Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Information Security News - Internet Security | DShield Information Security News


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Popular News

22 hours ago Symantec Revokes Wrongly Issued Certificates

SecurityWeek View Synopsis+1

Symantec has revoked numerous wrongly issued certificates, including for domains such as example.com and test.com. This is not the first time the security firm's certificate issuance practices have come under scrutiny.

20 hours ago Expert Hacks Internal DoD Network via Army Website

SecurityWeek View Synopsis+1

A security researcher who took part in the Hack the Army bug bounty program managed to gain access to an internal Department of Defense (DoD) network from a public-facing Army recruitment website.

1 day ago Fans of the Shark Tank

IT Toolbox Blogs View Synopsis+1
Computerworld's Sharky

1 day ago From statues to doormats, here's what annoys Asian nations

Yahoo Security View Synopsis+1

How can you get under the skin of an Asian country? Diplomatic body searches, bomber flights, shrine statues and even doormats have set governments on edge.

1 day ago United Airlines flights suspended after technical glitch

ZDNet View Synopsis+1
The IT issue, which has since been resolved, grounded all domestic flights on Sunday evening.

Top News

8 hours ago "‹Cyber experts to brief Australian political leaders

ZDNet View Synopsis+1
The prime minister will take his political opponents through a cyber defence training session next month in a bid to ready the country for a cyber attack.

8 hours ago Western Union coughs up $586m for turning a blind eye to fraudsters

The Register View Synopsis+1
Helping internet scammers proved profitable, for a while

Western Union will forfeit more than half a billion dollars after admitting it broke money laundering laws.

7 hours ago Widely used WebEx plugin for Chrome will execute attack code - patch now!

ArsTechnica View Synopsis+1
Publicly known "magic string" lets any site run malicious code, no questions asked.

5 hours ago Old Android malware still infecting millions of users

Yahoo Security View Synopsis+1
Remember HummingBad ? It's an "old" malware from early-to-mid 2016, which was discovered and addressed at the time. However, it looks like it wasn't killed, and a version of it called HummingWhale has been found in the Google Play store, inside over 20 apps that were downloaded several million times by unsuspecting users. HummingWhale comes with "cutting edge techniques" that let it perform fraud better than before, Check Point says . That's the same group that identified the first strain of the malware, which affected more than 10 million users last year. Check Point also discovered its creators and concluded that the malware was able to generate some $300,000 per month from fraudulent advertising. That's right, this malware doesn't steal sensitive data from you. Instead, it hijacks ad views for profit. The new Google Play apps seem to be camera-related apps uploaded under names of fake Chinese developers. Each of these apps has an encrypted file that's "suspiciously large." The malware can be used to download and execute other apps. Moreover, the app can use an Android plugin to upload fraudulent apps on a virtual machine. "First, the Command and Control server (C&C) provides fake ads and apps to the installed malware, which presents them to the user," Check Point writes. "Once the user tries to close the ad, the app, which was already downloaded by the malware, is uploaded to the virtual machine and run as if it is a real device. This action generates the fake referrer id, which the malware uses to generate revenues for the perpetrators." The malware is more sophisticated than its predecessor in many ways. It can install apps without getting elevated permissions, and it can install an infinite number of fraudulent apps without actually overloading the device. That means the user would not even notice that something is wrong. Additionally. HumingWhale also tries to increase its Google Play reputation using fraudulent comments and ratings. Check Point told BGR that it informed Google About these new malware apps, which were removed from Google Play. This is how you check if your phone or tablet was infected with a HummingBad strain, although the tools might not necessarily detect HummingWhale as well.

5 hours ago Why Cyborg Essentials should be your penetration testing platform

TechRepublic View Synopsis+1
Penetration testing is essential for knowing where your network and systems are weak. Jack Wallen says the right tool for that task is the Debian-based Cyborg Essentials.

5 hours ago IP: Sending One Fragment in a Datagram

IT Toolbox Blogs View Synopsis+1
Procedure ipfsend creates and sends a single fragment. It allocates a new buffer for the copy, calls ipfhcopy to copy the header and IP options, copies the data for this fragment into the new datagram, and passes the result to netwrite.

18 minutes ago Cisco WebEx Extension Flaw Allows Code Execution

SecurityWeek View Synopsis+1

Google Project Zero researcher Tavis Ormandy has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Cisco's initial fix does not appear to be complete, which has led to Google and Mozilla temporarily removing the add-on from their stores.

21 hours ago Lavabit Reboots After FBI-Snowden Investigation Fallout

InfoRiskToday View Synopsis+1
In Theory, Lavabit Email Will Be Tough to Trace or SubpoenaFour years after a messy legal battle sparked by Edward Snowden using its service, the secure email provider Lavabit is back with a brand-new platform designed to provide better privacy protection - select from "trustful," "cautious" or "paranoid" modes - by encrypting both email content and metadata.

18 hours ago Alexa, Cortana And Siri Are About To Diagnose Your Health

Forbes View Synopsis+1
Diagnosing serious diseases and conditions via just listening to voice snippets is possible. Are we about to get a doctor in every room thanks to Alexa, Siri and Google Home?

Latest News

33 minutes ago Furby Rickroll demo: What fresh hell is this?

The Register View Synopsis+1
Toy-makers, please quit this rubbish, you're NO GOOD at security

Here's your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes.

2 hours ago HummingBad malware returns in new, more annoying variant

The Register View Synopsis+1
Is it a bird? Is it a plane? No, it's a HUMMINGWHALE

The HummingBad malware first discovered in February 2016 is making a return visit to the charts.

4 hours ago Furby Rickroll demo: what fresh hell is this?

The Register View Synopsis+1
Toy-makers, please quit this rubbish, you're NO GOOD at security

Here's your future botnet, world: connected kids toys that will Rickroll their owners while hosing big servers and guessing the nuclear codes.

5 hours ago IP: The Implementation Of Fragmentation

IT Toolbox Blogs View Synopsis+1
In the example code, procedure ipputp makes the decision about fragmentation:

8 hours ago Cisco WebEx Chrome extension allowed arbitrary code execution: Project Zero

ZDNet View Synopsis+1
Over 20 millions users were vulnerable to a remote code execution bug, and now, they are only vulnerable if Cisco falls foul of XSS.

10 hours ago Phone Cases are Keeping Smartphones Safer and Smarter

IT Toolbox Blogs View Synopsis+1

There are plenty of covers that can make sure your phone survives a chainsaw, but it doesn't stop there. New cases have been unveiled that are almost smarter than the phone itself. So why stop with your Doctor Who design if you could have a case that sees into the stars itself?

Here

10 hours ago AI and Its Role in Video and Image Manipulation

IT Toolbox Blogs View Synopsis+1

There are countless videos and images on the Net, with each one serving a different kind of purpose. Some types of videos are used as evidence for legal proceedings, while pictures may be used to document a key event. But while this type of media is known for its reliability, the rising popularity

10 hours ago Source Code for BankBot Android Trojan Leaks Online

SecurityWeek View Synopsis+1

The source code of Android banking Trojan BankBot, along with instructions on how to use it, recently emerged on a hacker forum, Doctor Web security researchers have discovered.

10 hours ago Online security 101: Tips for protecting your privacy from hackers and spies

ZDNet View Synopsis+1
This simple advice will help to protect you against hackers and government surveillance.

10 hours ago Sale of Core Yahoo Assets to Verizon Delayed

SecurityWeek View Synopsis+1

San Francisco - Yahoo said Monday that the closing of a $4.8 billion deal to sell its core internet assets to US telecom titan Verizon has been delayed several months.

11 hours ago 'Star Wars' Botnet Has 350,000 Twitter Bots

SecurityWeek View Synopsis+1

A newly discovered Twitter botnet has been lying dormant for over three years, although it includes more than 350,000 bot accounts, researchers at the University College London have discovered.

11 hours ago Virulent Android malware returns, gets >2 million downloads on Google Play

ArsTechnica View Synopsis+1
HummingWhale is back with new tricks, including a way to gin user ratings.

11 hours ago HHS Deputy CISO Spearheads Cybersecurity Effort

InfoRiskToday View Synopsis+1
Leo Scanlon, deputy CISO at the U.S. Department of Health and Human Services, will take a lead role as HHS sharpens its ongoing focus on cybersecurity issues, an effort that will continue under the Trump administration, he explains.

12 hours ago Saudi Arabia warns on cyber defense as Shamoon resurfaces

Yahoo Security View Synopsis+1

Saudi Arabia on Monday warned organizations in the kingdom to be on the alert for the Shamoon virus, which cripples computers by wiping their disks, as the labor ministry said it had been attacked and a chemicals firm reported a network disruption. An alert from the telecoms authority seen by Reuters advised all parties to be vigilant for attacks from the Shamoon 2 variant of the virus that in 2012 crippled tens thousands of computers at oil giant Saudi Aramco. Shamoon disrupts computers by overwriting the master book record, making it impossible for them to start up.