, which only removed recent versions of vulnerable Java SE, but left behind older, insecure versions. Oracle got away without a fine, but will have to overhaul its Java update process to remove older versions as well.

  47. Deadline for Better Encryption on Payment Systems Pushed Back Two Years (pcisecuritystandards.org)

    It · Security · · posted by samzenpus · from the we'll-get-to-it-later dept. · 91 comments
    An anonymous reader writes: The Payment Card Industry Security Standards Council (PCI SSC) has announced (PDF) that it will push back the mandatory implementation of TLS 1.1+ encryption, over the very insecure SSL 3.0 and TLS 1.0 protocols, subject to POODLE attacks. PCI SSC cites "complications" that may come from dealing with EMV chip&PIN cards in the US, the new mobile payment platforms, and browser upgrades for the insecure SHA-1 algorithm.

  48. Facebook Replaces Flash With HTML5 For Videos (facebook.com)

    News · Facebook · · posted by samzenpus · from the flash-in-the-dust-pan dept. · 76 comments
    An anonymous reader writes: Facebook announced that it officially replaced Flash with HTML5 for its video player. They made the change because of security reasons, but developers also found it easier to work with — it led to quicker turnarounds for site-wide changes, and had better integration with code testing platforms. Facebook reports that user engagement has gone up since the switch was made.

  49. Israeli Firm Creates a Device That Can Hack Any Nearby Phone (softpedia.com)

    Yro · Cellphones · · posted by samzenpus · from the one-bad-apple dept. · 143 comments
    An anonymous reader writes: Israeli startup Rayzone created a device that can hack any smartphone that has its WiFi connection open. The device can steal passwords, files, contact lists, photos, and various others. Called InterApp, the device is dumb-proof (comes with a shiny admin panel), works on hundreds of devices at the same time, and leaves no forensics traces behind after the hack. The company says it will only sell it to law enforcement agencies.

  50. New Outlook Bug Doesn't Require Users To Interact With Emails To Be Compromised (softpedia.com)

    Tech · Bug · · posted by timothy · from the just-positioned dept. · 102 comments
    An anonymous reader writes: A new bug in Outlook allows attackers only to send you an email, and without clicking or downloading attachments, a user's computer can be compromised. The bug [PDF] is because Outlook allows Flash objects to be previewed without a sandbox. Flash files are demon spawns and attackers can put exploits in malicious files, which when previewed or viewed inside an Outlook application will automatically execute their payload.