HOME/ABOUT  Prayer  SCOTUS  ProLife  BangList  Aliens  StatesRights  ConventionOfStates  WOT  HomosexualAgenda  GlobalWarming  Corruption  Taxes  Congress  Fraud  MediaBias  GovtAbuse  Tyranny  Obama  ObamaCare  Elections  Polls  Debates  Trump  Cruz  Kasich  OPSEC  Benghazi  InfoSec  BigBrother  IRS  Scandals  TalkRadio  TeaParty  FreeperBookClub  HTMLSandbox  FReeperEd  FReepathon  CopyrightList  Copyright/DMCA Notice 

Please keep those donations coming in, folks. Our 2nd quarter FReepathon is off to a great start and we have a chance of getting 'er done early! Thank you all very much!!

Or by mail to: Free Republic, LLC - PO Box 9771 - Fresno, CA 93794
Free Republic 2nd Quarter Fundraising Target: $88,000 Receipts & Pledges to-date: $36,465
41%  
Woo hoo!! And the first 41% is in!! Thank you all very much!! God bless.

Keyword: malware

Brevity: Headers | « Text »
  • Nuclear power plant COMPROMISED: Fears grow as power plant affected by malware

    04/27/2016 5:23:25 AM PDT · by sheikdetailfeather · 23 replies
    Express ^ | 4-27-16 | Tom Batchelor
    Gundremmingen plant in southern Germany was found to be riddled with computer viruses, including those which would allow attackers remote access to equipment for moving nuclear fuel rods. Viruses, known as W32.Ramnit and Conficker, were discovered at the plant, which is located 75 miles northwest of Munich. W32.Ramnit has the potential to give an attacker remote control over a system when it is connected to the internet and is also designed to steal files from infected computers. The virus could be used by groups such as Islamic State to obtain nuclear secrets, bringing them one step closer to building a...
  • Adobe Issues 'Emergency' Flash Player Security Update to Address Ransomware Attacks (again!)

    04/08/2016 10:01:01 AM PDT · by Swordmaker · 28 replies
    MacRumors ^ | Friday April 8, 2016 4:59 AM PDT | by Joe Rossignol
    Adobe-FlashAdobe has issued Flash Player security updates for OS X, Windows, Linux, and Chrome OS to address "critical vulnerabilities that could potentially allow an attacker to take control of the affected system" by way of ransomware. Ransomware is a type of malware that encrypts a user's hard drive and demands payment in order to decrypt it. These type of threats often display images or use voice-over techniques containing instructions on how to pay the ransom. In this particular "CERBER" attack (via Reuters), affecting Flash-based advertisements, attackers have reportedly demanded between around $500 and $1,000, to retrieve the encrypted files. Adobe...
  • AceDeceiver: First iOS Trojan Exploiting Apple DRM Design Flaws to Infect Any iOS Device

    03/16/2016 6:30:31 PM PDT · by Utilizer · 5 replies
    Palo Alto Networks ^ | March 16, 2016 5:00 AM | Claud Xiao
    We’ve discovered a new family of iOS malware that successfully infected non-jailbroken devices we’ve named “AceDeceiver”. What makes AceDeceiver different from previous iOS malware is that instead of abusing enterprise certificates as some iOS malware has over the past two years, AceDeceiver manages to install itself without any enterprise certificate at all. It does so by exploiting design flaws in Apple’s DRM mechanism, and even as Apple has removed AceDeceiver from App Store, it may still spread thanks to a novel attack vector. AceDeceiver is the first iOS malware we’ve seen that abuses certain design flaws in Apple’s DRM protection...
  • Millions menaced as ransomware-smuggling ads pollute top websites

    03/16/2016 7:54:20 AM PDT · by snarkpup · 42 replies
    The Register ^ | 15 Mar 2016 at 17:19 | John Leyden
    msn.com, nytimes.com, aol.com et al hit by malware-injecting banners Top-flight US online publishers are serving up adverts that attempt to install ransomware and other malware on victims' PCs. Websites visited by millions of people daily – msn.com, nytimes.com, aol.com, nfl.com, theweathernetwork.com, thehill.com, zerohedge.com and more – are accidentally pushing out booby-trapped adverts via ad networks, warn infosec researchers.
  • Slew of dangerous Adobe Flash flaws patched

    03/11/2016 5:46:01 PM PST · by Utilizer · 31 replies
    iTnews (AUS) ^ | Mar 11 2016 | Juha Saarinen
    Adobe has issued patches for 21 serious flaws in its Flash Player software to address critical vulnerabilities that could potentially allow attackers to take control of victims' systems. The vulnerabilities affect versions of Flash for Microsoft Windows, Apple OS X and iOS, Linux and Google's ChromeOS operating systems, Adobe said. Of the vulnerabilities, three allow arbitrary code execution through integer overflows, and 11 involve use-after-free flaws. Researchers from Google's Project Zero, HP Enterprise Zero Day Initiative, NSFOCUS, Microsoft, Kaspersky, Tencent and Venustech also discovered a heap underflow vulnerability in Adobe Flash and eight memory corruption bugs - all of which...
  • Popular WordPress Plugin Comes with a Backdoor, Steals Site Admin Credentials

    03/06/2016 8:51:29 PM PST · by Utilizer · 1 replies
    SOFTPEDIA ^ | Mar 5, 2016 00:46 GMT | Catalin Cimpanu
    that was installing a backdoor through which it was altering core WordPress files so it could log and steal user credentials from infected sites. First signs of something being wrong were spotted by the Sucuri team, a company that provides website security. Sucuri's researchers were alerted by one of their clients to the presence of a weirdly named file (auto-update.php) that didn't exist until a recent plugin update. The plugin in question was Custom Content Type Manager (CCTM), a popular WordPress plugin for creating custom post types that, in the three years since it was uploaded on the WordPress plugin...
  • Apple users targeted in first known Mac ransomware campaign

    03/06/2016 7:55:57 PM PST · by Swordmaker · 11 replies
    Yahoo News ^ | March 6, 2016
    By Jim Finkle BOSTON (Reuters) - Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday. Ransomware, one of the fastest-growing types of cyber threats, encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data. Security experts estimate that ransoms total hundreds of millions of dollars a year from such cyber criminals, who typically target users of...
  • Mozilla Bans Firefox Add-on That Tampered with Security Settings

    03/04/2016 8:32:54 PM PST · by Utilizer · 16 replies
    SOFTPEDIA ^ | Mar 3, 2016 20:03 GMT | Catalin Cimpanu
    Mozilla developers have taken steps to ban the popular YouTube Unblocker add-on after it was caught altering browser security settings and even installing a second add-on without the user's consent. YouTube Unblocker is a Firefox add-on that allows users to view YouTube videos blocked in their country. It does so by using a collection of proxy servers to reroute YouTube content through countries in which the videos are whitelisted. This past weekend, a user complained about the add-on exhibiting sneaky behavior, saying that his Avast antivirus blocked a download coming from a third-party website as soon as he installed the...
  • Palo Alto Networks patches serious vulnerabilities

    02/25/2016 7:07:26 PM PST · by Utilizer · 2 replies
    iTnews (AUS) ^ | Feb 26 2016 5:56AM (AUS) | Juha Saarinen
    Security vendor Palo Alto Networks has issued a security advisory covering four vulnerabilities affecting its PAN-OS operating system and is advising users to patch immediately. Two vulnerabilities in particular appear to be particularly dangerous, according to Johannes Ullrich of security vendor SANS Institute. Rated as "critical" by Palo Alto Networks, a buffer overflow in the PAN-OS GlobalProtect SSL VPN web interface could be abused to bypass restrictions to limit traffic to trusted IP addresses only. "An attacker with network access to the vulnerable GlobalProtect portal may be able to perform a denial-of-service (DoS) attack on the device, and may be...
  • Linux Mint Website Hack: A Timeline of Events

    02/22/2016 7:26:56 PM PST · by Utilizer · 22 replies
    SOFTPEDIA ^ | Feb 21, 2016 12:05 GMT | Catalin Cimpanu
    Last night, the Linux Mint team announced that someone had hacked their servers and started pointing user downloads to malicious ISO images for the Linux Mint 17.3 Cinnamon edition. Our Linux editor already covered the initial details of the attack, which we recommend reading before going forward with this article. Since then, in the last ten hours, the Linux and infosec communities have been working hard to investigate what happened and how the hackers operated. Linux Mint Team: They hacked us via our WordPress site The first to provide an answer was Clement Lefebvre, leader of the Linux Mint project,...
  • Hard-coded password exposes up to 46,000 video surveillance DVRs to hacking

    02/17/2016 8:44:52 PM PST · by Utilizer · 19 replies
    IDG News Service ^ | Feb 17, 2016 10:25 AM PT | Lucian Constantin
    Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers. According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account. Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development. That mentality has changed in...
  • DLL Hijacking Issue Plagues Products like Firefox, Chrome, iTunes, OpenOffice

    02/08/2016 6:41:43 PM PST · by Utilizer · 25 replies
    SOFTPEDIA ^ | Feb 8, 2016 12:00 GMT | Catalin Cimpanu
    Oracle has released new Java installers to fix a well-known security issue (CVE-2016-0603) that also affects a plethora of other applications, from Web browsers to antivirus products, and from file compressors to home cinema software. The problem is called DLL hijacking (or DLL side-loading) and refers to the fact that malware authors can place DLLs of the same name in specific locations on the target's filesystem and have it inadvertently load the malicious DLL instead of the safe one. DLL hijacking is a very well-known issue This type of attack is very old and has been known to many software...
  • Roll up, roll up to the Malware Museum! Run classic DOS viruses in your web browser!

    02/08/2016 2:33:58 PM PST · by dayglored · 12 replies
    The Register ^ | Feb 5, 2016 | Chris Williams
    The Internet Archive has opened a new collection dubbed the Malware Museum that lets you run old DOS-era viruses in your web browser. There are 78 samples to play with, all uploaded earlier today and collated by Mikko Hypponen and Jason Scott. The cheesy old code is executed in your browser using a JavaScript version of emulator DOSbox. Much to our delight, there some classics in the museum, particularly Casino. Running these cyber-fossils will take you back to the bad old days when code could do anything it liked on machines -- security wasn't a consideration at all. As such,...
  • Scareware Signed With Apple Cert Targets OS X Machines

    02/06/2016 7:24:03 PM PST · by Utilizer · 28 replies
    Threatpost ^ | February 5, 2016 , 11:31 am | Michael Mimoso
    A unique scareware campaign targeting Mac OS X machines has been discovered, and it's likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate. "Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for probably two years in similar attacks," said Johannes Ullrich, dean of research of the SANS Institute's Internet Storm Center, which on Thursday publicly disclosed the campaign. "So far, it apparently hasn't been revoked by Apple." Ullrich said he happened upon the scam while investigating some...
  • Congress to federal agencies: You have two weeks to tally your backdoored Juniper kit

    01/27/2016 7:23:22 PM PST · by Utilizer
    Computerworld ^ | Jan 26, 2016 8:51 AM PT | Lucian Constantin
    Congress plans to question about two dozen federal agencies on whether they were using backdoored Juniper network security appliances. In December, Juniper Networks said it had discovered unauthorized code added to ScreenOS, the operating system that runs on its NetScreen network firewalls. The rogue code, which remained undetected for two years or more, could have allowed remote attackers to gain administrative access to vulnerable devices or to decrypt VPN connections. The U.S. House Committee on Oversight and Government Reform wants to determine the impact that this issue had on government organizations and how those organizations responded to the incident. The...
  • Magento plugs 'dangerous' cross-scripting hole

    01/26/2016 7:25:54 PM PST · by Utilizer · 4 replies
    iTnews ^ | Jan 27 2016 6:51AM (AUS) | Juha Saarinen
    A new vulnerability in the eBay-owned Magento e-commerce platform could be remotely exploited to take over sites and steal client information, researchers have discovered. Security vendor Sucuri discovered a stored cross-site scripting (XSS) vulnerability in the core system libraries for Magento Community Edition version 1.9.2.3 and earlier, and the Enterprise Edition version 1.14.2.3 and older. The critical flaw could be triggered by sending an email to adminstrators. Sucuri reported the bug to Magento's security team early in November last year. Magento acknowledged the vulnerability on 1 December 2015, but did not issue a patch until 21 January 2016. The Magento...
  • Hot Potato exploit mashes old vulns into Windows System 'sploit

    01/24/2016 7:36:54 PM PST · by Utilizer · 10 replies
    The Register ^ | 20 Jan 2016 at 08:39 | Darren Pauli
    Shmoocon Foxglove Security bod Stephen Breen has strung together dusty unpatched Windows vulnerabilities to gain local system-level access on Windows versions up to 8.1. The unholy zero-day concoction, reported to Microsoft in September and still unpatched, is a reliable way of p0wning Windows for attackers that have managed to pop user machines. Breen released exploit code for his attack dubbed Hot Potato following his talk at the Shmoocon conference in Washington over the weekend. "Hot Potato takes advantage of known issues in Windows to gain local privilege escalation in default configurations, namely NTLM relay -\- specifically HTTP-SMB relay - and...
  • Enterprise AV devices contain secret backdoor

    01/21/2016 7:20:10 PM PST · by Utilizer · 9 replies
    iTnews ^ | Jan 22 2016 10:16AM (AUS) | Juha Saarinen
    Audiovisual devices made by AMX for government, education and business users contain a secret backdoor that allows full remote access without detection, security researchers have found. European security firm SEC Consult discovered the hidden backdoor account by analysing an operating system program for user management on the AMX Netlinx NX-1200 AV controller, which is sold in Australia. The binary contains a function named "setUpSubtleUserAccount", which adds a hidden user with administrative privileges, SEC Consult said. Both the account username and password are stored persistently on the AMX NX-1200, meaning if an attacker has this information, they can potentially log on...
  • Linux Trojan captures audio and takes screenshots

    01/20/2016 8:26:27 PM PST · by Utilizer · 4 replies
    InfoWorld ^ | Jan 20, 2016 | Jim Lynch
    Security is something that is always on the minds of users these days, and that includes those who use Linux. TechWeek Europe has a disturbing article about a Linux trojan that captures audio and takes screenshots. It remains to be seen how widespread this Trojan is among Linux users and what the exact attack vector is for it. Steve McCaskill reports for TechWeek Europe: Security researchers have found a new Linux Trojan capable of taking screenshots of infected systems and even recording sound. Russian anti-virus firm Dr Web says that once the Linux.Ekoms.1 malware is launched it checks for two...
  • LastPass mitigates creds-stealing phishing attack

    01/19/2016 6:51:35 PM PST · by Utilizer · 7 replies
    iTnews ^ | Jan 20 2016 8:59AM (AUS) | Juha Saarinen
    Popular credentials manager LastPass has taken steps to counter a "very simple" phishing attack that could see users' passwords, email addresses and two-factor authentication tokens stolen. Researcher Sean Cassidy posted proof of a successful phishing attack using a faked LastPass notification in a web browser earlier this month, following a presentation at hacker conference Schmoocon. By setting up a malicious website that displays notifications telling users their LastPass sessions have expired, Cassidy was able to create a page that lured people into entering their credentials for the password manager. The researcher called the attack LostPass. A successful capture of user...
  • Fortinet denies backdoor in firewall operating system

    01/13/2016 6:18:43 PM PST · by Utilizer · 2 replies
    iTnews ^ | Jan 14 2016 10:41AM (AUS) | Juha Saarinen
    Firewall vendor FortiNet has denied that the FortiGate OS operating system that runs its devices comes with a backdoor, despite a researcher purportedly posting proof of concept code on a security mailing list. Over the weekend, a Python script was posted anonymously, which appeared to allow remote access to Fortinet devices over the Secure Shell protocol. The post disclosed a passord hard-coded into the FortiGate OS. The password is said to work on FortiOS version 4.x to 5.0.7, and a screenshot was posted on Twitter, allegedly showing that the script for the backdoor is working, providing remote access to Fortinet...
  • Researcher finds gaping holes in Trend Micro antivirus

    01/12/2016 6:43:44 PM PST · by Utilizer · 12 replies
    iTnews aus ^ | Jan 13 2016 6:40AM (AUS) | Juha Saarinen
    A Google Project Zero researcher has left security vendor Trend Micro with egg on its face, after discovering its software contains multiple, serious vulnerabilities that are easy to exploit without user interaction or notification. Tavis Ormandy of Project Zero noted that when Trend Micro antivirus is installed on Windows, the password manager component - written mostly in Javascript using the node.js framework that's included by default - allows any any website to run arbitrary code on users' machines. The flaw in password manager allegedly took Ormandy only about 30 seconds to discover. He said the vulnerability is trivial to exploit,...
  • Juniper to replace software containing suspected NSA back door

    01/10/2016 5:45:20 PM PST · by Utilizer · 16 replies
    iTnews ^ | Jan 10 2016 9:55PM | Staff Writer
    Juniper has confirmed it will stop using a piece of security code that analysts believe was developed by the National Security Agency in order to eavesdrop through technology products. The Silicon Valley maker of networking gear said it would ship new versions of security software in the first half of this year to replace those that rely on numbers generated by Dual Elliptic Curve technology. The statement on a blog post came a day after the presentation at a Stanford University conference of research by a team of cryptographers who found that Juniper's code had been changed in multiple ways...
  • Malware Campaign Reportedly Prompts Large-Scale Blackout in Ukraine

    01/07/2016 6:41:44 AM PST · by thackney · 7 replies
    Power Engineering ^ | 01/06/2016 | Sonal Patel
    Malware has apparently been used for the first time to prompt a large-scale power blackout. An attack was tied to a Dec. 23 blackout affecting about 1.4 million Ukrainians living in the Ivano-Frankivsk region, reported Ukrainian news media outlet TSN. However, Slovakian information security firm ESET later confirmed that the reported case "was not an isolated incident," and that other energy companies in Ukraine were targeted by cybercriminals at the same time. ESET said the attackers have been using the BlackEnergy malware family. "Specifically, the BlackEnergy backdoor has been used to plant a KillDisk component onto the targeted computers that...
  • Cisco says chat client vulnerable to man-in-the-middle attack

    01/04/2016 6:12:59 PM PST · by Utilizer · 11 replies
    SC Magazine ^ | January 04, 2016 | Roi Perez
    Californian tech giant Cisco has released an advisory statement explaining that its chat client Jabbar is currently vulnerable to a man-in-the-middle attack. Found in the Windows client of Jabbar, the vulnerability could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack. Discovered by Renaud Dubourguais and SĂ©bastien Dudek from Synacktiv, a French cyber-security firm, versions affected include the 10.6.x, 11.0.x, and 11.1.x releases. Currently the client does not verify that the Extensible Messaging and Presence Protocol (XMPP) connection has been established with Transport Layer Security (TLS). XMPP enables the near-real-time exchange of structured yet extensible data between any...
  • Ransom32 Is a JavaScript-Based Ransomware That Uses Node.js to Infect Users

    01/03/2016 11:16:43 PM PST · by Utilizer · 40 replies
    Softpedia ^ | 3 Jan 2016, 14:54 GMT | Catalin Cimpanu
    A new type of ransomware has been spotted, the first of its kind, a ransomware that uses JavaScript to infect its users, being coded on top of the NW.js platform. NW.js, formerly known as Node-WebKit, is a powerful platform that allows developers to create desktop applications via Node.js modules. The platform lets programmers use JavaScript in the same way, and with the same power and reach inside the underlying operating system's guts, as other more powerful languages like C++, Delphi, Java, ActionScript, and C#. If the name hasn't tipped you off yet, NW.js uses a stripped down version of WebKit,...
  • Android Malware Uses Built-In Firewall to Block Security Apps

    12/28/2015 7:49:56 PM PST · by Utilizer · 7 replies
    SOFTPEDIA ^ | 28 Dec 2015, 18:45 GMT | Catalin Cimpanu
    Even if some malware families never get to cause worldwide damage, it's sometimes interesting to read about new techniques that some malware authors employ for creating their threats. One of the most recent cases is a malware family that targets Android devices in China, discovered by Symantec, and named Android.Spywaller. The uniqueness of this threat is the fact that during infection, the malware looks for Qihoo 360, a popular security app among Chinese Android users. Android.Spywaller uses a firewall to block Qihoo 360 internal communications The malware searches and registers on the device with the same UID (unique identifier) used...
  • AVG Forcibly Installs Vulnerable Chrome Extension That Exposes Users' Browsing History

    12/28/2015 6:57:10 PM PST · by Utilizer · 19 replies
    softpedia ^ | 29 Dec 2015, 02:20 GMT | Catalin Cimpanu
    The AVG Web TuneUp Chrome extension, forcibly added to Google Chrome browsers when users were installing the AVG antivirus, had a serious flaw that allowed attackers to get the user's browsing history, cookies, and more. The vulnerability was discovered by Google Project Zero researcher, Tavis Ormandy, who worked with AVG for the past two weeks to fix the issue. AVG Web TuneUp vulnerable to an universal XSS As Mr. Ormandy explains in his bug report, the AVG Web TuneUp extension, which lists over nine million users on its Chrome Web Store page, was vulnerable to trivial XSS (cross-site scripting) attacks....
  • Botnet of Aethra Routers Used for Brute-Forcing WordPress Sites

    12/26/2015 7:58:53 PM PST · by Utilizer · 7 replies
    softpedia® ^ | 23 Dec 2015, 12:30 GMT | Catalin Cimpanu
    Italian security researchers from VoidSec have come across a botnet structure that was using vulnerable Aethra Internet routers and modems to launch brute-force attacks on WordPress websites. This particular incident was uncovered after one of the VoidSec researchers was sifting through his WordPress log file and found a brute-force attack coming from the same IP range. After further investigation, all the IPs came from six Internet Service Providers (ISP): Fastweb, Albacom (BT-Italia), Clouditalia, Qcom, WIND, and BSI Assurance UK, four of which are from Italy. What all these networks had in common were Aethra routers. VoidSec researchers narrowed down most...
  • Somebody Tried to Get a Raspberry Pi Exec to Install Malware on Its Devices

    12/25/2015 6:42:44 PM PST · by Utilizer · 11 replies
    softpedia® ^ | 25 Dec 2015, 14:58 GMT | Catalin Cimpanu
    Liz Upton, the Director of Communications for the Raspberry Pi Foundation, has tweeted out a screenshot of an email where an unknown person has proposed that the Foundation install malware on all of its devices. In the email, a person named Linda, is proposing Mrs. Upton an agreement where their company would provide an EXE file that installs a desktop shortcut, that when clicked redirects users to a specific website. (Raspberry Pi devices can run Windows as well, not just Linux variants.) Linda from company Q[edited] is also inquiring Mrs. Upton about the Foundation's PPI (Price per Install). Judging from...
  • Washington State AG sues major tech support provider alleging deceptive scam

    12/24/2015 1:05:18 PM PST · by KeyLargo · 20 replies
    KOMO News ^ | December 16th 2015 | Connie Thompson
    State AG sues major tech support provider alleging deceptive scam By Connie Thompson Wednesday, December 16th 2015 State investigators just sued one of the rising stars in the tech-support industry claiming part of the operation is based on a scam. The company, called iYogi, is accused of tricking people into paying for tech support services they don't need. According to investigators iYogi engaged in a different twist on the notorious tech support scams where someone call you claiming your computer has problems. What's significant in this case is workers don't call you, you call them. And iYogi is one of...
  • NSA suspected in Juniper firewall backdoors

    12/23/2015 9:37:06 PM PST · by Utilizer · 23 replies
    iTnews ^ | Dec 24 2015 10:00AM (AUS) | Staff Writer
    Dual_EC weaknesses and Juniper error exploited, researchers say. Security researchers suspect the United States' National Security Agency may have had a hand in the planting of unauthorised backdoors in Juniper's enterprise firewalls. The network equipment vendor last week issued an urgent security alert for its NetScreen enterprise firewalls, after discovering "unauthorised code" in the device operating system that allows them to be fully compromised. Juniper had discovered the code during an internal review. The backdoors - which had been in existence since 2012 - meant attackers could gain administrative access and decrypt VPN connections unnoticed. Researchers have now said the...
  • Juniper finds backdoors in enterprise firewalls

    12/17/2015 7:54:53 PM PST · by Utilizer · 11 replies
    iTnews AUS ^ | Dec 18 2015 9:37AM (AUS) | Juha Saarinen
    Urges customers to patch Netscreen devices immediately. Network equipment vendor Juniper has issued an urgent security alert for its Netscreen range of enterprise firewalls, after discovering "unauthorised code" in the device operating system that allows them to be fully compromised. According to Juniper chief information officer Bob Worrall, the code was discovered during an internal review of the ScreenOS operating system for the Netscreen firewalls. One vulnerability could be triggered to permit an attacker to log in via Secure Shell or telnet connections, and gain administrative privileges on Netscreen firewalls.
  • Australia's banks sign up to Android Pay

    12/15/2015 8:02:46 PM PST · by Utilizer · 8 replies
    iTnews AUS ^ | Dec 16 2015 7:16AM (AUS) | Allie Coyne
    Still no deal with Apple. Five of Australia's biggest banks have signed up with Google's Android Pay payments service as they continue to butt heads with Apple over Cupertino's own Apple Pay platform. ANZ Bank, Westpac, ING Direct, Macquarie Bank, St George, Bank of Melbourne, Bank of South Australia and Bendigo Bank will all support the Android payment service when it lands in Australia in the first half of next year. At launch, Android Pay will support Mastercard and Visa credit and debit cards, Google said in a blog post today. The company is currently "working with Eftpos" on similar...
  • MacKeeper discloses 13 million Mac users’ details with poor hash protection

    12/15/2015 8:22:45 PM PST · by Utilizer · 17 replies
    The Stack ^ | Tue 15 Dec 2015 10.12am | Alice MacGregor
    Mac security software suite MacKeeper is recovering after a hack leaked millions of users' personal information. Kromtech, the software developer, confirmed that it had received notice of the hack yesterday, discovering a hole in its security which was exposing customer usernames, email addresses and other personal data for as much as 13 million users. According to Kromtech, the hole was patched within a matter of hours after security researcher Chris Vickery had published details of the error on Reddit over the weekend. The German developer assured customers that there was no evidence that the data had been accessed by malicious...
  • DecryptorMax Ransomware Decrypted, No Need to Pay the Ransom

    11/28/2015 6:55:45 PM PST · by Utilizer · 9 replies
    Softpedia ^ | 28 Nov 2015, 10:31 GMT | Catalin Cimpanu
    ... Fabian Wosar of Emisoft has created a tool capable of decoding files encrypted by the DecryptorMax ransomware, also known as CryptInfinite. The ransomware gets its name from the fact that the "DecryptorMax" string is found in multiple places inside its source code. Additionally, the CryptInfinite moniker is also used by some researchers because the ransomware adds the CryptInfinite key to the Windows registry, using it to store a list of all encrypted files and their location on disk. According to Bleeping Computer's Lawrence Abrams, the ransomware is spread via Word documents attached to spam email. These files pose as...
  • Is Malware all that Bad, Really?

    11/27/2015 7:10:49 PM PST · by Utilizer · 45 replies
    BIT (Business IT) ^ | Wednesday 23 September 2015 (AUS) | Stephen Withers
    ... So what are the most common types of malware? They fall into two main categories: those that are basically no more than a nuisance, and those that are aimed at getting money from the victim. Perhaps the most common example of nuisance malware is adware. According to Oh, this is typically delivered along with free software or by compromised or malicious web sites. Adware rarely does any real damage, but some examples are hard to remove. The term was once applied to 'advertising supported software.' In return for getting a useful application at no charge, you accept that it...
  • Dyreza trojan evolves for Windows 10

    11/26/2015 6:20:04 PM PST · by Utilizer · 29 replies
    itnews.com.au ^ | Nov 23 2015 6:40AM (AUS) | Max Metzger
    ... Notorious banking trojan Dyreza has evolved to target the Windows 10 operating system, according to cyber-security firm Heimdall. The new feature of this pernicious strain of malware includes support for Windows 10, so cyber-criminals can stay up to date with the developments of their prey as well as the ability to latch on to Microsoft Edge, Window's 10's replacement for the much-maligned internet explorer. Heimdall also noted that this new version of Dyreza “kills a series of processes linked to endpoint security software, in order to make its infiltration in the system faster and more effective”. Nearly 100,000 machines...
  • Hilton PoS systems hit with malware, customer details stolen

    11/25/2015 6:13:30 PM PST · by Utilizer · 7 replies
    iTnews.com.au ^ | Nov 25 2015 11:29AM (AUS) | By Staff Writer
    Global hotel operator Hilton Worldwide Holdings has revealed the discovery of malware in some point of sales systems in its hotels that targeted customer payment card information. A third-party investigation found that the malware targeted specific payment card information which included cardholder names, payment card numbers, security codes and expiration dates, Hilton said. It did not include addresses or personal identification numbers (PINs), according to the company. Hilton advised customers who used their card at any of the global operator's hotels during a 17-week period - from November 18 to December 5 2014 or April 21 to July 27 2015...
  • Dell security error widens as researchers dig deeper (Earlier problem is worse than was thought)

    11/23/2015 9:56:26 PM PST · by dayglored · 11 replies
    PCWorld ^ | Nov 23, 2015 | Jeremy Kirk
    Duo Security researchers found a second weak digital certificate on a new Dell Inspiron laptop The fallout from a serious security mistake made by Dell is widening, as security experts find more issues of concern. Researchers with Duo Security have found a second weak digital certificate in a new Dell laptop and evidence of another problematic one circulating. The issue started after it was discovered Dell shipped devices with a self-signed root digital certificate, eDellRoot, which is used to encrypt data traffic. But it installed the root certificate with the private encryption key included, a critical error that left many...
  • Police Body Cameras Shipped With Pre-Installed Conficker Virus

    11/15/2015 6:26:20 AM PST · by markomalley · 11 replies
    Softpedia ^ | 11/14/15
    US-based iPower Technologies has discovered that body cameras sold by Martel Electronics come pre-infected with the Conficker worm (Win32/Conficker.B!inf).The specific line of body cameras iPower tested, is the same one sold to police forces around the US, used by street patrol officers and SWAT team members in their operations.The model, Frontline Body Camera, is attached to an officer's chest and works by recording his activities on video, his location using a GPS tracker, and taking regular snapshots as images.The camera records data on an internal drive, from where the officer or his supervisors can download it onto a computer via...
  • File-encrypting ransomware starts targeting Linux web servers (re-post)

    11/10/2015 10:45:12 PM PST · by Utilizer · 14 replies
    PCworld.comIDG News Service ^ | Nov 9, 2015 7:00 AM | Lucian Constantin
    Ransomware authors continue their hunt for new sources of income. After targeting consumer and then business computers, they’ve now expanded their attacks to Web servers. Malware researchers from Russian antivirus vendor Doctor Web have recently discovered a new malware program for Linux-based systems that they’ve dubbed Linux.Encoder.1.
  • CryptoWall 4.0 the nastiest strain yet

    11/10/2015 6:00:08 AM PST · by Utilizer · 18 replies
    iTnews.com.au ^ | Nov 10 2015 9:16AM (AUS) | Allie Coyne
    The fourth version of the CryptoWall ransomware has landed in the wild, equipped with better evasion techniques and tactics to thwart antivirus protection and detection. Ransomware attacks computers and encrypts user files and folders via infected email attachments, with attackers demanding ransom payments to unlock the scrambled documents. Users are told to make the payment by a specific deadline or risk having the private key to unlock the files deleted. The active CryptoWall ransomware spawned from CryptoLocker, which is thought to have extorted more than $3 million from victims before the botnet used to distribute it - Gameover Zeus -...
  • This Android malware is so bad, you might be better off buying a new phone

    11/06/2015 9:18:05 PM PST · by Swordmaker · 13 replies
    Mashable ^ | November 6, 2015 | BY STAN SCHROEDER
    We've seen Android malware that takes your photos and videos for ransom, and there's one that can mimic your phone's shutdown process and spy on you even though the phone appears to be off. But a new family of malware, detailed by security firm Lookout on Wednesday, is probably the scariest we've heard of: It's so hard to remove that, in some cases, victims might be better off just buying a new device. Lookout's researchers have found 20,000 samples of three pieces of malware, named Shedun, Shuanet, and ShiftyBug, which share a lot of the same code and use similar...
  • New type of auto-rooting Android adware is nearly impossible to remove (Link only due to copyright)

    11/04/2015 4:25:29 PM PST · by Swordmaker · 13 replies
    Ars Technica — LINK ONLY | Nov 4, 2015 2:15pm PST | by Dan Goodin -
    This is a bad Android Root Kit baddy. . . as the headline says, it is almost impossible to remove from Android devices. More information at Ars Technica's site (link only due to copyright concerns): New type of auto-rooting Android adware is nearly impossible to remove
  • Is Google Falsely Flagging Harmless Sites?

    10/29/2015 2:19:10 PM PDT · by WilliamofCarmichael · 20 replies
    PC World ^ | January, 2009 | Jeremy Kirk
    StopBadware.org is run by Harvard Law School's Berkman Center for Internet and Society, Oxford University's Internet Institute, and vendor partners such as Google, Sun Microsystems, and Lenovo.
  • Regarding Google's malware database and malware "attack site" warnings on FR [Thread II]

    10/28/2015 10:53:00 AM PDT · by Jim Robinson · 112 replies
    October 28, 2015 | Jim Robinson
    Basically, google's full of crap. Apparently, they have two issues with FR. One is that a user (a long-time user not a hacker) posted a link to an image that (unknown to him) resides on a site google has registered in their database as a malware site. We've pulled the post and notified google. Have no idea when they'll stop flagging us. The other is that we have links to aim.org. NSS! Aim (Accuracy in Media) is a well known conservative site. Have no idea how many, but I'm sure we've had hundreds or even thousands of links posted to...
  • Is GOOGLE trying to block postings on Free Republic?

    10/27/2015 11:24:42 PM PDT · by 4Runner · 16 replies
    Google notice | 10/28/2015 | 4Runner
    Wait! Please don't visit that site right now! Google detected badware on the site you were visiting. Firefox uses Google's blacklist to warn you about "Reported attack sites." We understand that you may know and trust this site, but it's possible for good sites to be infected with badware without the site owners' knowledge or permission. Who is StopBadware? StopBadware is a nonprofit organization that fights badware. Google and Firefox link to us to help you understand the warnings. We also help website owners prevent and clean up badware websites. Question: I visited the site and didn't see any badware...
  • Malware warning on FreeRepublic

    10/27/2015 7:53:57 PM PDT · by TheBattman · 26 replies
    10-27-2015 | Me
    Updated from the beta program OS 10.11.1 to the recently full release version. Immediately, every link to a discussion on Freerepublic returns this: MacBook Pro OS X 10.11.1 (El Capitan)
  • Regarding Google's malware database and malware warnings on FR

    10/27/2015 5:21:09 PM PDT · by Jim Robinson · 200 replies
    October 27, 2015 | Jim Robinson
    Basically, it's full of crap. Apparently, they have two issues with FR. One is that a user (a long-time user not a hacker) posted a link to an image that (unknown to him) resides on a site google has registered in their database as a malware site. We've pulled the post and notified google. Have no idea when they'll stop flagging us. The other is that we have links to aim.org. NSS. Aim is a conservative site. Have no idea how many, but I'm sure we've had hundreds or even thousands of links posted to aim.org. We're not going to...