Tag: Security

Microsoft warns of Internet Explorer Security flaw that put users at risk, exposes Windows XP

Cyber Security, Internet
BBC News: Microsoft has warned consumers that a vulnerability in its Internet Explorer browser could let hackers gain access and user rights to their computer. The flaw affects Internet Explorer (IE) versions 6 to 11 and Microsoft said it was aware of "limited, targeted attacks" to exploit it. According to NetMarket Share, the IE versions account for more than 50% of global browser market. Microsoft says it is investigating the flaw and will take "appropriate" steps. The firm, which issued a security advisory over the weekend, said the steps "may include providing a solution through our monthly security update release process, or an out-of-cycle security update, depending on customer needs". “Start Quote If the current user is logged on with administrative user rights, an attacker who

Hackers text ATMs for cash using Windows XP flaws

Business, Cyber Security
Summary: With the end of Windows XP support looming, ATMs worldwide are left vulnerable -- and cyberattackers are taking advantage of the fact. Despite early warnings, pleading and even financial lures to upgrade systems from the Windows XP operating system, many of our core services are still running on the soon to be retired system. It's not just our grandparents that stick stubbornly to Windows XP, which is due for an end-of-life and support retirement on April 8 this year. According to Symantec researchers, the banking industry is likely to be affected on this date, as 95 percent of our ATMs -- computer systems that control access to funds -- are still running on the archaic system. Microsoft has already warned users that they risk "zero day forever" scenarios if they fail to upgrad...

WhatsApp Messages May Not Actually Be Private or Secure

Cyber Security
NEW DELHI: If you use WhatsApp on an Android phone, you should be careful about what you talk about or share on the instant messaging app. Using a few scripts and a rogue app, anyone can peer into your chat logs and see what you talk about with your friends. A Dutch security consultant has found that WhatsApp chat logs saved on the SD card of an Android phone can be read by other apps because of the way Android allows sharing of data between apps. "The WhatsApp database is saved on the SD card which can be read by any Android application if the user allows it to access the SD card. And since majority of the people allows everything on their Android device, this is not much of a problem," Bas Bosschert wrote on his blog. "What do we need to steal someone's WhatsApp database? First we nee...

NSA collecting phone records of Verizon customers

The White House is defending the practice of gathering cell phone records from American citizens while neither confirming nor denying a report that the NSA is collecting records from millions of Verizon customers. The practice was first revealed by the British newspaper The Guardian on Wednesday, which obtained and published a highly classified court order that requires the production of “telephony metadata” by the telecommunications giant. The order, marked "Top Secret" and issued by the U.S. Foreign Intelligence Surveillance Court instructs Verizon to hand over data including all calling records on an "ongoing, daily basis". More
Why We Won’t Get International Cyberwarfare Standards

Why We Won’t Get International Cyberwarfare Standards

Cyber Security
ASA Risk Consultants added its voice this week to the slowly growing chorus of voices demanding a coordinated international response to cyberattacks. In a research note circulated by IDG, ASA asserts that "nations will need to come to an agreement on how cyber warfare should be handled." Nations should establish lasting peace and end world poverty, too. There's always something new for the to-do list. Don't hold your breath on any of these. Lurking in the background is a strategy issued by the White House in February on "Mitigating the Theft of U.S. Trade Secrets," which noted that "the pace of economic espionage and trade secret theft against U.S. corporations is accelerating" and announced "diplomatic engagements and meetings by senior Administration officials with governments of count...
Spammers Piggyback on Boston Marathon Attack

Spammers Piggyback on Boston Marathon Attack

Cybercriminals don't hesitate when they see an opportunity to spread malware. Not even when it means exploiting as horrific an event as the Boston Marathon bombing. There's nothing new about this, of course. From big news events like Osama Bin Laden's death, to lightweight showbiz stories -- anything about Emma Watson, for example -- cybercriminals are always on the lookout for credulous clickers. Emails containing links that genuinely send traffic to video footage of yesterday's bombing, are also geared to infect devices with a Trojan Horse. According to Sophos researchers, dangerous subject lines include: Aftermath to explosion at Boston Marathon Boston Explosion Caught on Video Video of Explosion at the Boston Marathon 2013 This is no small potatoes. The SANS Institute Internet...