"Off-path" attack means hackers can be anywhere with no man-in-the-middle needed.
Computer scientists have discovered a serious Internet vulnerability that allows attackers to terminate connections between virtually any two parties and, if the connections aren't encrypted, inject malicious code or content into the parties' communications.
The vulnerability resides in the design and implementation of RFC 5961, a relatively new Internet standard that's intended to prevent certain classes of hacking attacks. In fact, the protocol is designed in a way that it can easily open Internet users to so-called blind off-path attacks, in which hackers anywhere on the Internet can detect when any two parties are communicating over an active transmission control protocol connection. Attackers can go on to exploit the flaw to shut down the connection, inject malicious code or content into unencrypted data streams, and possibly degrade privacy guarantees provided by the Tor anonymity network. continued…
first published week of: 08/15/2016
There were 19 distributed denial-of-service (DDoS) attacks that exceeded 100 Gbps during the first three months of the year, almost four times more than in the previous quarter.
In the past, very few attacks generated with booter/stresser tools exceeded the 100 Gbps mark Akami researchers
Even more concerning is that these mega attacks, which few companies can withstand on their own, were launched using so-called booter or stresser botnets that are common and cheap to rent. This means that more criminals can now afford to launch such crippling attacks.
"In the past, very few attacks generated with booter/stresser tools exceeded the 100 Gbps mark," researchers from Akamai said in the company's State of the Internet security report for the first quarter of 2016 that was released Tuesday.
By comparison, only five DDoS attacks over 100 Gbps were recorded during the fourth quarter of 2015 and eight in the third quarter. Nineteen such attacks in a single quarter is a new high, with the previous record, 17, set in the third quarter of 2014.
But high bandwidth is not the only aspect of DDoS attacks that can cause problems for defenders. Even lower-bandwidth attacks can be dangerous if they have a high packet rate. continued…
first published week of: 08/08/2016
John McAfee warned the cryptocurrency industry must “take security” seriously or potentially face a “nightmare” scenario. “Cryptocurrencies are here to stay. They will not go away,” the cyber-security expert said during a talk at the Blockchain: Money event in London this week. “It is Pandora’s box for good, or ill, you will not shut this back in the box.”
McAfee called out the industry for not doing enough with regards to security, and the potential consequences if this continues. “I see that it will become, if not Bitcoin, it will be some alt-currency, that will become the standard for the world. In its current state, we will have chaos, absolute chaos.”
“Not because we don't understand it, or we cannot understand the math, or it's not adopted properly. No, because there is no security whatsoever.” continued…
first published week of: 11/14/2016
The number of start-up companies in the U.S. medical technology industry has dropped nearly 70 percent over the last three decades amid regulatory challenges and competition for young talent.
The number of new medical technology and device-making startups plummeted to about 600 in 2012 from nearly 1,500 annually three decades ago, according to a new report from medical device industry lobby Advanced Medical Technology Association (AdvaMed), which represents hundreds of companies including Abbott Laboratories, Johnson & Johnson, Stryker and Medtronic.
“These trends are particularly troubling,” Nadim Yared, chief executive at CVRx, an implantable medical device maker, said at the industry’s annual meeting this week in Minneapolis. continued…
first published week of: 10/24/2016
Microsoft will be ending its TechRewards learning program for developers and IT pros.
The TechRewards program formally will end on Jan. 6, 2017. However, it's essentially defunct right now. As of Oct. 6, 2016, it's no longer possible to earn points under the program. Participants with accumulated points will be able to redeem them until the end date of the TechRewards program.
Microsoft has published a TechRewards Closure FAQ, which describes all of those details.
The TechRewards program rewarded participants with "badges" and experience points for completing certain learning tasks. The experience points bumped up the participant's status on leader boards and they also could be redeemed for gift certificates or even sessions with Microsoft experts.
No reason was given for the program's closure. Microsoft instead directed developers and IT pros to just use the following learning resources: continued…
first published week of: 10/17/2016
With only a small amount of work, ExtraBacon will commandeer new versions of ASA.
Recently released code that exploits Cisco System firewalls and has been linked to the National Security Agency can work against a much larger number of models than many security experts previously thought.
An exploit dubbed ExtraBacon contains code that prevents it from working on newer versions of Cisco Adaptive Security Appliance (ASA), a line of firewalls that's widely used by corporations, government agencies, and other large organizations. When the exploit encounters 8.4(5) or newer versions of ASA, it returns an error message that prevents it from working. Now researchers say that with a nominal amount of work, they were able to modify ExtraBacon to make it work on a much newer version. While Cisco has said all versions of ASA are affected by the underlying vulnerability in the Simple Network Messaging Protocol, the finding means that ExtraBacon poses a bigger threat than many security experts may have believed. continued…
first published week of: 08/29/2016
A new ransomware program in Brazil uses RDP brute-force attacks to infect hospitals
Stolen or weak remote desktop credentials are routinely used to infect point-of-sale systems with malware, but recently they’ve also become a common distribution method for file-encrypting ransomware.
In March, researchers discovered a ransomware program dubbed Surprise that was being installed through stolen credentials for TeamViewer, a popular remote administration tool. But the trend had started long before that, with some ransomware variants being distributed through brute-force password guessing attacks against Remote Desktop Protocol (RDP) servers since 2015. continued…
first published week of: 10/03/2016
Credit: wikimedia
A new iPhone and Watch are almost certain this fall, but how about a Mac with Touch ID?
For Apple fans, August usually represents the summer doldrums, the dead time between June's annual Worldwide Developer's Conference (WWDC) and September - when Apple rolls out new iPhones, operating systems and other bits of hardware ahead of the holiday shopping season.
We know iOS 10 and macOS Sierra are on the way. But what else will be announced? No one outside Apple knows for sure. But there are plenty of hints, rumors, and educated guesses regarding Apple's fall plans. Let's read the mystical tea leaves and see what's likely on the way. continued…
first published week of: 08/08/2016
When Salesforce purchased Quip last summer for $750 million, it seemed on its face to be an unusual acquisition for the cloud CRM company. Salesforce tends to go hard for more vertical targets like Demandware, which it purchased for 2.8 billion last June.
In fact, at a press conference this week at Dreamforce, Salesforce president, vice chairman and COO — yes, he has all those titles — said when asked about the company’s acquisition strategy, “We go very hard into vertical markets.” He then used the Demandware purchase as a prime example of this approach.
Quip is the opposite. It’s a productivity app, designed to be mobile first, and which builds in collaboration and communication right at the document level. Quip founder and CEO Bret Taylor said they really wanted to put the communication component front and center when they were first designing the app. continued…
first published week of: 10/10/2016
A major security issue could leave your phone open to attack
Popular remote management utility AirDroid has attracted tens of millions of users with the lure of sharing the messages and files on their phones with their PCs, but you might want to think twice about firing it up today. Mobile security firm Zimperium has published a report detailing several major vulnerabilities that threaten to hijack your device.
The security issue—which still exists in the latest 4.0.1 release, according to Zimperium—is related to “insecure communication channels” that “send the same data used to authenticate the device to their statistics server.” That means someone on the same network could use a simple man-in-the-middle attack to intercept the user’s email address and password associated with AirDroid. Furthermore, the hacker could then download malicious updates to the app that in turn give them full control over the device.
Zimperium notes that they contacted Sand Studio about the vulnerability back in May and has been in communication with the company through last month’s release of version 4.0. However, the firm warns that the vulnerability has not been patched and advises users to uninstall AirDroid until a fix is available. continued…
first published week of: 12/05/2016