Michael Kan

Author Archives: Michael Kan

Google’s Chrome will soon start warning you more about HTTP pages

A Google effort to push websites to implement encryption is expanding. Starting in October, the company will roll out new warnings to flag HTTP connections as insecure in its Chrome browser.For users, it means Chrome will display the words “not secure” in the browser’s address bar whenever they type any data into web pages that connect over HTTP.However, for users who like to browse through Chrome’s privacy-enhancing Incognito mode, the warnings will appear by default on all HTTP pages visited, not only when the user enters information onto the page.To read this article in full or to leave a comment, please click here

Ransomware attacks are taking a greater toll on victim’s wallets

The hackers spreading ransomware are getting greedier. In 2016, the average ransom demand to free computers hit with the infection rose to US$1,077, up from $294 the year before, according to security firm Symantec.“Attackers clearly think that there’s more to be squeezed from victims,” Symantec said in a Wednesday report.In addition, the security firm has been detecting more ransomware infection attempts. In 2016, the figure jumped by 36 percent from the year prior.  That doesn’t bode well for the public. Ransomware is notorious for taking over computers, and essentially holding them hostage. To do so, the malicious coding encrypts all the data inside, and then demands a fee, usually in bitcoin, in exchange for releasing the machine.To read this article in full or to leave a comment, please click here

Ransomware attacks are taking a greater toll on victim’s wallets

The hackers spreading ransomware are getting greedier. In 2016, the average ransom demand to free computers hit with the infection rose to US$1,077, up from $294 the year before, according to security firm Symantec.“Attackers clearly think that there’s more to be squeezed from victims,” Symantec said in a Wednesday report.In addition, the security firm has been detecting more ransomware infection attempts. In 2016, the figure jumped by 36 percent from the year prior.  That doesn’t bode well for the public. Ransomware is notorious for taking over computers, and essentially holding them hostage. To do so, the malicious coding encrypts all the data inside, and then demands a fee, usually in bitcoin, in exchange for releasing the machine.To read this article in full or to leave a comment, please click here

Russian hackers use OAuth, fake Google apps to phish users

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens too. It's sneaky hack that's particularly worrisome, because it can circumvent Google's 2-step verification, according to security firm Trend Micro. The group, known as Fancy Bear or Pawn Storm, has been carrying out the attack with its favored tactic of sending out phishing emails, Trend Micro said in a report Tuesday. To read this article in full or to leave a comment, please click here

Russian hackers use OAuth, fake Google apps to phish users

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens too. It's sneaky hack that's particularly worrisome, because it can circumvent Google's 2-step verification, according to security firm Trend Micro. The group, known as Fancy Bear or Pawn Storm, has been carrying out the attack with its favored tactic of sending out phishing emails, Trend Micro said in a report Tuesday. To read this article in full or to leave a comment, please click here

Old Windows Server machines can still fend off hacks. Here’s how

If you're running a Windows Server 2003 machine, you have a problem. Your already-vulnerable computer is now at severe risk of being hacked.That's due to the internet release earlier this month of a batch of updates that paint a bulls-eye on computers running Windows Server 2003, according to security researchers.“I can teach my mom how to use some of these exploits,” said Jake Williams, founder of Rendition Infosec, a security provider. “They are not very complicated at all.”Experts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches that can address the threat.To read this article in full or to leave a comment, please click here

Old Windows Server machines can still fend off hacks. Here’s how

If you're running a Windows Server 2003 machine, you have a problem. Your already-vulnerable computer is now at severe risk of being hacked.That's due to the internet release earlier this month of a batch of updates that paint a bulls-eye on computers running Windows Server 2003, according to security researchers.“I can teach my mom how to use some of these exploits,” said Jake Williams, founder of Rendition Infosec, a security provider. “They are not very complicated at all.”Experts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches that can address the threat.To read this article in full or to leave a comment, please click here

Hipchat resets user passwords after possible breach

HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.To read this article in full or to leave a comment, please click here

Hipchat resets user passwords after possible breach

HipChat has reset all its users' passwords after what it called a security incident that may have exposed their names, email addresses and hashed password information.In some cases, attackers may have accessed messages and content in chat rooms, HipChat said in a Monday blog post. But this happened in no more than 0.05 percent of the cases, each of which involved a domain URL, such as company.hipchat.com.HipChat didn't say how many users may have been affected by the incident. The passwords that may have been exposed would also be difficult to crack, the company said. The data is hashed, or obscured, with the bcrypt algorithm, which transforms the passwords into a set of random-looking characters. For added security, HipChat "salted" each password with a random value before hashing it.To read this article in full or to leave a comment, please click here

There’s now a tool to test for NSA spyware

Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the U.S. National Security Agency. It's designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.To read this article in full or to leave a comment, please click here

There’s now a tool to test for NSA spyware

Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the U.S. National Security Agency. It's designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.To read this article in full or to leave a comment, please click here

Hackers use old Stuxnet-related bug to carry out attacks

Users that run unpatched software beware. Hackers have been relying on an old software bug tied to the Stuxnet worm to carry out their attacks.Microsoft may have initially patched the flaw in 2010, but it's nevertheless become the most widespread software exploit, according to security firm Kaspersky Lab.On Thursday, Kaspersky posted research examining the use of exploits, or malicious programs designed to take advantage of certain software flaws. Once an exploit goes to work, it can typically pave the way for other malicious programs to install onto a computer.To read this article in full or to leave a comment, please click here

Hackers use old Stuxnet-related bug to carry out attacks

Users that run unpatched software beware. Hackers have been relying on an old software bug tied to the Stuxnet worm to carry out their attacks.Microsoft may have initially patched the flaw in 2010, but it's nevertheless become the most widespread software exploit, according to security firm Kaspersky Lab.On Thursday, Kaspersky posted research examining the use of exploits, or malicious programs designed to take advantage of certain software flaws. Once an exploit goes to work, it can typically pave the way for other malicious programs to install onto a computer.To read this article in full or to leave a comment, please click here

A vigilante hacker may have built a computer worm to protect the IoT

Is a vigilante hacker trying to secure your IoT device from malware? The mysterious developer behind a growing computer worm wants people to think so. The worm, known as Hajime, has infected tens of thousands of easy-to-hack products such as DVRs, internet cameras, and routers. However, the program so far hasn't done anything malicious.Instead, the worm has been preventing a notorious malware known as Mirai from infecting the same devices. It's also been carrying a message written from its developer.To read this article in full or to leave a comment, please click here

At $175, this ransomware service is a boon to cybercriminals

Cybercriminals have another easy-to-use ransomware kit to add to their arsenals, thanks to a new variant called Karmen that hackers can buy on the black market for $175.A Russian-speaking user called DevBitox has been advertising the ransomware in underground forums, security firm Recorded Future said in a blog post on Tuesday.  Karmen is what experts call ransomware-as-a-service -- a particularly worrisome trend. Amateur hackers with little technical know-how can buy access to them, and in return, they’ll receive a whole suite of web-based tools to develop their own ransomware attacks.To read this article in full or to leave a comment, please click here

At $175, this ransomware service is a boon to cybercriminals

Cybercriminals have another easy-to-use ransomware kit to add to their arsenals, thanks to a new variant called Karmen that hackers can buy on the black market for $175.A Russian-speaking user called DevBitox has been advertising the ransomware in underground forums, security firm Recorded Future said in a blog post on Tuesday.  Karmen is what experts call ransomware-as-a-service -- a particularly worrisome trend. Amateur hackers with little technical know-how can buy access to them, and in return, they’ll receive a whole suite of web-based tools to develop their own ransomware attacks.To read this article in full or to leave a comment, please click here

IoT malware clashes in a botnet territory battle

Mirai -- a notorious malware that's been enslaving IoT devices -- has competition.A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with a resiliency that surpasses Mirai, according to security researchers."You can almost call it Mirai on steroids," said Marshal Webb, CTO at BackConnect, a provider of services to protect against distributed denial-of-service (DDoS) attacks.Security researchers have dubbed the rival IoT malware Hajime, and since it was discovered more than six months ago, it's been spreading unabated and creating a botnet. Webb estimates it's infected about 100,000 devices across the globe.    To read this article in full or to leave a comment, please click here

IoT malware clashes in a botnet territory battle

Mirai -- a notorious malware that's been enslaving IoT devices -- has competition.A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with a resiliency that surpasses Mirai, according to security researchers."You can almost call it Mirai on steroids," said Marshal Webb, CTO at BackConnect, a provider of services to protect against distributed denial-of-service (DDoS) attacks.Security researchers have dubbed the rival IoT malware Hajime, and since it was discovered more than six months ago, it's been spreading unabated and creating a botnet. Webb estimates it's infected about 100,000 devices across the globe.    To read this article in full or to leave a comment, please click here

Microsoft: Past patches address leaked NSA exploits

Microsoft said it has already patched vulnerabilities revealed in Friday’s high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they’ve kept their software up-to-date.Friday’s leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008.To read this article in full or to leave a comment, please click here

Microsoft: Past patches address leaked NSA exploits

Microsoft said it has already patched vulnerabilities revealed in Friday’s high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they’ve kept their software up-to-date.Friday’s leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008.To read this article in full or to leave a comment, please click here