Items tagged with vulnerability

We can't seem to go a single week without news of a severe vulnerability out there in the wild, and it looks like our streak isn't about to end. Not too long ago, a number of NSA-derived tools were released online, giving us an idea of how desperate the folks at one of the US government's leading intelligence agencies are to get inside targeted PCs. Now, we have to hope that IT managers and system owners alike take updating their OS seriously. This particular family of NSA exploits are being dubbed "DoublePulsar", and they're severe enough to warrant immediate attention to your Windows PCs. Last month, Microsoft released patches to remove the vulnerability, but as we all know too well, most people... Read more...
What's that in the air? Could it be the smell of egg nog and pine? Nope, it's Microsoft Patch Tuesday, of course! This month's rollout is rather large and notable for a number of reasons. However, what matters most is that if you're not up-to-date yet, you'll want to take a little trip to the Windows Update section and take care of business. Speaking of business, the advice to update is imperative for those managing user PCs in the enterprise, as this rollout of patches includes a fix for a huge bug Google disclosed one week ago. This bug, called CVE-2016-7255, is a local privilege escalation flaw that is particularly dangerous, as it's been proven to be actively exploited. If you don't want... Read more...
As unfortunate as it is, it's really hard nowadays to be shocked at the thought of someone getting infected with malware, or even a piece of ransomware (which can now even affect Linux). It is still possible to get shocked though, with Betabot proving it for us. This piece of malicious software doesn't just fetch user data from an infected machine, it also infects the machine with ransomware. Oy. Betabot is arguably one of the worst types of malware out there, as it's effective at getting through security protections to find and take financial information, and then lock the machine up type before leaving, requiring a payment to regain access. As if one of these attacks isn't bad enough; to get... Read more...
If you operate a Web server that runs on Linux, we're here to give you a bit of a prod in case you haven't updated it in a while. A piece of ransomware called FairWare is floating around, and as you'll soon see, its name is ironic as it's anything but "fair". Reports are coming in of users who have been struck with this awful type of malware, although it doesn't seem clear at this point exactly how the infection takes place. It's also not clear if this is some sort of automated attack -- one that simply scans the internet at large and infects where it can -- or if the attacks are focused. Either way, if you are hit with it, you are in for a bad day. Once infected, you'll notice that you no longer... Read more...
We reported earlier this week on a large collection of exploits that have been put up for auction by a group that calls itself Shadow Brokers. The promise was that all of the files were sourced from a secret NSA group called Equation Group, and now, Edward Snowden has released documents to prove that's just the case. This confirmation comes from The Intercept, a website which ultimately came to be as a direct result of Snowden's leaks three summers ago. With this trove of software confirmed to be sourced from the NSA, it raises some big questions. When Shadow Brokers put its collection of exploits up for auction, it took only a couple of days before we found out that there was some real threat... Read more...
We wrote a couple of days ago about a huge treasure trove of alleged NSA-derived exploits that were hitting the market. That gold mine was accessed by a group calling itself Shadow Brokers, and it's been said that their source was Equation Group, which is believed to be an extension of the NSA. At that time, there was no proof that any of the exploits contained in the collection were still valid. Quickly, some noted that a few of the targets were already patched, leading the rest of us to believe that the entire collection came a bit too late. However, anyone who thought that might have to back it up a wee bit, as Cisco has today confirmed that one of the exploits contained within that collection... Read more...
Nothing beats wireless for convenience, but whenever you transmit important data through the air, there's a risk that someone could be nearby, ready to intercept the signals before they reach their destination. If this sounds familiar, it might be because we talked about this very thing earlier this year, when security firm Bastille ousted 'MouseJack', an overly-marketed vulnerability affecting wireless peripherals from major vendors, including Microsoft and Logitech. Well, Bastille is back, this time with 'KeySniffer', another vulnerability (or set of vulnerabilities) that has apparently also deserved its own logo. While it'd be easy to jump to conclusions that Bluetooth is probably at fault... Read more...
With Nintendo's latest game - a mobile one, at that - the company has proven that there is still a lot of innovating to do in the market. While Pokemon GO is based on another title, Ingress, any game is going to have a greater chance of success when it features one of the most popular franchises ever. GO isn't just some regular Pokemon game: it's making the masses realize that augmented reality can be really cool. What's not cool, though, is that popular mobile apps are a hot target for malware. And since Pokemon GO hasn't been released worldwide yet, many have taken to the scarier parts of the Web to score an APK that will allow them to play it right now. As you might imagine, that's bound to... Read more...
It's beginning to look like some rather sophisticated hackers have made their way into Apple's core and crippled iCloud security so severely that some iPhones have essentially been held hostage. A few iPhones here and there might not seem like a big deal, but ultimately, there could be a staggering 40 million iCloud accounts (approximately) at risk here. According to CSO Online, some iPhone users, dating back to February this year, have found their devices compromised, held hostage by Russian hackers. The attack is almost too simple. An iCloud account is broken into (with the help of leaked credentials), and the service's "Find My iPhone" feature is used to put the phone into Lost mode. From... Read more...
We wrote earlier about the kind of success Google has been seeing with its Android bug bounty program -- success that has led the company to actually increase its rewards. Over the years, we've seen other major companies offer bug bounties as well, such as Facebook and Microsoft, so it's clear that they can provide some real value. Could that value be important enough for the US government to get in on the action? It appears that "yes", it certainly can. In a new report from the Pentagon, the groundwork is laid for future programs that target much more than some front-facing websites, which is all that was involved during the Department of Defense's test period of April 18 - May 12 of this year.... Read more...
If you've shopped at Acer's US website at any point between May 12, 2015 and April 28, 2016, you have immediate reason for concern. Acer has just revealed to the California Attorney General's office that its ecommerce servers were hit last spring, and remained vulnerable up until this spring. Unfortunately, this isn't a mere case of someone gaining access to names and addresses - it gets much worse. Acer admits that credit card information could have been fetched by these third parties, which includes not only the credit card number, but also the CCV security code and expiry date. It's not clear at this point if 100% of the credit card digits were revealed, or if some were obfuscated. Either... Read more...
It has been suggested that the microprocessors we use each and every day could pack in a bit more than we bargained for; namely, the tools needed for spying or undetectable access. And unfortunately, according to security researcher and developer Damien Zammit, there's a potential reason to be concerned over the "ME" or Management Engine module found in all Intel chipsets manufactured after the Core 2 era. If you've built your own Intel-based PC in recent years, or have at least reinstalled the OS and needed to install all of the drivers on your own, you've probably noticed a piece of software called "Intel Management Engine". What this corresponds to is a feature in modern Intel chipsets... Read more...
The greatest benefit wireless peripherals offer is what they help cut down on: wires. Fewer wires means that our desktops are easier to keep clean, and we're not kicking wires as often under our desk. It's a win-win overall. Or is it? As with most things convenient, wireless peripherals can suffer exploits just like anything else that's open to a wireless connection. While your keyboard is designed to handshake with an adapter that's plugged into your PC, there's usually nothing stopping the data stream from being intercepted. Though remote, no question, it could be a legitimate attack vector. Researchers at US-based Bastille help prove that supposedly with the announcement of "MouseJack,"... Read more...
It's not often that people feel compelled to side with Google on the topic of privacy, but the company's newest CEO, Sundar Pinchai, gives us a great reason to. As Brandon covered in great detail yesterday, Apple has been ordered by U.S. Magistrate Judge Sheri Pym to provide the FBI access to an iPhone 5c that was used by the terrorists in December's San Bernardino shootings - but, there are a couple of problems with that. Apple insists that the backdoor the U.S. government wants doesn't exist, and CEO Tim Cook rages against the idea that his company should build one for any of its products. If you want to know why he feels this way, he sums it up perfectly with the following statement: People... Read more...
If you're surfing the Internet with a browser (a rarity, we know), there's a new bug to be cautious of. With a bit of simple JavaScript, a browser's HTML5 History API can be called upon thousands of times, ultimately causing a meltdown. Of course, a dedicated website (CrashSafari.com) exists to act as a proof of concept, and of course, there are many trolls out there trying to trick you into visiting it. This prank isn't harmful, but it can still be a major nuisance. In a rare case, it could cause you to have to reboot, and almost always, it will cause you to lose your open tabs (unless you have a default set that loads each time.) While the proof of concept site mentioned above targets Safari,... Read more...
2015 has proven to be a massive year for Adobe's Flash plugin, but for all the wrong reasons. Flash is already infamous for being one of the most vulnerable pieces of software on the planet, but in 2015, 316 bugs were found and squashed. That comes out to about 6 bugs per week for a piece of software that's used by the vast majority of notebook and desktop users. What's most impressive about the sheer number of bugs Flash has is the fact that ultimately, we're dealing with a mere plugin here, not a massive software package. While Flash was once considered "cool", a de facto choice for Web animation, the past decade hasn't been too kind to it. The negative reputation was earned thanks mostly to... Read more...
We've talked lots in the past about vulnerabilities that hit home and enterprise routers, but not quite as much about cable modems, where the importance of good security is arguably even more paramount. The reason for that is that most often, customers do not have control over the firmware in such devices. If a vulnerability is found and patched, it's up to the ISP to issue it, automatically. As you might imagine, this could lead to some serious problems if your ISP isn't too on top of things. A great example of this is brought forth by security researcher Bernardo Rodrigues. He found that with a series of Arris cable modems, a backdoor exists within a backdoor - a rather interesting discovery,... Read more...
Security firm Lookout has just revealed what could be one of the most hard-hitting pieces of malware to ever hit Android. It doesn't have an official name, except to be referred to as "trojanized adware", and right from the top, we can tell you that if you only stick to downloading apps through Google's Play Store, you have nothing to worry about. There are two things that make this piece of malware so severe. First, it's effectively wrapped around legitimate apps. Users can download these, such as Facebook and Snapchat, and install them normally. Nothing will look out-of-the-ordinary, and Google won't raise a fuss outside of the original warning that comes with installing out-of-store apps.... Read more...
Mere days after it was revealed that crowdfunding website Patreon had been breached, the entire collection of stolen digital goods has been posted online. Making this leak even more severe than typical ones is that not only is user account information included, but so too is some site source code (or potentially all of it), as well as private messages. If the encrypted information can be cracked, that could result in the revealing of social security numbers and tax IDs. Patreon is a website where "patrons" are able to support their favorite content creators with a monthly subscription. Based on what was leaked in this dump, there were at least 2.3 million accounts, and if... Read more...
Where computer security is concerned, it almost seems like unauthorized access can be granted via an unlimited number of ways. While computer security in the home is obviously very important, having good defenses in the enterprise market is paramount. In some cases, slipping up could result in the loss of millions of dollars, and perhaps result in a major mess to clean up. Keeping up on that security is easier said than done, though. As security firm FireEye reports, there are some layers of security that simply get overlooked far too often, but soon enough, they won't be able to be ignored. In particular, routers are often overlooked whenever a security breach goes down, but the reality is,... Read more...
Here we go again. Researchers for Tangible Security have discovered three major vulnerabilities which strike at least three different Seagate enclosures - the Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie FUEL - equipped with firmware 2.2.0.005 or 2.3.0.014. As these things go, other devices and firmware versions could be affected; these are just the ones the researchers have been able to confirm. The first bug, named CVE-2015-2874, relates to an installed telnet server that grants root access with a default password. If login is granted, havoc can be wreaked - at the very least, data could be easily deleted. The second bug is called CVE-2015-2875 and allows... Read more...
We reported earlier this week that a Jeep Cherokee could be remotely accessed and controlled, and I wouldn't blame anyone for being a skeptic. After all, what are the chances of someone remote being able to disable the transmission? Well, with Fiat Chrysler's response, I think that question has been answered. In a press statement issued today, the company has announced that it's recalling 1.4 million cars that are equipped with certain UConnect radios. Dodges, Jeeps, Rams, and Chrysler's are affected. Ultimately, it seems like this recall isn't going to be that painful for owners of the affected vehicles, as FCA US said a software update would be made available via a USB drive that plugs... Read more...
Prev 1 2 3 4 5 Next