SpacemanukBEJY.53u writes: Security software is often missing ransomware, which is costing consumers and businesses dearly. Researchers say they've developed a way to detect and stop ransomware based on the differences in how it transforms files compared to a legitimate application. The technique has prove successful against nearly all types of ransomware families, with minimal file losses. It means it may no longer matter whether antivirus software programs can catch the initial infection.
SpacemanukBEJY.53u writes: A hacker going by the nickname The Dark Lord is threatening to release nearly 48,000 medical records unless an orthopedic clinic in the U.S. pays $165,000 by July 8. The batch of data is one of three lots he's stolen from health care clinics that are now advertised on The Real Deal underground market. If the data is accurate, this particular clinic has no good options, a dilemma faced by organizations confronted with extortion attempts by cybercriminals. It's an unsettling tale. The hacker sent a highly personal ransom letter to the clinic's director, including the names of his family members and their Social Security Numbers. "I do not feel bad or guilty about any of this," the hacker says.
SpacemanukBEJY.53u writes: No hacker has ever been able to take over the flight systems of a custom drone built by researchers with Australia's national research agency, Data61. The quadcopter runs a microkernel called seL4 that have been mathematically proved; in other words, the proof shows the operating system contains no software vulnerabilities at all, drastically reducing the attack surface for hackers. The goal is for seL4 to eventually be used in a variety of critical applications, from in-flight computers to automotive controls to SCADA infrastructure. Link to Original Source
SpacemanukBEJY.53u writes: CloudFlare said it is working on ways to stop Tor users from seeing so many CAPTCHAs when browsing the Web. CloudFlare's popular content delivery network is used by many websites to stop abusive behavior such as denial-of-service attacks and spam. But since Tor exit nodes are often associated with bad behavior, the effect is many legitimate Tor users face a terrible browsing experience and are constantly presented with CAPTCHAs. CloudFlare has a few ideas for how to make it better, some of which would require cooperation from The Tor Project.
SpacemanukBEJY.53u writes: An article published by CNBC on Tuesday offered tips on how to create a secure password, complete with a form that tested submitted passwords. While well-intended, security experts said it exposed passwords to third-party advertisers. Also, the form create to test a password didn't use SSL, which meant someone on the same network could have sniffed it. Even worse, the tool claimed to not store the passwords, but an acute observer found they were actually being inputted into a Google Docs spreadsheet. CNBC quickly withdrew the article.
SpacemanukBEJY.53u writes: A Denver-based mobile app development company, Possible Mobile, had a tough time figuring out why Apple recently rejected its app from the App Store. After a lot of head scratching, it eventually found the XcodeGhost malware hidden in an unlikely place — a third-party framework that it had wrapped into its own app. Their experience shows that the efforts of malware writers can have far-ranging effects on the mobile app component supply chain.
SpacemanukBEJY.53u writes: After a threat from a law firm, two New Zealand ISPs have withdrawn services that let their customers navigate to content sites outside the country that world normally be geo-blocked. Using VPNs or other services to access content restricted by region isn't specifically outlawed in either New Zealand or in neighboring Australia, but it appears the entertainment industry is prepared to court to try and argue that such services can violate copyright law. Intellectual property experts said the situation in New Zealand, if it goes to court, could result in the first test case over the legality of skirting regional restrictions.
SpacemanukBEJY.53u writes: Earlier this week, an indictment was unsealed outlining a long list of charges against a group of men that stole intellectual property from gaming companies such as Epic Games, Valve, Activision and Microsoft. An Australian member of the group, Dylan Wheeler, describes how it was betrayed by an informant working for the FBI, which bought a hardware mockup of an Xbox One that the group built using source code stolen from Microsoft's Game Developer Network Portal. The device, which the FBI paid $5,000 for, was supposed to be sent to the Seychelles, but never arrived, which indicated the hacking collective had a mole.
SpacemanukBEJY.53u writes: A paper due to be presented at the Usenix Security Symposium next Wednesday in San Diego describes a way to load malicious applications onto an iPhone without using a software vulnerability. The method takes advantage of lowered defenses when an iOS device is connected to a desktop computer via USB or Wi-Fi, offering a way for hackers to stealthily slip applications onto a phone or delete others. Apple has seen the research but has so far not said what action it may take.
SpacemanukBEJY.53u writes: It took security researcher Willem Pinckaers all of 15 minutes to spot a flaw in code created by Akamai that the company thought shielded most of its users from one of the pernicious aspects of the Heartbleed flaw in OpenSSL. More than a decade ago, Akamai modified parts of OpenSSL it felt were weak related to key storage. Akamai CTO Andy Ellis wrote last week that the modification protected most customers from having their private SSL stolen despite the Heartbleed bug. But on Sunday Ellis wrote Akamai was wrong after Pinckaers found several flaws in the code. Akamai is now reissuing all SSL certificates and keys to its customers.
SpacemanukBEJY.53u writes: Two researchers managed to find a gaping fault in a ransomware program called CryptoDefense, one in a long line of insidious programs that encrypt people's files and demands payment to free the data. They started a low-key project to help victims decrypt their files, but Symantec blogged about the fault. The cybercriminals subsequently updated the program to close the hole. Ransomware scams similar to CryptoDefense have been around for at least a decade but have suddenly surged because of their effectiveness in spooking people and strong profitability. Users have been left enraged and helpless.
SpacemanukBEJY.53u writes: The researcher who discovered the Target and Adobe data breaches has another find: a 7,000-strong list of FTP sites run by a variety of companies, complete with login credentials. The hackers have uploaded malicious PHP scripts in some cases, perhaps as a launch pad for further attacks. The passwords for the FTP applications are complex and not default ones, indicating the hackers may have other malware installed on people's systems in those organizations.