Your antivirus and network protection efforts may actually be undermining network security, a new paper and subsequent US-CERT advisory have warned. The issue comes with the use of HTTPS interception middleboxes and network monitoring products. They are extremely common and are used to check that nothing untoward is going on. However, the very method by Read more about Web security products introduce man in the middle insecurities[…]

“WikiLeaks has made initial contact with us via secure@microsoft.com,” a Microsoft spokesperson told Motherboard — but then things apparently stalled. An anonymous reader quotes Fortune: Wikileaks this week contacted major tech companies including Apple and Google, and required them to assent to a set of conditions before receiving leaked information about security “zero days” and Read more about WikiLeaks will disclose CIA vulns to companies that sign standard responsible disclosures – or maybe not so standard?[…]

The duration (2016–09–22 to 2017–02–20) and potential breadth of information exposed is huge — Cloudflare has over 2 million websites on its network, and data from any of these is potentially exposed. Cloudflare has said the actual impact is relatively minor, so I believe only limited amounts of information were actually disseminated. Essentially, broad range of data Read more about Cloudbleed: How to deal with it[…]

The Check Point Mobile Threat Prevention has recently detected a severe infection in 38 Android devices, belonging to a large telecommunications company and a multinational technology company. While this is not unusual, one detail of the attacks stands out. In all instances, the malware was not downloaded to the device as a result of the Read more about Preinstalled Malware Targeting Mobile Users[…]

enderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them. Manufacturers create apps to control smart Read more about Used cars allow the old owners app access[…]

“An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication,” Cisco said today. “An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges.” Note that “administrator” was italicized by the networking giant. Super serious. Cisco pitches Prime Home as Read more about Cisco’s Prime Home lets hackers hijack people’s routers, from one single point at the ISP[…]

The flawed version is in Debian 9 (Stretch), currently in testing, but not in Debian 8 (Jessie). The bug appears to be a result of a bad interaction with the encfs encrypted filesystem’s command line interface: Cryptkeeper invokes encfs and attempts to enter paranoia mode with a simulated ‘p’ keypress – instead, it sets passwords Read more about Linux encryption app Cryptkeeper has universal password: ‘p’[…]

More than a third of organisations that experienced a breach last year reported substantial customer, opportunity and revenue loss. The finding is one of the key takeaways from the latest edition of Cisco’s annual cybersecurity report, which also suggests that defenders are struggling to improve defences against a growing range of threats. The vast majority Read more about Suffered a breach? Expect to lose cash, opportunities, and customers – report[…]

A team from CSIRO’s Data 61, University of NSW and UC Berkley in the US found a whole bunch of Android VPN apps contain viruses, spyware and other adware. Researchers analysed the apps available for Android to look for nasties like trojans, spyware and adware — giving each an “anti-virus rank (AV)” based on what Read more about Viruses, spyware found in ‘alarming’ number of Android VPN apps[…]

a completely proactive and signature-less technology that is able to detect and block even the most dangerous of ransomware variants like CryptoWall4, CryptoLocker, Tesla, and CTB-Locker. Malwarebytes Anti-Ransomware monitors all activity in the computer and identifies actions which are typical of ransomware activity. It keeps track of all activity and, once it has enough evidence Read more about Introducing Malwarebytes Anti-Ransomware Beta[…]

Bitdefender Anti-Ransomware prevents the following families of ransomware from encrypting your files: CTB-Locker, Locky, Pertya, and TeslaCrypt. Bitdefender cannot guarantee the effectiveness of the tool against different strains of ransomware, nor be held liable for the loss of sensitive data. Source: Anti Ransomware Tool Shame…

Cryptostalker and the original project randumb are the work of Sean Williams, a developer from San Francisco. Mr. Williams wanted to create a tool that monitored the filesystem for newly written files, and if the files contained random data, the sign of encrypted content, and they were written at high speed, it would alert the Read more about Cryptostalker, a Tool to Detect Crypto-Ransomware on Linux[…]

Let’s try to generically thwart OS X ransomware via math! By continually monitoring the file-system for the creation of encrypted files by suspicious processes, RansomWhere? aims to protect your personal files, generically stopping ransomware in its tracks. Source: Objective-See

Law enforcement and IT Security companies have joined forces to disrupt cybercriminal businesses with ransomware connections. The “No More Ransom” website is an initiative by the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and two cyber security companies – Kaspersky Lab and Intel Security – with the goal to Read more about The No More Ransom Project: tools and howtos to decrypt ransomware from the EU[…]

Edit: It seems that this system creates a whole load of bogus files and dirs and monitors them, not the whole file system. This pollutes the file system and means that people can quite easily write around it. Every ransomware program goes over files, chooses the ones that look interesting, encrypts them and destroys the Read more about Cybereason Introduces: Free Behavioral-Based Ransomware Blocking[…]

New research from Lancaster University, Northwest University in China, and the University of Bath, which benefitted from funding from the Engineering and Physical Sciences Research Council (EPSRC), shows for the first time that attackers can crack Pattern Lock reliably within five attempts by using video and computer vision algorithm software. By covertly videoing the owner Read more about Your Android device’s Pattern Lock can be cracked within five attempts[…]

The group – Yinzhi Cao and Song Li of from Lehigh University in Pennsylvania, and Erik Wijmans from Washington University in St. Louis – have worked out how to access various operating system and hardware-level features that can fingerprint an individual machine, regardless of browser. These include screen resolution with zoom; CPU virtual cores; installed Read more about It’s not just your browser: Your machine can be fingerprinted easily[…]

WhatsApp’s end-to-end encryption relies on the generation of unique security keys, using the acclaimed Signal protocol, developed by Open Whisper Systems, that are traded and verified between users to guarantee communications are secure and cannot be intercepted by a middleman. However, WhatsApp has the ability to force the generation of new encryption keys for offline Read more about WhatsApp backdoor allows snooping on encrypted messages[…]

MongoDB databases are being decimated in soaring ransomware attacks that have seen the number of compromised systems more than double to 27,000 in a day. Criminals are accessing, copying and deleting data from unpatched or badly-configured databases. Administrators are being charged ransoms to have data returned. Initial attacks saw ransoms of 0.2 bitcoins (US$184) to Read more about MongoDB ransom attacks soar, body count hits 27,000 in hours[…]

The attack vector is manifest when victims select autofill while filling out registration forms: attackers hide sensitive fields like street address, date of birth, and phone number, displaying only basic entry boxes like name and email. Users who type the start of their names will generate a prompt that when selected will throw an option Read more about Autocomplete hidden form fields a novel phishing hole for Chrome, Safari crims[…]

We’re excited to announce the release of Project Wycheproof, a set of security tests that check cryptographic software libraries for known weaknesses. We’ve developed over 80 test cases which have uncovered more than 40 security bugs (some tests or bugs are not open sourced today, as they are being fixed by vendors). For example, we Read more about Google releases crypto library checker tools[…]

To everyone else, get patching Source: Dear hackers, Ubuntu’s app crash reporter will happily execute your evil code on a victim’s box