Feed aggregator

Every year as Europe wakes up from the cold winter to the warm days of spring, BlackHat traditionally descends to Amsterdam. This year’s conference is taking place on March 14-15 at the NH Grand Hotel Krasnapolsky, right Dam Square, the heart of Amsterdam. As spring doesn’t necessarily equal warm days here in Europe right now, the 500 or so BlackHat participants hit the conference rooms to attend quite a few interesting talks. Here’s a summary of the best talks at BlackHat Europe 2013.

Apple on Thursday released a large batch of security fixes for its OS X operating system, one of which patches a flaw that allowed Java Web Start applications to run even when users had Java disabled in the browser. OS X 10.8.3 fixes 21 total vulnerabilities, and also includes a new version of the malware removal tool for Apple machines.

read more

A Reuters social media editor on Thursday was charged with helping hackers break into the Tribune Co.'s network shortly after he was fired from a Sacramento television station in Fall 2010.

A U.S. Eastern District grand jury in Sacramento handed down a three-count indictment against Matthew Keys, 26, of Secaucas, N.J., for conspiracy to transmit information to damage a protected computer and transmitting or attempting to transmit that information. The combined counts carry a potential penalty of 25 years' imprisonment and $750,000 in fines.

read more

UPDATE -- One of Matthew Keys' lawyers told The Huffington Post on Friday that his client was working as an "undercover" journalist when he engaged members of Anonymous in an IRC channel offering login credentials for Tribune Co. servers.

Keys, 26, of Secaucas, N.J., was suspended with pay from Reuters news service on Thursday after the social media editor was charged with helping hackers break into the Tribune Co.'s network shortly after he was fired from a Sacramento television station in Fall 2010.

read more

It's been more than 25 years since Ron Rivest invented his RC4 stream cipher, and after all that time it's still being used widely, which is something of an achievement in the crypto world. However, for more than 15 years researchers have known about a weakness in RC4 that could enable an attacker to decrypt the keystream. Now, a cryptographer has published an attack that exploits that vulnerability and causes serious problems with TLS implementations.

read more

Attackers with a control infrastructure based in China are leveraging the same vulnerability exploited by Miniduke to attack Uyghur and Tibetan activists with new exploits.

read more

The website of the National Vulnerability Database (NVD) remains down today, six days after malware was reportedly found on its servers.

read more

Google, which has been a favorite target of privacy advocates for the last few years, has taken another step that's unlikely to endear the company to that crowd or Android users. The company has begun removing ad-blocking apps from the Google Play Android app market, apparently for violating the terms of service.

read more

On March 4th we spotted a large number of unusual emails being blocked by our Linux Mail Security product.

More rhetoric is coming out of Washington regarding the use of malware as an auxiliary weapon to bombs and bullets. National Security Agency leader Gen. Keith Alexander told a House Armed Services Committee yesterday that his new Cyber Command will be ready to retaliate should the United States critical infrastructure come under cyberattack.

read more

On Feb 12th 2013, FireEye announced the discovery of an Adobe Reader 0-day exploit which is used to drop a previously unknown, advanced piece of malware. We called this new malware "ItaDuke" because it reminded us of Duqu and because of the ancient Italian comments in the shellcode copied from Dante Alighieri's "Divine Comedy". Previously, we posted about another campaign hitting Governments and other institutions, named Miniduke, which was also using the same 'Divine Comedy' PDF exploits. In the meantime, we've come by other attacks which piggyback on the same high level exploit code, only this time the targets are different: Uyghur activists. Together with our partner at AlienVault Labs, we analyzed these new exploits.

The top credit bureaus have admitted someone accessed prominent Americans' private data by filling out bogus requests via a Web site used by millions of consumers to access free annual credit reports.

read more

Search giant Google has posted a set of new informational videos and articles to help website owners recover their sites after they’ve been hacked.

read more

Google has agreed to pay a $7 million settlement to several dozen U.S. states as part of an agreement of charges that the company was collecting private user data from WiFi hotspots while its Street View cars were driving around taking photos in various locations. 

The controversy over Google's data-gathering practices with its Street View cars has been going on for more than a year, since it was revealed that the cars were collecting information from private users' WiFi routers.

read more

A new watering hole attack has been reported, this one targeting two government-related websites based in Israel that have been injected with malware exploiting a six-month-old vulnerability in Internet Explorer.

read more

A Tennessee-based footwear and apparel company has filed a $13 million lawsuit against Visa for what it considers random, subjective penalties for being out of compliance with the Payment Card Industry (PCI) standard the credit card company regulates.

read more

Many versions of SWFUpload – an applet that combines Flash and JavaScript that’s used in millions of websites, including WordPress sites– are vulnerable to content spoofing and a cross-site scripting vulnerability that could lead to the takeover of accounts, according to reports this week.

read more

Adobe on Tuesday fixed four critical vulnerabilities in its Flash software, all of which could be used by attackers to execute code on vulnerable machines. 

read more

For the second month in a row, Microsoft has released a cumulative update for Internet Explorer, patching a number of critical remote code execution vulnerabilities in the browser, including one previously disclosed. It also patched a serious kernel mode driver vulnerability that could enable attackers to gain root access to a machine using a malicious USB drive, a la Stuxnet.

read more