Jeremy Kirk

Author Archives: Jeremy Kirk

Winner claimed in $1 million iOS 9 hacking contest

A team of security researchers may have found a way to remotely penetrate the defenses of Apple's latest mobile OS, making them eligible for a $1 million reward. The money was offered in a contest run by a Washington, D.C.-based company called Zerodium, which is in the controversial business of buying and selling information about software vulnerabilities. It congratulated the winning team on Twitter Monday, though it didn't identify the researchers, which made its claim about finding a new security hole in iOS 9 impossible to verify.To read this article in full or to leave a comment, please click here

Apple users having trouble auto-updating QuickTime on Windows 8, 10

A glitch with Apple's QuickTime multimedia program has left some Windows users wondering why they're having trouble updating to the latest version.QuickTime has an auto-update mechanism, but it appears to not work on Windows 8 and 10, wrote Alton Blom, a Sydney-based security researcher, in a blog post.Blom wrote that he found inconsistencies in how QuickTime and Apple's Software Update tool interacted with each other depending on the versions of Windows and QuickTime installed.For example, on Windows 8, QuickTime reported that it was up to date, but Apple's Software Update tool said the application needed to be upgraded to 7.7.8, which is the latest version, Blom wrote.To read this article in full or to leave a comment, please click here

UK police arrest third person in TalkTalk breach investigation

UK police arrested a third suspect on Saturday relating to the breach at communications provider TalkTalk, which said the amount of data exposed is less than initially thought.A 20-year-old man was arrested after police executed a search warrant at an address in south Staffordshire, the Metropolitan Police said Sunday.The man, who was not identified, was arrested on suspicion of violations of the Computer Misuse Act and was later bailed.  UK police arrested a 15-year-old boy in County Antrim, Northern Ireland, on Oct. 26, and a 16-year-old boy in Feltham, England, on Thursday. Both boys have been bailed.To read this article in full or to leave a comment, please click here

Cryptowall ransomware revenue may flow to one group

Just one cybercriminal group may be collecting the revenue from Cryptowall 3.0, a malicious program that infects computers, encrypts files and demands a ransom, according to a new study released on Thursday.The finding comes from the Cyber Threat Alliance (CTA), an industry group formed last year to study emerging threats, with members including Intel Security, Palo Alto Networks, Fortinet and Symantec. Cryptowall is among several families of "ransomware" that have posed a growing danger to businesses and consumers. If a computer is infected, its files are scrambled with strong encryption.To read this article in full or to leave a comment, please click here

Windows users often forget to patch their Apple programs

A survey of applications installed on Windows computers found that a lot of users don't run up-to-date versions of Apple programs. Apple's multimedia program, QuickTime, and its iTunes software were ranked as some of the most "exposed" programs based on risk by Secunia Research, which is now part of Flexera Software. Among U.S. users, some 61 percent of computers detected running QuickTime did not have the latest version. With iTunes, 47 percent of the installations were outdated versions. It's not Apple's fault. Although many software companies alert users to new versions of applications, it's largely up to users to install them.To read this article in full or to leave a comment, please click here

Iranian hackers show strong interest in Android spying tools

Iranian hackers are showing strong interest in malware that can secretly pull data from Android devices, which are popular in the Middle East.The analysis comes from Recorded Future, a cybersecurity intelligence firm based in Somerville, Massachusetts.One of Recorded Future's specialties is monitoring hacking forums, looking for clues and chatter that might indicate future attacks.Over the last six months, there appears to have been high interest on Iranian hacking forums in remote access tools, or programs designed to listen to calls and collect text message and GPS data, according to a blog post.To read this article in full or to leave a comment, please click here

UK arrests teenager in connection with TalkTalk hack

U.K. police arrested a 15-year-old boy in Northern Ireland on Monday in connection with the data breach at TalkTalk, as the broadband and phone provider faces growing criticism over its handling of the incident.The teenager, detained in Country Antrim, could face charges under the Computer Misuse Act, the Metropolitan Police said.TalkTalk's website was breached on Oct. 21, resulting in the loss of customer names, addresses, birth dates, email addresses, phone numbers, account information, payment card and bank account details.To read this article in full or to leave a comment, please click here

Despite takedown, the Dridex botnet is running again

Spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.The finding confirms that while law enforcement can claim temporary victories in fighting cybercriminal networks, it's sometimes difficult to completely shut down their operations.The U.S. Department of Justice said on Oct. 13 it was seeking the extradition of a 30-year-old Moldovan man, Andrey Ghinkul. Prosecutors allege he used Dridex malware to steal US$10 million from U.S. companies and organizations.To read this article in full or to leave a comment, please click here

Joomla releases patch for serious SQLi flaw

Joomla, a popular content management system, released patches on Thursday for a vulnerability that can allow an attacker to get full administrative access to a website.Joomla versions 3.2 through 3.4.4 are vulnerable, and the latest version is 3.4.5.The SQL injection flaw was found by Asaf Orphani, a researcher with Trustwave's SpiderLabs, and Netanel Rubin of PerimeterX.SQL injection flaws occur when a backend database executes a malicious query when it shouldn't. The type of vulnerability is one of the most prevalent ones within web applications.To read this article in full or to leave a comment, please click here

MacKeeper buyers ask for refunds in droves following lawsuit

Tens of thousands of people who bought MacKeeper have filed for refunds as part of a proposed class-action settlement against the application's former developer.The number of refund requests has far exceeded what is typical in these type of lawsuits, surprising even experienced class-action lawyers.But the unfortunate side effect of the robust response means those who've applied will probably get a smaller refund.The class-action suit was filed in May 2014 on behalf of Pennsylvania resident Holly Yencha, who contended that MacKeeper falsely flagged security and performance problems in order to coax consumers into paying US$39.95 for the full version.To read this article in full or to leave a comment, please click here

Microsoft to pay up to US$15K for bugs in two Visual Studio tools

Microsoft has started a three-month bug bounty program for two tools that are part of Visual Studio 2015.The program applies to the beta versions of Core CLR, which is the execution engine for .NET Core, and ASP.NET, Microsoft's framework for building websites and web applications. Both are open source."The more secure we can make our frameworks, the more secure your software can be," wrote Barry Dorrans, security lead for ASP.NET, in a blog post on Tuesday.All supported platforms that .NET Core and ASP.NET run on will be eligible for bounties except for beta 8, which will exclude the networking stack for Linux and OS X, Dorrans wrote.To read this article in full or to leave a comment, please click here

Researchers warn computer clocks can be easily scrambled

In 2012, two servers run by the U.S. Navy rolled back their clocks 12 years, deciding it was the year 2000.The servers were very important: they're part of a worldwide network that helps computers keep the right time using the Network Time Protocol (NTP).Computers that checked in with the Navy's servers and adjusted their clocks accordingly had a variety of problems with their phones systems, routers and authentication systems.The incident underscored the serious problems that can occur when using NTP, one of the oldest Internet protocols published in 1985.The protocol is fairly robust, but researchers from Boston University said on Wednesday they've found several flaws in NTP that could undermine encrypted communications and even jam up bitcoin transactions.To read this article in full or to leave a comment, please click here

Researchers warn computer clocks can be easily scrambled

In 2012, two servers run by the U.S. Navy rolled back their clocks 12 years, deciding it was the year 2000.The servers were very important: they're part of a worldwide network that helps computers keep the right time using the Network Time Protocol (NTP).MORE: 10 Cool Network & Computing Research ProjectsComputers that checked in with the Navy's servers and adjusted their clocks accordingly had a variety of problems with their phones systems, routers and authentication systems.To read this article in full or to leave a comment, please click here

Synack builds intel platform for its penetration testers

Synack, a security company that uses crowdsourcing for penetration testing, has built an intelligence platform that it says will narrow down weak points in a company's network. Based in Redwood City, California, Synack uses a network of freelance security analysts in 35 countries to probe the networks of companies who've signed up to its subscription service. The analysts, who are closely vetted by Synack, get paid based on the vulnerabilities and security problems they find, ranging from $100 up to thousands. The subscription offering means companies are continually analyzed. Jay Kaplan, Synack's co-founder and CEO, said they wanted to build platform that would help its analysts quickly focus their attention on potential trouble spots. Called Hydra, the platform spots vulnerabilities in networks and applications, looks for out-of-date software and other issues.To read this article in full or to leave a comment, please click here

Google, Yahoo tighten spam filtering

Google and Yahoo are expanding their use of a successful system for identifying spam.The move is part of years-long effort to implement a series of checks designed to figure out if an email really has been sent by the domain it purports to come from.Email spoofing has long been a problem since its easy to forge the "from" address, making it more likely the receiver will believe it came from a legitimate source.By Nov. 2, Yahoo plans to being using DMARC (Domain-based Message Authentication, Reporting & Conformance) for its ymail.com and rocketmail.com services. Next year, Google also plans to move Gmail to a strict DMARC policy, according to a news release.To read this article in full or to leave a comment, please click here

Magento says compromised sites haven’t patched older vulnerabilities

Magento said Tuesday there does not appear to be a new vulnerability in its e-commerce platform that is causing some websites to become infected with the Neutrino exploit kit. Some of the affected websites appear to not have patched a code execution vulnerability nicknamed the Shoplift Bug Patch, Magento's security team wrote in a blog post. A patch was released in February. Other Magento-powered sites have not applied other patches, making them vulnerable. The latest attack against Magento was highlighted by Malwarebytes and Sucuri, two security companies, who noticed attacks on the client and server sides.To read this article in full or to leave a comment, please click here

Is it still possible to do phone phreaking? Yes, with Android on LTE

In the 1960s and 70s, technically savvy enthusiasts sought to game telecommunications systems to make free calls, keeping telecom engineers on their toes.That practice, known as phreaking, involved such luminaries as Steve Jobs, Steve Wozniak and John Draper, known as Cap'n Crunch, who used a whistle from a cereal box to meddle with AT&T's long-distance trunk lines.These days, mobile operators have fully embraced the Internet and are increasingly moving voice calls over fast, packet-switched networks, known as Voice over LTE (Long Term Evolution). The advantage is higher-quality voice calls for subscribers and lower costs for operators.To read this article in full or to leave a comment, please click here

Magento sites targeted by Neutrino exploit kit

Some websites running the e-commerce platform Magento appear to have been infected with code that directs victims to the Neutrino exploit kit. It's not exactly clear how the Magento sites were infected, wrote Denis Sinegubko, a senior malware researcher with Sucuri, a Delware-based security company. "At this point, we can suspect that it was some vulnerability in Magento or one of the third-party extensions that allowed it to infect thousands of sites within a short time," he wrote. The Magento sites are rigged to pull content into an iframe from a domain which has been blacklisted by Google, Sinegubko wrote.To read this article in full or to leave a comment, please click here

Facebook warns users of potential state-sponsored attacks

Facebook will now warn people if it has a strong suspicion an account is being targeted by a nation-state. The social networking service already takes steps to secure accounts that may have been compromised but has decided to directly alert users of the type of attack that's under way, wrote Alex Stamos, Facebook's chief security officer. Since state-sponsored attacks can be more sophisticated "having an account compromised in this manner may indicate that your computer or mobile device has been infected with malware," he wrote.To read this article in full or to leave a comment, please click here

Is Apple’s security honeymoon on OS X ending?

Apple scored unforgettable hits against Microsoft with its Mac vs. PC ads, which anthropomorphized Windows as a sneezing, miserable office worker.   Security experts always knew that the campaign was a clever bit of marketing fluff, one that allowed Apple to capitalize on Microsoft's painful, years-long security revamp. The landscape is changing, however. Apple's market share of desktop computers is nearing 17 percent. OS X, Apple's operating system, is popular with consumers and enterprises now, making it a more interesting target for hackers. A report to be released on Thursday by the security company Bit9 + Carbon Black shows that more malware has been found this year for OS X than in the last five years combined.To read this article in full or to leave a comment, please click here

1 6 7 8 9 10 18