Lucian Constantin

Author Archives: Lucian Constantin

5 things you should do following the Yahoo breach

Internet giant Yahoo announced a massive data breach Wednesday that affected over one billion accounts, making it by far the largest data breach in history. This follows the disclosure in September of a different breach that affected more than 500 million of the company's customers.What stands out with this new security compromise is that it occurred over three years ago, in August 2013, and that hackers walked away with password hashes that can be easily cracked.To read this article in full or to leave a comment, please click here

Adobe fixes actively exploited critical vulnerability in Flash Player

Adobe Systems has released security updates for several products, including one for Flash Player that fixes a critical vulnerability that's already known and exploited by attackers.The Flash Player update fixes 17 vulnerabilities, 16 of which are critical and can be exploited to execute malicious code on affected systems. One of those vulnerabilities, tracked as CVE-2016-7892 in the Common Vulnerabilities and Exposures (CVE) catalogue, is already being used by hackers."Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows," the company said in a security advisory.To read this article in full or to leave a comment, please click here

Adobe fixes actively exploited critical vulnerability in Flash Player

Adobe Systems has released security updates for several products, including one for Flash Player that fixes a critical vulnerability that's already known and exploited by attackers.The Flash Player update fixes 17 vulnerabilities, 16 of which are critical and can be exploited to execute malicious code on affected systems. One of those vulnerabilities, tracked as CVE-2016-7892 in the Common Vulnerabilities and Exposures (CVE) catalogue, is already being used by hackers."Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows," the company said in a security advisory.To read this article in full or to leave a comment, please click here

Facebook helps companies detect rogue SSL certificates for domains

Facebook has launched a tool that allows domain name owners to discover TLS/SSL certificates that were issued without their knowledge.The tool uses data collected from the many Certificate Transparency logs that are publicly accessible. Certificate Transparency (CT) is a new open standard requiring certificate authorities to disclose the certificate that they issue.Until a few years ago, there was no way of tracking the certificates issued by every certificate authority (CA). At best, researchers could scan the entire web and collect those certificates being used on public servers. This made it very hard to discover cases where CAs issued certificates for domain names without the approval of those domains' owners.To read this article in full or to leave a comment, please click here

Facebook helps companies detect rogue SSL certificates for domains

Facebook has launched a tool that allows domain name owners to discover TLS/SSL certificates that were issued without their knowledge.The tool uses data collected from the many Certificate Transparency logs that are publicly accessible. Certificate Transparency (CT) is a new open standard requiring certificate authorities to disclose the certificate that they issue.Until a few years ago, there was no way of tracking the certificates issued by every certificate authority (CA). At best, researchers could scan the entire web and collect those certificates being used on public servers. This made it very hard to discover cases where CAs issued certificates for domain names without the approval of those domains' owners.To read this article in full or to leave a comment, please click here

Netgear starts patching routers affected by a critical flaw

Networking device manufacturer Netgear released firmware updates for several router models in order to patch a critical vulnerability that's publicly known and could be exploited by hackers.The vulnerability was disclosed by a researcher Friday and affects multiple Netgear router models, many from the company's Nighthawk series. The company initially confirmed the flaw in three models -- R6400, R7000, R8000 -- but it has since expanded the list to include five more.The models confirmed to be affected so far are: R6250, R6400, R6700, R7000, R7100LG, R7300, R7900 and R8000. This list might not be complete as Netgear continues to analyze the flaw's impact to its entire router portfolio.To read this article in full or to leave a comment, please click here

Netgear starts patching routers affected by a critical flaw

Networking device manufacturer Netgear released firmware updates for several router models in order to patch a critical vulnerability that's publicly known and could be exploited by hackers.The vulnerability was disclosed by a researcher Friday and affects multiple Netgear router models, many from the company's Nighthawk series. The company initially confirmed the flaw in three models -- R6400, R7000, R8000 -- but it has since expanded the list to include five more.The models confirmed to be affected so far are: R6250, R6400, R6700, R7000, R7100LG, R7300, R7900 and R8000. This list might not be complete as Netgear continues to analyze the flaw's impact to its entire router portfolio.To read this article in full or to leave a comment, please click here

Netgear starts patching routers affected by a critical flaw

Networking device manufacturer Netgear released firmware updates for several router models in order to patch a critical vulnerability that's publicly known and could be exploited by hackers.The vulnerability was disclosed by a researcher Friday and affects multiple Netgear router models, many from the company's Nighthawk series. The company initially confirmed the flaw in three models -- R6400, R7000, R8000 -- but it has since expanded the list to include five more.The models confirmed to be affected so far are: R6250, R6400, R6700, R7000, R7100LG, R7300, R7900 and R8000. This list might not be complete as Netgear continues to analyze the flaw's impact to its entire router portfolio.To read this article in full or to leave a comment, please click here

An unpatched vulnerability exposes Netgear routers to hacking

Several models of Netgear routers are affected by a publicly disclosed vulnerability that could allow hackers to take them over.An exploit for the vulnerability was published Friday by a researcher who uses the online handle Acew0rm. He claims that he reported the flaw to Netgear in August, but didn't hear back.The issue stems from improper input sanitization in a form in the router's web-based management interface and allows the injection and execution of arbitrary shell commands on an affected device.The U.S. CERT Coordination Center (CERT/CC) at Carnegie Mellon University rated the flaw as critical, assigning it a score of 9.3 out of 10 in the Common Vulnerability Scoring System (CVSS).To read this article in full or to leave a comment, please click here

An unpatched vulnerability exposes Netgear routers to hacking

Several models of Netgear routers are affected by a publicly disclosed vulnerability that could allow hackers to take them over.An exploit for the vulnerability was published Friday by a researcher who uses the online handle Acew0rm. He claims that he reported the flaw to Netgear in August, but didn't hear back.The issue stems from improper input sanitization in a form in the router's web-based management interface and allows the injection and execution of arbitrary shell commands on an affected device.The U.S. CERT Coordination Center (CERT/CC) at Carnegie Mellon University rated the flaw as critical, assigning it a score of 9.3 out of 10 in the Common Vulnerability Scoring System (CVSS).To read this article in full or to leave a comment, please click here

Ransomware attacks against businesses increased threefold in 2016

The number of ransomware attacks targeting companies increased threefold from January to September, affecting one in every five businesses worldwide.According to a new report from security company Kaspersky Lab, the rate of ransomware attacks against businesses increased from one every two minutes to one every 40 seconds during that period. For consumers it was even worse, with the rate reaching one attack every 10 seconds in September.During the third quarter of the year, there were 32,091 new ransomware variations detected by Kaspersky Lab compared to only 2,900 during the first quarter. Overall, 62 new ransomware families appeared this year, the company said.To read this article in full or to leave a comment, please click here

Ransomware attacks against businesses increased threefold in 2016

The number of ransomware attacks targeting companies increased threefold from January to September, affecting one in every five businesses worldwide.According to a new report from security company Kaspersky Lab, the rate of ransomware attacks against businesses increased from one every two minutes to one every 40 seconds during that period. For consumers it was even worse, with the rate reaching one attack every 10 seconds in September.During the third quarter of the year, there were 32,091 new ransomware variations detected by Kaspersky Lab compared to only 2,900 during the first quarter. Overall, 62 new ransomware families appeared this year, the company said.To read this article in full or to leave a comment, please click here

Attackers use hacked home routers to hit Russia’s 5 largest banks

Botnets made up of hacked home routers were used to launch distributed denial-of-service attacks against the five largest financial organizations in Russia.The attacks occurred on Monday, Dec. 5, and were detected and mitigated by Rostelecom, Russia's state-owned telecommunications company. The attacks peaked at 3.2 million packets per second (Mpps) and the longest attack lasted for over two hours, Rostelecom reported Friday.The company did not provide a bandwidth measurement for the attacks, but 3.2Mpps is not that much. DDoS mitigation providers regularly see attacks that exceed 100 Mpps and a very large September attack against the website of cybersecurity blogger Brian Krebs peaked at 665Gbps and 143Mpps.To read this article in full or to leave a comment, please click here

Attackers use hacked home routers to hit Russia’s 5 largest banks

Botnets made up of hacked home routers were used to launch distributed denial-of-service attacks against the five largest financial organizations in Russia.The attacks occurred on Monday, Dec. 5, and were detected and mitigated by Rostelecom, Russia's state-owned telecommunications company. The attacks peaked at 3.2 million packets per second (Mpps) and the longest attack lasted for over two hours, Rostelecom reported Friday.The company did not provide a bandwidth measurement for the attacks, but 3.2Mpps is not that much. DDoS mitigation providers regularly see attacks that exceed 100 Mpps and a very large September attack against the website of cybersecurity blogger Brian Krebs peaked at 665Gbps and 143Mpps.To read this article in full or to leave a comment, please click here

Cyberspies stole secrets from industrial giant ThyssenKrupp

Germany-based industrial conglomerate ThyssenKrupp was hit by a cyberespionage attack earlier this year that resulted in data being stolen from its industrial solutions and steel producing units.An investigation revealed that the attack was carried out by a professional group of hackers from Southeast Asia and targeted technological know-how and research, according to the group,While hackers managed to steal some information, its exact nature is not clear, with the exception of certain project data from an engineering company, ThyssenKrupp said in an emailed statement Thursday. As a result, at this time there's no reliable estimation of the damage to the company's intellectual property.To read this article in full or to leave a comment, please click here

Cyberspies stole secrets from industrial giant ThyssenKrupp

Germany-based industrial conglomerate ThyssenKrupp was hit by a cyberespionage attack earlier this year that resulted in data being stolen from its industrial solutions and steel producing units.An investigation revealed that the attack was carried out by a professional group of hackers from Southeast Asia and targeted technological know-how and research, according to the group,While hackers managed to steal some information, its exact nature is not clear, with the exception of certain project data from an engineering company, ThyssenKrupp said in an emailed statement Thursday. As a result, at this time there's no reliable estimation of the damage to the company's intellectual property.To read this article in full or to leave a comment, please click here

OpenVPN will be audited for security flaws

The next major version of OpenVPN, one of the most widely used virtual private networking technologies, will be audited by a well-known cryptography expert.The audit will be fully funded by Private Internet Access (PIA), a popular VPN service provider that uses OpenVPN for its business. The company has contracted cryptography engineering expert Matthew Green, a professor at Johns Hopkins University in Baltimore, to carry out the evaluation with the goal of identifying any vulnerabilities in the code.Green has experience in auditing encryption software, being one of the founders of the Open Crypto Audit Project, which organized a detailed analysis of TrueCrypt, a popular open-source full-disk encryption application. TrueCrypt has been abandoned by its original developers in 2014, but its code has since been forked and improved as part of other projects.To read this article in full or to leave a comment, please click here

OpenVPN will be audited for security flaws

The next major version of OpenVPN, one of the most widely used virtual private networking technologies, will be audited by a well-known cryptography expert.The audit will be fully funded by Private Internet Access (PIA), a popular VPN service provider that uses OpenVPN for its business. The company has contracted cryptography engineering expert Matthew Green, a professor at Johns Hopkins University in Baltimore, to carry out the evaluation with the goal of identifying any vulnerabilities in the code.Green has experience in auditing encryption software, being one of the founders of the Open Crypto Audit Project, which organized a detailed analysis of TrueCrypt, a popular open-source full-disk encryption application. TrueCrypt has been abandoned by its original developers in 2014, but its code has since been forked and improved as part of other projects.To read this article in full or to leave a comment, please click here

Latest Android security update fixes Dirty COW, GPS vulnerabilities

The monthly Android security update released this week fixes the serious Dirty COW privilege escalation attack that can allow malicious apps to take full control of devices.Dirty COW (copy-on-write) is a privilege escalation vulnerability that has existed in the Linux kernel for the past nine years and is already being exploited in the wild. It affects Android because the mobile OS is based on Linux, but it was initially believed that the SELinux security policies enforced by default in Android provided some mitigation against the attack.To read this article in full or to leave a comment, please click here

Latest Android security update fixes Dirty COW, GPS vulnerabilities

The monthly Android security update released this week fixes the serious Dirty COW privilege escalation attack that can allow malicious apps to take full control of devices.Dirty COW (copy-on-write) is a privilege escalation vulnerability that has existed in the Linux kernel for the past nine years and is already being exploited in the wild. It affects Android because the mobile OS is based on Linux, but it was initially believed that the SELinux security policies enforced by default in Android provided some mitigation against the attack.To read this article in full or to leave a comment, please click here

1 14 15 16 17 18 58