A customized version of Google's Chrome browser developed by security vendor Comodo has a jaw-dropping flaw, according to a researcher.Tavis Ormandy, an information security engineer with Google, analyzed Comodo's "Chromodo," a browser based on the Chromium open-source code.Chromodo is marketed as a browser with enhanced security and privacy controls. But Ormandy found it contains a flaw that violates one of the most basic rules for Web security.To read this article in full or to leave a comment, please click here
Malwarebytes said it could take three of four weeks to fix flaws in its consumer product that were found by a Google security researcher.The company has fixed several server-side vulnerabilities but is still testing a new version of its Anti-Malware product to fix client-side problems, CEO Marcin Kleczynski said in a blog post.In the meantime, customers can implement a workaround: those using the premium version of Anti-Malware "should enable self-protection under settings to mitigate all of the reported vulnerabilities," he wrote.To read this article in full or to leave a comment, please click here
FireEye said Monday it has acquired Invotas, a company that develops a platform that helps administrators respond faster to security incidents.The deal closed on Monday, but terms were not disclosed.FireEye, which started out with an end-point protection product, has been seeking to expand the range of security products and services it offers as cybersecurity has become a growing concern for companies.Invotas, based in Alexandria, Virginia, has a single product, its Security Orchestrator. The platform is designed to take in information from a range of security products from different vendors and automate responses when an incident is detected.To read this article in full or to leave a comment, please click here
A study from Harvard released Monday largely refutes claims that wider use of encryption in software products will hamper investigations into terrorism and crime.It predicts that the continued expansion of Internet-connected devices -- such as smart TVs and vehicles, IP video cameras and more -- will offer fresh opportunities for tracking targets. "Law enforcement or intelligence agencies may start to seek orders compelling Samsung, Google, Mattel, Nest or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target," it said. "These are real products now."To read this article in full or to leave a comment, please click here
A study from Harvard released Monday largely refutes claims that wider use of encryption in software products will hamper investigations into terrorism and crime.It predicts that the continued expansion of Internet-connected devices -- such as smart TVs and vehicles, IP video cameras and more -- will offer fresh opportunities for tracking targets. "Law enforcement or intelligence agencies may start to seek orders compelling Samsung, Google, Mattel, Nest or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target," it said. "These are real products now."To read this article in full or to leave a comment, please click here
The OpenSSL project has patched a problem in the cryptographic library but one that likely does not affect many popular applications.OpenSSL enables SSL (Secure Sockets Layer) or TLS (Transport Layer Security) encryption. Most websites use it, which is indicated in Web browsers with a padlock symbol.It's an open-source library that is widely used in applications for secure data transfers. After serious vulnerabilities were found in OpenSSL over the last couple of years, the application has been under much scrutiny by security researchers.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords
The latest vulnerability affects versions 1.0.1 and 1.0.2. The updated versions are 1.0.2f and 1.0.1r.To read this article in full or to leave a comment, please click here
LG has patched a security flaw in an application preinstalled on millions of its Android G3 smartphones that researchers found could be used to steal a variety of data.The application, called Smart Notice, is a kind of multifunctional widget, managing contacts, notifications, and weather and traffic alerts.Researchers from BugSec and Cynet, two computer security companies, found that they could attack a person's phone by sending them a contact with malicious JavaScript contained in the name field, according to a video.To read this article in full or to leave a comment, please click here
Google's VirusTotal service has added a new tool that analyzes firmware, the low-level code that bridges a computer's hardware and operating system at startup.Advanced attackers, including the U.S. National Security Agency, have targeted firmware as a place to embed malware since it's a great place to hide. Since antivirus programs "are not scanning this layer, the compromise can fly under the radar," wrote Francisco Santos, an IT security engineer with VirusTotal, in a blog post on Wednesday.Also, malware hidden in firmware often can't be easily erased and can survive reboots and fresh installs of an OS, Santos wrote.To read this article in full or to leave a comment, please click here
An online advertising company has fixed a vulnerability in its platform that could have allowed hackers to steal information from a large number of users.The cross-site scripting (XSS) flaw in the platform of PublicityClerks was found by a U.K. security researcher who goes by the handle CEHSecurity on Twitter.Cross-site scripting flaws are one of the most common faults in websites. They allow an attacker to inject malicious code into a website, which then can be used to steal data and for other attacks."As soon as we were aware of the issue, we fixed it ASAP and ensured our advertisers and publishers were not affected," said James Hakim, PublicityClerks' founder and CEO.To read this article in full or to leave a comment, please click here
An online advertising company has fixed a vulnerability in its platform that could have allowed hackers to steal information from a large number of users.The cross-site scripting (XSS) flaw in the platform of PublicityClerks was found by a U.K. security researcher who goes by the handle CEHSecurity on Twitter.Cross-site scripting flaws are one of the most common faults in websites. They allow an attacker to inject malicious code into a website, which then can be used to steal data and for other attacks.INSIDER: Traditional anti-virus is dead: Long live the new and improved AV
"As soon as we were aware of the issue, we fixed it ASAP and ensured our advertisers and publishers were not affected," said James Hakim, PublicityClerks' founder and CEO.To read this article in full or to leave a comment, please click here
Lenovo has patched several software flaws in a file-sharing utility, which could allow attackers to browse and make copies of files.The flaws were found by Core Security, which described in an advisory a lengthy back and forth dialog with Lenovo starting in late October over the problems.The affected application is SHAREit, which is designed to let people share files from Windows computers or Android devices over a local LAN or through a Wi-Fi hotspot that's created.SHAREit is preloaded on Lenovo devices, including its ThinkPad and IdeaPad notebooks and other mobile devices. The vulnerable SHAREit versions are the Android 3.0.18_ww and Windows 2.5.1.1 packages, Core Security said.To read this article in full or to leave a comment, please click here
Lenovo has patched several software flaws in a file-sharing utility, which could allow attackers to browse and make copies of files.The flaws were found by Core Security, which described in an advisory a lengthy back and forth dialog with Lenovo starting in late October over the problems.The affected application is SHAREit, which is designed to let people share files from Windows computers or Android devices over a local LAN or through a Wi-Fi hotspot that's created.INSIDER: Traditional anti-virus is dead: Long live the new and improved AV
SHAREit is preloaded on Lenovo devices, including its ThinkPad and IdeaPad notebooks and other mobile devices. The vulnerable SHAREit versions are the Android 3.0.18_ww and Windows 2.5.1.1 packages, Core Security said.To read this article in full or to leave a comment, please click here
A years-long campaign of seemingly disparate cyberattacks against Tibetan and Uyghur activists likely comes from a single group of hackers, according to a seven-month study by Palo Alto Networks.The computer security company also concluded that the information stolen by the group, nicknamed Scarlet Mimic, would be of little interest to entities other than a nation-state."The majority of attacks we identified were targeting Uyghurs or Tibetans or advocates thereof," Olson said.Several other security companies, including Kaspersky Lab and Trend Micro, and Citizen Lab, part of the University of Toronto, have studied attacks against the activist groups, which have long been at odds with the Chinese government. Palo Alto's report noted, however, that it did not have direct evidence linking the attacks to China.To read this article in full or to leave a comment, please click here
An Austrian airplane component maker for Boeing and Airbus said earlier this week a cybercrime-related fraud has caused €50 million (US$54 million) in damages.FACC AG said in its third quarter results report that the accounting department of its FACC Operations unit was targeted.While many businesses have had brushes with cybercrime in the last few years, FACC's large damages figure stands out."The management board has taken immediate structural measures and is evaluating damages and insurance claims," the document said.It characterized the incident as an "outflow" of €50 million of "liquid funds." The loss does not pose an economic threat to the company, it said.To read this article in full or to leave a comment, please click here
A company that makes video conferencing products replaced one serious security vulnerability with another, despite being warned of the dangers.
AMX Harman, which makes a variety of audio-visual and building control equipment, has patched the problem. But on Thursday SEC Consult, an information security firm in Vienna, revealed what it says is the back story.
Last March, SEC Consult warned AMX that it had found a secret account in certain versions of the NX-1200, an appliance for controlling audio-visual systems.To read this article in full or to leave a comment, please click here
A number of Ukrainian power companies are seeing fresh cyberattacks following ones in December that briefly knocked out power for tens of thousands of customers.
Security vendor Eset said on Wednesday that the attacks use a different kind of malware, prompting questions about whether the same group or groups are involved.
"The malware is based on a freely available open-source backdoor – something no one would expect from an alleged state-sponsored malware operator," wrote Robert Lipovsky, a senior malware researcher with Eset.
The new finding deepens the mystery over who is targeting the Ukrainian companies.To read this article in full or to leave a comment, please click here
FireEye has acquired Texas-based iSight Partners for $200 million, a deal that executives say will give FireEye stronger intelligence on cybercriminal and hacking groups before they strike.The transaction, announced Wednesday, closed on Jan. 14.FireEye started with an end-point protection product aimed at filtering out malware before it entered a company's network. But the company has sought to expand its range of services through acquisitions as cybersecurity has become an ever-increasing concern -- and a more lucrative business.In early 2014, it bought Mandiant, a computer security company that specializes in investigating cyberattacks. The victims of some of the largest data breaches in memory, including Target, have retained Mandiant's services.To read this article in full or to leave a comment, please click here
Dridex, the banking malware that won't go away, has been improved upon once again.IBM's X-Force researchers have found that the latest version of Dridex uses a DNS (Domain Name System) trick to direct victims to fake banking websites.The technique, known as DNS cache poisoning, involves changing DNS settings to direct someone asking for a legitimate banking website to a fake site.DNS cache poisoning is a powerful attack. Even if a person types in the correct domain name for a bank, the fake website is still shown in the browser."By keeping the victim away from the bank’s site, the fraudster can deceive them into divulging critical authentication codes without the bank knowing that the customer’s session has been compromised," wrote Limor Kessem, a cybersecurity expert with IBM's Trusteer division, in a blog post on Tuesday.To read this article in full or to leave a comment, please click here
Oracle admins will be busy: The company issued 248 patches on Tuesday, its largest-ever release, according to one security vendor.Five of the vulnerabilities have the highest severity rating according to the Common Vulnerability Scoring System (CVSS), wrote ERPScan, a security company that specializes in SAP and Oracle systems.Most of those vulnerabilities related to Java SE, Oracles's platform for running Java applications on servers and desktops.In a long advisory, Oracle recommended that admins patch immediately.To read this article in full or to leave a comment, please click here
A protocol designed and promoted by the British government for encrypting voice calls has a by-design weakness built into it that could allow for mass surveillance, according to a University College London researcher.Steven Murdoch, who works in the university's Information Security Research Group, analyzed a protocol developed by CESG, which is part of the spy agency GCHQ.The MIKEY-SAKKE (Multimedia Internet KEYing-Sakai-KasaharaKey Encryption) protocol calls for a master decryption key to be held by a service provider, he wrote in an analysis published Tuesday.To read this article in full or to leave a comment, please click here
Jeremy Kirk