Security researchers have found a new version of a malware program called Skimer that's designed to infect Windows-based ATMs and can be used to steal money and payment card details.Skimer was initially discovered seven years ago, but it is still actively used by cybercriminals and has evolved over time. The latest modification, found by researchers from Kaspersky Lab at the beginning of May, uses new techniques to evade detection.Upon installation, the malware checks if the file system is FAT32 or NTFS. If it's FAT32 it drops a malicious executable file in the C:WindowsSystem32 directory, but if it's NTFS, it will write the file in the NTFS data stream corresponding to Microsoft's Extension for Financial Services (XFS) service.To read this article in full or to leave a comment, please click here
It’s definitely a service that’s taken for granted but HBO’s John Oliver this week pointed out that there’s a lot to be concerned about over the nation’s 911 emergency service.On Oliver’s Last Week Tonight HBO show, Oliver said 911 emergency call centers are antiquated, disjointed and in desperate need of funding and new technology. He said everyone should Google “understaffed 911 dispatch and [your town name]” to get an idea of problems near you and nationwide.Watch:
The watchdogs at the Government Accountability Office in 2013 wrote about 911 technologies: “The continuing evolution of communications technologies and wireless phones has implications for 911 services. Since 911 call centers predominantly use older, analog-based infrastructure and equipment, the current E911 system is not designed to accommodate emergency communications from the range of new technologies in common use today, including text and picture messaging and Voice-over-Internet Protocol (VoIP) telephony (e.g., Skype). In response to changing technologies, the Department of Transportation (DOT) launched the Next Generation 911 (NG911) Initiative, which has focused on the research required to develop an NG911 system. With NG911 services, the public could reach 911 callTo read this article in full or to leave a comment, please click here
The antivirus engine used in multiple Symantec products has an easy-to-exploit vulnerability that could allow hackers to easily compromise computers.
The flaw was fixed by Symantec in Anti-Virus Engine (AVE) version 20151.1.1.4, released Monday via LiveUpdate. The flaw consists of a buffer overflow condition that could be triggered when parsing executable files with malformed headers.
According to Google security engineer Tavis Ormandy, who found the flaw, the vulnerability can be exploited remotely to execute malicious code on computers. All it takes is for the attacker to send an email with the exploit file as attachment or to convince the user to visit a malicious link.To read this article in full or to leave a comment, please click here
Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report."We've been observing that they've been acting like a business for a while," said Shogo Cottrell, security strategist at Hewlett Packard Enterprise, which produced the report.The profit motivation accounts for more than three-quarters of all data breaches and has been rising in recent years, according to this year's Verizon data breach report.But cybercrime also shares many of the vulnerabilities that traditional businesses do, said Cottrell.MORE ON CSO: How to spot a phishing email
For example, a criminal group's reputation is even more important in the underground economy than brand reputation in the legitimate world.To read this article in full or to leave a comment, please click here
Apple yesterday updated OS X El Capitan to version 10.11.5, patching nearly 70 vulnerabilities as it began to wind down changes prior to the next iteration launching later this year.OS X 10.11.5 offered few non-security bug fixes and no new features; in other words, it was a typical late-life refresh of an edition.Apple on Monday also patched the older OS X Mavericks (from 2013) and OS X Yosemite (2014), and issued updates to both iTunes and the firm's Safari browser.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords
Of the 67 security flaws fixed in El Capitan, a dozen also applied to Mavericks and 14 to Yosemite, according to Chris Goettl, director of product management at Salt Lake City-based LANDESK, which makes systems and asset management software.To read this article in full or to leave a comment, please click here
A new ‘panic mode’ for your iPhone might help keep your data more secure. And with the current legal decisions regarding Touch ID, this iOS feature is now vital.
Awhile ago I wrote a about Dome 9's security offering and was skeptical about its long-term opportunity. As I saw it, offering an add-on security product to a platform as voracious as Amazon Web Services (AWS) was a recipe for disruption. AWS has a history of intense innovation, and often ecosystem partners have been steamrolled by that process. As I saw it, Dome 9 filled a short-term opportunity that would soon be fulfilled by AWS.To read this article in full or to leave a comment, please click here
Over the past two years, a group of cybercriminals has infected almost 1 million computers with malware that hijacks search results, even when they're served over encrypted HTTPS connections.The click-fraud botnet earns its creators money through Google's AdSense for Search program, according to researchers from security firm Bitdefender. The affiliate program, intended for website owners, allows them to place a Google-powered custom search engine on their websites to generate revenue when users click on ads displayed in the search results.Instead of doing that, this botnet's operators intercept Google, Bing, and Yahoo searches performed by users on their own computers and replace the legitimate results with those generated by their custom search engine. They do this using a malware program that Bitdefender products detect as Redirector.Paco.To read this article in full or to leave a comment, please click here
Cyber insurance doesn’t come cheap and it doesn’t always pay out after a company is hacked. But today the Scottsdale-based company Trusona announced that it has become the world’s first insured authentication platform. Trusona, using its own cyber insurance, will insure the identity and thereby the transactions of Trutoken users up to $1 million.Tim Greene previously wrote about Trusona’s “100% accurate authentication scheme” which uses the company’s Trutoken dongle. The product is primarily aimed at users such as bank customers moving thousands of dollars or corporate executives with access to critical data.To read this article in full or to leave a comment, please click here
The scam business of tricking employees into opening company coffers by spoof e-mails apparently from their CEO is on the rise.
The FBI says that the so-called business e-mail compromise scam has caused $2.3 billion in losses to 17,642 business and non-profit organizations in the U.S. and other countries since October 2013, with the number of victims nearly tripling since January 2015.
+More on network World: IRS: Top 10 2015 identity theft busts+
This week the Federal Trade Commission blog wrote that the CEO schemers first study their intended victims closely.To read this article in full or to leave a comment, please click here
Most corporate acquisitions come with a fair share of complexities. But when Accuride acquired a majority stake in Italian truck wheel manufacturer Gianetti Ruote, the Indiana-based company never dreamed of the impact the deal would have on its IT activities. Since Accuride expanded into Europe late last year, its U.S. IT team has had to contend with everything from a stalled cloud strategy and decentralized systems to increases in hardware costs, licensing fees and IT head count.Welcome to the European Union, where authorities are requiring companies that handle the data of EU citizens to comply with some of the strictest data privacy regulations in the world, or else suffer dire financial consequences.To read this article in full or to leave a comment, please click here(Insider Story)
Game onImage by thinkstockData breaches continue to grow in number, size, severity and cost. With the increase in new security holes, vulnerabilities and attack vectors that need to be fixed, many businesses are turning to gamification to help employees adhere to cybersecurity best practices.To read this article in full or to leave a comment, please click here
Researchers from Kaspersky Lab have developed a method of decrypting files affected with the latest version of CryptXXX, a malware program that combines ransomware and information-stealing capabilities.CryptXXX was first discovered in April by security researchers from Proofpoint. In addition to encrypting user files on local drives and network shares, the malware also steals saved log-in credentials from browsers, instant messaging applications, FTP clients and email clients. It then asks for a US$500 ransom to be paid in bitcoins.Researchers from Kaspersky Lab found a way to recover files affected by the original variant of CryptXXX and created a decryptor tool. However, on May 6, CryptXXX authors released a new version that rendered that tool ineffective.To read this article in full or to leave a comment, please click here
New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Appian Quick AppsKey features: Appian Quick Apps enables citizen developers without technical knowledge to create fully-functional business application in 15 minutes or less. Apps are automatically supported on leading devices, desktop web browsers and mobile devices. More info.To read this article in full or to leave a comment, please click here
"Users will always find a way to get their job done. And if security gets in their way, they will find another, likely less secure, way to get their job done."Navjot Virk made that point during the launch of the latest version of SharePoint, Microsoft’s 15-year-old content management and collaboration platform. More than 200,000 organizations use SharePoint, which today reaches more than 190 million users.Security is one of four key areas of investment in the new SharePoint, according to Jeff Teper, corporate vice president for the OneDrive and SharePoint teams (pictured with Virk). Teper presided over Microsoft’s Future of SharePoint event, held last week, and detailed enhancements to SharePoint Online in the cloud and SharePoint Server on-premises. Together, Teper and Virk gave an overview of Microsoft’s investments in security, privacy and compliance in SharePoint and the OneDrive online storage service. The common theme is tighter, more granular security controls that aim to help IT strike the desired balance between security and user productivity. Here are the specifics.To read this article in full or to leave a comment, please click here(Insider Story)
Google aims to make HTML5 the primary experience in Chrome by the fourth quarter of this year, except for a white-list of 10 sites that will run Adobe’s Flash Player.Under the plan revealed by Google, called “HTML5 by Default,” the Chrome browser will continue to ship with Adobe’s Flash Player, but its presence will not be advertised by default.If a website offers HTML5, that will be the default experience. For those sites that need Flash, a prompt will show up at the top of the page when the user first visits the site.The prompt will give users the option of running or declining to run Flash on the site. “If the user accepts, Chrome will advertise the presence of Flash Player and refresh the page,” Google said. On subsequent visits to the domain, the user's initial choice is likely to hold good, though Google is still working on the options for future prompts.To read this article in full or to leave a comment, please click here
What the – ! Well the FBI is back to the same old shady surveillance tricks, shady if you believe the Fourth Amendment still means something. The next time you are near a courthouse, heck even out on a sidewalk or waiting at a bus stop, you might want to pay a little more attention to any trees or rocks that are nearby. Look closely; see any microphones or cameras? Why stop there? The FBI certainly didn’t when it secretly planted microphones in public near courthouses to record conversations and cameras to conduct clandestine video surveillance. And apparently the FBI decided it didn’t need no stickin’ warrant.But hey, the FBI didn’t just bug bus stops, light boxes, hedges, backpacks and vehicles near Alameda County’s Rene C. Davidson Courthouse for 10 months between March 2010 and January 2011. According to Jeff Harp, a former FBI special agent and a security analyst for KPIX 5, a CBS affiliate for the San Francisco Bay Area:To read this article in full or to leave a comment, please click here
A U.S. senator will introduce legislation to roll back new court rules that allow judges to give law enforcement agencies the authority to remotely hack computers.Senator Ron Wyden, an Oregon Democrat, will introduce a bill that would reverse a court procedure rules change, approved by the U.S. Supreme Court last month, that would allow lower judges to issue remote hacking warrants.The rules change, requested by the Department of Justice, expands the geographical reach of police hacking powers beyond local court jurisdictions now allowed through court-ordered warrants. Previously, the Federal Rules of Criminal Procedure prohibited a federal judge from issuing a search warrant outside his or her district.To read this article in full or to leave a comment, please click here
The Petya ransomware now bundles a second file-encrypting program for cases where it cannot replace a computer's master boot record to encrypt its file table.Petya is an unusual ransomware threat that first popped up on security researchers' radar in March. Instead of encrypting a user's files directly, it encrypts the master file table (MFT) used by NTFS disk partitions to hold information about file names, sizes and location on the physical disk.Before encrypting the MFT, Petya replaces the computer's master boot record (MBR), which contains code that initiates the operating system's bootloader. Petya replaces it with its own malicious code that displays the ransom note and leaves computers unable to boot.To read this article in full or to leave a comment, please click here
Bangladesh Bank, a commercial bank in Vietnam and ... Sony Pictures are the unlikely bedfellows in a tale of cyber intrigue uncovered by security researchers at BAE Systems.Researchers Sergei Shevchenko and Adrian Nish have found some links between malware involved in the 2014 attack on Sony Pictures and attacks on two banks involving the theft of credentials for the SWIFT financial transfer network.The U.S. Federal Bureau of Investigation said North Korea was to blame for the Sony attack (although security experts are divided on the matter).To read this article in full or to leave a comment, please click here