|
Google, Facebook, Yahoo and industry and civil rights groups have opposed legislation that would extend the categories of Internet records that the U.S. government can collect without court approval through administrative orders known as National Security Letters.
The companies and groups have pointed out in a letter to senators that the new provisions would expand the types of records, known as Electronic Communication Transactional Records (ECTRs), which the FBI can obtain using the NSLs.
The ECTRs would include a variety of online information, such as IP addresses, routing and transmission information, session data, a person's browsing history, email metadata, location information, and the exact date and time a person signs in or out of a particular online account.
To read this article in full or to leave a comment, please click here
|
|
Attackers are abusing the Windows Background Intelligent Transfer Service (BITS) to re-infect computers with malware after the machines have been already cleaned by antivirus products.
The technique was observed in the wild last month by researchers from SecureWorks while responding to a malware incident for a customer. The antivirus software installed on a compromised computer detected and removed a malware program, but the computer was still showing signs of malicious activity at the network level.
Upon further investigation, the researchers found two rogue jobs registered in BITS, a Windows service that's used by the OS and other apps to download updates or transfer files. The two malicious jobs periodically downloaded and attempted to reinstall the deleted malware.
To read this article in full or to leave a comment, please click here
|
|
It's bad news for businesses. Hackers have launched large-scale attacks that are capable of bypassing the security protections added by Microsoft's Enhanced Mitigation Experience Toolkit (EMET), a tool whose goal is to stop software exploits.
Security researchers from FireEye have observed Silverlight and Flash Player exploits designed to evade EMET mitigations such as Data Execution Prevention (DEP), Export Address Table Access Filtering (EAF) and Export Address Table Access Filtering Plus (EAF+). The exploits have been recently added to the Angler exploit kit.
Angler is one of the most widely used attack tools used by cybercriminals to launch Web-based, 'drive-by' download attacks. It is capable of installing malware by exploiting vulnerabilities in users' browsers or browser plug-ins when they visit compromised websites or view maliciously crafted ads.
To read this article in full or to leave a comment, please click here
|
|
(Reuters) - Security software maker SentinelOne said on Monday that it has hired prominent cyber-security expert Jeremiah Grossman, who last month left WhiteHat Security which he founded 15 years ago.
|
|
The June batch of Android security patches addresses nearly two dozen vulnerabilities in system drivers for various hardware components from several chipset makers.
The largest number of critical and high severity flaws were patched in the Qualcomm video driver, sound driver, GPU driver, Wi-Fi driver, and camera driver. Some of these privilege escalation vulnerabilities could allow malicious applications to execute malicious code in the kernel leading to a permanent device compromise.
Similar high-risk flaws were fixed in the Broadcom Wi-Fi driver, NVIDIA camera driver, and MediaTek power management driver. These vulnerabilities can give regular applications access to privileges or system settings that they shouldn't have. In some cases, the flaws allow kernel code execution, but only if the attacker compromises a different service first to communicate with the vulnerable driver.
To read this article in full or to leave a comment, please click here
|
|
If there's one person you'd think would use good security to protect social media accounts, Facebook CEO Mark Zuckerberg would be a good bet. But apparently, nothing is sacred: Zuckerberg's Twitter, Pinterest and possibly Instagram accounts have all been hacked. Zuckerberg's accounts appear to have been compromised sometime on Sunday. In a series of messages posted to Zuck's Twitter and Pinterest accounts, the hacker group OurMine took responsibility, and claimed they were just trying to raise awareness. DON'T MISS: Can you spot how Facebook''s new font is different? Their claim is that Zuckerberg's password -- which was "dadada" -- was exposed by the 2012 LinkedIn password dump . That would make a lot of sense, because a) Zuckerberg hasn't used his Twitter or Pinterest accounts in years, and b) a bunch of other celebrities have also seen their Twitter accounts hacked in the last few days. By this morning, Zuckerberg appears to have regained control of his social media accounts, and OurMine's Twitter account has been frozen. I guess things work a little more easily when you're the CEO of the world's largest social network, but it's still a good cautionary tale for the rest of us, who will find it a little harder to regain control if (or when) we get hacked. https://twitter.com/Ben_Hall/status/739534393585340417 The LinkedIn password leak is the largest of its kind in recent memory, consisting of the account info of some 164 million users. The danger of the leak isn't so much exposing the details of people's LinkedIn accounts, but rather exposing username and password combos that people often reuse across many sites. Best practice is to use unique passwords on every site, but as this hack proves, even the best of us can't be bothered. You can check if your LinkedIn password has been exposed with the HaveIBeenPwned tool . If so, you might want to change your password and enable two-factor authentication on any accounts you care about.
|
|