Verizon will introduce a virtualized firewall service across its global network later this month, part of its move into software-defined networking.The aim is to help businesses such as manufacturers or retailers, who may be running networks in far-flung places, to have better security when connecting their applications to the corporate network, said Shawn Hakl, head of network platforms and managed services for Verizon Enterprise Solutions.The type of organizations Verizon is aiming to attract are those running a Layer 3 private network who may want a better and more reliable connection for people using mobile apps.Mobile users will connect to whatever network is available and then onto Verizon's private network, Hakl said. Applications can securely connect, and the traffic can be put through the usual security inspections before it goes into the corporate network.To read this article in full or to leave a comment, please click here
A new phone is supposed to be a clean slate. But alarmingly, that's not always the case.Security company G Data has identified more than 20 mobile phones that have malware installed despite being marketed as new, according to a research report. And it doesn't appear the infection is occurring during manufacturing."Somebody is unlocking the phone and putting the malware on there and relocking the phone," said Andy Hayter, security evangelist for G Data.Many of the suspect phones are sold in Asia and Europe through third parties or middleman and aren't coming directly from the manufacturers, Hayter said.Brands of affected phones include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido.To read this article in full or to leave a comment, please click here
A former Secret Service agent admitted Monday to stealing US$820,000 worth of bitcoins from Silk Road vendors during the investigation of the online contraband market.Shaun W. Bridges, 32, of Laurel, Maryland, pleaded guilty in the U.S. District Court for the Northern District of California to money laundering and obstruction of justice. He is scheduled for sentencing on Dec. 7, according to prosecutors.Bridges was one of two federal investigators charged with crimes committed during the probe of the Silk Road, which was shut down in October 2013.To read this article in full or to leave a comment, please click here
Credentials for more than 225,000 Apple accounts have been stolen by sophisticated malware that targets modified iOS devices, according to Palo Alto Networks.The malware, which is nicknamed KeyRaider, enables attackers to download applications from Apple's App Store without paying or to lock devices in lieu of a ransom.“We believe this to be the largest known Apple account theft caused by malware,” wrote Claud Xiao of Palo Alto Networks in a blog post.Palo Alto Networks notified Apple of KeyRaider on Aug. 26 and provided the stolen account information, Xiao wrote. Apple officials in Sydney couldn't be immediately reached on Monday.To read this article in full or to leave a comment, please click here
Russian-speaking hackers have breached 97 websites, mostly dating-related, and stolen login credentials, putting hundreds of thousands of users at risk.Many of the websites are niche dating ones similar to Ashley Madison, according to a list compiled by Hold Security, a Wisconsin-based company that specializes in analyzing data breaches. A few are job-related sites.Batches of stolen information were found on a server by the company’s analysts, said Alex Holden, Hold Security’s founder and CTO. The server, for some reason, was not password protected, allowing analysis of its contents, he said.None of the dating sites are nearly as prominent as Ashley Madison, which saw sensitive company information, emails, internal documents and details of 30 million registered users released in a devastating data breach. Holden said this Russian-speaking group is not related to Impact Team, which claimed credit for the intrusion into Ashley Madison.To read this article in full or to leave a comment, please click here
Google will stop some Flash content from automatically playing starting Sept. 1, a move it decided on earlier this year to improve browser performance.Flash, made by Adobe Systems, is still widely used for multimedia content, but security and performance issues have prompted calls to move away from it.In June, Google said it planned to pause Flash content that wasn’t central to a Web page but allow other content such as videos to autoplay. Flash, it said, can drain a user’s laptop battery faster.There are also security implications that Google didn’t mention. Vulnerabilities in Flash are one of the most common ways that malware ends up on computers.To read this article in full or to leave a comment, please click here
Stanford University computer scientist Jonathan Mayer was recently Web browsing at a U.S. airport when he noticed there were too many online advertisements.The website for Stanford, for example, displayed a pop-up ad for a 60 percent discount on jewelry. The Federal Communications Commission website appeared to be advertising ladies' boots. ScreenshotAn example of an ad said to be injected over the FCC's website while on an AT&T free airport Wi-Fi hotspot.To read this article in full or to leave a comment, please click here
A small Washington, D.C.-based startup accused of crude marketing centered around the Ashley Madison data breach said Monday it is changing its tactics amid criticism.Trustify, a 10-person company that launched in March, runs a web-based service for connecting people with private investigators for $67 an hour.Last week, it created an online tool that lets people check if their email address was in the large dump of stolen user information from the extramarital hookup site.The tool was one of many that were created after hackers released information on more than 30 million registered users of the website, one of the largest and most sensitive data breaches on record.To read this article in full or to leave a comment, please click here
A hacking group suspected of operating from China has had success stealing information from mostly Indian targets, often pertaining to border disputes and trade issues, according to FireEye.
The gang specializes in sending targeted phishing emails to victims in the hope of gaining wider access to their networks, a practice known as spear phishing, said Bryce Boland, CTO for Asia-Pacific at the security firm.
FireEye hasn’t give a name to the group, but has watched it since 2011, Boland said.
The company has gathered data on the group based on attacks attempted against its customers. Analysis of Internet infrastructure used by the group, including command-and-control servers, have given insight into the scope of its operations, Boland said.To read this article in full or to leave a comment, please click here
The woes of AshleyMadison.com’s owners continued Thursday, with a second large release of internal data that security experts suspect is authentic.
An 18.5 GB file was released on file-sharing networks by a group called the Impact Team. The same group claimed responsibility for the initial breach last month of the website, which caters to those seeking extramarital affairs.
Because of the large file size, IDG News Service wasn’t able to take a look at the data. But David Kennedy, founder and CEO of the Ohio-based security company TrustedSec, said it appears to be legitimate.
His company had taken a brief look at the data. It contains what purports to be email from Avid Life Media’s CEO, Noel Biderman, as well as other employees.To read this article in full or to leave a comment, please click here
A closely watched band of suspected Russian hackers have spied on domestic targets, including two members of the outspoken punk rock band Pussy Riot.Trend Micro said the group, which it refers to as Pawn Storm, has also targeted a software developer in Russia, politicians, artists and journalists in the country.“Pawn Storm’s targets have mostly been external political entities outside of Russia, but after our analysis we found that a great deal of targets can actually be found within the country’s borders,” wrote Feike Hacquebord, a Trend Micro threat researcher, in a blog post on Tuesday.To read this article in full or to leave a comment, please click here
AshleyMadison.com's owner said Tuesday it is examining a large batch of data posted online by hackers who breached the website last month.
A group calling itself Impact Team initially posted a sample of the data online on July 19, giving the site's owner, Avid Life Media, a month to shut down AshleyMadison.com and another site, Establishedmen.com.
The group in part contested the moral position of Ashley Madison, which caters to people seeking extramarital affairs.
Avid Life Media, based in Toronto, said in a statement that it is "actively monitoring and investigating this situation to determine the validity of any information posted online."To read this article in full or to leave a comment, please click here
A New York man pleaded guilty Monday to one federal spam-related charge for selling access to a botnet of Facebook accounts on a now-shuttered cybercriminal forum.Eric L. Crocker, 29, of Binghamton, New York, could face up to three years in prison and a US$250,000 fine, according to the U.S. Attorney's Office for the Western District of Pennsylvania. He was charged with violating the CAN-SPAM Act, according to a court document.Crocker was accused of selling access to a botnet he and others built of compromised Facebook accounts, according to the indictment. His customers used the access to send high volumes of spam.To read this article in full or to leave a comment, please click here
Gaming and hosting companies have been hit with a new kind of DDoS attack that could snowball without preventive steps, Level 3 Communications warned on Monday.
Attackers have figured out how to abuse portmap services that have been left openly accessible on the Internet, said Dale Drew, chief security officer for Level 3.
"We think it has the potential to be very, very bad," Drew said.
Portmap, also referred to as RPCbind, is an open-source utility for Unix systems but also is in Windows. It maps network port numbers to available services.
For example, portmap might be used if someone wants to mount a Windows drive from a Unix file system. Portmap would tell Unix where the drive is located and the right port number.To read this article in full or to leave a comment, please click here
An Italian teenager has found two zero-day vulnerabilities in Apple’s OS X operating system that could be used to gain remote access to a computer.The finding comes after Apple patched last week a local privilege escalation vulnerability that was used by some miscreants to load questionable programs onto computers.Luca Todesco, 18, posted details of the exploit he developed on GitHub. The exploit uses two bugs to cause a memory corruption in OS X’s kernel, he wrote via email.To read this article in full or to leave a comment, please click here
Google has released another patch for the Stagefright vulnerability after a security firm said the first one didn’t fix it.Hundreds of millions of Android devices are vulnerable to Stagefright. A device can be compromised merely through the receipt of a specially crafted multimedia message (MMS), so an attacker needs only the victim’s phone number.The flaw was found by Joshua Drake at mobile security firm Zimperium, which submitted a set of patches along with its big report. Google released its first patch for Stagefright last week.To read this article in full or to leave a comment, please click here
Security updates are being distributed for a telematics control unit (TCU) that security researchers showed could be manipulated to remotely apply the brakes of a Corvette, according to the device’s French manufacturer.The device is a small dongle that plugs into the On-Board Diagnostics II (OBD-II) port on a vehicle, usually located under the driver’s side dashboard. TCUs with cellular connections are increasingly being used in vehicles by insurance companies to monitor drivers or for fleet management.At the USENIX security conference this week in Washington, D.C., academics from the University of California demonstrated how a C4E family dongle from Paris-based Mobile Devices Ingenierie could be remotely accessed.To read this article in full or to leave a comment, please click here
As if recent research on car hacking wasn’t frightening enough, a new study shows yet another danger to increasingly networked vehicles.This time around, academics with the University of California analyzed small, third-party devices that are sometimes plugged into a car’s dashboard, known as telematic control units (TCUs).Insurance companies issue the devices to monitor driving metrics in order to meter polices. Other uses include fleet management, automatic crash reporting and tracking stolen vehicles.In order to collect vehicle data, TCUs have access to the electronic brain of an automobile, the CAN (Controller Area Network) bus, which transmits and receives messages from many vehicle systems. The TCUs also have SIM cards, which give them cellular network connectivity in order to send information.To read this article in full or to leave a comment, please click here
The developing world is increasingly using mobile banking apps to move money, but new research shows those apps are often poorly coded and pose security risks.Researchers with the University of Florida looked at dozens of apps used for mobile money systems but extensively analyzed seven that have millions of users in Brazil, India, Indonesia, Thailand, and the Philippines.The problems they found represent a large attack surface, including SSL/TLS issues, botched cryptography, information leakage and opportunities to manipulate transactions and modify financial records.The impact of the problems is unknown, but “it is possible that these apps are already being exploited in the wild, leaving consumers with no recourse to dispute financial transactions,” according to their research paper, to be presented on Wednesday at the 24th USENIX Security Symposium in Washington, D.C.To read this article in full or to leave a comment, please click here
Retailer Fred’s said Monday it found malware that collected payment card details on two of its servers, but it doesn’t appear the data was removed from its systems.The malware was on the servers since March 23, operating through April 8 on one and through April 24 on the other, the company said in a statement. It has since been removed.The malware was designed to collect so-called track 2 data contained on the magnetic stripe of payment cards, which Fred’s said contained the card number, expiration date and verification code. No other customer information is at risk.“During this time period, track 2 data was at risk of disclosure; however, the third-party cyber-security firm did not find evidence that track 2 data was removed from the company’s system,” the retailer said. Law enforcement is also investigating.To read this article in full or to leave a comment, please click here
Jeremy Kirk