Hey Apple, were you hosting hacked copies of Xcode?
[Update: According to Apple, the validation procedure described in this article may not work with Xcode versions earlier than 7.0. See this follow-on article for details.] Yesterday morning, Apple sent out an email to developers advising them that Apple had “removed apps from the App Store that were built with a counterfeit version of Xcode, […] more…Apple lists 25 apps impacted by XcodeGhost
Apple has identified 25 apps on its stores that had used a rogue version of its Xcode development tool, and advised users to update the affected apps to fix the issue on their devices. Figuring in the list are the WeChat app from Tencent and the Didi ride-hailing app, which had been identified earlier as […] more…Apple brings down malware-infected apps from store
Apple has brought down a large number of apps from its store after it was found that around 40 iOS apps had been infected by a modified version of the company’s software for developers. Christine Monaghan, an Apple spokeswoman, told news outlets that the company removed apps from the App Store that it knows have […] more…Tensions to Mark Xi’s White House Visit
President Barack Obama will offer his Chinese counterpart Xi Jinping a full state welcome at the White House later this month, belying tensions fueled by Beijing’s increased military assertiveness. read more more…The mission and capabilities of the FBI Cyber Division
Ira Winkler and Araceli Treu Gomes interviewed Donald Good, deputy assistant director of the Federal Bureau of Investigation, after his presentation at the Black Hat CSO Forum. He is in charge of the FBI Cyber Division. Ira and Ari go into detail about the mission of the Cyber Division, the resources available, how best to […] more…Demystifying File and Folder Permissions
If you have poked around a server before you have probably encountered file permissions. In fact, all computer file systems offer permissions based on the same core ideas. The file permissions in Linux, Mac, and Windows computers are very similar to the file and folder permissions in Apache, Nginx, and IIS servers. You can right-clickRead […] more…Macro Threats and Ransomware Make Their Mark: A Midyear Look at the Email Landscape
Email can be considered a big business—for cybercrime. In 2014, 196.3 billion emails were sent and received daily. Of that number, 108.7 billion were business emails. With the volume of business emails sent daily, it would be unimaginable for cybercriminals not to take advantage of email to target big businesses. And those attempts can result in million-dollar […] more…Update: Faculty Activity Insights (FAIS) Update – August 28
Due to the technical issues that the vendor encountered with data migration for a couple of Penn State\’s screens, this update is postponed. As soon as the date is set, this alert will be updated. more…Revisiting CVE-2015-3823: Mediaserver Bug Leads To Heap Overflow, Too
Issues surrounding the Android mediaserver component continue. It has been brought to our attention that a vulnerability (CVE-2015-3823) could (theoretically) be used for arbitrary code execution as well. On August 23, Google raised the severity of this vulnerability to “critical”, indicating that code execution was possible. We have previously discussed how this bug in the mediaserver component of […] more…DARPA seeks to develop program that drastically improves DDoS defense
The Defense Advanced Research Projects Agency (DARPA) has started taking applications to develop a stronger defense against distributed denial-of-service (DDoS) attacks. The idea of the program, called Extreme DDoS Defense (XD3), is to create a countermeasures system that is not only more nimble in thwarting an attack, but also able to quickly recognize when an […] more…Winning the Online Banking War
Detecting banking malware has become part and parcel of the security industry, so cybercriminals are continuously looking to gain the upper hand in the battle against the financial industry and security vendors. In the BlackHat presentation Winning the Online Banking War last August 5, Sean Park proposed the use of a new online banking security framework […] more…BMW owns Alphabet.com and it’s not selling it to Google
Perhaps Google (Alphabet?) should have googled its new name before it decided to restructure the whole company. The New York Times reports that Google’s new parent company, Alphabet, has encountered an issue with german automaker BMW, which owns a fleet services company with the same name and the domain Alphabet.com. A spokesperson for BMW told […] more…Update: University Support Building 2 UPS maintenance work
The University Support building two is currently running on generator power. The UPS vendor was onsite replacing capacitors on the UPS unit on change ID number CHG0032955. The work was completed and the vendor tried bringing the UPS back online, but encounter issues. At this time the building power is being supplied by the generator. […] more…Black Hat/DEF CON 2015: Understanding the Hands-on Imperative
This year’s Black Hat and DEF CON gave us a good glimpse of the future: what we can expect, what we need to fear, and most especially what we need to do. The Dream of Internet Freedom Jennifer Granick’s keynote speech during the first day of Black Hat 2015 captured the theme of this year’s conference. […] more…Fake Apple iOS crash reports prove tricky to remove
Some Apple mobile users have been encountering a pop-up message that is particularly difficult to close. The message appears after a user has been redirected to a different domain, usually caused by viewing a malicious advertisement, wrote Jerome Segura, a senior security researcher with Malwarebytes. The message warns that a third-party application on the phone […] more…Flash Threats: Not Just In The Browser
July has been a fairly poor month for Adobe Flash Player security, to say the least. Three separate zero-day vulnerabilities (all courtesy of the Hacking Team dump) have left many people concerned about Flash security, with many (including this blog) calling for it to go away. Some sort of reaction from Adobe to improve Flash […] more…More information
- Skype, Microsoft cleared in Luxembourg NSA investigation
- Intel SGX Can Be Abused to Hide Advanced Malware: Researchers
- Facebook: we won’t share data with WhatsApp (yet)
- SAST and DAST: Part of a Balanced Software Security Initiative
- Firefox and Tor users update now: 0-day exploit in the wild
- Deep Dive Into Ragnar Locker Ransomware Targeting Critical Industries
- FBI says it may have found a way to crack shooter’s iPhone
- Update now! Chrome and Firefox patch security flaws
- 5 good-news stories to kick off Cyber Security Awareness Month
- ExploitHub and Rift Recon Announce Global Strategic Partnership