It was just last week that we wrote about research from the security firm Triumfant that found evidence for the growing use of ephemeral “diskless” malware. That point was driven home over the weekend, with a report from the firm Fireeye that found a new Internet Explorer zero day vulnerability was being used in conjunction with a disk-less variant of the Hydraq (aka “McRAT”) Trojan horse program. Fireeye first called attention to the existence of attacks exploiting new, “zero day” (or previously unknown) vulnerabilities in the Internet Explorer web browser on Friday. The company discovered the malicious activity on the web site of a “strategically important website” that was being used as a “watering hole” to attack visitors who were “interested in national and international security policy.” The company described two IE vulnerabilities: an information leakage hole and an IE out-of-bounds memory access vulnerability. The information leak affects Windows XP […]
Software
Week In Security: NSA Spies on Yahoo & Google, Adobe Hack and Healthcare.gov
There’s nothing like a Sunday morning for looking back over the week’s events and trying to make sense of at all – or at least what sense there is to be had. This Sunday was no different – especially after a week that saw continued revelations stemming from Edward Snowden’s leak of classified intelligence on NSA spying, the massive hack of software maker Adobe. Then there was the botched rollout of the federal Healthcare.gov marketplace – which morphed into an even bigger, uglier problem as the week progressed. To help me sort it all out, I called on Nick Selby, the CEO of StreetCred Software and an authority on cyber security, law enforcement, government procurement, Russia, Germany, aviation, travel journalism and all manner of other topics. I love talking to Nick because his wealth of life and professional experience make him predictably unpredictable when it comes to interpreting current events. […]
BlueTooth on Your Defibrillator? The Case Against Wi-Fi
As more and more devices become networked, the use cases for wireless communications protocols like Bluetooth and NFC (Near Field Communications) multiply. Hardly a week goes by where some company figures out a way to pair wireless communications with some inanimate object or another. (Bluetooth bike locks, anyone?) But what happens when those wireless devices run critical infrastructure or life-saving technology like implanted medical devices? We learned earlier this week that no less than Dick Cheney was concerned enough about wireless attacks on his implanted defibrillator that he had the wireless management features of the device disabled, for fear they could be used in an assassination attempt. Security experts, like Dr. Kevin Fu at The University of Michigan, doubtful that such an attack was realistic, also refused to rule it out entirely. Given the many, proven tools and strategies for hacking wireless communications like Bluetooth, you might think that foregoing well […]
Is A Nest Botnet In Our Future? A Conversation With IoT Researcher Daniel Buentello
Daniel Buentello is one of the top security researchers out there looking into the security of common, consumer products that are part of the growing “Internet of Things.” Most recently, Buentello has been making the rounds of security cons with a presentation he calls “Weaponizing Your Coffee Pot.” The talk, which Bountello presented at the recent DerbyCon hacker conference in Kentucky and at ToorCon in Seattle in July. That talk was something of a call to arms for security folk to start poking around the growing list of IP-enabled consumer products. Buentello notes that most – including products from large firms like Belkin are insecure by design and in deployment. As we noted when we wrote about Buentello presentation early in October, the interesting stuff here is Daniel’s methodology for reverse engineering the software that runs these commercial developments, which offers something of a blueprint for others to follow. More recently, Buentello turned his gaze to […]
Report: Adobe Data Breach Ten Times Bigger Than First Reported
The huge security breach at software maker Adobe is even bigger than first reported, with more than 150 million credentials stolen, including records on up to 38 million active customers, according to a report by Brian Krebs at the web site Krebsonsecurity.com. Krebs said in a story posted Tuesday that Adobe’s initial estimates that user names and passwords for around three million customers was well short of the actual number taken by hackers who breached the company’s network. Citing a file posted by the website Anonnews.org, Krebs said the actual number of affected Adobe accounts stolen is much larger: 150 million username and hashed password pairs including credentials for 38 million “active” accounts, according to Adobe spokesperson Heather Edell. Edell told Krebs that Adobe has just completed a campaign to contact active users whose user IDs and encrypted passwords were stolen (including this author). Those customers are being encouraged to change […]
