Lucian Constantin
Author Archives: Lucian Constantin
- Home → Author's archive:
Lucian Constantin
0
In treason case, Russia alleges security experts aided US
Two officers of the Russian Federal Security Service (FSB) and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for helping U.S. intelligence services. The arrests of Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, and Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, happened in early December and were reported in the Russian media last week. Since then, the arrest of a third FSB officer named Dmitry Dokuchayev, who also worked for the agency's Information Security Center, came to light, and the investigation is said to have targeted even more people.To read this article in full or to leave a comment, please click here
0
In treason case, Russia alleges security experts aided US
Two officers of the Russian Federal Security Service (FSB) and a cybercrime investigator from Kaspersky Lab have reportedly been charged with treason for helping U.S. intelligence services. The arrests of Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, and Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, happened in early December and were reported in the Russian media last week. Since then, the arrest of a third FSB officer named Dmitry Dokuchayev, who also worked for the agency's Information Security Center, came to light, and the investigation is said to have targeted even more people.To read this article in full or to leave a comment, please click here
0
Mobile security firm offers cash to hackers for their old exploits
Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here
0
Mobile security firm offers cash to hackers for their old exploits
Mobile security firm Zimperium has launched an exploit acquisition program that aims to bring undisclosed attack code for already patched vulnerabilities out in the open.Paying for old exploits might seem like a waste of money, but there are technical and business arguments to justify such an acquisition system and they ultimately have to do with the difference between exploits and vulnerabilities.A vulnerability is a software defect with potential security implications, while an exploit is the actual code that takes advantage of that bug to achieve a specific malicious goal, often by bypassing other security barriers along the way.In practice, many vulnerabilities that get reported to vendors are not accompanied by working exploits. Showing that a programming error can lead to memory corruption is typically enough for the vendor to understand its potential implications -- for example, arbitrary code execution.To read this article in full or to leave a comment, please click here
0
Easy-to-exploit authentication bypass flaw puts Netgear routers at risk
For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done.While Netgear has worked to fix the issue, the list of affected router models increased to 30, of which only 20 have firmware fixes available to date. A manual workaround is available for the rest.The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.To read this article in full or to leave a comment, please click here
0
Easy-to-exploit authentication bypass flaw puts Netgear routers at risk
For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done.While Netgear has worked to fix the issue, the list of affected router models increased to 30, of which only 20 have firmware fixes available to date. A manual workaround is available for the rest.The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.To read this article in full or to leave a comment, please click here
0
Easy-to-exploit authentication bypass flaw puts Netgear routers at risk
For the past half year Netgear has been working on fixing a serious and easy-to-exploit vulnerability in many of its routers. And it's still not done.While Netgear has worked to fix the issue, the list of affected router models increased to 30, of which only 20 have firmware fixes available to date. A manual workaround is available for the rest.The vulnerability was discovered by Simon Kenin, a security researcher at Trustwave, and stems from a faulty password recovery implementation in the firmware of many Netgear routers. It is a variation of an older vulnerability that has been publicly known since 2014, but this new version is actually easier to exploit.To read this article in full or to leave a comment, please click here
0
Ransomware disrupts Washington DC’s CCTV system
About 70 percent of the cameras hooked up to the police's closed-circuit TV (CCTV) system in Washington, D.C., were reportedly unable to record footage for several days before President Trump's inauguration due to a ransomware attack.The attack affected 123 of the 187 network video recorders that form the city's CCTV system, the Washington Post reported Saturday. Each of these devices is used to store video footage captured by up to four cameras installed in public spaces.To read this article in full or to leave a comment, please click here
0
Ransomware disrupts Washington DC’s CCTV system
About 70 percent of the cameras hooked up to the police's closed-circuit TV (CCTV) system in Washington, D.C., were reportedly unable to record footage for several days before President Trump's inauguration due to a ransomware attack.The attack affected 123 of the 187 network video recorders that form the city's CCTV system, the Washington Post reported Saturday. Each of these devices is used to store video footage captured by up to four cameras installed in public spaces.To read this article in full or to leave a comment, please click here
0
Five arrested for hacking into ATMs and stealing $3.2 million
Law enforcement authorities from Europe and Asia have arrested five members of an international cybercriminal group that specialized in hacking into automated teller machine (ATMs).The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency said Friday.Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.To read this article in full or to leave a comment, please click here
0
Five arrested for hacking into ATMs and stealing $3.2 million
Law enforcement authorities from Europe and Asia have arrested five members of an international cybercriminal group that specialized in hacking into automated teller machine (ATMs).The investigation began in early 2016, according to Europol. Three suspects were arrested in Taiwan, one in Romania, and one in Belarus. Most of them had multiple citizenships and could travel easily between countries, the agency said Friday.Hacking into ATMs to steal money is nothing new, and there are malware programs built specifically for such machines that allow criminals to withdraw money using hidden commands.To infect ATMs with such malware most attackers either receive help from bank insiders or buy service keys that can be used to open the front panels of ATMs and access their communications ports.To read this article in full or to leave a comment, please click here
0
Cisco starts patching critical flaw in WebEx browser extension
Cisco Systems has started to patch a critical vulnerability in its WebEx collaboration and conferencing browser extension that could allow attackers to remotely execute malicious code on computers.The company released a patched version of the extension -- 1.0.7 -- for Google Chrome on Thursday and is working on similar patches for the Internet Explorer and Mozilla Firefox versions.The vulnerability was found by Google security researcher Tavis Ormandy and stemmed from the fact that the WebEx extension exposed functionality to any website that had "cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html" in its URL or inside an iframe. Some of that WebEx functionality allowed for the execution of arbitrary code on computers.To read this article in full or to leave a comment, please click here
0
Cisco starts patching critical flaw in WebEx browser extension
Cisco Systems has started to patch a critical vulnerability in its WebEx collaboration and conferencing browser extension that could allow attackers to remotely execute malicious code on computers.The company released a patched version of the extension -- 1.0.7 -- for Google Chrome on Thursday and is working on similar patches for the Internet Explorer and Mozilla Firefox versions.The vulnerability was found by Google security researcher Tavis Ormandy and stemmed from the fact that the WebEx extension exposed functionality to any website that had "cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html" in its URL or inside an iframe. Some of that WebEx functionality allowed for the execution of arbitrary code on computers.To read this article in full or to leave a comment, please click here
0
AI-based typing biometrics might be authentication’s next big thing
Identifying or authenticating people based on how they type is not a new idea, but thanks to advances in artificial intelligence it can now be done with a very high level of accuracy, making it a viable replacement for other forms of biometrics.Research in the field of keystroke dynamics, also known as keyboard or typing biometrics, spans back over 20 years. The technique has already been used for various applications that need to differentiate among computer users, but its widespread adoption as a method of authentication has been held back by insufficient levels of accuracy.Keystroke dynamics relies on unique patterns derived from the timing between key presses and releases during a person's normal keyboard use. The accuracy for matching such typing-based "fingerprints" to individual persons by using traditional statistical analysis and mathematical equations varies around 60 percent to 70 percent, according to Raul Popa, CEO and data scientist at Romanian startup firm TypingDNA.To read this article in full or to leave a comment, please click here
0
AI-based typing biometrics might be authentication’s next big thing
Identifying or authenticating people based on how they type is not a new idea, but thanks to advances in artificial intelligence it can now be done with a very high level of accuracy, making it a viable replacement for other forms of biometrics.Research in the field of keystroke dynamics, also known as keyboard or typing biometrics, spans back over 20 years. The technique has already been used for various applications that need to differentiate among computer users, but its widespread adoption as a method of authentication has been held back by insufficient levels of accuracy.Keystroke dynamics relies on unique patterns derived from the timing between key presses and releases during a person's normal keyboard use. The accuracy for matching such typing-based "fingerprints" to individual persons by using traditional statistical analysis and mathematical equations varies around 60 percent to 70 percent, according to Raul Popa, CEO and data scientist at Romanian startup firm TypingDNA.To read this article in full or to leave a comment, please click here
0
Gmail will block JavaScript attachments, a common source of malware
Starting Feb. 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years.Users will no longer be able to attach .JS files to emails in Gmail, regardless of whether they attach them directly or they include them in archives like .gz, .bz2, .zip or .tgz. For those rare cases when such files need to be shared via email, users can upload them to a storage service like Google Drive and then share the link.The .JS file extension will be added an existing list of other banned file attachments that includes: .ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF and .WSH. Most of these file types have long been abused by cybercriminals to send malware via email.To read this article in full or to leave a comment, please click here
0
Gmail will block JavaScript attachments, a common source of malware
Starting Feb. 13, Google will no longer allow JavaScript attachments on its Gmail service, killing one of the main methods of malware distribution over the past two years.Users will no longer be able to attach .JS files to emails in Gmail, regardless of whether they attach them directly or they include them in archives like .gz, .bz2, .zip or .tgz. For those rare cases when such files need to be shared via email, users can upload them to a storage service like Google Drive and then share the link.The .JS file extension will be added an existing list of other banned file attachments that includes: .ADE, .ADP, .BAT, .CHM, .CMD, .COM, .CPL, .EXE, .HTA, .INS, .ISP, .JAR, .JSE, .LIB, .LNK, .MDE, .MSC, .MSP, .MST, .PIF, .SCR, .SCT, .SHB, .SYS, .VB, .VBE, .VBS, .VXD, .WSC, .WSF and .WSH. Most of these file types have long been abused by cybercriminals to send malware via email.To read this article in full or to leave a comment, please click here
0
Kaspersky Lab employee reportedly arrested in Russia on treason charges
One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason. According to Russian newspaper Kommersant, Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, was arrested in December as part of an investigation that also targeted Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, Russia's internal security service. Russian authorities are investigating Mikhailov in connection to the receipt of money from a foreign organization, an unnamed source close to the FSB reportedly told the newspaper.To read this article in full or to leave a comment, please click here
0
Kaspersky Lab employee reportedly arrested in Russia on treason charges
One of the leading cybercrime investigators at antivirus vendor Kaspersky Lab was reportedly arrested in Russia as part of a probe into activities that could represent high treason. According to Russian newspaper Kommersant, Ruslan Stoyanov, the head of the computer incidents investigation team at Kaspersky, was arrested in December as part of an investigation that also targeted Sergei Mikhailov, the deputy head of the Information Security Center at the FSB, Russia's internal security service. Russian authorities are investigating Mikhailov in connection to the receipt of money from a foreign organization, an unnamed source close to the FSB reportedly told the newspaper.To read this article in full or to leave a comment, please click here
0
Google pushed developers to fix security flaws in 275,000 Android apps
Over the past two years, Google has pressured developers to patch security issues in more than 275,000 Android apps hosted on its official app store. In many cases this was done under the threat of blocking future updates to the insecure apps.Since 2014, Google has been scanning apps published on Google Play for known vulnerabilities as part of its App Security Improvement (ASI) program. Whenever a known security issue is found in an application, the developer receives an alert via email and through the Google Play Developer Console.When it started, the program only scanned apps for embedded Amazon Web Services (AWS) credentials, which was a common problem at the time. The exposure of AWS credentials can lead to serious compromises of the cloud servers used by apps to store user data and content.To read this article in full or to leave a comment, please click here