Badlock, another ‘major’ security bug that puts profits before patches
Some have accused the developer of profiteering by publicly revealing a vulnerability that amounts to effectively fixing their own code. more…Tor Project says it can quickly catch spying code
The Tor Project is fortifying its software so that it can quickly detect if its network is tampered with for surveillance purposes, a top developer for the volunteer project wrote on Monday. There are worries that Tor could either be technically subverted or subject to court orders, which could force the project to turn over […] more…Node.js 5.7 released ahead of impending OpenSSL updates
The Node.js Foundation is gearing up this week for fixes to OpenSSL that could mean updates to Node.js itself. Releases to OpenSSL due on Tuesday will fix defects deemed to be of “high” severity, Rod Vagg, foundation technical steering committee director, said in a blog post on Monday. Within a day of the OpenSSL releases, […] more…ATMZombie: banking trojan in Israeli waters
On November 2015, Kaspersky Lab researchers identified ATMZombie, a banking Trojan that is considered to be the first malware to ever steal money from Israeli banks. It uses insidious injection and other sophisticated and stealthy methods. The first method, dubbed “proxy-changing”, is commonly used for HTTP packets inspections. It involves modifying browser proxy configurations and […] more…Source code for powerful Android banking malware is leaked
The source code for a powerful Android malware program that steals online banking credentials has been leaked, according to researchers with IBM. The malware family is known by several names, including GM Bot, Slempo, Bankosy, Acecard, Slempo and MazarBot. GM Bot has been sold on underground hacking forums for around US$500. But it appears someone […] more…Google just passed a big milestone for getting self-driving cars on the road
The US government recognizes AI as the legal “driver” of autonomous vehicles, paving the way for new safety rules that don’t require things like hand brakes and steering wheels. more…Google expands Chrome’s Safe Browsing defenses to sniff out ad scams
Google today said it is expanding its Safe Browsing technology to take into account online ads that try to scam users into divulging personal information or downloading malware masquerading as name-brand software in need of an update. Safe Browsing is the name of both the backend technology Google created and the API (application programming interface) […] more…Dridex banking malware adds a new trick
Dridex, the banking malware that won’t go away, has been improved upon once again. IBM’s X-Force researchers have found that the latest version of Dridex uses a DNS (Domain Name System) trick to direct victims to fake banking websites. The technique, known as DNS cache poisoning, involves changing DNS settings to direct someone asking for a […] more…Here’s What Tor’s Data Looks Like as It Flows Around the World
For a tool that’s meant to serve as a cloak of online anonymity, Tor is surprisingly transparent. The non-profit Tor project whose software powers its network of thousands of volunteer proxy computers also publishes a frequently updated collection of data about the location and bandwidth of those privacy-enhancing machines on desks and in datacenters around […] more…Mozilla Persona login system to shut down end November
Mozilla’s login system Persona will be shut down on Nov. 30 as its usage is low and has not grown over the last two years. The foundation’s decision to take persona.org and related domains offline follows a move in March 2014 to transition the running of the project from full-time developers to a community of […] more…The SLOTH attacks: why laziness about cryptography puts security at risk
If someone lent you a car with dodgy steering, would you drive it anyway on the assumption that the brakes were probably OK? more…Malware tricks that you may not know about
There is a constant cat and mouse game between malware, security software companies and computer users, and the chance of one side winning the battle seems slim at best. Malwarebytes revealed recently on Malwarebytes Unpacked how Vonteera, a malware previously classified as adware, operates. While it may not be of interest to many how that […] more…Malwarebytes exposes adware that disables antivirus
Malwarebytes has issued a detailed report explaining the various tricks Vonteera adware uses to compromise your PC — and it makes for uncomfortable reading. Unwanted adverts, unknown Windows services, modified shortcuts, forced installation of uninstallable Chrome extensions, even a way to prevent you running antivirus software — it’s all here. Tags: Industry News more…Malicious Adware Uses Certificates to Disable Security Products
A piece of malicious adware dubbed “Vonteera” tricks the operating system into thinking that digital certificates from security companies are untrusted in an effort to prevent anti-malware products from blocking it. read more more…Court told Dotcom case is ‘simple fraud’
After three and a half years, Kim Dotcom has faced court in New Zealand facing charges of copyright violation, racketeering, and money laundering, as well as potential extradition to the United States. more…Planned Maintenance: Wireless Services at University Park
ITS will be completing maintenance on the wireless service at University Park tomorrow morning, Friday, August 21, from 5:00 AM to 7:00 AM. This work is similar to that completed earlier this week, as communicated via ITS Alert at http://alerts.its.psu.edu/alert-3666. The purpose of this work is better utilize existing wireless infrastructure. We have reviewed the […] more…More information
- As Yahoo makes encryption standard for email, weak implementation seen
- Microsoft Patch Tuesday – get ready for a bumper Tenth Birthday edition!
- UK Financial Regulator Admits to Data Breach
- Microsoft Office CVE-2016-3364 Memory Corruption Vulnerability
- Upleveling the State of SMB Cybersecurity
- FBI says it can’t unlock 8,000 encrypted devices, demands backdoors for America’s ‘public safety’
- Mobile management on the rise, but many companies still at risk
- Apple plans self-sufficient cloud infrastructure with ‘Project McQueen’
- These 10 people may be your greatest inside security risks
- Bangladesh Central Bank ‘Complicit’ in Heist: Minister