Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Submission + - A Bot That Drives Robocallers Insane

Trailrunner7 writes: Robocalls are among the more annoying modern inventions, and consumers and businesses have tried just about every strategy for defeating them over the years, with little success. But one man has come up with a bot of his own that sends robocallers into a maddening hall of mirrors designed to frustrate them into surrender.

The bot is called the Jolly Roger Telephone Company, and it’s the work of Roger Anderson, a veteran of the phone industry himself who had grown tired of the repeated harassment from telemarketers and robocallers. Anderson started out by building a system that sat in front of his home landlines and would tell human callers to press a key to ring through to his actual phone line; robocallers were routed directly to an answering system. He would then white-list the numbers of humans who got through.

Sometimes the Jolly Roger bot will press buttons to be transferred to a human agent and other times it will just talk back if a human is on the other end of the line to begin with.

Submission + - Online Museum Displays Decades Of Malware (thestack.com)

An anonymous reader writes: archive,org has launched a Museum of Malware, which devotes itself to a historical look at DOS-based viruses of the 1980s and 1990s, and gives viewers the opportunity to run the viruses in a DOS game emulator, and to download 'neutered' versions of the code. With an estimated 50,000 DOS-based viruses in existence by the year 2000, the Malware Museum's 65 examples should be seen as representative of an annoying, but more innocent era of digital vandalism.

Submission + - Google Blocking Deceptive Download Buttons with Safe Browsing

Trailrunner7 writes: Google is expanding the way that its Safe Browsing API protects users against malicious content by blocking deceptive content on sites that is considered to be social engineering.

The change to Safe Browsing will focus on detecting and warning users about content that tries to trick users into downloading a piece of software or taking some other action that they wouldn’t normally take. A common example of this is a fake or deceptive download button on a site that’s included in a dialogue box warning about out-of-date software.

Attackers often use malicious or deceptive ads that imitate legitimate download dialogues for software such as Adobe Flash or Microsoft’s Skype in order to trick users into downloading something else. That download could be a browser tool bar, malware, or some other unwanted software. To non-expert users, these ads or dialogue boxes can seem indistinguishable from authentic ones, which is exactly what fraudsters and attackers are counting on.

Submission + - Norse Corp. Implodes, Fires CEO, Sells Assets (krebsonsecurity.com)

tsu doh nimh writes: Brian Krebs has something of a scoop about Norse Corp., the cyber intelligence company that became famous for its interactive attack map. From the story: Norse Corp., a Foster City, Calif. based cybersecurity firm that has attracted much attention from the news media and investors alike this past year, fired its chief executive officer this week amid a major shakeup that could spell the end of the company. The move comes just weeks after the company laid off almost 30 percent of its staff. Sources close to the matter say Norse CEO Sam Glines was asked to step down by the companyâ(TM)s board of directors, with board member Howard Bain stepping in as interim CEO. Those sources say the companyâ(TM)s investors have told employees that they can show up for work on Monday but that there is no guarantee they will get paid if they do." Krebs's story looks into the history of the company's founders, includes interviews with former Norse employees, and concludes that this was probably inevitable.

Submission + - Harvard: No, Crypto Isn't Making the FBI Go Dark

Trailrunner7 writes: The FBI and other law enforcement and intelligence agencies have warned for years that the increased use of encryption by consumers is making surveillance and lawful interception much more difficult, impeding investigations. But a new study by a group of experts at Harvard’s Berkman Center says those claims are largely overblown and that the IoT revolution will give agencies plenty of new chances for clear-channel surveillance.

“We argue that communications in the future will neither be eclipsed into darkness nor illuminated without shadow. Market forces and commercial interests will likely limit the circumstances in which companies will offer encryption that obscures user data from the companies themselves, and the trajectory of technological development points to a future abundant in unencrypted data, some of which can fill gaps left by the very communication channels law enforcement fears will ‘go dark’ and beyond reach,” the Berkman Center report says.

Submission + - GCHQ Denies That Its Voice Crypto Protocol Is Backdoored

Trailrunner7 writes: A week after a researcher published a detailed analysis of the MIKEY-SAKKE voice encryption standard that broke down how it could enable key escrow and mass surveillance, the U.K.’s GCHQ, which designed the standard, has come out in defense of its security and integrity.

Steven Murdoch, a researcher at University College London’s Department of Computer Science, took a close look at MIKEY-SAKKE and its implementation in the Secure Chorus standard and concluded that not only does the standard support key escrow, but that it could be set up for use in mass surveillance.

But Ian Levy, director of cyber security and resiliency at GCHQ, said in a defense of MIKEY-SAKKE that the protocol is designed with specific security applications in mind, such as public safety or internal monitoring in an organization.

“For investigative or regulatory reasons, most Organisations will want the ability to monitor their employees. MIKEY-SAKKE makes this possible; the organisation can record the encrypted traffic and decrypt it if and when they need to. They don’t need to actively ‘man-in-the-middle’ communications, which they’d have to do with other systems. And ONLY the enterprise can do this, because only the enterprise has the key management server,” Levy said.

In an email, Murdoch said he’s happy to see GCHQ talking about the security of MIKEY-SAKKE publicly, but that the facts of his analysis haven’t changed.

“I think it is very positive sign that GCHQ are willing to engage in an open discussion about the security of MIKEY-SAKKE. GCHQ’s response includes clarifications and also describes some of MIKEY-SAKKE’s design motivations. It is interesting and welcome, but ultimately it doesn’t make a substantial change to my conclusions because the response focusses more the language used rather than any fundamental points,” Murdoch said.

Submission + - New Memory Scraping Point-of-Sale Malware Emerges

Trailrunner7 writes: Researchers have discovered a new version of the CenterPOS malware that is capable of scraping memory and finding credit card data in running processes on infected devices.

The malware is the latest iteration of CenterPOS, a family of point-of-sale malware that researchers have been tracking for several months. CenterPOS has been seen infecting PoS devices in a number of small and medium-sized businesses, mainly in the United States. It has a number of different capabilities and gives the attacker the ability to use an infected device to scan the rest of the network for credit card information.

Submission + - MiniUPnP Vulnerability Clears Way to Stack Smashing Attack (threatpost.com)

msm1267 writes: Cisco’s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in Mini UPnP that was patched in September of last year.

Now four months later, it’s unclear how many vendor products that make use of the library were patched, nor is it known how many devices on private networks—things such as Xboxes, home and business routers and peer-to-peer applications such as the Bitcoin-qt wallet—have been patched.

Cisco today published technical details of the vulnerability and to demonstrate the widespread nature of the bug and its potential impact, released a proof-of-concept attack against the default Bitcoin wallet which opens the door to remote code execution.
Cisco’s exploit bypasses the Stack Smashing Protection (SSP) mitigation, which protects vulnerable buffers in a stack with a stack cookie, or canary. The Cisco attack bypasses the stack cookie on Linux systems.

Submission + - Android Ransomware Threatens to Share Your Browsing History With Your Friends

An anonymous reader writes: The newly discovered Lockdroid ransomware is unique in two ways. First it uses perfectly overlaid popups to trick users into giving it admin privileges. This trick works on devices running Android versions prior to 5.0 (Lollipop), which means 67% of all Android smartphones. Secondly, after it encrypts files and asks for a ransom, it also steals the user's browsing history and contacts list, and blackmails the user to pay the ransom, or his brwosing history will be forwarded to his contacts.

Submission + - Feds Indict Prison Guards, Inmates in Jury Duty Phone Scam

Trailrunner7 writes: Federal officials have indicted more than 50 people, including 15 former prison officials and 19 former inmates, in a long-running vishing and phone fraud scheme that was run through a Georgia prison.

Using cell phones smuggled into Autry State Prison by guards, the inmates would call victims, mostly in the Atlanta metro area, and inform them that they were warrants our for their arrest because they had failed to show up for jury duty. The callers would warn the victims that law enforcement officers were on the way and they were about to be arrested. Unless, of course, the victims could come up with some money to pay a fine and have the warrants erased.

Because that’s how the justice system works.

Submission + - London Selected To Trial Smart City Tech (thestack.com)

An anonymous reader writes: London has been chosen to join a new European smart city scheme which will involve the testing of innovative technologies aimed at improving the lives of urban residents. As part of the European Union’s Smart Cities and Communities Lighthouse project, the UK capital will invest in putting up more solar panels on city roofs, among other sustainable efforts. London’s Royal Borough of Greenwich will be the main focus of the initiative, with the addition of 300 smart parking spots and an electric bike network. A new heating system will also be built to use the flow of the River Thames to generate power for homes in the area.

Submission + - California Bill Would Require Phone Crypto Backdoors

Trailrunner7 writes: A week after a New York legislator introduced a bill that would require smartphone vendors to be able to decrypt users’ phones on demand from law enforcement, a California bill with the same intent has been introduced in that state’s assembly.

On Wednesday, California Assemblyman Jim Cooper submitted a bill that has remarkably similar language to the New York measure and would require that device manufacturers and operating system vendors such as Apple, Samsung, and Google be able to decrypt users’ devices. The law would apply to phones sold in California beginning Jan. 1, 2017.

Submission + - LastPass Disputes Severity of LostPass Phishing Attack

Trailrunner7 writes: A security researcher has developed a phishing attack against the LastPass password manager app that is virtually impossible to detect and has the ability to mimic the LastPass login sequence perfectly.

The technique takes advantage of several weaknesses in the way that LastPass handles user logout notifications and the resulting authentication sequence. Sean Cassidy, the CTO of Seattle-based Praesidio, developed the attack and has released code for the technique, which he calls LostPass. In essence, the technique allows an attacker to copy much of the login sequence for a LastPass user, including the use of identical login dialogs and the ability to capture and replay two-factor authentication codes.

In order for LostPass to work, an attacker needs to get a victim to visit a malicious site where the LostPass code is deployed. The code will check to see if the victim has LastPass installed, and if so, use a CSRF (cross-site request forgery) weakness in LastPass to force the victim to log out of the app. The attacker using LostPass then will show the victim the notification telling her she’s logged out and when she clicks on it, will bring her to the login page the attacker controls. It will look identical to the authentic one.

Once the victim enters her credentials, they are sent to the attacker’s server, who can use the LastPass API to check their authenticity. If the server says that 2FA is set up on the victim’s account, LostPass will display a screen to enter the 2FA code, which the attacker will capture and use to log in to the victim’s account.

LastPass says Cassidy didn't contact him in November, as he claims, but Cassidy said he did and also gave the company all of the information in his ShmooCon talk well before he spoke.

Submission + - Twitter's Silence Deafening on State-Sponsored Attacks (threatpost.com)

msm1267 writes: A group of privacy advocates whose Twitter accounts were targeted by state-sponsored hackers want answers from the social media platform. A handful of the estimated 50 people who received notifications in December from Twitter are still in the dark as to why they were targeted, what information the attackers were after, and who exactly was after them.

The group made a public plea this week to Twitter, putting up a website with more than a dozen pointed questions it hopes Twitter will answer. The plea was signed by 30 people who were notified, most of whom have ties to Internet freedom and advocacy, including the Tor project and digital rights initiatives in Europe.

Twitter is not alone in beginning such a notification service; it follows on the heels of similar efforts by Google, Facebook and Yahoo.

Slashdot Top Deals

HOLY MACRO!

Working...