Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

Search the Community

Showing results for tags 'devices'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Found 47 results

  1. Check Point researchers revealed a new attack vector threatening millions of users of popular media players, including VLC, Kodi (XBMC), Popcorn Time and Stremio. By crafting malicious subtitle files for films and TV programmes, which are then downloaded by viewers, attackers can potentially take complete control of any device running the vulnerable platforms. “The supply chain for subtitles is complex, with over 25 different subtitle formats in use, all with unique features and capabilities. This fragmented ecosystem, along with limited security, means there are multiple vulnerabilities that could be exploited, making it a hugely attractive target for attackers,” said Omri Herscovici, vulnerability research team leader at Check Point. Here’s a video of the attack: Hacked in Translation Demo The subtitles for films or TV shows are created by a wide range of subtitle writers, and uploaded to shared online repositories, such as OpenSubtitles.org, where they are indexed and ranked. Researchers also demonstrated that by manipulating the repositories’ ranking algorithm, malicious subtitles can be automatically downloaded by the media player, allowing a hacker to take complete control over the entire subtitle supply chain without user interaction. How many users are affected? VLC has over 170 million downloads of its latest version, released June 5, 2016. Kodi (XBMC) has reached over 10 million unique users per day, and nearly 40 million unique users per month. No current estimates exist for Popcorn Time usage, but it is estimated to be tens of millions. Check Point has reason to believe similar vulnerabilities exist in other streaming media players. What can you do? Since the vulnerabilities were disclosed, all four companies have fixed the reported issues. Stremio and VLC have also released new software versions incorporating this fix. “To protect themselves and minimize the risk of possible attacks, users should ensure they update their streaming players to the latest versions,” concluded Herscovici. Article source
  2. Internet of Things (IoT) aims at integrating digital devices more with the physical world for the betterment of humans. However, as the technology gets increasingly pervasive, we should bear in mind few concerns. For instance, is the technology failsafe for use or can it be weaponized? These were the questions set to dominate cyber-security conference in the Netherlands where Reuben Paul, sixth-grader genius from Austin, Texas stunned the audience. The boy suggested that things in our daily lives like IoT home appliances, cars, refrigerators or everything that can be connected to Internet-connected can be weaponized or used to spy on us or harm us. Reuben demonstrated this by plugging into his laptop a device known as a “Raspberry Pi“. It is a low-cost computer. He then proceeded to scan the hall for Bluetooth devices and downloaded dozens of numbers. Next, using the Python language, he successfully managed to hack into his bear via one of the numbers and turned on Bob’s (his teddy bear’s) lights and recorded audio. With this, he underscored something important – Internet of Things devices could easily be hacked. As such, our private information such as passwords can be stolen or the same can be used as a remote surveillance system to spy on someone. Reuben’s father revealed that the boy showcased his early IT skills at the age of 6. A new interconnection of technology which was once heralded as the next industrial revolution thus has become the first apprehension of early adopters of the technology. The message out is loud and clear – manufacturers, security researchers, and the government have to work together! Article source
  3. Karma has long been a staple man-in-the-middle attack used in authorised wireless security assessments and unsanctioned ones, but as many modern operating systems now provide effective countermeasures, other approaches for tricking wireless clients into automatically associating with a rogue access point are wanted. Enter Lure10 – a new attack that, by taking advantage of Wi-Fi Sense, tricks wireless devices running Windows into doing exactly that. What is Wi-Fi Sense? Wi-Fi Sense, enabled by default on Windows 10 and Windows Phone 8.1, is a feature that automatically connects users to crowdsourced open wireless networks it knows about. Based on information previously collected by devices that connected to one or another of these open networks, Microsoft evaluates whether they provide a good-quality connection and, if they do, adds it to the list of hotspots that will be suggested by Wi-Fi Sense. Wi-Fi Sense will pick one when the user is in range, automatically accept its terms of use, and the user will seamlessly be connected to it. The Lure10 technique The success of the attack, which was presented by security engineer George Chatzisofroniou at this year’s Hack in the Box conference in Amsterdam, relies on: The victim’s device being fooled into believing it is within the geographical area of a Wi-Fi Sense-tagged open wireless network The attacker successfully disrupting the victim device’s existing Wi-Fi connection (by spoofing DEAUTH frames), and The attacker successfully mimicking the Wi-Fi Sense network in question (broadcasting a network with the same ESSID – extended service set identifier – is enough to do that). That last prerequisite can be achieved by finding a Wi-Fi Sense network that exists in an area relatively close to the victim (e.g. in their home city), and collecting its ESSID (e.g. “AIRPORT_FREE”). At the same time, through, the attacker also needs to collect the BSSIDs (the MAC addresses of the access points) of the other wireless networks in the same area, as this information is used by Windows Location Service to determine the location of a device. By broadcasting beacon frames with these BSSIDs, the attacker fools WLS into thinking the device is in the area of the impersonated network (first prerequisite of the attack). Once the attacker goes through the two steps, the fact that the rogue access point is sending out beacon frames with the ESSID of the Wi-Fi Sense network it mimics is enough for the victim device to connect to it automatically – IF the victim device has no shared WLANs in its Preferred Networks List and Available Networks List. But even that last condition can be achieved (see Chatzisofroniou’s presentation slides for more details). How to protect yourself? The Lure10 attack technique has been added to the latest version of the open source Wifiphisher rogue Access Point tool, of which Chatzisofroniou is the lead developer. The engineer says that Microsoft has been informed about this issue and has acknowledged its impact, but has not taken steps to mitigate it, as they consider it an “accepted risk.” Users can protect themselves against this attack by simply disabling Wi-Fi Sense on their device. Article source
  4. Backup, Backup, Backup! (In the voice of Steve Ballmer yelling Developers, Developers, Developers!) In the next two to three weeks Microsoft will be making the third major feature update for Windows 10, the Creators Update, generally available to users on the Windows 10 Anniversary Update. Once it is released, this update will roll out in a very controlled manner to make sure delivery systems are not overwhelmed or that there aren't any unexpected issues cropping up. All of this will be monitored by the Windows Team and Microsoft engineers who have the ability to regulate the updates push out to Windows 10 systems around the world. As an end user your choices are pretty straight forward when it comes to getting the Windows 10 Creators Update. Option 1 - Wait Since it is a staggered release that means more machines will be added to receive the official update over time. Microsoft usually begins a roll out like this to their known users such as the Windows Insiders who have already been testing the update over the last several months. Then they add likely compatible hardware users such as those on Surface devices and other OEM machines that have full Windows 10 compatibility. If you want to just wait until your device gets the update then sit tight because it will eventually get targeted towards your machine. However, if you are inpatient and want the updates from the first day then this is not going to work very well for you. That means Option 2 is going to be your solution. Option 2 - Force the Update When Microsoft makes a new feature update available they also upgrade their Media Creation Tool (MCT) on the Windows 10 Download Page so that it can be used to install the latest upgrade. The MCT should provide a couple of options for getting and installing the Creators Update. 1. Create installation media on a USB or DVD that can be used to boot your Windows 10 system and perform a clean install. This option means all of your data, apps and other desktop software will be wiped from the device. 2. Perform an in place upgrade to the Creators Update using the MCT to create the install media necessary to upgrade the system. This method gives you an option to keep or remove your files, settings, and apps. 3. Use the MCT to download an ISO file that can be used on the current or other devices to upgrade/clean install other devices. Eligibility If you are running the Windows 10 Anniversary Update, which was released last August, then you will get the Creators Update for free. If you are still running Windows 7 or 8.1 then you will have to purchase Windows 10 to be eligible for the upgrade. It is still being reported that some product keys for consumer versions of Windows 7/8.1 will work when upgrading to Windows 10 and not require a new license but that is not a guarantee since Microsoft officially ended the free upgrade program for those versions of Windows back on 29 July 2016. Your First and Key Step - Backup! This is good advice on any day of the week however, when you are about to undertake a major operating system upgrade it is even more important. Let me start by saying I have been a Windows Insider since the program began in October 2014. Since then I have done countless build to build upgrades as I tested for Threshold 1 (original Windows 10 release), November Update (Threshold 2), Anniversary Update (Redstone 1), and now the Creators Update (Redstone 2). I have also upgraded numerous systems for each major feature update during this same time frame. In the midst of all those upgrades I have never experienced a catastrophic failure that resulted in the loss of data. Even on the few occasions that an upgrade has failed, it always rolled back to my previous working install without the loss of data. In other words - I have a lot of faith in this version to version upgrade process that Microsoft has developed for Windows 10. However, that does not mean I did not have my critical data backed up and safe - just in case. It is never a bad thing to have working backups of that important information. As I shared a couple of weeks ago, OneDrive is my backup/sync plan for the data on my devices. So if for some reason a device was to experience a major issue and not be recoverable during an upgrade my data would still be in the cloud waiting to be synched back on that device once it was back up and running. For some of you, backing up your data could be accomplished by grabbing an external hard drive or flash drive and copying your documents folder over for safe keeping. The key here is to obviously have a device capable of holding all of your data. Of course, there are also many cloud backup providers that can back up just your documents or an entire image of your device that has your data, apps, and software protected. Restoring those using their software is simple once you have your device back up and online. Ultimately, it does not matter what method you use to protect your data. It is just critical that you have some backup method in place and prove that it works. There is only one type of backup - one that works and can be restored - because a non-working backup isn't really a backup. It is then that you are ready to upgrade your system to the Windows 10 Creators Update. So will you wait or force the Windows 10 Creators Update? By Richard Hay http://winsupersite.com/windows-10/getting-your-devices-ready-windows-10-creators-update
  5. Researchers have developed new technology that can prevent stolen phones and laptops from getting into the wrong hands -- by destroying them. This new self-destruct mechanism built by researchers at the King Abdullah University of Science and Technology (KAUST) in Saudi Arabia would provide an extra layer of defense against thieves who resell the devices or access the device's sensitive data. The technology works quickly, and it can be installed on most modern devices, say the researchers. "The first customers would be the ones who need data protection: intelligence communities, corporations, banks, hedge funds, social security administrations, collectors who handle massive data," says Muhammad Mustafa Hussain, an electrical engineer who helped to develop the technology, speaking to IEEE Spectrum. Here's how it works: The self-destruct mechanism consists of an expandable polymer, which crumples the device's chips within a few seconds. When the mechanism is remotely triggered, heater electrodes that draw power from the device's battery activates the polymer, which rapidly expands to seven-times its original size when heated to 80°C (176°F). According to the researchers, the expanding polymer can destroy a silicon chip up to 90 micrometers thick, or just less than 0.1mm. The researchers say that a number of different triggers are possible, such as a GPS switch that could activate the self-destruct mechanism if a device is taken outside of a building, for example. Another example would be a password-enabled app that could also remotely activate the trigger, the researchers say. And because the technology can be retrofitted to existing laptops and desktops, that cuts down the manufacturing costs. Each self-destruct mechanism could cost as little as $15, says Hussain. More details of the research are slated to be published in an upcoming issue of the "Advanced Materials Technologies" journal. Source
  6. Lineage OS Announces A Bunch Of Newly Supported Devices For Its Preview Builds Last month, Cyanogen announced that it was shutting down its offices, leaving the future of CyanogenMod in question. However, from the company's digital ashes rose a new project called Lineage OS. The developer team behind the operating system announced that it would support more than 80 devices. However, at launch, it only supported a handful of devices. Now, the company has updated its roster of supported devices, adding a number of older handsets to the list. Previously, the developer team had only included the LG Nexus 5X, Huawei Nexus 6P, Motorola Moto G4 / G4 Plus, Nextbit Robin and Xiaomi Redmi 1S. The company has now updated its list of supported devices to include: Asus Nexus 7 2013 (4G / Wi-Fi) LG Nexus 5 Huawei Honor 5X LG G4 (T-Mobile / International) LG G3 S LG G3 Beat Motorola Moto X Pure (2015) Motorola Moto E Motorola Moto G Motorola Moto G4 Play OnePlus One Oppo Find 7a Oppo Find 7s Samsung Samsung Galaxy S III (AT&T / Sprint / T-Mobile / Verizon / International) Samsung Galaxy S II (International) Sony Xperia SP Xiaomi Mi 3w and Mi 4 Xiaomi Mi 5 Xiaomi Mi Max Xiaomi Redmi 3/Prime Xiaomi Redmi Note 3 As can be seen, the list of devices has increased drastically. That said, the developer team has not announced how many installs its operating system has garnered. Previously, the company had announced that experimental builds of Lineage OS had been downloaded more than 50,000 times. This figure is bound to change with more devices being supported everyday. You can download the latest nightly and experimental builds on supported handsets by heading over to the download page here. Source
  7. bluetooth

    Bluetooth 5 Is Here While Bluetooth technology is not perfect, it has greatly impacted the technology industry. Look no further than headphones and speakers to see that it has made wireless music possible. It is also the technology that links smartphones to smartwatches. Those are just two such examples -- there are countless more. Today, the Bluetooth Special Interest Group announces the official adoption of the previously-announced Bluetooth 5. In other words, it is officially the next major version of the technology, which will eventually be found in many consumer devices. "Key feature updates include four times range, two times speed, and eight times broadcast message capacity. Longer range powers whole home and building coverage, for more robust and reliable connections. Higher speed enables more responsive, high-performance devices. Increased broadcast message size increases the data sent for improved and more context relevant solutions. Bluetooth 5 also includes updates that help reduce potential interference with other wireless technologies to ensure Bluetooth devices can coexist within the increasingly complex global IoT environment. Bluetooth 5 delivers all of this while maintaining its low-energy functionality and flexibility for developers to meet the needs of their device or application", says the Bluetooth Special Interest Group. Mark Powell, executive director of the Bluetooth SIG explains, "Bluetooth is revolutionizing how people experience the IoT. Bluetooth 5 continues to drive this revolution by delivering reliable IoT connections and mobilizing the adoption of beacons, which in turn will decrease connection barriers and enable a seamless IoT experience. This means whole-home and building coverage, as well as new use cases for outdoor, industrial, and commercial applications will be a reality. With the launch of Bluetooth 5, we continue to evolve to meet the needs of IoT developers and consumers while staying true to what Bluetooth is at its core: the global wireless standard for simple, secure, connectivity". So, will you start to see Bluetooth 5 devices and dongles with faster speeds and longer range in stores tomorrow? Nope -- sorry, folks. Consumers will have to wait until 2017. The Bluetooth SIG says devices should become available between February and June next year. Source Alternate Source - Bluetooth 5.0 Officially Introduced with Longer Range, Faster Speed
  8. American Associates, Ben-Gurion University of the Negev BEER-SHEVA, Israel, Nov. 22, 2016 - Researchers at Ben-Gurion University of the Negev (BGU) have demonstrated malware that can turn computers into perpetual eavesdropping devices, even without a microphone. In the new paper, "SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit," the researchers explain and demonstrate how most PCs and laptops today are susceptible to this type of attack. Using SPEAKE(a)R, malware that can covertly transform headphones into a pair of microphones, they show how commonly used technology can be exploited. "The fact that headphones, earphones and speakers are physically built like microphones and that an audio port's role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers," says Prof. Yuval Elovici, director of the BGU Cyber Security Research Center (CSRC) and member of BGU's Department of Information Systems Engineering. "This is the reason people like Facebook Chairman and Chief Executive Officer Mark Zuckerberg tape up their mic and webcam," says Mordechai Guri, lead researcher and head of Research and Development at the CSRC. "You might tape the mic, but would be unlikely to tape the headphones or speakers." A typical computer chassis contains a number of audio jacks, either in the front panel, rear panel or both. Each jack is used either for input (line-in), or for output (line-out). The audio chipsets in modern motherboards and sound cards include an option for changing the function of an audio port with software -a type of audio port programming referred to as jack retasking or jack remapping. Malware can stealthily reconfigure the headphone jack from a line-out jack to a microphone jack, making the connected headphones function as a pair of recording microphones and turning the computer into an eavesdropping device. This works even when the computer doesn't have a connected microphone, as demonstrated in the SPEAKE(a)R video. The BGU researchers studied several attack scenarios to evaluate the signal quality of simple off-the-shelf headphones. "We demonstrated is possible to acquire intelligible audio through earphones up to several meters away," said Dr. Yosef Solewicz, an acoustic researcher at the BGU CSRC. Potential software countermeasures include completely disabling audio hardware, using an HD audio driver to alert users when microphones are being accessed, and developing and enforcing a strict rejacking policy within the industry. Anti-malware and intrusion detection systems could also be developed to monitor and detect unauthorized speaker-to-mic retasking operations and block them. Article source
  9. Hacked cameras, DVRs and other devices in the internet of things are making headlines. But improvements are possible, say cybersecurity experts. The internet of things isn't secure. That much was clear when a panel of four cybersecurity experts began their talk on Thursday at the Techonomy conference in Half Moon Bay, California. "The internet of things is something that cannot be fully secured," said Betsy Cooper, the executive director of the UC Berkeley Center for Long-Term Cybersecurity. "We just have to assume that there is a risk." That risk became a real threat last month, when hacked cameras and DVRS began overwhelming popular websites with requests and knocking them offline, causing internet outages across the US. In light of that and other recent attacks, "We should absolutely be working to get that risk as low as possible," Cooper said. Experts have lots of ideas for making things better, from creating security standards for internet-connected devices to raising awareness of the risk among the public. Cooper was joined by Verizon executive Mark Bartolomeo; Nicole Eagan, CEO of cybersecurity firm Darktrace; and Chris Rill, an executive at IoT security company Canary. "It's a problem we'll probably never stop working on," Bartolomeo said. One solution that's already in the works is a security rating for internet-connected devices. Companies like ICSA Labs and Underwriter Laboratories (better known as UL) are testing and developing standards for devices. So is the National Institute for Standards and Technology, which is part of the US Department of Commerce. These efforts could lead to a consumer rating system akin to the crash test rating for a car or an energy rating for a refrigerator. All this testing could help a problem that is difficult for companies to avoid, Eagan said. Companies that sell IoT devices often have them manufactured by a string of third parties outside the US. That means companies can't be totally sure the device they designed is secure. "An attack can be embedded in the device before it arrives," Eagan said. Despite the testing efforts, Rill said the problems built into today's IoT devices won't be fixed for another two to three years. "It's going to get worse before it gets better," Rill said. "I would say ask a lot of questions before you buy these products." Article source
  10. As an additional security layer, you can use this guide to enable write protection on Windows 10 to prevent users from copying data to a USB drive. Windows 10 is the most secure version of Windows yet, but even though Microsoft has spent countless hours building new features to make computers more secure, someone can still just walk in, insert a USB drive, and walk away with sensitive data. Of course, you can always protect your computer with a password, or set up a very strong PIN, but it's possible for someone with physical access to your machine get a hold to your sensitive data. Fortunately, Windows 10 includes a write protection feature, which is hidden for some mysterious reason, and it allows you prevent any users from inserting a USB drive and downloading any data from your computer. In this Windows 10 guide, we'll walk you through the steps to edit the registry and enable the write protection feature in the operating system to block users from saving data to a USB drive. How to enable USB write protection Important: This is a friendly reminder to let you know that editing the registry is risky, and it can cause irreversible damage to your installation if you don't do it correctly. It's recommended to make a full backup of your PC before proceeding. 1. Use the Windows key + R keyboard shortcut to open the Run command. 2. Type regedit, and click OK to open the registry. 3. Browse the following path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control 4. Right-click the Control (folder) key, select New, and click on Key. 5. Name the new key StorageDevicePolicies and press Enter. 6. Select the newly created key, and right-click on the right side, select New, and click on DWORD (32-bit) Value. 7. Name the new DWORD WriteProtect and press Enter. 8. Double-click the newly created DWORD and change its value from 0 to 1. 9. Click OK. 10. Close the Registry to complete the task. Once you completed the steps, anyone who connects a USB drive to your computer will be denied copy privileges, and they'll get a "This disk is write-protected" message. As a result, no one will be able to edit, delete, create, or rename files in the external storage. At any time you can revert the changes by following the steps mentioned above, but on step 8, make sure to change the DWORD value from 1 to 0. Wrapping things up While you can enable the write protection feature on your computer to protect your data from falling on to the wrong hands, there a number of other scenarios where something like this will be useful. For example, this feature can add an extra layer of security when implementing a kiosk machine, or when you work with sensitive data on your business, just to name a few. Although we're focusing this guide on Windows 10, it's worth pointing out that the same concept should work on previous versions of the operating system, including Windows 8.1 and Windows 7. Article source
  11. To analyze the current state of device security, Duo Security analyzed more than two million devices, 63 percent of which were running Microsoft operating systems. Seriously outdated Windows versions Researchers found that 65 percent of all Windows devices are running Windows 7, affected by approximately 600 security vulnerabilities. To make things even more dangerous, tens of thousand of devices are still running Windows XP 15 years after its release. This represents more than 700 vulnerabilities, 200 of which are rated as high-to-critical. “There are numerous reasons why companies continue to stick with older operating systems like Windows 7,” said Ajay Arora, CEO of Vera. “Reasons can range from the cost it takes to update every computer, or the software they are currently using might not translate to newer operating system and environments.” “If companies chose to continue to use Windows 7 and operating systems that lack features such as, no default disk encryption to protect data on lost devices and no file-level encryption to protect data as it leaves the corporate network, they need to consider using security software that do. It comes down to, spending the money to address the underlying issue of using an operating system with weaker security, spending money to update the operating systems, or spending the money to secure the thing you are trying to protect in the first place; the data itself,” concluded Arora. Microsoft browsers Twenty percent of devices running Internet Explorer are running unsupported versions 8, 9 and 10. IE versions 8 through 10 have reached end-of-life status without the ability to receive security patches, leaving them susceptible to old exploits. Of all devices running Microsoft browsers, only 3% are using the latest, Edge. Additional findings Nearly 62 percent of devices running IE have an old version of Flash installed potentially making them susceptible to compromise by an exploit kit containing code for Flash vulnerabilities. Ninety-eight percent of devices running IE have Java installed. Businesses have legacy and custom applications that rely on Java. Java remains a top target of attackers. Forty-two percent of all devices analyzed used Microsoft services, including Remote Desktop Protocol, Outlook Web Access, and Remote Desktop Gateway. “Malicious actors rely on out-dated and up-patched software, including operating systems, so they can automate malware distribution because they can save time and money – thereby increasing their profits,” said Stephen Singam, Managing Director, Security Research at Distil Networks, told Help Net Security. “Reports like this are alarming because there is clearly a dangerously high number of devices that are worth targeting. The likelihood of one of these devices being compromised and subsequently added to a botnet are high and the likelihood of the owner of the device knowing their device has been compromised is low,” Singam added. Protection tips To protect against the vulnerabilities discussed here, Duo recommends: Switch to modern browser platforms that are more secure such as Edge or those that update more frequently and automatically Run regular security updates as well as emergency patches Use device encryption, passwords and fingerprint ID Implement a two-factor authentication solution to protect systems and data Enable automatic updates for as much software as possible to make it easier for your users Disable Java and prevent Flash from running automatically on corporate devices, and enforce this on user-owned devices through endpoint access policies and controls. Article source
  12. The Windows Upgrade Analytics Service analyzes app compatibility and helps to automate deployment IT administrators trying to figure out how to move their organizations to Windows 10 have a new tool that might change the game. This week, Microsoft released the Windows Upgrade Analytics Service, designed to make it easier to decide whether you can carry out a massive upgrade. WUAS gives administrators a sense of what drivers and applications are running in their environment, as well as how many devices are running Windows 10. Using Microsoft telemetry data, it decides whether those devices and the software running on them will be compatible with Windows 10 and suggest fixes for compatibility problems. The upgrade service helps address a key concern that IT professionals have about a major OS upgrade: Will the new OS break the applications and devices that end users rely on? By introducing this tool, Microsoft may accelerate adoption of Windows 10. The service is essentially a more advanced version of the Application Compatibility Toolkit that Microsoft made available for IT shops deploying Windows 7, Gartner Research Vice President Steve Kleynhans said in an interview. “It’s always good to know what kind of blockers you’re going to run into, what kind of problems you might hit, so IT shops are constantly looking for these kinds of tools and making use of them,” Kleynhans said. WUAS can also be used to help execute rollouts of Windows 10, whether in a small pilot project or a full production-level launch. The service will export a list of devices to a suite of software deployment tools, which administrators can use to deploy an upgrade. In the future, Kleynhans hopes the service can become a part of the process for organizations evaluating the impact of Windows 10 patches. “I think it’ll be interesting to see how this plays out with the ongoing updates going forward. Because that’s really the bigger challenge,” Kleynhans said. “We’ve got the one project now, getting onto Windows 10, but then there’s the project later on that happens every six, nine, 12 months, whatever it turns out to be, as new updates roll out.” Article source
  13. Microsoft officials said Windows 10 has hit the 400 million 'active' device milestone, up from 300 million in early May. Windows 10 is now running on 400 million active devices as of today, September 26, Microsoft officials said. That's up from 300 million as of May 5, and 207 million at the end of March. "Active devices" mean devices than have been active in the past 28 days, Microsoft officials have said. The figure includes not only Windows 10 installed on PCs, tablets, and phones, but also on Xbox One consoles and HoloLens, Surface Hubs. Microsoft's original goal was to have Windows 10 running on one billion devices by 2018, but execs recently conceded they wouldn't make that number until some unspecified time after that. Microsoft execs shared the newest stats on the opening day of the Microsoft Ignite conference in Atlanta. They also said that Windows Insider testers working with early Windows 10 "Redstone 2" builds soon should get their hands on a new Edge browser security feature that's been rumored for some time: Container-based isolation in the browser. That container-based isolation is technology codenamed "Barcelona." While Windows 10 Enterprise currently supports containers for development purposes, Barcelona is specific to the browser baked into the operating system. Microsoft execs have christened Barcelona "Windows Defender Application Guard," they said today. The feature will use virtualization-based security, isolating potentially malicious code in containers so it can't spread across company networks. Starting "early next year," Microsoft will start testing this feature with enterprise customers who've expressed interest, officials said. Microsoft officials also said at Ignite today that the Windows Defender Advanced Threat Protection (ATP) and Office 365 ATP services now "share intelligence mutually." These services help detect and thwart advanced attacks. And as of early 2017, Office 365 ATP will be extended to Word, Excel, PowerPoint, SharePoint Online, and OneDrive for Business. Users will be able to get email with placeholder attachment and use "URL detonation" for analyzing links in real time. Article source
  14. In collaboration with Microsoft Research, Cindy Hsin-Liu Kao, a PhD student at MIT’s Media Lab, and a team of fellow researchers have designed a new fabrication process which allows anyone—with the time and money—to create temporary, functional “tattoos” for their skin. By applying conductive gold leaf to the body, Kao’s process, DuoSkin, produces a less invasive, and more aesthetically appealing result than other forms of biohacking. GIF: MIT Media Lab Perhaps the most interesting thing about DuoSkin is that the technique produces devices that are inherently temporary, creating technology that is intended to be used as a real style statement. The researchers who created DuoSkin say it is possible to design a circuit on any graphics software. Then, all you would need to do is stamp the tattoo in gold leaf, and apply other components to make the tattoo interactive. While the technique is vastly more user-friendly than other forms of biohacking, DuoSkin still isn’t something the average person could carry out without some know-how. With that said, it’s not hard to imagine commercialized versions that consumers could purchase. For example, a music speaker could come prepackaged with a set of fashionable DuoSkin tattoos that allow for the music to be remotely controlled. In a promotional video, Kao describes how DuoSkin can be used to create three “classes” of devices. The first, input devices, turn your skin into a trackpad. The second, output displays, report information about your body, such as its temperature. The third, communication devices, allow others to digitally receive information from your tattoo, in the form of something similar to an NFC tag. Since DuoSkin doesn’t require surgery, it might be a good introduction to biohacking for the majority of Americans who are afraid of using technology to alter their bodies. This isn’t Kao’s first experiment with technological body modification. Last year, she built NailO, a tiny device mounted on your thumbnail that can be used to send a quick text message or email, particularly in situations where whipping out your smartphone might been seen as rude. The device essentially turns your thumb into a tiny trackpad. DuoSkin is set to be presented at a symposium for wearable technology next month. Article source
  15. GNOME Improves Handling of Unknown Audio Devices (Thanks to Unity) Is it a mic? Is it a speaker? No, it’s a … well, actually GNOME doesn’t know either — but the popular open-source desktop is getting smarter at finding out. As previewed in mockups earlier this year, GNOME 3.20 is to present users with a dialog window when an audio device that it can’t identify is connected to the headphone/microphone input jack. The user assistive feature has been able to go from mock-up to implementation thanks, in part, to Unity developer David Henningsson, Henningsson’s original code (and knowledge) has helped GNOME integrate the functionality into their desktop shell in a way that ‘…should be easily implementable in other desktop environments that use libgnome-volume-control to interact with PulseAudio.’ In a blog post GNOME developer Bastien Nocera explains how it works in a little more depth: Nifty! If you connect a lot of different audio peripherals to your Linux device keep a beady eye out for the feature in GNOME 3.20, which ships later this year. Source
  16. All Android OS versions are susceptible and can be affected by four identified security flaws. Hackers can potentially infect Android devices with malware, which when installed, would provide them with "privilege escalation" to gain rooting access to devices, thanks to four new vulnerabilities, dubbed Quadrooter, identified by security researchers. Around 900 million Android devices have been left vulnerable by Quadrooter. According to security firm Check Point, hackers could potentially exploit any one of the four identified vulnerabilities to gain rooting privileges, which would then give the hackers full control over the affected device. This means that hackers would then have access to all the data and hardware of the infected device, including camera and microphone. The vulnerabilities affect Android devices of various brands, including: BlackBerry Priv, Blackphone 1 and 2, Google Nexus 5X, 6 and 6P, HTC One M9 and HTC 10, LG G4, G5, and V10, New Moto X by Motorola, OnePlus One, 2 and 3, Samsung Galaxy S7 and S7 Edge, Sony Xperia Z Ultra "An attacker can exploit these vulnerabilities using a malicious app. Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing. Since the vulnerable drivers are pre-installed on devices at the point of manufacture, they can only be fixed by installing a patch from the distributor or carrier. Distributors and carriers issuing patches can only do so after receiving fixed driver packs from Qualcomm," Check Point said. Hackers could potentially exploit any one of the four identified vulnerabilities to gain rooting privileges, which would then give the hackers full control over the affected deviceQualcomm Flaws in-built "During our research, we found multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems," said Check Point senior security researcher Adam Donenfeld, presenting the firm's findings at the DefCon security conference on 7 August. The flaws uncovered by Check Point were found to affect Qualcomm chip drivers, which are installed into devices during manufacturing. This means that Google, which provides the software for Android devices, would not be able to produce the security patches. Instead, the security updates must come from the hardware manufacturer (in this case Qualcomm), to be provided to the phone vendors, before it can be rolled out to the users. 3 down, 1 to go Three of the four security flaws identified have already been patched. However, the remaining vulnerability is yet to be fixed, the Register reported. The security patch for the remaining vulnerability will likely arrive with Google's monthly security update release, and should be available to users in September. "No-one at this point has a device that's fully secure," Check Point mobility product management head Michael Shaulov told ZDNet. "That basically relates to the fact that there is some kind of issue of who fixes what between Qualcomm and Google." Check Point has a free app that enables users to check if their devices are vulnerable. Article source
  17. Researchers from Rapid7 at DefCon will demonstrate vulnerabilities that allow attackers to turn point-of-sale devices into keyboards Magnetic stripe readers, you are the gift that keeps on giving. Unfortunately. Researchers from Rapid7 Inc. will demonstrate how point-of-sale systems and hotel keys with magstripe technology can be hacked and used in brute-force attacks as part of a DefCon presentation this weekend. Building on work from Samy Kamkar and his MagSpoof techniques, along with integrated bad barcode from Tencent, Rapid7's Weston Becker will show how to inject OS commands into a Windows-based POS system with the magstripe reader. "Often a magstripe reader is configured as a general-purpose device, so you can drop in commands to open a register, open a window, or download malware and install," said Tod Beardsley, senior security research manager at Rapid7, in a phone interview with Dark Reading. With a device that's programmable via an electromagnetic field, the hacker has lots of options: open a cash register drawer, open a window on the computer, or download and install malware. "You only need to distract the operator for a couple seconds -- it all happens very quickly," Beardsley explained. In effect, the attack turns the magstripe reader into a keyboard. "If you've seen the rubber ducky attacks with the exposed USB ports, you know that something that mimics a keyboard gives you direct access to the [POS] device," Beardsley added. The vulnerability affects everything from hotel keys to loyalty cards, gas cards, or special access cards for first responders to use elevators. Rapid7 has already notified the manufacturer, Samsung, but the vulnerability affects nearly all vendors' POS devices, which aren’t that different from one another, according to Beardsley. There's also been no official response from Samsung, though Beardsley assumes they're doing their own testing and due diligence. Rapid7 is also working with CERT for handling the vulnerability disclosure. Beardsley and Weston point to two areas that need to be fixed. The first is not to allow magstripe readers to be used as a keyboard, which can be addressed by new driver definitions, "an OS fix," Beardsley said. Secondly, because the devices can be tricked into taking certain types of commands, the applications they use should limit the kind of data they're expecting. "Credit card data is ASCII, not anything exciting. But the fact I can inject keystrokes, like the F8 key, is unexpected," Beardley said. "It's a fundamental design flaw in how these Windows-enabled systems run." Brute-forcing a magstripe hotel card is also remarkably simple; the data it contains is encoded but not encrypted, Beardsley said. An attacker with a magstripe hotel card will look for the folio number associated with check-in, which is usually six digits and tends to be assigned incrementally (123456, 123457, 123458…) rather than randomly. The attacker will also look for the room number on the magstripe card and the checkout date. All three pieces of data have to be accurate for a room doorlock to open. "Once you have a device, it's short work to guess a number on the fly that opens a lock – the doors to guest rooms," Beardsley said. By replacing incremental IDs with random ones and expanding the number of digits in the data fields, hotels and other affected industries can help address the vulnerabilities – a cheaper, easier fix than using encrypted cards. "Encryption will happen at some point, but today it's pretty much the same basic technology from the 1970s," Beardsley said. Article source
  18. As growing numbers of devices are connected to the internet, security and privacy concerns grow. Businesses are looking for solutions that provide protection for both the endpoint and the network. Israel-based Allot Communications is announcing a new collaboration with Intel Security to introduce McAfee Unified Security Powered by Allot, providing complete end-to-end security capabilities. The solution blends advanced threat detection technologies in the network and at the endpoint with customer intelligence and comprehensive personalization capabilities to deliver a scalable platform that simplifies security service activation, service awareness, operation and management. Deployed by communication service providers (CSPs) as a value-added security service to their customers, it offers comprehensive protection for users at home, at work and on-the-go, and features a consumer-friendly interface and simple self-management capabilities. "With the proliferation of mobile devices and the exponential growth in IoT, the combination of Intel Security's expertise in the cyber security domain with Allot's vast experience in the CSP network-based Security as a Service market delivers immediate and unparalleled value for operators and consumers alike", says Andrei Elefant, president and CEO at Allot Communications. "We see significant interest in the joint solution, including several engagements in progress. We are excited about this collaboration and are looking forward to working jointly with Intel Security and to expanding Allot's global reach". Unified Security works with devices ranging from smartphones and tablets to gaming consoles, smart TVs and more. It can help guard against bots, malware, phishing and spam, plus it uses Intel's True Key to allow users to sign in using features that are unique to them instead of having to remember passwords. Additional features include ad blocking and parental controls. You can find out more on the Allot website. Article source
  19. The java-based cross-platform Adwind RAT not only steals data but also turns the infected device into a botnet! Cyber criminals always develop malware filled with unbelievable features but hardly ever you will find something that targets different operating systems simultaneously. Now, researchers have discovered a malware based on Java infecting companies in Denmark but it’s only a matter of time before it will probably hit other countries. Dubbed Adwind RAT (Remote access tool), the malware was first detected and taken down in 2015 before it could infect millions of users around the world, however, it’s back with full power as currently, no anti-virus software could detect. If your device is infected with this malware, your security software is rendered useless against it (at least for now). Detection test on VirusTotal In a blog post, Andra Zaharia of Heimdal Security revealed that cybercriminals are sending malicious emails to organizations in the English language attached with Doc-172394856.jar file which open executions providing a backdoor access to attackers. The researchers have warned not to download or click any files coming with a Java archive .jar extension. The targeted devices include Windows, OS X, Linux and Android which upon infection turn them into a botnet, that’s not all, Adwind also steals data from the device. Previously, Omni RAT was found targeting Mac, Linux, Windows PC and Android phones. In 2016, researchers have identified several cases in which Javascript malware was used to infect users; i.e Comment tagging malware on Facebook dropping malware on Chrome users, Qarallax RAT or QRAT on Skype and even the famous SNAP vulnerability in Android devices was also triggered through javascript malware. There’s much more on Heimdal Security website including additional technical details. To protect your devices from such malicious software don’t download files from unknown emails, don’t download files from untrusted websites. Article source
  20. How to protect your data and devices in the post-antivirus age This week, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) issued a warning about popular antivirus software made by Symantec, some of it under the Norton brand, after security researchers with Google's Project Zero found critical vulnerabilities in it. Is your antivirus protecting your computer or making it more hackable? Internet security experts are warning that anti-malware technology is becoming less and less effective at protecting your data and devices, and there's evidence that security software can sometimes even make your computer more vulnerable to security breaches. This week, the U.S. Department of Homeland Security's Computer Emergency Readiness Team (CERT) issued a warning about popular antivirus software made by Symantec, some of it under the Norton brand, after security researchers with Google's Project Zero found critical vulnerabilities. Concordia University professor Mohammad Mannan, who does research on IT security, says he doesn't use antivirus software on his primary machines and hasn't for years. "These vulnerabilities are as bad as it gets. They don't require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible," wrote Google researcher Tavis Ormandy in a blog post. Symantec said it had verified and addressed the issues in updates that users are advised to install. It's not the only instance of security software potentially making your computer less safe. Concordia University professor Mohammad Mannan and his PhD student Xavier de Carné de Carnavalet recently presented research on antivirus and parental control software packages, including popular brands like AVG, Kaspersky and BitDefender, that bypass some security features built into internet browsers to verify whether sites are safe or not in order to be able to scan encrypted connections for potential threats. In theory, they should make up for it with their own content verification systems. 'Surprised at how bad they were' But Mannan's research, presented at the Network and Distributed System Security Symposium in California earlier this year, found they didn't do a very good job. "We were surprised at how bad they were," he said in an interview. "Some of them, they did not even make it secure in any sense." Increasingly, attacks focus on social engineering or phishing that lures users onto compromised websites that can steal information or serve ransomware. When contacted about Mannan's research, Kaspersky said it was reviewing the research and AVG said it had made precautionary changes to its software. Alexandru Balan, chief security researcher for BitDefender, defended his company's encrypted content scanning feature as valuable protection against threats, but said that type of "SSL or TLS filtering" feature needs to be designed and constantly updated in a careful fashion, which he believes his company does. However, Mannan recommends that if you use antivirus software, you should choose one that doesn't have the feature or turn it off. He doesn't use antivirus protection on his primary machines and hasn't for years, he said. "I don't see any clear advantage of using them," he wrote in a followup email, noting that they can slow your machine down and introduce new vulnerabilities. Neither the vulnerabilities reported by Mannan or the Symantec vulnerabilities are known to have been exploited, but that doesn't mean they never have been. Meanwhile, many experts agree that antivirus software may not do a great job at protecting your computer against today's threats. 'Antivirus is getting increasingly useless these days,' wrote Stu Sjouwerman, CEO of KnowBe4, in a blog post. (KnowBe4) "Antivirus is getting increasingly useless these days," wrote Stu Sjouwerman, CEO of KnowBe4, which trains employees of other companies to be smarter about internet security, in a blog post this week. When asked to elaborate in an interview, he said, "The bad guys … basically have gone smart and they say, 'We're not going to try and circumvent antivirus. We're just going to attack organizations at the weakest link in IT security, which is the user.'" Increasingly, attacks focus on social engineering or phishing that lures users onto compromised websites that can steal information or serve ransomware. Those websites are so short-lived that antivirus software often doesn't update fast enough to recognize them, Sjouwerman added. Still worth it? J. Paul Haynes, CEO of Cambridge, Ont.-based cybersecurity firm eSentire, said that while antivirus software used to protect against 80 to 90 per cent of threats, but it's now thought to protect against less than 10 per cent because of the cybercriminal tactics cited by Sjouwerman. "It gets a little worse every day, every week, every month," Haynes said. But both Sjouwerman and Haynes suggest that even a small level of protection offered by antivirus software may still be worth the price for corporations. "This is the easiest and cheapest stuff to stop," Haynes said. However, they both warned against having a false sense of security if you have an antivirus installed. For the consumer, Haynes said, "ransomware is probably the thing that people have to worry about." Ransomware typically encrypts your files and demands a ransom of several hundred or thousand dollars to restore access. And because those compromised websites are so short-lived, "it wouldn't matter how good your antivirus is," Haynes said, you'd still be vulnerable. Tips for protecting yourself So what can you do to protect yourself in the post-antivirus age? Mannan, Haynes and Sjouwerman all have similar recommendations: Back up everything regularly. You can back up photos and non-sensitive files to the cloud. But you should also keep a backup on an external hard drive that is not physically connected to your computer (otherwise it can be compromised in a ransomware attack). That way, if you get attacked by ransomware or another threat, you can roll back to the previous version of your computer. Keep your operating system and software such as browsers up to date and patched. Turn on automatic updates if they're available. Think before you click on links or attachments. If you're not sure about them, get in touch with the person who sent them to double-check. To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted. Article source
  21. 'Medjack 2' describes the latest weapons in the hacker arsenal used to hijack medical devices. TrapX It is not just the enterprise, banks and individuals that are targeted by cybercriminals looking to cash in on data and rinse bank accounts. Things have taken a more sinister turn with the introduction -- and evolution -- of attacks specifically designed to compromise medical devices, which places both patient health and information at serious risk. A new report released by security firm TrapX on Monday highlights how this trend is becoming more and more serious, and healthcare organizations must sit up and take note of these emerging threats before it is too late. We've already seen ransomware attacks levied against hospitals this year which have successfully disrupted critical services and taken down full systems, with some hospitals giving in and paying a ransom to resume operating. This kind of malware, although often heartbreaking for victims and capable of immense disruption, is not in the same ballpark as other attacks which are striking hospitals for the purpose of tampering with devices and data. The report, "Anatomy of an Attack - Medical Device Hijack 2" (.PDF), is based on medical hijack attacks detected between late 2015 and early 2016, expanding on TrapX's original MedJack 1 research. The team found that attacks which target medical devices deployed in hospital PC systems and networks are on the rise and often contain backdoors, botnet connections and remote access tunnels for cyberattackers to manipulate devices. Greg Enriquez, CEO of TrapX Security commented: Some of the report highlights include: Attackers were found to repackage and disguise advanced tools within old, Windows-based worms which were ignored by security software as outdated, harmless malware -- but would then seek out old PC systems to compromise. Old malware variants were commonly used to attack medical devices as many of them have no security protection whatsoever, and there is no need to use sophisticated, expensive software once a network has been infiltrated; Backdoors were often installed afterwards, allowing for spying, data theft and providing an avenue to deploy malware payloads including ransomware; X-ray machines, radiation systems, fluoroscopy radiology systems and linac gating devices were all found to be constant targets for attackers. By compromising medical systems, attackers could not only potentially tamper with live-saving devices -- such as altering dosage rates or turning systems off and on -- but they can also use vulnerabilities to steal valuable medical and patient data over time. Medical device hijacking is only one threat element hospitals face today. Healthcare organizations have been forced to take cybersecurity more seriously since the recent spate of ransomware-based attacks at a number of hospitals this year, but to combat the more complex problem of medical device hijacking, solutions need to come from the top. Hospital budgets and board decisions have to come into play if healthcare organizations are going to be able to keep patients safe from these threats in the future. It may not seem likely that such a malicious attack would occur against a patient using a critical medical device, but in today's world, anything is possible. "Healthcare organizations need to implement strategies that review and remediate existing medical devices, better manage medical device end-of-life and carefully limit access to medical devices," noted Moshe Ben Simon, TrapX Security co-founder and vice president. "It becomes essential to leverage technology and processes that can detect threats from within hospital networks." Article source
  22. Windows 10 now running on 350 million devices Windows 10 will soon turn 1, and the company says that the new operating system performed really well during these 12 months on the market, becoming the most successful Windows version ever. The free upgrade offer for Windows 7 and 8.1 users has definitely played a decisive role in this quick adoption of Windows 10, with Microsoft now revealing that the new operating system is running on no less than 350 million devices in the entire world. Furthermore, Windows 10 has recorded to the best customer satisfaction rating so far, Microsoft says. Now running on nearly 20 percent of PCs “We’d like to say a special thank you to each of you who have upgraded to Windows 10. With over 350 million devices now running Windows 10, customer satisfaction is higher than any previous version of Windows and customer engagement is also incredible with more than 135 billion hours of use on Windows 10 since launch,” Yusuf Mehdi, Corporate Vice President, Windows and Devices Group, said in a statement. “We’re pleased that so many of you are being more productive and having more fun with Windows 10. Your feedback has been a key input into the design of the Anniversary Update.” According to third-party data, Windows 10 is now the second most-used desktop operating system in the world, with a market share that’s getting closer to the 20 percent threshold. Windows 7 continues to be the leader with approximately 50 percent, but it’s quickly losing users due to the migration to Windows 10. Microsoft has a goal of bringing Windows 10 on 1 billion devices by 2017, and adoption figures are very likely to grow significantly once enterprises start the transition too. Many are still evaluating and piloting the switch to Windows 10, but once this phase is complete, the new operating system is expected to be installed by the majority of companies who are looking to benefit from the improvements that Microsoft implemented as part of this release. Article source
  23. With the number of Internet of Things (IoT) devices expected to grow to over 20 billion by 2020, it is time to take a closer look at one of the Internet’s most vulnerable points: your home router. Why routers matter: a central point of weakness With the number of IoT devices multiplying on home networks, routers now direct Internet traffic flows not just for computers and phones, but for all connected things. The sheer volume of connectivity increases the attack surface for network intrusion. New trends in home automation and remote management, such as smart door locks that can be remotely unlocked, also raise the stakes for data security. Given the central role routers play as gatekeepers between the private home and the public Internet, it may come as a surprise that home routers are actually easier to hack into than computers; it is far easier to simply “set-and-forget” about them as they silently run in the corner. Lack of consumer awareness means that most people have never updated their router firmware or changed the default password on their home Wi-Fi. In a revealing survey released last year by ESET and the National Cyber Security Alliance, nearly 80 percent of Americans expressed confidence in the security of their home network and connected devices. Two out of every five households, however, reported that they have never changed the default passwords on their routers. A hacker’s paradise Whether they are common routers — including those made by Linksys, TP-Link, D-Link, and ASUS — or ISP-leased routers, the prevalence of firmware vulnerabilities and non-unique default administrative passwords exposes hundreds of thousands of routers to cyberattacks. If a hacker is particularly lucky, they might find a shiny new router like the Luma, which tracks not only what devices are connected to your network, but also exactly what websites and servers each device is connecting to — a digital goldmine. Routers are thus fast becoming rich targets for hackers. In 2012, Kaspersky Labs discovered that cybercriminals had hacked into more than 4.5 million home DSL routers in Brazil by exploiting a chip vulnerability, manipulating router DNS settings to disguise fake infected websites as legitimate ones. Unsuspecting users were thus tricked into downloading malware that stole their passwords and banking information, earning one hacker more than $50,000. In 2014, another security firm, Team Cymru, reported that more than 300,000 routers — mostly in East Asia — had been compromised. The attack allowed hackers to, for example, redirect search results to infected web pages and install “drive-by downloads” of malware onto users computers. More serious still, in 2015, a group calling itself “Lizard Squad” — which is credited for taking down Sony and Microsoft’s gaming networks — announced a new “for-hire” attack service that relies on bandwidth stolen from thousands of home routers. Meanwhile, DEF CON — one of the world’s largest hacking conferences — commonly features sessions on how to exploit IoT and router vulnerabilities, including one memorable presentation titled “How to Hack Millions of Routers.” A popular DEF CON router-hacking contest revealed 15 major zero-day vulnerabilities, including 7 full router takeovers. Why router security is so neglected One reason for the lack of router security is that the supply chain is underprepared to meet data security needs. In the embedded systems market (routers and modems), many manufacturers either cannot or do not patch security holes after shipping, even assuming they acknowledge these security flaws in the first place. As a recent Wall Street Journal study made clear, existing industry lifecycle management has been too forward-focused to dedicate limited resources to supporting and patching older products. In a message to customers, router software company Allegro emphasizes that it is unable to prevent manufacturers from continuing to “make and sell products with software components that are over 13 years old.” Importantly, router attack methods often rely on chip vulnerabilities. Router firmware makers and chipset vendors are notoriously unreliable when it comes to issuing timely patches — even when they acknowledge them publicly. Some companies do not even bother responding to vulnerability reports. Supply chain coordination between vendors and manufacturers on component vulnerabilities will be an especially high priority in this IoT age, as white-labelling (rebranding and reselling products made by another company) is already one of the most popular business models for Chinese manufacturers. Highly branched redistribution networks increase risk for vulnerable consumers and businesses — there are simply “too many cooks stirring the same rotten pot.” As people entrust their data to an increasing number of Internet-connected devices, it is clear we need to take a closer look at that router collecting dust in the corner. Not closing the loopholes hidden within that one critical device could prove very costly to your privacy, your finances, and even your personal security. Article source
  24. Ransomware has emerged as the predominant online security threat to home users and small businesses. Delivered through spam or phishing emails that trick users into clicking on malicious links, this type of malware renders computer systems, devices or files inaccessible and holds the victim hostage until payment is made, usually in the form of Bitcoins. “Understandably, nearly 1 in 3 security professionals at companies say they’d be willing to pay for the safe recovery of stolen or encrypted data, and that number jumps to 55% at organizations that have already been targeted. Meanwhile, your average home user feels as if they have no choice but to pay,” said Usman Choudhary, chief product officer at ThreatTrack Security. No one is immune, not even law enforcement. Last year, a police department in Massachusetts paid $500 to cyber extortionists to decrypt its files – just one of many examples throughout the country. What can people do to protect themselves? ThreatTrack provides the following five ransomware tips for businesses and home users: 1. Back up your data – Always keep a copy of your data backed up. There are also numerous cloud-based “set it and forget it” options for automatically backing up your data to an offsite server. These services, which include Carbonite, CrashPlan and Mozy, have the added advantage that they store your data in the cloud, so in addition to being able to recover from a ransomware attack, you’re also protected in the event of a physical disaster such as a fire, flood, tornado or earthquake. This is by far the best do-it-yourself tactic you can take to protect yourself from being blackmailed. 2. Get on a schedule – It’s one thing to back up your data, but if you can’t remember the last time you performed one, it does you no good. ThreatTrack recommends backing up your data at least once a week and, ideally, once a day. 3. Be aware of phishing emails – Educate yourself, family members and employees on the latest social engineering tactics being used to lure people into clicking on malicious links and attachments. There are many resources available that can help, including online tutorials and security awareness training services. But simply sending out regular communications about the various tactics and terms – spam, malware, spear-phishing, whaling, etc. – will help employees become more vigilant about identifying phishing attempts, which often appear to originate from a trusted source – a friend, co-worker, favorite online store. 4. Practice safe computing, update your software – Another technique used by ransomware authors is to exploit vulnerabilities in popular software applications. If you’re diligent about keeping applications up to date, you’ll minimize your exposure to potential attacks. Better yet, make sure that any applications that can be set to update themselves automatically have that feature turned on. Commonly targeted applications include Adobe Reader, Adobe Flash, Java, Google Chrome, iTunes, Skype and Firefox. 5. Keep work and personal data and files separate – A recent survey showed that nearly a third of IT security staff were asked to remove malware from an executive’s computer/device because they had let a family member use it. With so many people working from home (many small businesses operate entirely out of the home), it can be hard to separate work from your personal life, but keeping these two worlds apart can go a long way toward protecting your data and/or minimizing the impact of an attack. Finally, should you get hit by ransomware, immediately cut off any connections – that means shutting down your computer and disconnecting it form the network. While the damage has already been done, it can help stop the spread of malware to other systems or devices. Article source