Hacking & Security

Zero-Day Market Economics Favor Incentives for Defensive Tools

Threatpost - 14 Duben, 2015 - 15:00
Research on the economics of the zero-day market conducted by HackerOne, MIT, Harvard and Facebook will be presented at RSA Conference.
Kategorie: Hacking & Security

Android 'Trusted Voice': My Voice Is My Password

The Hacker News - 14 Duben, 2015 - 14:40
Today device unlocking has become far more secure over the years, from PIN number unlock to Pattern unlock and biometric unlocks including fingerprinting and facial recognition. But... ...What If Your Android Device Can Identify Your Voice before authenticating any access? This exactly what Google is trying to provide its Android 5.0 Lollipop users. Users running Android 5.0 Lollipop
Kategorie: Hacking & Security

Za útokem na GitHub stál Velký kanón - nová kyberzbraň Číny

Zive.cz - bezpečnost - 14 Duben, 2015 - 14:17
Čínský Velký firewall dobře známe, stará se o cenzuru webových stránek přicházejících a existujících v rámci čínského internetu. Na komunitním programátorském serveru GitHub existují zdrojáky nástrojů, které jej pomáhají obejít. Právě GitHub a konkrétně stránky projektů GreatFire a CN-NYTimes se ...
Kategorie: Hacking & Security

Hardening IIS Security

InfoSec Institute Resources - 14 Duben, 2015 - 14:15

Security is an essential part of a web application and should be taken into consideration from the first stage of the development process. A website couldn’t ever be secure enough unless you would undertake necessary security initiatives to protect the web server from all breaches, because hackers can easily penetrate a web mechanism by exploiting […]

The post Hardening IIS Security appeared first on InfoSec Institute.

Kategorie: Hacking & Security

Cracking NQ Vault Step by Step

InfoSec Institute Resources - 14 Duben, 2015 - 14:00

The mobile encryption app NQ Vault has been in the news for bad reasons. Mobile encryption apps are commonly used to prevent access to sensitive data on the phone (such as images, videos, documents and so on). These encryption apps usually offer a vault with your desired password. You can push any secret files to […]

The post Cracking NQ Vault Step by Step appeared first on InfoSec Institute.

Kategorie: Hacking & Security

TLS certificate blunder revisited - whither China Internet Network Information Center?

Sophos Naked Security - 14 Duben, 2015 - 13:54
Just under three weeks ago, we wrote about a TLS certificate blunder by a Root Certificate Authority called CNNIC. We thought we'd revisit that story today to see how the Big Four browser makers responded to the lapse...

Your Tax Refund with a Data Kidnapping Twist!

Kaspersky Securelist - 14 Duben, 2015 - 13:40

Oh, how procrastination gets all of us! April 15th is the U.S. tax deadline and it looks like most of us will be coming down to the wire on declaring our taxes and holding our collective breath in expectation of that sweet, sweet refund. Sadly, our malware writing friends are aware of this and their discipline has proven far superior. Knowing that many are on the lookout for emails from the Internal Revenue Service concerning pending refunds, criminals have crafted some of their own:

The attachment is actually a Trojan-Downloader.MsWord.Agent malware, built by the same group behind the recent LogMeIn malicious campaign described here.

The infection scheme is very similar to the aforementioned, however, the threat actor has moved on from abusing Pastebin entries and has instead hacked a Web server in China to host the instructions script file. This file as well as the download URL are also encoded in Base64 and the resulting payload is actually ransomware.

URLs embedded in the malicious macros leading to a Base64 encoded instructions script file and the payload URL below

Instructions files with the URL to the ransomware payload

The malicious ransomware payload is detected by Kaspersky Anti-Virus as Trojan-Ransom.Win32.Foreign.mfbg

Due to the reliance on the IRS branding, this particular malicious campaign is mostly focused on US citizens and permanent residents of the USA.

Teen charged after using teacher's admin password to access school computer

Sophos Naked Security - 14 Duben, 2015 - 13:16
He's been charged with trespassing on his school's computer system after snooping away an administrative password and swapping a teacher's desktop wallpaper with an image of two men kissing.

18-year-old Unpatched Vulnerability Affects All Versions of Microsoft Windows

The Hacker News - 14 Duben, 2015 - 12:45
Security researchers have unearthed a serious security flaw in all supported versions of Windows that could let hackers steal users’ credentials from computers, tablets or servers running any version of Windows operating system, including the as-yet-released Windows 10. This vulnerability in Windows was first discovered 20 Years ago: The critical bug, dubbed "Redirect to SMB," is a
Kategorie: Hacking & Security

Is DARPA's Memex search engine a Google-killer?

Sophos Naked Security - 14 Duben, 2015 - 12:36
The web is getting deeper and darker, and starting this Friday, Memex will begin to give everyone a chance to lift the veil a little.

Season 5 Game of Thrones episodes leaked online

Sophos Naked Security - 14 Duben, 2015 - 12:09
HBO says that preview copies of Game of Thrones have somehow been breached. They'd already been copied at least 1 million times before Sunday's airing of the new season's first episode.

As Ransomware Attacks Evolve, More Potential Victims Are at Risk

Threatpost - 14 Duben, 2015 - 12:00
In early December, as most people were dealing with the stress of looking for the perfect holiday gifts and planning out their upcoming celebrations, police officers in a small New England town were under a different sort of pressure. The vital files and data the Tewksbury Police Department needed to go about its daily business had been encrypted […]
Kategorie: Hacking & Security

What Happens When Personal Information Hits The Dark Web

LinuxSecurity.com - 14 Duben, 2015 - 11:45
LinuxSecurity.com: The bait--a trove of phony "stolen" data including several thousand Social Security numbers, credit cards, names, and email addresses--was swallowed within the first few days of being planted in the Dark Web. And when the 12-day experiment was over, the data had traveled to more than 22 different countries and been viewed nearly 1,100 times.
Kategorie: Hacking & Security

Survey finds younger workers make bad security choices

LinuxSecurity.com - 14 Duben, 2015 - 11:44
LinuxSecurity.com: The biggest smartphone security threats to companies caused by workers come from males younger than age 35 who earn more than $60,000 a year. Those are the findings of a new study commissioned by Aruba Networks that questioned 11,500 workers in 23 countries.
Kategorie: Hacking & Security

Open-source personal crypto-key vault

LinuxSecurity.com - 14 Duben, 2015 - 11:43
LinuxSecurity.com: An open-source hardware project aimed at making the internet "a little bit safer" needs an influx of cash to continue its work.
Kategorie: Hacking & Security

Why You Should Enroll In Cyber Security Awareness Training

The Hacker News - 14 Duben, 2015 - 09:07
When it comes to cyber security, even big organizations lack the basic knowledge of how to protect company’s data from the outside. Everyday businesses are facing the threat of phishing, ransomware, data breaches and malware attacks that not only results in millions of dollars losses, but also damaged the reputations. A new study shows that five out of six of the most serious IT
Kategorie: Hacking & Security

Prosecutors suspect man hacked lottery computers to score winning ticket

Ars Technica - 13 Duben, 2015 - 23:35

Prosecutors say they have evidence indicating the former head of computer security for a state lottery association tampered with lottery computers prior to him buying a ticket that won a $14.3 million jackpot, according to a media report.

Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

Read 5 remaining paragraphs | Comments

Kategorie: Hacking & Security

Vulnerabilities Identified in NY Banking Vendors

Threatpost - 13 Duben, 2015 - 20:56
To bolster security, banks in New York are planning to enact new regulations for any third party vendors they do business with.
Kategorie: Hacking & Security

Chinese Hackers Target Air-Gapped Networks in Southeast Asia

The Hacker News - 13 Duben, 2015 - 18:56
A State-sponsored Cyber Espionage Group -- most likely linked to the Chinese government becomes the first group to target the so-called "Air-Gapped Networks" that aren't directly connected to the Internet. What are Air-Gapped systems? Air-gapped systems are known to be the most safest and secure systems on the earth. These systems are isolated from the Internet or any other
Kategorie: Hacking & Security

Universal backdoor for e-commerce platform lets hackers shop for victims

Ars Technica - 13 Duben, 2015 - 18:37

As people become more aware of the threat of targeted "phishing" attacks via e-mail and social media, malware-armed attackers are turning to new ways to target specific victims where they least expect it—by exploiting the legitimate websites they frequent and assume to be secure. Last week, Swiss security firm High-Tech Bridge disclosed that the Web store of a corporate customer had been used to deliver a targeted attack against a specific site visitor. The attackers were also able to retrieve the store's customer database, which they may have used to search for desirable targets.

The attack exploited a current and patched version of osCommerce Online Merchant (version 2.3.4, released last June), a common Web store content management system used by a number of high-profile companies—including Canonical's Ubuntu Shop. The attacker inserted malicious PHP script that provided a backdoor into the site and could be configured to check users' IP addresses and login credentials for specific targets as they visit the site. Once a desired target is detected, the script attempts to download malware to the victim from another site. The attacker can then remotely delete the backdoor and altered PHP files and replace them with the original by connecting to the script with a "?del" parameter added to its URL.

The backdoor script is labeled as "osCommerce 2.x.x universal pwner by Piht0z," and it's just that: a generic PHP-based backdoor for osCommerce sites. According to Ilia Kolochenko, High-Tech Bridge's CEO, there have been similar cases of targeted attacks on users of e-commerce sites before, but "it's the first time we see a universal backdoor for a large e-commerce platform," he said in a blog post about the discovery. "This means that hackers started using this vector on a regular basis to achieve their goals."

Read on Ars Technica | Comments

Kategorie: Hacking & Security
Syndikovat obsah