Archive

Category Archives for "Network World Security"

Despite warnings, majority of firms still run some Windows Server 2003

Enterprises are still heavily dependent on Windows Server 2003 even though there were plenty of warnings that support is coming to an end on July 14 -- and this opens them up to security, compliance and operational risks.According to a June report covering 200 enterprise data centers totaling more than 90,000 servers, only 7 percent of enterprises were completely free of Windows Server 2003, according to Softchoice, a technology services company.During the first half of 2015, 21 percent of servers scanned were still running on that operating system, down from 32 percent in 2014 and 43 percent the year before that.[ ALSO ON CSO: Windows vulnerability can compromise credentials ]To read this article in full or to leave a comment, please click here

Emergency Flash Player updates fix vulnerability used in widespread attacks

Adobe Systems was forced to rush the release of a Flash Player update after an exploit for a previously unknown vulnerability was leaked on the Internet and quickly adopted by cybercriminals.Users are advised to upgrade to the newly released Flash Player 18.0.0.203 for Windows and Mac, Flash Player 11.2.202.481 for Linux, or Flash Player 13.0.0.302, if they’re on the extended support channel.The Flash Player plug-in bundled with Google Chrome and Internet Explorer on Windows 8.x will be automatically updated.The company also released version 18.0.0.180 of the AIR runtime, AIR SDK and AIR SDK & Compiler, because these products also bundle Flash Player.To read this article in full or to leave a comment, please click here

Hacking Team claims terrorists can now use its tools

Hacking Team has warned that a devastating data breach it suffered will allow its spying tools to be used by criminals and terrorists.The Milan-based security company, which develops surveillance tools for mostly government clients, saw more than 400GB of internal data released on Sunday, including emails, clients lists, financial information and source code.“Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so,” wrote Hacking Team spokesman Eric Rabe in a news release on Wednesday. “We believe this is an extremely dangerous situation.”To read this article in full or to leave a comment, please click here

US Defense Secretary to renew call for cooperation with tech industry

U.S. Secretary of Defense Ash Carter will renew his appeal to businesses to work more closely with the military on Thursday when he speaks to an audience of top executives at the Sun Valley conference in Idaho.The event is put on by investment bank Allen & Co. and usually attended by a host of big-name CEOs. Among the executives expected this year are Apple’s Tim Cook, Facebook’s Mark Zuckerberg, Amazon’s Jeff Bezos and Tesla’s Elon Musk.Carter’s appearance at the secretive conference will be closed to media, but the DOD said he will speak about “the importance of a strong partnership between private sector innovators and government.”To read this article in full or to leave a comment, please click here

Hacker group that hit Twitter, Facebook, Apple and Microsoft intensifies attacks

The hackers that targeted Twitter, Facebook, Apple and Microsoft developers two years ago have escalated their economic espionage efforts as they seek confidential business information and intellectual property they can profit from.The group, which security researchers from Kaspersky Lab and Symantec call Wild Neutron or Morpho, has broken into the networks of over 45 large companies since 2012.After the 2013 attacks against Twitter, Facebook, Apple and Microsoft were highly publicized, the group went underground and temporarily halted its activity. However, its attacks resumed in 2014 and have since intensified, according to separate reports released Wednesday by Kaspersky Lab and Symantec.To read this article in full or to leave a comment, please click here

Cybercriminals start using Flash zero-day exploit leaked from Hacking Team

It took just a day for cybercriminals to start using a new and yet-to-be-patched Flash Player exploit that was leaked from a surveillance software developer.The exploit was found by security researchers yesterday among the 400GB worth of files stolen recently from Hacking Team, an Italian company that develops and sells intrusion and surveillance software to government agencies.Adobe Systems confirmed the vulnerability, which received the identifier CVE-2015-5119, and is planning to release a patch for it later today. However, cybercriminals have already jumped on the opportunity to use it to infect computers with malware on a large scale.To read this article in full or to leave a comment, please click here

Android malware masquerades as Nintendo game emulator

A new family of Android malware adds insult to injury by making users pay for the data-stealing application.Palo Alto Networks found three variants of the malware, which it calls Gunpoder, masquerading as emulator applications used to play Nintendo games.Antivirus engines are having trouble detecting Gunpoder’s malicious code since it is packaged with an adware library called Airpush, wrote Cong Zheng and Zhi Xu of Palo Alto’s Unit 42 research group.“The malware samples successfully use these advertisement libraries to hide malicious behaviors from detection by antivirus engines,” they wrote. “While antivirus engines may flag Gunpoder as being adware, by not flagging it as being overtly malicious, most engines will not prevent Gunpoder from executing.”To read this article in full or to leave a comment, please click here

Lizard Squad hacker draws suspended sentence for online attacks

A teenager who is apparently a member of the Lizard Squad hacker group has received a two-year suspended sentence in Finland in connection with various cybercrimes including attacks against U.S. university servers.The seventeen-year-old, known as “Zeekill” and “Ryan,” was charged with 50,700 counts of hacking and other offenses including credit card fraud, according to a Lizard Squad Twitter account and Finnish news reports.In a Twitter post, Lizard Squad gloated that “Zeekill got a suspended sentence for 2 years. 0 time spent in prison.”The Espoo District Court ruled on hacking incidents including computer tampering involving servers at MIT and Harvard University as well as money laundering conducted to conceal the origin of illegally acquired funds, according to a a Finland Times report, which did not name the offender, a minor under Finnish law.To read this article in full or to leave a comment, please click here

OwnCloud’s new encryption framework gives enterprises more flexibility

It’s no secret that security has been a tripping point for enterprises considering cloud storage, but OwnCloud on Tuesday took a fresh step toward alleviating such concerns with the addition of a new encryption framework.OwnCloud’s file, sync and share service offers an open-source and self-hosted alternative to platforms such as Box and Dropbox that’s designed specifically to allow companies to retain control of their data.Now, Encryption 2.0 gives users the ability to manage their own encryption keys in their enterprise key store. It also allows them to adopt the encryption standard of their choice and write a server app to meet their company’s unique encryption requirements.To read this article in full or to leave a comment, please click here

Former attorney general calls Snowden deal possible

The “possibility exists” for the U.S. Department of Justice to cut a deal that would allow surveillance leaker Edward Snowden to return to the U.S., a former attorney general said in a media interview.Snowden, who leaked information about the National Security Agency’s surveillance programs, “spurred a necessary debate” about the collection of U.S. telephone records, former Attorney General Eric Holder told Yahoo News.The DOJ, however, hasn’t changed its official position on Snowden, a spokesman said. The DOJ wants Snowden to return to the U.S. from Russia and face criminal charges, the spokesman said by email.To read this article in full or to leave a comment, please click here

Researchers find previously unknown exploits among Hacking Team’s leaked files

Researchers sifting through 400GB of data recently leaked from Hacking Team, an Italian company that sells computer surveillance software to government agencies from around the world, have already found an exploit for an unpatched vulnerability in Flash Player.There are also reports of exploits for a vulnerability in Windows and one in SELinux, a Linux kernel security module that enforces access control policies. The flaws were supposedly used by the company’s customers to silently deploy its software on computers belonging to surveillance targets.Hacking Team was incorporated as HT in Milan and develops a computer surveillance program called Remote Control System (RCS), or Galileo. The system is sold to law enforcement and other government agencies from around the world, along with access to computer intrusion tools that are needed to deploy it.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Tuesday, July 7

Privacy group files FTC complaint to push Google to extend right to be forgotten to USFirst they ignore you, then they laugh at you.... After a year of ridiculing a European court’s “right to be forgotten” ruling, it seems that some Americans at least are beginning to think it’s a good idea. The ruling required search engines to exclude certain pages containing personal information from their search results on request from the people concerned. Now Consumer Watchdog has asked the U.S. Federal Trade Commission to institute a similar right.To read this article in full or to leave a comment, please click here

OpenSSL tells users to prepare for a high severity flaw

Server admins and developers beware: The OpenSSL Project plans to release security updates Thursday for its widely used cryptographic library that will fix a high severity vulnerability.OpenSSL implements multiple cryptographic protocols and algorithms including TLS (Transport Layer Security), which underpins encryption on the Web as part of protocols like HTTPS (HTTP Secure), IMAPS (Internet Message Access Protocol Secure) and SMTPS (Simple Mail Transfer Protocol Secure).The project didn’t say which part of the library is affected, but high severity flaws in OpenSSL are usually a big deal, especially if they impact TLS.To read this article in full or to leave a comment, please click here

FBI chief warns that terrorists hide behind encrypted communications

U.S. Federal Bureau of Investigation Director James Comey has asked for a “robust debate” on encryption of communications, saying that the technology could come in the way of his doing his job to keep people safe.The recruitment and tasking of Americans by the group known as the Islamic State, or ISIL, is increasingly taking place “through mobile messaging apps that are end-to-end encrypted, communications that may not be intercepted, despite judicial orders under the Fourth Amendment.”“There is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption,” he added. The op-ed in the Lawfare blog comes ahead of testimonies by Comey before the Senate intelligence and judiciary committees on Wednesday.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, July 6

Surveillance firm Hacking Team gets hackedWho watches the watchmen? Italian online surveillance company Hacking Team appears to have been hacked, with attackers releasing what purports to be a trove of internal documents showing how the company helps governments around the world spy on their citizens. CSO has the details.Microsoft’s $2.5B marketing budget: Minecraft on Windows 10Is Microsoft counting on pester power to push Windows 10 sales? The company will release a special version of Minecraft for its new operating system when it goes on sale at the end of this month, PC World reports. Minecraft’s author Markus “Notch” Persson famously said he would rather not see the game on PCs at all than have it distributed through the Windows store—but since Microsoft paid $2.5 billion for his company Mojang last year, it calls the shots.To read this article in full or to leave a comment, please click here

Leak of ZeusVM malware building tool might cause botnet surge

The Internet could see a new wave of botnets based on the ZeusVM banking Trojan after the tools needed to build and customize the malware program were published online for free.The source code for the builder and control panel of ZeusVM version 2.0.0.0 was leaked sometime in June, according to a malware research outfit called Malware Must Die (MMD). The leak was kept under wraps by the researchers as they tried to stop the files from becoming widely available, an effort that ultimately exceeded their resources.As a result, the group decided to go public with the information Sunday in order to alert the whole security community so that mitigation strategies can be developed.To read this article in full or to leave a comment, please click here

Italian surveillance software maker, Hacking Team, allegedly breached

An Italian developer of surveillance software, Hacking Team, which has previously been sharply criticized by digital activists, has apparently suffered a large data breach.Hacking Team develops surveillance tools that it has maintained are legally sold to governments for law-abiding investigations. But critics contend the company’s software has been used to spy on dissidents, human rights activists and journalists.On Sunday, it appeared that Hacking Team’s Twitter feed was taken over. The banner on the page had been changed to “Hacked Team.” Several posts contained screenshots that are purportedly of the stolen data, which included emails sent by Hacking Team’s founder and CEO, Vincent Vincenzetti.To read this article in full or to leave a comment, please click here

Bitcoin glitch expected to abate as software upgrades continue

Bitcoin experienced a glitch over the weekend that is expected to be resolved as software clients that handle transaction data are upgraded.Some software clients that “mine” bitcoins are creating invalid transaction data, which are referred to as blocks. Blocks are records of transactions, and the first miner to complete a block is rewarded with new bitcoins. The blocks are added to bitcoin’s public ledger, called the blockchain.Some software clients that had not been recently upgraded are accepting invalid blocks created by other clients, according to a notice posted on bitcoin.org.To read this article in full or to leave a comment, please click here

Ad fraud Trojan updates Flash Player so that other malware can’t get in

Someone call the malware antitrust commission: Recent versions of the Kovter ad fraud Trojan, which infects computers through Web-based exploits, close the door after themselves by updating Flash Player to the latest version.The new and somewhat surprising behavior was recently observed by a malware researcher known online as Kafeine, who specializes in tracking drive-by download attacks that use exploit kits.Kovter is used for so-called click or advertising fraud. Once installed on a computer, it hijacks the browser process and uses it to simulate user clicks on online advertisements in order to generate revenue for its creators.To read this article in full or to leave a comment, please click here

Cisco leaves key to all its Unified CDM systems under doormat

Cisco Systems recently realized that its Unified Communications Domain Manager (Unified CDM) software contains a default privileged account with a static password that cannot be changed, exposing the platform to hacking by remote attackers.The Cisco Unified CDM is part of the Cisco Hosted Collaboration System and provides automation and administrative functions for the Cisco Unified Communications Manager, Cisco Unity Connection, Cisco Jabber applications, associated phones and software clients.The privileged account is created when Unified CDM is first installed and cannot be changed or removed without affecting the system’s functionality—although exactly how, Cisco didn’t say in its security advisory. The only solution, the company said, is to install the patches it released.To read this article in full or to leave a comment, please click here