×
Microsoft

Adobe Hopes Pop-up Warnings Will Stop Office-Borne Flash Attacks 125

Posted by timothy from the ms-bob-is-on-the-case dept.
tsamsoniw writes "In the wake of the most recent zero-day attacks exploiting Flash Player, Adobe claims that it's worked hard to make Player secure — and that most SWF exploits stem from users opening infected Office docs attached to emails. The company has a solution, though: A forthcoming version of Flash Player will detect when it's being launched from Office and will present users with a dialog box with vague warnings of a potential threat."
Security

Bit9 Hacked, Stolen Certs Used To Sign Malware 65

Posted by Soulskill from the that-seems-like-a-bad-plan dept.
tsu doh nimh writes "Bit9, a company that provides software and network security services to the U.S. government and at least 30 Fortune 100 firms, has suffered a compromise that cuts to the core of its business: helping clients distinguish known 'safe' files from computer viruses and other malicious software. A leading provider of 'application whitelisting' services, Bit9's security technology turns the traditional approach to fighting malware on its head. Antivirus software, for example, seeks to identify and quarantine files that are known bad or strongly suspected of being malicious. In contrast, Bit9 specializes in helping companies develop custom lists of software that they want to allow employees to run, and to treat all other applications as potentially unknown and dangerous. But in a blog post today, the company disclosed that attackers broke into its network and managed to steal the digital keys that Bit9 uses to distinguish good from bad applications. The attackers then sent signed malware to at least three of Bit9's customers, although Bit9 isn't saying which customers were affected or to what extent. The kicker? The firm said it failed to detect the intrusion in part because the servers used to store its keys were not running Bit9's own software."
Communications

E-Mail Hack Exposes Bush Family Pictures, Correspondence 230

Posted by Soulskill from the dubya-the-painter dept.
New submitter rHBa sends this article about another high-profile email account breach: "The apparent hack of several e-mail accounts has exposed personal photos and sensitive correspondence from members of the Bush family, including both former U.S. presidents. The posted photos and e-mails contain a watermark with the hacker's online alias, 'Guccifer.' ... Included in the hacked material is a confidential October 2012 list of home addresses, cell phone numbers, and e-mails for dozens of Bush family members, including both former presidents, their siblings, and their children. ... Correspondence obtained by the hacker indicates that at least six separate e-mail accounts have been compromised, including the AOL account of Dorothy Bush Koch, daughter of George H.W. Bush and sister of George W. Bush. Other breached accounts belong to Willard Heminway, 79, an old friend of the 41st president who lives in Greenwich, Connecticut; CBS sportscaster Jim Nantz, a longtime Bush family friend; former first lady Barbara Bush’s brother; and George H.W. Bush’s sister-in-law. "
Security

New Adobe Flash Vulnerabilities Being Actively Exploited On Windows and OS X 167

Posted by Soulskill from the something-to-be-said-for-consistency dept.
Orome1 writes "Adobe has pushed out an emergency Flash update that solves two critical vulnerabilities (CVE-2013-0633 and CVE-2013-0634) that are being actively exploited to target Windows and OS X users, and is urging users to implement it as soon as possible. According to a security bulletin released on Thursday, the OS X exploit targets Flash Player in Firefox or Safari via malicious Flash content hosted on websites, while Windows users are targeted with Microsoft Word documents delivered as an email attachments which contain malicious Flash content. Adobe has also announced its intention of adding new protections against malicious Flash content embedded in Microsoft Office documents to its next feature release of Flash Player."
Bug

Facebook Breaks Major Websites With Redirection Bug 179

Posted by Soulskill from the now-we're-tripping-on-virtual-power-cords dept.
johnsnails writes "Some of the biggest news sites in the world disappeared yesterday when Facebook took over the internet with a redirection bug. Visitors to sites such as The Washington Post, BuzzFeed, the Gawker network, NBC News and News.com.au were immediately transferred to a Facebook error page upon loading their intended site. It was fixed quickly, and Facebook provided this statement: 'For a short period of time, there was a bug that redirected people logging in with Facebook from third party sites to Facebook.com. The issue was quickly resolved, and Login with Facebook is now working as usual.'"
Android

Fragmentation Leads To Android Insecurities 318

Posted by samzenpus from the united-we-stand dept.
Rick Zeman writes "The Washington Post writes about how vendor fragmentation leads to security vulnerabilities and other exploits. This situation is '...making the world's most popular mobile operating system more vulnerable than its rivals to hackers, scam artists and a growing universe of malicious software' unlike Apple's iOS which they note has widely available updates several times a year. In light of many companies' Bring Your Own Device initiatives 'You have potentially millions of Androids making their way into the work space, accessing confidential documents,' said Christopher Soghoian, a former Federal Trade Commission technology expert who now works for the American Civil Liberties Union. 'It's like a really dry forest, and it's just waiting for a match.'"
Encryption

Deloitte: Use a Longer Password In 2013. Seriously. 538

Posted by timothy from the you're-gonna-need-a-bigger-post-it dept.
a user writes "Deloitte predicts that 8-character passwords will become insecure in 2013. Humans have trouble remembering passwords with more than seven characters, and it is difficult to enter long, complex passwords into mobile devices. Users have not adapted to increased computing power available to crackers, and continue to use bad practices such as using common and short passwords, and re-using passwords across multiple websites. A recent study showed that using the 10000 most common passwords would have cracked >98% of 6 million user accounts. All of these problems have the potential for a huge security hazard. Password vaults are likely to become more widely used out of necessity. Multifactor authentication strategies, such as phone texts, iris scans, and dongles are also likely to become more widespread, especially by banks."
Software

LibreOffice 4 Released 249

Posted by timothy from the whole-numbers-is-best-numbers dept.
Titus Andronicus writes "LibreOffice 4.0.0 has been released. Some of the changes are for developers: an improved API, a new graphics stack, migrating German code comments to English, and moving from Apache 2.0 to LGPLv3 & MPLv2. Some user-facing changes are: better interoperability with other software, some functional & UI improvements, and some performance gains."
Government

Rich Countries Suffer Less Malware, Says Microsoft Study 84

Posted by timothy from the better-treatment-helps dept.
chicksdaddy writes "To paraphrase a quote attributed to F. Scott Fitzgerald: 'Rich countries aren't like everyone else. They have less malware.' That's the conclusion of a special Security Intelligence Report from Microsoft, anyway. The special supplement, released on Wednesday, investigated the links between rates of computer infections and a range of national characteristics including the relative wealth of a nation, observance of the rule of law and the rate of software piracy. The conclusion: cyber security (by Microsoft's definition: low rates of malware infection) correlated positively with many characteristics of wealthy nations – high Gross Income Per Capita, higher broadband penetration and investment in R&D and high rates of literacy. It correlated negatively with characteristics common in poorer nations – like demographic instability, political instability and lower levels of education.'"
Security

Researchers Devise New Attack Techniques Against SSL 33

Posted by samzenpus from the protect-ya-neck dept.
alphadogg writes "The developers of many SSL libraries are releasing patches for a vulnerability that could potentially be exploited to recover plaintext information, such as browser authentication cookies, from encrypted communications.The patching effort follows the discovery of new ways to attack SSL, TLS and DTLS implementations that use cipher-block-chaining (CBC) mode encryption. The new attack methods were developed by researchers at the University of London's Royal Holloway College. The men published a research paper and a website on Monday with detailed information about their new attacks, which they have dubbed the Lucky Thirteen. They've worked with several TLS library vendors, as well as the TLS Working Group of the IETF, to fix the issue."
Spam

Ask Slashdot: How Do You Handle SPF For Spam Filtering? 187

Posted by samzenpus from the false-positive dept.
An anonymous reader writes "Our organization had had a decent SPF record of our own for a long time. Recently, we decided to try using SPF for filtering inbound mail. On the up side, a lot of bad mail was being caught. On the down side, it seems like there is always a 'very important' message being caught in the filter because the sender has failed to consider all mail sources in writing their record. At first, I tried to assist sending parties with correcting their records out of hope that it was isolated. This quickly started to consume far too much time. I'm learning that many have set up inaccurate but syntactically valid SPF records and forgotten about them, which is probably the worst outcome for SPF as a standard. Are you using SPF? How are you handling false positives caused by inaccurate SPF records?"
Intel

Intel Gigabit NIC Packet of Death 137

Posted by Soulskill from the how-to-break-things dept.
An anonymous reader sends this quote from a blog post about a very odd technical issue and some clever debugging: "Packets of death. I started calling them that because that’s exactly what they are. ... This customer location, for some reason or another, could predictably bring down the ethernet controller with voice traffic on their network. Let me elaborate on that for a second. When I say “bring down” an ethernet controller I mean BRING DOWN an ethernet controller. The system and ethernet interfaces would appear fine and then after a random amount of traffic the interface would report a hardware error (lost communication with PHY) and lose link. Literally the link lights on the switch and interface would go out. It was dead. Nothing but a power cycle would bring it back. ... While debugging with this very patient reseller I started stopping the packet captures as soon as the interface dropped. Eventually I caught on to a pattern: the last packet out of the interface was always a 100 Trying provisional response, and it was always a specific length. Not only that, I ended up tracing this (Asterisk) response to a specific phone manufacturer’s INVITE. ... With a modified HTTP server configured to generate the data at byte value (based on headers, host, etc) you could easily configure an HTTP 200 response to contain the packet of death — and kill client machines behind firewalls!"
Canada

Sony Rootkit Redux: Canadian Business Groups Lobby For Right To Install Spyware 240

Posted by Soulskill from the do-not-want dept.
An anonymous reader writes "Michael Geist reports that a coalition of Canadian industry groups, including the Canadian Chamber of Commerce, the Canadian Marketing Association, the Canadian Wireless Telecommunications Association and the Entertainment Software Association of Canada, are demanding legalized spyware for private enforcement purposes. The potential scope of coverage is breathtaking: a software program secretly installed by an entertainment software company designed to detect or investigate alleged copyright infringement would be covered by this exception. This exception could potentially cover programs designed to block access to certain websites (preventing the contravention of a law as would have been the case with SOPA), attempts to access wireless networks without authorization, or even keylogger programs tracking unsuspecting users (detection and investigation)."
Security

Semi-Automatic Hacking of Masked ROM Code From Microscopic Images 42

Posted by Soulskill from the making-a-computer-read-a-computer dept.
An anonymous reader writes "Decapping chips and recovering code or data is nothing new, but the old problem of recovering Masked ROM through visual inspection (binary '0' and '1' can be distinguished within the images) is normally done by crowd sourcing a manual typing effort. Now a tool that semi-automates this process and then recovers the data automatically has been released."
Bug

Kaspersky Update Breaks Internet Access For Windows XP Users 92

Posted by timothy from the all-a-secret-plot dept.
An anonymous reader writes "Yesterday afternoon, Kaspersky Labs released a definition update that blocked all Internet and Intranet access on Windows XP workstations. While there has been no official communication from Kaspersky, their forum is lit up with angry customers relying on each other to find a fix." Update: 02/05 16:42 GMT by T : Thanks to an anonymous reader, who says that Kaspersky has issued a statement, and a fix (though the fix takes some manual labor to implement).
Databases

MySQL 5.6 Reaches General Availability 47

Posted by timothy from the magic-8-ball-says dept.
First time accepted submitter jsmyth writes "MySQL 5.6.10 has been released, marking the General Availability of version 5.6 for production." Here's more on the features of 5.6. Of possible interest to MySQL users, too, is this look at how MySQL spinoff MariaDB (from Monty, one of the three creators of MySQL) is making inroads into the MySQL market, including (as we've mentioned before) as default database system in some Linux distributions.
Australia

Why Australian Telco's Plan To Shape BitTorrent Traffic Won't Work 84

Posted by timothy from the locking-doorknobs-on-revolving-doors dept.
New submitter oztechmuse writes "Australian Telco Telstra is planning to trial shaping some BitTorrent traffic during peak hours. Like all other telcos worldwide, they are facing increasing traffic with a long tail of users: 20% of users consume 80% of bandwidth. The problem is, telcos in Australia are already shaping BitTorrent traffic as a study by Measurement Lab has shown and traffic use continues to increase. Also, the 20% of broadband users consuming the most content will just find a different way of accessing the content and so overall traffic is unlikely to be reduced."
Android

Wireless Carriers Put On Notice About Providing Regular Android Security Updates 171

Posted by Soulskill from the suggestion-placed-in-circular-file dept.
msm1267 writes "Activist Chris Soghoian, who in the past has targeted zero-day brokers with his work, has turned his attention toward wireless carriers and their reluctance to provide regular device updates to Android mobile devices. The lack of updates leaves millions of Android users sometimes upwards of two revs behind in not only feature updates, but patches for security vulnerabilities. 'With Android, the situation is worse than a joke, it’s a crisis,' said Soghoian, principal technologies and senior policy analyst with the American Civil Liberties Union. 'With Android, you get updates when the carrier and hardware manufacturers want them to go out. Usually, that’s not often because the hardware vendor has thin [profit] margins. Whenever Google updates Android, engineers have to modify it for each phone, chip, radio card that relies on the OS. Hardware vendors must make a unique version for each device and they have scarce resources. Engineers are usually focused on the current version, and devices that are coming out in the next year.'"
Crime

Researchers Demo Hack Against African Micro-Finance Accounts 52

Posted by timothy from the and-such-small-portions dept.
mask.of.sanity writes "Security researchers have shown how to raid Africa micro-finance bank accounts en masse using fake audio one time passwords. The banks use audio one-time passwords to authenticate users logging into their accounts, but failed to implement properly security controls across numerous systems. Crucially, the researchers did not reveal how they cracked the encryption in order to protect users."
Google

US Wants Apple, Google, and Microsoft To Get a Grip On Mobile Privacy 103

Posted by Soulskill from the because-they've-done-a-bang-up-job-so-far dept.
coondoggie writes "When it comes to relatively new technologies, few have been developing at the relentless pace of mobile. But with that development has come a serious threat to the security of personal information and privacy. The Federal Trade Commission has issued a report (PDF) on mobility issues and said less than one-third of Americans feel they are in control of their personal information on their mobile devices. 'The report makes recommendations for critical players in the mobile marketplace: mobile platforms (operating system providers, such as Amazon, Apple, BlackBerry, Google, and Microsoft), application (app) developers, advertising networks and analytics companies, and app developer trade associations. ... The report recommends that mobile platforms should: Provide just-in-time disclosures to consumers and obtain their affirmative express consent before allowing apps to access sensitive content like geolocation; Consider developing a one-stop “dashboard” approach to allow consumers to review the types of content accessed by the apps they have downloaded; Consider offering a Do Not Track (DNT) mechanism for smartphone users.'"

Slashdot Top Deals