Nail in the Coffin?
Dye told the WSJ that the company doesn’t consider AV as “a moneymaker in any way.” Not only that, Dye bemoaned that they simply can’t keep hackers out. In the interview, Dye estimated that AV only catches 45 percent of cyber attacks. Those are pretty damning numbers, and a pretty grim outlook, but other cybersecurity experts just don’t agree. Or rather, they know that saying […]
Nail in the Coffin?
When Heartbleed struck in April, it shook the Internet to its core in an almost literal sense: the vulnerability, which could allow hackers to trick servers into surrendering sensitive data, took advantage of how communications are made online. Now, there’s a new vulnerability in town claiming to be the next core-shaking Internet threat. But is it really? Let’s take a look.
Covert Redirect: A look inside
The vulnerability in question has been dubbed “Covert Redirect,” due to its stealthy tactics. Discovered by Wang Jing, a mathematics PhD student in Singapore, Covert Redirect enables hackers to trick users into surrendering personal information by posing as an authorization window (a popup window which asks for authorization to connect to a third party website or application). If the faux-authorization is successful, the hacker can redirect the user to a website loaded with malicious software. If successfully executed, it can […]
Consumers now have until June 10 to get off Windows 8.1 and on Windows 8.1 Update to keep receiving patches
May 12, 2014
For the third time in the last four weeks, Microsoft today backed away from a customer cutoff as it postponed enforcement of the Windows 8.1 Update migration deadline until June 10.
On Monday — and just a day before its May Patch Tuesday slate of security fixes — Microsoft said consumers have four more weeks to move from Windows 8.1 to Windows 8.1 Update before their devices would be barred from receiving further patches. The deadline change was the third in the past month, following an earlier Windows 8.1 Update extension for business users and a surprise update on May 1 for Windows XP after Microsoft had officially retired the aged OS.
“We’ve decided to extend the requirement for our […]
Move may end up encouraging some customers to stick with XP even longer
May 7, 2014
Microsoft’s decision to erase its support line in the sand has sowed confusion and will likely encourage bad behavior by some customers, analysts said today.
“If next month someone finds another zero-day like this one, Microsoft could just move the line again,” said John Pescatore, director of emerging security trends at the SANS Institute, a security training organization.
“In a way, this encourages bad behavior. There’s a risk that people will look at it that way,” said Michael Silver, an analyst with Gartner, referring to those who will now question Microsoft’s determination to end XP support, and thus slow or even suspend their migrations to newer editions of Windows.
The experts were talking about Microsoft’s move on May 1 to issue fixes for a critical vulnerability in Internet Explorer […]
The botnet contained almost 1,500 compromised point-of-sale and other retail systems from 36 countries, researchers from IntelCrawler said
May 23, 2014
(IDG News Service)
Security researchers uncovered a global cybercriminal operation that infected with malware almost 1,500 point-of-sale (POS) terminals, accounting systems and other retail back-office platforms from businesses in 36 countries.
The infected systems were joined together in a botnet that researchers from cybercrime intelligence firm IntelCrawler dubbed Nemanja. The researchers believe the attackers behind the operation might be from Serbia.
The size of the botnet and the worldwide distribution of infected systems brings into perspective the security problems faced by retailers from around the world, problems that were also highlighted by the recent PoS breaches at several large U.S. retailers.
Past incidents suggest an increased attention from cybercriminals toward retailers and small businesses that use PoS terminals, the IntelCrawler researchers said Thursday in a […]
No sign that hackers are exploiting the unpatched vulnerability in IE8; XP users will never see the fix
May 22, 2014
An HP bug bounty program yesterday published information about a critical vulnerability in Internet Explorer 8 (IE8) because Microsoft did not meet its patch-or-we-go-public deadline.
HP TippingPoint’s Zero Day Initiative (ZDI) revealed some details about the vulnerability Wednesday in an online advisory after its 180-day grace period had expired without Microsoft providing a patch to customers.
The bug, which was reported to ZDI by Belgium security researcher Peter Van Eeckhoutte, was handed to Microsoft on Oct. 11, 2013. At the time, ZDI had a 180-day patch policy: If the vendor did not patch the vulnerability in that time, or failed to explain why it could not, ZDI would go public with the flaw.
In the old days, one simply had to draw their blinds to avoid peeping toms from spying on their private business. Now, it seems that even with the shades drawn, one must also shutter their webcam. Earlier this week, the FBI initiated a crackdown leading to the arrest of nearly 100 users of a program called Blackshades malware. This program allows hackers to remotely access the computers of their victims, enabling them to steal files, log passwords, and even turn on microphones and webcams unnoticed. What’s more? This spying software could be purchased online for as little as $40 U.S.D.
Blackshades malware is referred to as a remote access tool (RAT), meaning it allows the hacker to gain full access to your machine as if he were sitting right in front of it. The technology behind this threat is similar to that used […]
Red Hat updated its OpenStack distro to the latest edition, and has partnered with NetApp and eNovance to advance OpenStack
May 12, 2014
(IDG News Service)
What do enterprises want to see in OpenStack? With its latest distribution of the cloud hosting software, Red Hat is betting that they want a streamlined installation process and carrier-grade reliability.
The company has also partnered with storage provider NetApp, as well as telecommunications cloud provider eNovance, to advance some core OpenStack technologies.
OpenStack “is not a science experiment any more. We’re talking real workloads that require predictable enterprise capabilities,” said Radhesh Balakrishnan, Red Hat general manager for virtualization and OpenStack.
The company has released a beta version of the next version of its OpenStack distribution, Red Hat Enterprise Linux OpenStack Platform 5.0, that includes the latest version of OpenStack, called Icehouse, which was released last […]
Car salesmen have a pretty greasy reputation. Even regular people selling their own cars show a tendency toward sketchiness. The Internet, too, is a rather seedy place. So when you go to buy, or even sell, a car online, you’re treading on some fairly shady grounds. Not to mention you’re about to spend a vast amount of money on something that – statistically speaking – is quite dangerous. So how do you wade through all this darkness and find a decent car from a trustworthy source for a reasonable price?
Well, it always helps to know a thing or two about cars, but we’ll just assume you don’t, to make things more interesting. Beyond that, it helps to know a thing or two about safe shopping online, which is where I think we can help.
As far as I […]
Did you accidentally leave the back door open? This thought can be scary because you know that leaving the back door open at home could allow someone to enter your home and take your personal belongings.
The same is true for a backdoor in the computer world. It is a vulnerability that gives an attacker unauthorized access to a system by bypassing normal security mechanisms. This threat works in the background, hiding itself from the user, and it’s very difficult to detect and remove.
Cybercriminals commonly use malware to install backdoors, giving them remote administrative access to a system. Once an attacker has access to a system through a backdoor, they can potentially modify files, steal personal information, install unwanted software, and even take control of the entire computer.
These kinds of attacks represent a serious risk to users of both computers and […]