Jeremy Kirk, Author at NetworkingNexus.net

Jeremy Kirk

Author Archives: Jeremy Kirk

FBI says supposed ISIS sympathizers exploiting WordPress plugins

The Federal Bureau of Investigation warned Tuesday that attackers claiming to be sympathetic to the extremist group ISIS are targeting websites that have vulnerable WordPress plugins.The content management system has a thriving community of third-party developers who have created some 37,000 plugins, but occasionally security vulnerabilities in one can put a large number of websites at risk.The vulnerabilities can allow the hackers to gain unauthorized access, inject scripts or install malware on the affected sites, according to an advisory published by the FBI’s Internet Crime Complaint Center. The attackers have hit news organizations, religious institutions, commercial and government websites.To read this article in full or to leave a comment, please click here

SingTel acquires TrustWave for managed security services

SingTel will acquire TrustWave Holdings, the largest U.S. independent provider of managed security services, for $810 million, the companies said on Tuesday.SingTel, a large operator based in Singapore, owns stakes in mobile companies in Indonesia, the Philippines, Thailand, Bangladesh, India, Sri Lanka and countries in Africa. In Australia, SingTel runs Optus, one of the country’s major operators.Chicago-based TrustWave specializes in managed security services, an increasingly popular option for businesses. They allow customers turn over to a third party their network security, vulnerability management and data breach responsibilities, so they don’t have to develop those capabilities in house. As computer security has become increasingly complicated, managed security services are often are cheaper, and can allow companies to respond to security breaches faster.To read this article in full or to leave a comment, please click here

SingTel acquires TrustWave for managed security services

Linux Australia breached, personal details leaked

The open-source and free software user group Linux Australia said personal information for attendees of two conferences it hosts may have been leaked after malware was found on one of its servers.The information may have included first and last names, postal and email addresses, phone numbers and hashed passwords, wrote Joshua Hesketh, Linux Australia’s president, on a message board. Financial data was not affected, he wrote.The breach affects those who registered for the group’s Linux conference over the last three years and for python programming conference Pycon Australia in 2013 and 2014, he wrote. Attendee data for those conferences was held on the compromised server.To read this article in full or to leave a comment, please click here

Wider use of HTTPS could have prevented attack against GitHub

The unique attack method used to disrupt the code-sharing site GitHub over the last week could have been prevented if more websites enabled encryption, the Electronic Frontier Foundation (EFF) said Wednesday.The attack against GitHub was enabled by someone tampering with regular website traffic to unrelated Chinese websites, all of which used a JavaScript analytics and advertising related tool from Baidu.Somewhere on China’s network perimeter, that analytics code was swapped out for code that transparently sent data traffic to GitHub, at times crippling parts of the popular website, particularly two projects that specialize in anti-censorship tools. It was also particularly insidious since the users whose traffic was modified didn’t know they had been roped into the attack.To read this article in full or to leave a comment, please click here

EFF questions US government’s software flaw disclosure policy

It’s not clear if the U.S. government is living up to its promise to disclose serious software flaws to technology companies, a policy it put in place five years ago, according to the Electronic Frontier Foundation.The digital watchdog said on Monday it received a handful of heavily redacted documents from the Office of the Director of National Intelligence (ODNI), which it sued last July after it and the National Security Agency moved too slowly on a Freedom of Information Act (FOIA) request.Last year, the EFF sought documents related to the U.S. government’s efforts to beef up its Vulnerability Equities Process (VEP), a framework for notifying companies about zero-day vulnerabilities.To read this article in full or to leave a comment, please click here

GitHub recovering from massive DDoS attacks

Software development platform GitHub said Sunday it was still experiencing intermittent outages from the largest cyberattack in its history but had halted most of the attack traffic.Starting on Thursday, GitHub was hit by distributed denial-of-service (DDoS) attacks that sent large volumes of Web traffic to the site, particularly towards two Chinese anti-censorship projects hosted there.Over the next few days, the attackers changed their DDoS tactics as GitHub defended the site, but as of Sunday, it appears the site was mostly working.A GitHub service called Gists, which lets people post bits of code, was still affected, it said. On Twitter, GitHub said it continued to adapt its defenses.To read this article in full or to leave a comment, please click here

An SDN vulnerability forced OpenDaylight to focus on security

Open-source software projects are often well intended, but security can take a back seat to making the code work.OpenDaylight, the multivendor software-defined networking (SDN) project, learned that the hard way last August after a critical vulnerability was found in its platform.It took until December for the flaw, called Netdump, to get patched, a gap in time exacerbated by the fact that the project didn’t yet have a dedicated security team. After he tried and failed to get in touch with OpenDaylight, the finder of the vulnerability, Gregory Pickett, posted it on Bugtraq, a popular mailing list for security flaws.To read this article in full or to leave a comment, please click here

An SDN vulnerability forced OpenDaylight to focus on security

Open-source software projects are often well intended, but security can take a back seat to making the code work. OpenDaylight, the multivendor software-defined networking (SDN) project, learned that the hard way last August after a critical vulnerability was found in its platform. It took until December for the flaw, called Netdump, to get patched, a gap in time exacerbated by the fact that the project didn’t yet have a dedicated security team. After he tried and failed to get in touch with OpenDaylight, the finder of the vulnerability, Gregory Pickett, posted it on Bugtraq, a popular mailing list for security flaws.To read this article in full or to leave a comment, please click here

Facebook’s Like button can still easily be gamed

Facebook’s Like button is a pervasive feature of the Web, a way to gauge the popularity of a website or piece of content. But researchers have found it’s easy to inflate the numbers, undermining its value as an accurate measure of popularity.The problem of bogus Likes has been around for some time, and Facebook has released updates to its software over the last couple of years to cut down on fraudulent ones generated by spammers.But researchers with McGill University’s School of Computer Science in Montreal say the social networking company still hasn’t fixed several major problems with the feature. This week, they released a research paper outlining the problems, which they first told Facebook about in early 2013.To read this article in full or to leave a comment, please click here

Egyptian company says rogue Google SSL certificates were a mistake

An Egyptian company that created unauthorized digital certificates for several Google domains said Wednesday it made a mistake and acted quickly when the error became known.The SSL/TLS (Secure Sockets Layers/Transport Layer Security) certificates would have allowed MCS Holdings of Cairo to decrypt traffic sent by users on its network to Google, a major privacy concern. Google said it doesn’t believe the certificates were misused.But MCS shouldn’t have been able to create digital certificates for Google properties in the first place. It appears MCS and a Certificate Authority (CA) in China both made mistakes, which highlight ongoing problems in the way digital certificates are issued.To read this article in full or to leave a comment, please click here

Zero day, Web browser vulnerabilities spike in 2014

The number of zero-day and Web browser vulnerabilities shot up in 2014, but overall software vendors are patching faster.The data comes from Secunia, a Danish security vendor that releases an annual study of trends in software vulnerabilities, which are used by hackers to compromise computers.Zero-day vulnerabilities—which are software flaws actively being used by attackers when publicly disclosed—rose from 14 in 2013 to 25 last year. Those type of flaws are among the most dangerous and prized by attackers since patches aren’t available from vendors.Flaws in Web browser software increased to 1,035 in 2014, up from 728 the prior year, according to Secunia’s report.To read this article in full or to leave a comment, please click here

Android flaw puts personal data at risk for millions

Nearly half of Android devices are vulnerable to an attack that could replace a legitimate app with malicious software that can collect sensitive data from a phone.Google, Samsung and Amazon have released patches for their devices, but 49.5 percent of Android users are still vulnerable, according to Palo Alto Networks, which discovered the problem. Google said it has not detected attempts to exploit the flaw.A malicious application installed using the vulnerability, called “Android Installer Hijacking,” would have full access to a device, including data such as usernames and passwords, wrote Zhi Xu, a senior staff engineer with Palo Alto.To read this article in full or to leave a comment, please click here

Google catches bad digital certificates from Egyptian company

Google said Monday an Egyptian company issued digital certificates that could have been used to intercept data traffic to its services, which did not appear to have been abused.The incident is the latest example of longstanding problems around the issuance of digital certificates, which are used to encrypt data and verify the legitimacy of websites.Google detected on March 20 that unauthorized digital certificates had been issued for several of its domains by MCS Holdings, a Cairo-based networking and security company, wrote Adam Langley, a Google security engineer.To read this article in full or to leave a comment, please click here

Fake patient data could have been uploaded through SAP medical app

SAP has fixed two flaws in a mobile medical app, one of which could have allowed an attacker to upload fake patient data.The issues were found in SAP’s Electronic Medical Records (EMR) Unwired, which stores clinical data about patients including lab results and images, said Alexander Polyakov, CTO of ERPScan, a company based in Palo Alto, California, that specializes in enterprise application security.Researchers with ERPScan found a local SQL injection flaw that could allow other applications on a mobile device to get access to an EMR Unwired database. That’s not supposed to happen, as mobile applications are usually sandboxed to prevent other applications from accessing their data.To read this article in full or to leave a comment, please click here

To avoid NSA, Cisco gear gets delivered to strange addresses

One of the most successful U.S. National Security Agency spying programs involved intercepting IT equipment en route to customers and modifying it.At secret workshops, backdoor surveillance tools were inserted into routers, servers and networking equipment before the equipment was repackaged and sent to customers outside the U.S.The program, run by the NSA’s Tailored Access Operations (TAO) group, was revealed by documents leaked by former NSA contractor Edward Snowden and reported by Der Spiegel and Glenn Greenwald.To read this article in full or to leave a comment, please click here

Mandrill warns attack may have exposed some data about email

Mandrill warned customers on Wednesday that some email-related data may have been exposed after attackers tried to lasso some of its servers into a botnet.Data doesn’t appear to have been stolen, but some customers should take some security precautions, wrote Brandon Fouts, general manager of Mandrill, which is a platform for managing transactional email that is owned by The Rocket Science Group.“There’s not evidence that any customer data was queried or exported, but unfortunately we can’t completely rule out the possibility of access,” Fouts wrote in a blog post.Data that may have been exposed includes internal logs about emails sent, including sender and recipient addresses but not custom metadata or the content of messages, Fouts wrote.To read this article in full or to leave a comment, please click here

Premera, Anthem data breaches linked by similar hacking tactics

Premera Blue Cross may have been attacked using the same methods employed against its fellow health insurer Anthem, suggesting that a single group may be behind both breaches.Customer data, including bank account and clinical data going back to 2002, may have been compromised in the attack, affecting 11 million people, Premera said Tuesday.It is the largest breach to affect the healthcare industry since Anthem disclosed last month that upwards of 78.4 million records were at risk after hackers accessed one of its databases.Several computer security companies have published data that points to a China-based group known as Deep Panda as a possible source for Anthem’s breach.To read this article in full or to leave a comment, please click here

Hundreds of Android and iOS apps are still vulnerable to FREAK attacks

Hundreds of Android and iOS apps are still vulnerable to a dangerous attack revealed two weeks ago that can compromise encrypted data, a security vendor said Tuesday.The apps have not yet been patched against the FREAK attack, short for Factoring attack on RSA-EXPORT Keys, which was revealed by researchers on March 3.The unpatched apps, which were not identified, are in categories including finance, communication, shopping, business and medicine, computer security company FireEye said in a blog post Tuesday.The findings highlight how even some of the most publicized and severe flaws can take quite a bit of time to get fixed. That poses risks for people using apps whose developers are not quick to patch them.To read this article in full or to leave a comment, please click here

Premera Blue Cross says data breach may affect 11 million customers

As many as 11 million customers may have been affected by a data breach at U.S. health insurance provider Premera Blue Cross, in the second large attack against the health care industry disclosed in the last two months.The breach, discovered on Jan. 29, may have compromised customer names, birth dates, Social Security numbers, mailing and email addresses, phone numbers and bank account details, as well as claims and clinical information, Premera said on its website.It hadn’t determined yet if that sensitive information was actually removed from its systems, and it said there’s “no evidence to date that such data has been used inappropriately.” The FBI has been notified, it said.To read this article in full or to leave a comment, please click here

« Previous 1 … 14 15 16 17 18 Next »