msm1267 - Slashdot User

Submission + - Embedded Devices Leak Authentication Data Via SNMP (threatpost.com)

Submitted by msm1267 on Friday May 16, 2014 @02:38PM

msm1267 writes: Researchers have discovered previously unreported problems in SNMP on embedded devices where devices such as secondary market home routers and a popular enterprise-grade load balancer are leaking authentication details in plain text.

The data could be extracted by gaining access to the read-only public SNMP community string, which enables outside access to device information. While only vulnerabilities in three brands were disclosed today, a Shodan search turns up potentially hundreds of thousands of devices that are exposing SNMP to the Internet that could be equally vulnerable.

Submission + - SMTP SMARTTLS Deployments Better Than Expected (threatpost.com)

Submitted by msm1267 on Tuesday May 13, 2014 @02:04PM

msm1267 writes: Facebook dug into the prevalence of SMTP STARTTLS deployments for email encryption and found that 58 percent of messages are sent encrypted and certificate validation happened without a hitch for about half of the encrypted email.

Facebook said it believes STARTTLS support has achieved “critical mass,” and backs that up with data that indicates 76 percent of unique MX (mail exchange) hostnames that receive email from Facebook, such as notifications, support the extension. Facebook said that 58 percent of its notification email messages were successfully encrypted and that certificate validation passed for about half of the encrypted email. The other half were opportunistically encrypted, Facebook said.

Submission + - TLS 1.3 Ready to Drop RSA Key Transport (threatpost.com)

Submitted by msm1267 on Wednesday May 07, 2014 @07:46AM

msm1267 writes: The IETF working group responsible for the TLS 1.3 standard is closing in on a decision to remove RSA key transport cipher suites from the protocol.

Decades-old RSA-based handshakes don’t cut it anymore, according to experts, who are anxious to put a modern protocol in place, one that can fend off an intense commitment from cybercriminals and intelligence agencies to snoop and steal data. The consensus is to support Diffie-Hellman Exchange or Elliptic Curve Diffie-Hellman Exchange, both of which support perfect forward secrecy, which experts are urging developers and standards-bearers to instill as a default encryption technology in new applications and build-outs.

Submission + - XP Systems Getting Emergency IE Zero Day Patch (threatpost.com)

Submitted by msm1267 on Thursday May 01, 2014 @01:24PM

msm1267 writes: Microsoft announced it will release an out-of-band security update today to patch a zero-day vulnerability in Internet Explorer, and that the patch will also be made available for Windows XP machines through Automatic Update. At the same time, researchers said they are now seeing attacks specifically targeting XP users.

Microsoft no longer supports XP as of April 8, and that includes the development and availability of security updates. But the about-face today speaks to the seriousness of the vulnerability, which is being exploited in limited targeted attacks, Microsoft said.

Researchers at FireEye, meanwhile, said multiple attackers are now using the exploit against XP machines, prompting the inclusion of XP systems in the patch.

Submission + - UltraDNS Dealing with DDoS Attack (threatpost.com)

Submitted by msm1267 on Thursday May 01, 2014 @08:50AM

msm1267 writes: DNS service provider UltraDNS dealt with a DDoS attack for most of yesterday. Parent company Neustar announced late yesterday that it had mitigated the attack for most of its customers, but Western U.S. customers were still down. Meanwhile, the SANS Institute received reports from UltraDNS customers that a 100 Gbps DDoS attack was causing latency issues.

Submission + - Why Does Amazon Want to Sell its Own Smartphone, Anyway

Submitted by curtwoodward on Tuesday April 29, 2014 @01:49PM

curtwoodward writes: Amazon is well-established as an e-commerce and cloud computing pioneer. So why do its ambitions include a bigger push into consumer electronics, including a long-rumored leap into the very competitive smartphone market? In a word, control — of data, consumer profiles, and royalties on purchases.

Submission + - The White House's Zero Day Sleight of Hand

Submitted by Trailrunner7 on Tuesday April 29, 2014 @01:07PM

Trailrunner7 writes: The White House wants you to know that it did not know about the OpenSSL Heartbleed vulnerability before you did. The White House also wants you to know that administration officials don’t think stockpiling zero days isn’t necessarily good for national security. That’s all well and good, except that it mostly doesn’t matter.

“Building up a huge stockpile of undisclosed vulnerabilities while leaving the Internet vulnerable and the American people unprotected would not be in our national security interest. But that is not the same as arguing that we should completely forgo this tool as a way to conduct intelligence collection, and better protect our country in the long-run.”

Here’s the problem, though: The government doesn’t necessarily need to stockpile zero days, because it has a cadre of contractors doing that job in its stead. One of the conundrums of vulnerability research is that there’s no way to know whether the bug you just discovered is in fact new. The population of skilled researchers around the world is sufficiently large that it’s possible, if not probable, that someone else has found the same bug and is already using it. It’s tempting to think that you’ve discovered a special snowflake, but there’s a good chance someone on the other side of the Web has found the same snowflake. So the fact that the White House has a “disciplined, rigorous and high-level decision-making process for vulnerability disclosure” sounds nice, but it’s not enough.

Submission + - Apple Fixes Serious SSL Issue in OS X, iOS (threatpost.com)

Submitted by msm1267 on Tuesday April 22, 2014 @04:28PM

msm1267 writes: Apple has fixed a serious security flaw that’s present in many versions of both iOS and OSX and could allow an attacker to intercept data on SSL connections. The bug is one of many that the company fixed Tuesday in its two main operating systems, and several of the other vulnerabilities have serious consequences as well, including the ability to bypass memory protections and run arbitrary code.

The most severe of the vulnerabilities patched in iOS 7.1.1 and OSX Mountain Lion and Mavericks is an issue with the secure transport component of the operating systems. If an attacker was in a man-in-the-middle position on a user’s network, he might be able to intercept supposedly secure traffic or change the connection’s properties.

Submission + - Tor Blacklisting Exit Nodes Vulnerable to Heartbleed (threatpost.com)

Submitted by msm1267 on Thursday April 17, 2014 @11:55AM

msm1267 writes: The Tor Project has published a list of 380 exit relays vulnerable to the Heartbleed OpenSSL vulnerability that it will reject. This comes on the heels of news that researcher Collin Mulliner of Northeastern University in Boston found more than 1,000 vulnerable to Heartbleed where he was able to retrieve plaintext user traffic.

Mulliner said he used a random list of 5,000 Tor nodes from the Dan.me.uk website for his research; of the 1,045 vulnerable nodes he discovered, he recovered plaintext traffic that included Tor plaintext announcements, but a significant number of nodes leaked user traffic in the clear.

Submission + - Phase 1 of TrueCrypt Audit Turns up No Backdoors (threatpost.com)

Submitted by msm1267 on Monday April 14, 2014 @01:46PM

msm1267 writes: A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase.

A report on the first phase of the audit was released today by iSEC Partners, which was contracted by the Open Crypto Audit Project (OCAP), a grassroots effort that not only conducted a successful fundraising effort to initiate the audit, but raised important questions about the integrity of the software.

The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver; architecture and code reviews were performed, as well as penetration tests including fuzzing interfaces, said Kenneth White, senior security engineer at Social & Scientific Systems. The second phase of the audit will look at whether the various encryption cipher suites, random number generators and critical key algorithms have been implemented correctly.

Submission + - Facebook Bug Bounty Submissions Way Up (threatpost.com)

Submitted by Anonymous Coward on Thursday April 03, 2014 @03:40PM

An anonymous reader writes: Facebook today reported a dramatic increase in 2013 submissions to its bug bounty program, and said that despite reports from researchers that it’s becoming difficult to find severe bugs on its various properties, the social network plans to increase rewards for critical bugs.

“The volume of high-severity issues is down, and we’re hearing from researchers that it’s tougher to find good bugs,” Facebook security engineer Collin Greene said. “To encourage the best research in the most valuable areas, we’re going to continue increasing our reward amounts for high priority issues.”

Greene said Facebook paid out $1.5 million in bounties last year, rewarding more than 330 researchers at an average payout of $2,204. Submissions, however, skyrocketed 246 percent over 2012 to 14,763, he said. Most of those, however, were not eligible for a bounty; only six percent were rated high severity.

Submission + - Why bloggers should pitch their stories to themselves (blogswithoutblah.com)

Submitted by Anonymous Coward on Thursday April 03, 2014 @03:37PM

An anonymous reader writes: Professional journalists spend many years practising how to 'pitch' articles to editors. In this blog, pro journalist Mike Peake, founder of BlogsWithoutBlah.com, suggests that bloggers pitch to themselves before posting in order to see how a story stacks up.

Submission + - Brendan Eich Steps Down as Mozilla CEO (mozilla.org)

Submitted by matafagafo on Thursday April 03, 2014 @03:11PM

matafagafo writes: Mozilla Blog says:
Brendan Eich has chosen to step down from his role as CEO. He’s made this decision for Mozilla and our community.
Mozilla believes both in equality and freedom of speech. Equality is necessary for meaningful speech. And you need free speech to fight for equality. Figuring out how to stand for both at the same time can be hard......

Submission + - One Billion Android Devices Open to Privilege Escalation (threatpost.com)

Submitted by msm1267 on Thursday March 20, 2014 @12:50PM

msm1267 writes: The first deep look into the security of the Android patch installation process, specifically its Package Management Service (PMS), has revealed a weakness that puts potentially every Android device at risk for privilege escalation attacks.

Researchers from Indiana University and Microsoft published a paper that describes a new set of Android vulnerabilities they call Pileup flaws, and also introduces a new scanner called SecUP that detects malicious apps already on a device lying in wait for elevated privileges.
The vulnerability occurs in the way PMS handles updates to the myriad flavors of Android in circulation today. The researchers say PMS improperly vets apps on lower versions of Android that request OS or app privileges that may not exist on the older Android version, but are granted automatically once the system is updated.

The researchers said they found a half-dozen different Pileup flaws within Android’s Package Management Service, and confirmed those vulnerabilities are present in all Android Open Source Project versions and more than 3,500 customized versions of Android developed by handset makers and carriers; more than one billion Android devices are likely impacted, they said.

Submission + - Wide Gap Between Attackers, BIOS Forensics Research (threatpost.com)

Submitted by msm1267 on Tuesday March 18, 2014 @05:09PM

msm1267 writes: Advanced attackers who target BIOS and firmware with bootkits and other malware have a decided edge on security research and defense in this discipline. These attacks are dangerous because they enable persistence on a PC or server that is difficult to repair without bricking a machine. Researchers at MITRE and chip companies, however, are trying to reverse that trend with research into vulnerabilities in hardware and firmware as well as developing tools that help analyze problems present in BIOS.

Slashdot Top Deals