Items tagged with security

A terrorist attack in the UK has sparked a debate over whether encrypted services should provide backdoor access to law enforcement. The terrorist, Khalid Masood, killed four people in Westminster. It is believed that Masood used the encrypted communication service WhatsApp just minutes before the attack. That prompted UK's house secretary Amber Rudd to pressure WhatsApp and other services to rethink their approach to encryption."It is completely unacceptable, there should be no place for terrorists to hide. We need to make sure that organizations like WhatsApp, and there are plenty of others like... Read more...
Apple is not going to play ball with a group of hackers that is threatening to remotely wipe hundreds of millions of iPhone devices if the Cupertino outfit refuses to pay a ransom. While the hackers claim to have a large cache of iCloud and other Apple email account data at their disposal, Apple insists that its systems and servers remain secure and have not been infiltrated."There have not been any breaches in any of Apple's systems including iCloud and Apple ID," an Apple spokesperson told multiple media outlets. "The alleged list of email addresses and passwords appears to have been obtained... Read more...
Security researchers at Cybellum, a PC security firm in Tel Aviv, Israel, have discovered a rather nasty new zero-day attack that allows remote attackers to hijack popular antivirus programs and turn them into malicious agents. The technique is called DoubleAgent, named after the fact that a compromised antivirus agent might give the illusion that it's protecting a PC when it's actually installing malware. "DoubleAgent exploits a 15 year old vulnerability which works on all versions of Microsoft Windows, starting from Windows XP right up to the latest release of Windows 10. The sad, but plain fact... Read more...
Bitcoin seems to be the currency of choice when it comes to demanding ransoms, and that is because culprits demanding payment can hide behind a pseudonym (Bitcoin itself is not actually anonymous). So it is no surprise that a hacking organization has instructed Apple to fork over a Bitcoin ransom in exchange for not leaking a cache of iCloud and other Apple email accounts belonging to hundreds of millions of iPhone owners.The hackers call themselves the "Turkish Crime Family." In addition to accepting Bitcoin, the group has told Apple it would also be fine with being paid in Ethereum, which is... Read more...
There are many different methods of hacking. Most of them involve some sort of software code, whether it is installing malware on a system or hacking a vulnerability to gain unauthorized access to a system or device. The Internet of Things (IoT) category is especially susceptible to hacking due to a surprising lack of basic security practices. However, researchers at the University of Michigan discovered a different way of wreaking havoc, and it involves sound waves. What the group of researchers found is that accelerometers can be manipulated through sound. This is called an analog acoustic injection... Read more...
For whatever reason, Samsung had only been doling out security updates to unlocked Galaxy devices every three months in the United States. Given the growing threat landscape and attention being paid to mobile, that meant a Galaxy device owner could conceivably wield an insecure device for a quarter of a year, leaving him or her vulnerable to whatever exploit(s) might exist. Well, good news—Samsung is moving to a monthly schedule. Samsung's mobile security division is now telling inquisitive owners of unlocked Galaxy devices to let them know of its new policy. In its letter, Samsung explained that... Read more...
The usefulness of social networks is undeniable, but the convenience of sharing our daily lives should also be met with some caution. If our data is so easy to find for a regular person, it's going to be an absolute cinch for a bot or nefarious parties. Worrying about having your data siphoned is fairly common and indeed it has happened in various recent report. We're sure it will continue to happen to some degree, regardless systems these networks put into place. Regardless, Facebook has made it known that it is doing all it can to protect the data of its users, resulting in an update to its policies.... Read more...
For over 13 years, Microsoft has been issuing monthly security updates for Windows on what is known as Patch Tuesday, typically the second Tuesday of every month. This month's update would have fell on Valentine's Day, except that Microsoft did something highly unusual—it delayed the Patch Tuesday rollout following the discovery of a "last minute issue that could impact some customers." Now a week later, Microsoft has issued an emergency patch for a flaw in Adobe Flash Player. The out-of-band release pertains to a critical vulnerability in Adobe Flash Player that could allow an attacker to execute... Read more...
Here we go again. For the second time in a mere three months, Google decided to spill the beans on a Windows bug before the engineers in Redmond could release a patch for it. Microsoft has a Google countdown timer to thank for this latest disclosure; one that shows mercy to absolutely no one, or any company. The latest bug affects a key file in Windows' GDI, or Graphics Device Interface, which is responsible for rendering graphics and fonts in Windows applications. We use "latest" lightly here, as this bug, according to Google, was simply never fixed despite having been previously reported. It... Read more...
Businesses are having to contend with a lot more ransomware attacks than ever before. According to SonicWall's 2017 Annual Threat Report, there has been a meteoric rise in ransomware attacks in recent years, going from nearly 4 million attack attempts in 2015 to 638 million in 2016. That is a staggering 167x year-over-year increase with most of the attacks coming from phishing attempts. The good news for businesses is that security outfits are keeping pace with cybercriminals. SonicWall says it would be inaccurate to say that the threat landscape either diminished or expanded or in 2016, saying... Read more...
Take a look at your printer. Give it a good stare. Do you trust it? Probably not, considering it jammed the last time you had to print an important paper right up against a deadline. However, what if we told you that your printer just has to sit there on your network to be a very serious security problem? HP Inc. recently hosted a tech field day for us, and several other security-focused journalists, at their headquarters in Palo Alto. We will speak to some of the panels we listened in on as we go, but the goal for HP at this event was to raise awareness around security - particularly where printers... Read more...
  Newer versions of Windows, including Windows 10 are vulnerable right now to a new Server Message Block (SMB) zero-day exploit that has been shown as a proof-of-concept. The vulnerability was first demonstrated by @PythonResponder and requires a user to connect to a SMBv3 server for a successful attack. Given the severity of the exploit, the U.S. Computer Emergency Readiness Team (US-CERT) has already published an emergency advisory, officially labeling it VU#867968. US-CERT describes the memory corruption vulnerability in detail, noting: Microsoft Windows fails to properly handle traffic... Read more...
Microsoft has a long and somewhat bumpy road in the antivirus field. Even its latest AV solution, Windows Defender, has not always garnered praise, though that is beginning to change. A recent blog post by a security expert who heaped praise on the default security software in Windows has prompted others to come out and speak in favor of using Windows Defender instead of a third-party solution. "At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's... Read more...
When ransomware strikes, its impact could range from mild to severe. Sometimes, ransomware targets regular users, while other times, it targets important mega-corporations (or even police stations). In this latest incident, it affected a hotel, and subsequently ran the risk of affecting all of its guests. Here it is, the downright gorgeous Romantik Seehotel Jägerwirt in Austria. Staying at a place like this is the stuff dreams are made of. It could feel like paradise on Earth; certainly not a place where you'd expect to have to deal with the major hassle of being locked out of your room against... Read more...
1 2 3 4 5 Next ... Last