Privacy, Security Archive

New Exploit in PSN, Sony Takes Change-password Sites Offline

Submitted by sawboss 2011-05-18 Privacy, Security 28 Comments

Sony just restarted its Playstation Network, after the massive security fail dismissed as a 'hiccup' by Sony CEO Howard Stringer. Well, the PSN has barely been up two days, and a massive security oversight has already been discovered. Yes, Sony just got Sony'd. Again. Unbelievable.

Microsoft Investigates Current Threat Landscape

Submitted by HAL2001 2011-05-18 Privacy, Security 6 Comments

Microsoft published volume 10 of the its Security Intelligence Report which provides perspectives on software vulnerabilities, software vulnerability exploits, malicious and potentially unwanted software, and security breaches in both Microsoft and third party software. Microsoft found out that vulnerabilities in applications versus operating systems or web browsers continued to account for a large majority of all vulnerabilities in 2010, although the total number of application vulnerabilities declined 22.2 percent from 2009. The exploitation of Java vulnerabilities sharply increased in the second quarter of 2010 and surpassed every other exploitation category that the MMPC tracks, including generic HTML/scripting exploits, operating system exploits, and document exploits.

Sony Suffers Another Major Security Breach

Thom Holwerda 2011-05-02 Privacy, Security 41 Comments

"Nikkei.com on Monday reported that an online Sony gaming network has once again fallen victim to a cyberattack. This time, the attack may have exposed the credit card numbers of thousands of Sony customers from around the world. According to the report, over 12,700 customer credit card numbers were stolen during a breach of Sony’s online gaming network, Sony Online Entertainment. According to Nikkei.com, Sony discovered the possible attack on Sunday."

Honeypot Android App Wreaks Vigilante Justice

David Adams 2011-03-31 Privacy, Security 41 Comments

If you download and use what appears to be a version of the commercial "Walk and Text" Android app from a file sharing site, you're in for a surprise. When you run it, it shows you that it's being "cracked" but it's really gathering information from your device, in preparation for an e-smackdown. It sends a bunch of personal information (name, phone number, IMEI) off to a server, and, just for lulz, text messages everyone on your contact list:

Samsung: Keylogger Claim Is Bogus, and We Can Prove it

Thom Holwerda 2011-03-31 Privacy, Security 36 Comments

Well, this clearly needs to get its own item. Yesterday we linked to a story about how Samsung is supposedly installing keyloggers onto its laptops to track user behaviour. Samsung immediately launched an investigation into the matter, and has come to a rather humbling conclusion: the guy coming up with the story is incompetent, and Samsung has the evidence to prove it.

Samsung Installing Keyloggers on its Laptops?

David Adams 2011-03-30 Privacy, Security 36 Comments

Hearkening back to the Sony Rootkit brouhaha from a few years ago, a security researcher is claiming in a Network World article that he detected factory-installed keyloggers in two brand new Samsung Laptops. Samsung has made no official response, but a tech support supervisor contacted by the author said that the keystroke logging software was installed by Samsung to "monitor the performance of the machine and to find out how it is being used."

RSA Breach: Reactions from the Security Community

Guest post by HAL2001 2011-03-20 Privacy, Security 16 Comments

RSA suffered a breach and data loss following an "extremely sophisticated cyber attack." Their investigation revealed that the information extracted from the company systems is related to its SecurID two-factor authentication products. The news of the incident spread through the community like wildfire and information security professionals are offering their take on this incident. We still don't know the technical details, but it's certain that RSA's brand has taken a big hit.

Pwn2Own Day 2: iPhone, BlackBerry Beaten

Submitted by gogothebee 2011-03-11 Privacy, Security 5 Comments

"After successful attacks on Safari and Internet Explorer 8 on Wednesday, the second day of Pwn2Own saw the iPhone 4 and then the BlackBerry Torch 9800 successfully exploited. The annual security competition allows researchers to win any systems that they successfully compromise, and also awards them cash rewards if those security flaws are still present in the latest version of the software."

pwn2own Day One: Safari, IE8 Fall, Chrome Unchallenged

Submitted by gogothebee 2011-03-10 Privacy, Security 20 Comments

"Fully patched versions of Safari and Internet Explorer 8 were both successfully hacked today at pwn2own, the annual hacking competition held as part of the CanSecWest security conference. If a researcher can pwn the browser - that is, make it run arbitrary code - then they get to own the hardware the browser runs on. This year, not only did they have to run arbitrary code, they also had to escape any sandboxes - restricted environments with reduced access to data and the operating system - that are imposed."

Spyware Compromises 150000+ Symbian Devices

Guest post by HAL2001 2011-02-23 Privacy, Security 10 Comments

A new variant of spyware "Spy.Felxispy" on Symbian devices causing privacy leakage has recently been captured by the National Computer Virus Emergency Response Centre of China. According to NetQin Mobile, there are more than a dozen variants of the spyware since the first was spotted, and the latest has affected 150,000+ devices. Once installed, the spyware will turn on the Conference Call feature of the device without users' awareness. When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation.

Guest post by jimmy1971 2011-01-27 Privacy, Security 4 Comments

"National ICT Australia, in conjunction with Open Kernel Labs, has released new software aimed at researchers, developers and manufacturers that has the ability to protect computer hardware from failure or being attacked. The seL4 microkernel is a small operating system kernel which regulates access to a computer's hardware and is able to distinguish between trusted and untrusted software."

Submitted by jimmy1971 2011-01-27 Privacy, Security 4 Comments

"Researchers at North Carolina State University have developed a method to restore a computer operating system to its former state if it is attacked. The concept involves taking a snapshot of the operating system at strategic points in time (such as system calls or interrupts), when it is functioning normally and, then, if the operating system is attacked, to erase everything that was done since the last 'good' snapshot was taken - effectively going back in time to before the operating system attack. The mechanism also allows the operating system to identify the source of the attack and isolate it, so that the operating system will no longer be vulnerable to attacks from that application. The idea of detecting attacks and resetting a system to a safe state is a well-known technique for restoring a system's normal functions after a failure, but this is the first time researchers have developed a system that also incorporates the security fault isolation component. This critical component prevents the operating system from succumbing to the same attack repeatedly."

Java Attacks on the Rise as Spam Declines

Neolander 2011-01-20 Privacy, Security 21 Comments

"In 2010, exploited Java vulnerabilities outpaced the exploit of Adobe Reader and Acrobat," Landesman, senior security researcher at Cisco, said. "Java was 3.5 times more frequently exploited than were malicious PDFs. That really spells out the need for paying attention to what's making the headlines but also paying attention to the types of things that aren't making the headlines."

Zeus Malware Now Targets Online Payment Providers

Submitted by HAL2001 2011-01-20 Privacy, Security 2 Comments

"The Zeus malware continues to evolve, diversifying away from its target bank sites and their customers, and over to sites with user credentials that allow assets that have a financial value."

Submitted by fran 2011-01-20 Privacy, Security 2 Comments

"Microsoft quietly announced this week that it has released betas of three updated security testing tools , targeting security professionals and ISVs in an attempt to encourage development of less vulnerable software."

Cybercriminals Shifting Focus To Non-Windows Systems

Submitted by HAL2001 2011-01-20 Privacy, Security No Comments

In a major cybercrime turning point, scammers have begun shifting their focus away from Windows-based PCs to other operating systems and platforms, including smart phones, tablet computers, and mobile platforms in general, according to the a new Cisco report. The report also finds that 2010 was the first year in the history of the Internet that spam volume decreased, that cybercriminals are investing heavily in "money muling," and that users continue to fall prey to myriad forms of trust exploitation.

Third-Party Software Responsible For Most Vulnerabilities

Submitted by HAL2001 2011-01-12 Privacy, Security 10 Comments

Most people owning a PC are familiar with Microsoft's patching process - it's easy and it's there. For a lot of them, it also gives the impression that Microsoft's products are chock-full of flaws. But, according to Stefan Frei, Research Analyst Director with Secunia, it's not the vulnerabilities in Microsoft's products we should worry about, but those in third-party software. 55 percent of the end-point users have more than 66 programs from more than 22 vendors installed on their systems. Of the top 50 software used, 26 are developed by Microsoft, and the remaining 24 by 14 other vendors.

Tuesday Is the Most Active Day for Threats

Submitted by HAL2001 2011-01-10 Privacy, Security 2 Comments

"The most active day for threat-related traffic worldwide is Tuesday, with Monday a close second, according to a report by SonicWALL. This pattern holds true for the U.S., China, India, Mexico, South Africa, Taiwan, Turkey, and several European countries. The most active time for threat-related traffic in the United States is between the hours of 10:00 a.m. and 11:00 a.m., Pacific Time. China and Taiwan top the list as the most heavily hit countries for worldwide threat-related traffic. Taiwan, New Zealand and South Africa are the countries most heavily hit with malware."

There’s a Bounty on Your Applications

Guest post by Anthony Haywood 2011-01-05 Privacy, Security 9 Comments

In the last year there have been a number of organisations offering rewards, or 'bounty' programs, for discovering and reporting bugs in applications. Mozilla currently offers up to $3,000 for crucial or high bug identification, Google pays out $1,337 for flaws in its software and Deutsche Post is currently sifting through applications from 'ethical' hackers to approve teams who will go head to head and compete for its Security Cup in October. The winning team can hold aloft the trophy if they find vulnerabilities in its new online secure messaging service â€“ that's comforting to current users. So, are these incentives the best way to make sure your applications are secure?

L0phtCrack 7: The Next Level of Password Auditing and Recovery

Guest post by HAL2001 2010-12-15 Privacy, Security 6 Comments

L0phtCrack is one of the most used tools by security professionals worldwide. After years of inactivity, version 6 was released in 2009 and development hasn't halted since. In a new video, L0phtCrack co-author Christien Rioux aka dildog talks about the upcoming version and introduces some of the new features.