Quaker Oats threatens to sue actual Quakers for trademark infringement

A gray hat replacing the Locky ransomware payload with a PSA, Windows 10 to double the number of ads after the Anniversary Update, and Quaker Oats threatening to sue actual Quakers for trademark infringement are some of the varied bits and bytes which caught my attention today.New Locky ransomware PSAThe command and control servers for Locky ransomware were previously hacked to show a “Stupid Locky” message instead of locking a victim’s machine, but F-Secure researcher Sean Sullivan discovered “a similar grey hat hack” that delivers a PSA to would-be Locky victims.To read this article in full or to leave a comment, please click here

Stealthy malware Skimer helps hackers easily steal cash from ATMs

Security researchers have found a new version of a malware program called Skimer that's designed to infect Windows-based ATMs and can be used to steal money and payment card details.Skimer was initially discovered seven years ago, but it is still actively used by cybercriminals and has evolved over time. The latest modification, found by researchers from Kaspersky Lab at the beginning of May, uses new techniques to evade detection.Upon installation, the malware checks if the file system is FAT32 or NTFS. If it's FAT32 it drops a malicious executable file in the C:WindowsSystem32 directory, but if it's NTFS, it will write the file in the NTFS data stream corresponding to Microsoft's Extension for Financial Services (XFS) service.To read this article in full or to leave a comment, please click here

Stealthy malware Skimer helps hackers easily steal cash from ATMs

Security researchers have found a new version of a malware program called Skimer that's designed to infect Windows-based ATMs and can be used to steal money and payment card details.Skimer was initially discovered seven years ago, but it is still actively used by cybercriminals and has evolved over time. The latest modification, found by researchers from Kaspersky Lab at the beginning of May, uses new techniques to evade detection.Upon installation, the malware checks if the file system is FAT32 or NTFS. If it's FAT32 it drops a malicious executable file in the C:WindowsSystem32 directory, but if it's NTFS, it will write the file in the NTFS data stream corresponding to Microsoft's Extension for Financial Services (XFS) service.To read this article in full or to leave a comment, please click here

911 emergency services ripped by HBO’s John Oliver

It’s definitely a service that’s taken for granted but HBO’s John Oliver this week pointed out that there’s a lot to be concerned about over the nation’s 911 emergency service.On Oliver’s Last Week Tonight HBO show, Oliver said 911 emergency call centers are antiquated, disjointed and in desperate need of funding and new technology. He said everyone should Google “understaffed 911 dispatch and [your town name]” to get an idea of problems near you and nationwide.Watch: The watchdogs at the Government Accountability Office in 2013 wrote about 911 technologies: “The continuing evolution of communications technologies and wireless phones has implications for 911 services. Since 911 call centers predominantly use older, analog-based infrastructure and equipment, the current E911 system is not designed to accommodate emergency communications from the range of new technologies in common use today, including text and picture messaging and Voice-over-Internet Protocol (VoIP) telephony (e.g., Skype). In response to changing technologies, the Department of Transportation (DOT) launched the Next Generation 911 (NG911) Initiative, which has focused on the research required to develop an NG911 system. With NG911 services, the public could reach 911 call centers through various modes, including voice and data, and transmit multimedia Continue reading

911 emergency services ripped by HBO’s John Oliver

It’s definitely a service that’s taken for granted but HBO’s John Oliver this week pointed out that there’s a lot to be concerned about over the nation’s 911 emergency service.On Oliver’s Last Week Tonight HBO show, Oliver said 911 emergency call centers are antiquated, disjointed and in desperate need of funding and new technology. He said everyone should Google “understaffed 911 dispatch and [your town name]” to get an idea of problems near you and nationwide.Watch: The watchdogs at the Government Accountability Office in 2013 wrote about 911 technologies: “The continuing evolution of communications technologies and wireless phones has implications for 911 services. Since 911 call centers predominantly use older, analog-based infrastructure and equipment, the current E911 system is not designed to accommodate emergency communications from the range of new technologies in common use today, including text and picture messaging and Voice-over-Internet Protocol (VoIP) telephony (e.g., Skype). In response to changing technologies, the Department of Transportation (DOT) launched the Next Generation 911 (NG911) Initiative, which has focused on the research required to develop an NG911 system. With NG911 services, the public could reach 911 callTo read this article in full or to leave a comment, please click here

911 emergency services ripped by HBO’s John Oliver

It’s definitely a service that’s taken for granted but HBO’s John Oliver this week pointed out that there’s a lot to be concerned about over the nation’s 911 emergency service.On Oliver’s Last Week Tonight HBO show, Oliver said 911 emergency call centers are antiquated, disjointed and in desperate need of funding and new technology. He said everyone should Google “understaffed 911 dispatch and [your town name]” to get an idea of problems near you and nationwide.Watch: The watchdogs at the Government Accountability Office in 2013 wrote about 911 technologies: “The continuing evolution of communications technologies and wireless phones has implications for 911 services. Since 911 call centers predominantly use older, analog-based infrastructure and equipment, the current E911 system is not designed to accommodate emergency communications from the range of new technologies in common use today, including text and picture messaging and Voice-over-Internet Protocol (VoIP) telephony (e.g., Skype). In response to changing technologies, the Department of Transportation (DOT) launched the Next Generation 911 (NG911) Initiative, which has focused on the research required to develop an NG911 system. With NG911 services, the public could reach 911 callTo read this article in full or to leave a comment, please click here

Cisco retools core routing and switching certification to sharpen focus on SDN, IoT

The role of network engineer is changing as companies undergo digital transformations. To keep pace with the changes, Cisco is refreshing its core routing and switching certification to ensure that certified network pros have the right skills as companies move toward Internet of Things, cloud computing, network programmability and policy-based network management.The changes announced today pertain to the Cisco Certified Network Associate (CCNA) Routing and Switching certification, which is geared for associate-level network engineers. Late last year, Cisco introduced a new framework at the expert level (Cisco Certified Internet Expert, or CCIE) to address the same emerging technologies.To read this article in full or to leave a comment, please click here

20 best new iPhone, iPad games

Top-rated gamesAs we head toward summer 2016, it’s time to check in and see how the mobile gaming industry has fared for Apple iOS platforms, the iPhone and iPad. Here’s a look at top rated games issued so far this year, based on App Store user reviews and professional reviewers on Metacritic. We hope you’ll discover a few hidden gems.To read this article in full or to leave a comment, please click here

Gadget roundup: Personalized charging cables, thermal imaging thermometer, mobile device memory and the coolest alarm clock ever

We’re back from some travel and video work to present you with a bunch of quick reviews for the gadget fan (either you or someone you know). Is there a theme this week? Not really, just a bunch of cool stuff I’ve been playing with recently.The scoop: Toddy Gear personalized Toddy Cable, about $12 (Kickstarter project, other options are available so you can donate more and get more stuff in return) What is it? It’s a Lightning charging cable for your iOS device that has a personalized message on it - whether it’s your name or some other funky design (see photo at the top of this page).To read this article in full or to leave a comment, please click here

A critical flaw in Symantec antivirus engine puts computers at risk of easy hacking

The antivirus engine used in multiple Symantec products has an easy-to-exploit vulnerability that could allow hackers to easily compromise computers. The flaw was fixed by Symantec in Anti-Virus Engine (AVE) version 20151.1.1.4,  released Monday via LiveUpdate. The flaw consists of a buffer overflow condition that could be triggered when parsing executable files with malformed headers. According to Google security engineer Tavis Ormandy, who found the flaw, the vulnerability can be exploited remotely to execute malicious code on computers. All it takes is for the attacker to send an email with the exploit file as attachment or to convince the user to visit a malicious link.To read this article in full or to leave a comment, please click here

A critical flaw in Symantec antivirus engine puts computers at risk of easy hacking

The antivirus engine used in multiple Symantec products has an easy-to-exploit vulnerability that could allow hackers to easily compromise computers. The flaw was fixed by Symantec in Anti-Virus Engine (AVE) version 20151.1.1.4,  released Monday via LiveUpdate. The flaw consists of a buffer overflow condition that could be triggered when parsing executable files with malformed headers. According to Google security engineer Tavis Ormandy, who found the flaw, the vulnerability can be exploited remotely to execute malicious code on computers. All it takes is for the attacker to send an email with the exploit file as attachment or to convince the user to visit a malicious link.To read this article in full or to leave a comment, please click here

9 business-worthy Chrome for Work devices

Chrome for Work devicesChromebooks have been around for a while, but they haven't received nearly as much business press as hybrid devices like the Surface Pro 4 or iPad Pro. But while they may be flying under the radar, Google has an entire lineup of Chrome-based devices aimed at business users. While these devices might not get as much enterprise-worthy buzz, they are well-equipped for both casual and power users alike. They run the gamut in terms of design and configuration, which means there is likely an option for you -- whether you want a desktop, tablet or notebook experience. Here are nine Chrome for Work devices you've probably never heard of aimed at the enterprise.Acer ChromebaseThe Acer Chromebase will remind you of those all-in-ones that were slated to be the future of the desktop just a few years ago. It features a 21.5-inch touchscreen display, 4 GB of memory, a 16GB hard drive and an NVIDIA Tegra K1 processor. The all-in-one display features two USB 2.0 and 1 USB 3.0 ports, a built in HD webcam and microphone, a microSD memory card slot, two speakers and, of course, the Google Chrome Operating system. Continue reading

Cybercriminal business model vulnerable to intervention

Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report."We've been observing that they've been acting like a business for a while," said Shogo Cottrell, security strategist at Hewlett Packard Enterprise, which produced the report.The profit motivation accounts for more than three-quarters of all data breaches and has been rising in recent years, according to this year's Verizon data breach report.But cybercrime also shares many of the vulnerabilities that traditional businesses do, said Cottrell.MORE ON CSO: How to spot a phishing email For example, a criminal group's reputation is even more important in the underground economy than brand reputation in the legitimate world.To read this article in full or to leave a comment, please click here

Cybercriminal business model vulnerable to intervention

Cybercrime may be booming but its business model is vulnerable on many fronts, according to a new report."We've been observing that they've been acting like a business for a while," said Shogo Cottrell, security strategist at Hewlett Packard Enterprise, which produced the report.The profit motivation accounts for more than three-quarters of all data breaches and has been rising in recent years, according to this year's Verizon data breach report.But cybercrime also shares many of the vulnerabilities that traditional businesses do, said Cottrell.MORE ON CSO: How to spot a phishing email For example, a criminal group's reputation is even more important in the underground economy than brand reputation in the legitimate world.To read this article in full or to leave a comment, please click here

How 5 IT leaders beat their toughest technical challenges

People who lead large IT organizations don’t have much time to deal with the nitty-gritty technical details of how their systems run. Their priorities are to provide strategic technology leadership, set policies and manage the overall operation. CIOs and other IT leaders also have to work with executives in other departments to make sure IT is providing the services the business needs. But there are times when a technical problem crops up that requires the boss’s attention, and on those occasions finding the right solution can seem like an overwhelming challenge.To get a sense of the type of technical issues CIOs have to deal with, we asked five IT leaders to recall vexing problems they were able to solve without resorting to complicated, high-cost rollouts.To read this article in full or to leave a comment, please click here

The Sleepy User Agent

From time to time a customer writes in and asks about certain requests that have been blocked by the CloudFlare WAF. Recently, a customer couldn’t understand why it appeared that some simple GET requests for their homepage were listed as blocked in WAF analytics.

A sample request looked liked this:

GET / HTTP/1.1
Host: www.example.com
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.1; Win64; x64; Trident/5.0)'+(select*from(select(sleep(20)))a)+' 
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8,fr;q=0.6

As I said, a simple request for the homepage of the web site, which at first glance doesn’t look suspicious at all. Unless your take a look at the User-Agent header (its value is the string that identifies the browser being used):

Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.1; Win64; x64; Trident/5.0)'+(select*from(select(sleep(20)))a)+

The start looks reasonable (it’s apparently Microsoft Internet Explorer 11) but the agent strings ends with '+(select*from(select(sleep(20)))a)+. The attacker is attempting a SQL injection inside the User-Agent value.

It’s common to see SQL injection in URIs and form parameters, but here the attacker has hidden the SQL query select * from (select(sleep(20))) inside the User-Agent Continue reading