security

HAMMERTOSS: New Russian Malware

Schneier on Security - Fri, 2015-07-31 12:12
Fireeye has a detailed report of a sophisticated piece of Russian malware: HAMMERTOSS. It uses some clever techniques to hide: The Hammertoss backdoor malware looks for a different Twitter handle each day -- automatically prompted by a list generated by the tool -- to get its instructions. If the handle it's looking for is not registered that day, it merely...
Categories: security

Back Doors Won't Solve Comey's Going Dark Problem

Schneier on Security - Fri, 2015-07-31 07:08
At the Aspen Security Forum two weeks ago, James Comey (and others) explicitly talked about the "going dark" problem, describing the specific scenario they are concerned about. Maybe others have heard the scenario before, but it was a first for me. It's centers around ISIL operatives abroad and ISIL-inspired terrorists here in the US. The FBI knows who the Americans...
Categories: security

Hackers Could Heist Semis by Exploiting This Satellite Flaw

LinuxSecurity.com - Fri, 2015-07-31 05:34
LinuxSecurity.com: Remember the opening scene of the first Fast and Furious film when bandits hijacked a truck to steal its cargo? Or consider the recent real-life theft of $4 million in gold from a truck transiting from Miami to Massachusetts. Heists like these could become easier to pull off thanks to security flaws in systems used for tracking valuable shipments and assets.
Categories: linux, news, security

Tor connection vulnerability uncloaks hidden web services

LinuxSecurity.com - Fri, 2015-07-31 05:32
LinuxSecurity.com: MIT researchers have developed digital attacks which can unmask Tor services in the Deep Web with a high degree of accuracy.
Categories: linux, news, security

Botnet takedowns: are they worth it?

LinuxSecurity.com - Fri, 2015-07-31 05:27
LinuxSecurity.com: The number of botnets has grown rapidly over the last decade. From Gameover Zeus leveraging encrypted peer-to-peer command and control servers, to Conflicker, infecting millions of computers across the world - botnets are continuing to infiltrate many internet-based services and causing mass disruption, and it's getting worse.
Categories: linux, news, security

Fedora 22 openssh-6.9p1-4.fc22

LinuxSecurity.com - Thu, 2015-07-30 23:54
LinuxSecurity.com: Handle terminal control characters in scp progressmeter (#1247204) -- Security fix
Categories: linux, news, security

Ubuntu: 2700-1: Linux kernel vulnerabilities

LinuxSecurity.com - Thu, 2015-07-30 18:18
LinuxSecurity.com: Several security issues were fixed in the kernel.
Categories: linux, news, security

Ubuntu: 2701-1: Linux kernel (Trusty HWE) vulnerabilities

LinuxSecurity.com - Thu, 2015-07-30 18:18
LinuxSecurity.com: Several security issues were fixed in the kernel.
Categories: linux, news, security

Comparing the Security Practices of Experts and Non-Experts

Schneier on Security - Thu, 2015-07-30 15:21
New paper: "'...no one can hack my mind': Comparing Expert and Non-Expert Security Practices," by Iulia Ion, Rob Reeder, and Sunny Consolvo. Abstract: The state of advice given to people today on how to stay safe online has plenty of room for improvement. Too many things are asked of them, which may be unrealistic, time consuming, or not really worth...
Categories: security

Fiat Chrysler Recall (July 27, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

Chrysler has issued a safety recall for 1.......

Categories: security

US Power Grid Vulnerable (July 24, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

According to analysis of the US power grid compiled by USA Today, the country's power grid experiences more failures than those in other developed countries.......

Categories: security

Pakistan Bans Blackberry Enterprise Server (July 27, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

Pakistan's Ministry of the Interior has issued a notice to the Pakistan Telecommunication Authority (PTA) to order telecommunications companies that serve that country to stop access to BlackBerry Enterprise Services as of December 1, 2015.......

Categories: security

Stagefright Vulnerabilities Affect Nearly All Android Devices (July 27, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

Nearly all Android smartphones contain remote code execution vulnerabilities that could be exploited simply by sending the device a maliciously crafted text message.......

Categories: security

Malware Could Breach Air-Gap (July 27, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

Researchers will present a paper at the USENIX Security Symposium next month in which they describe malware designed to infiltrate air-gapped computers.......

Categories: security

NSA to Lose Access to Section 215 Data (July 27, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

According to an announcement from the Office of the Director of National Intelligence, the National Security Agency (NSA) will start to purge data collected under its Section 215 surveillance program that expires later this year.......

Categories: security

Three Sentenced in DNS Changer Case (July 24, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

A US District judge in New York has sentenced three men to prison for their roles in a scheme that infected more then four million computers around the world with malware.......

Categories: security

NIST Draft Guidance on Mobile Devices for Healthcare Organizations (July 24, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

The US National Institute of Standards and Technology (NIST) has released draft guidance for health care providers regarding the use of mobile devices to access and transfer sensitive data.......

Categories: security

HORNET Onion Router Network Faster Than Tor (July 24, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

Researchers say they have developed a faster anonymizing onion router.......

Categories: security

Belgian Government Phishing Test Not Thought Through (July 22, 2015)

SANS NewsBites - Thu, 2015-07-30 15:16

A regional government in Belgium ran a phishing test on its employees but forgot to inform high-speed train operator Thalys that it was using the company's name in the message.......

Categories: security

Debian: 3321-1: xmltooling: Summary

LinuxSecurity.com - Thu, 2015-07-30 12:04
LinuxSecurity.com: Security Report Summary
Categories: linux, news, security

Pages