At this point, Ars readers have heard countless tales of computer users being forced to pay significant sums to unlock files encrypted with malicious ransomware. So we were a bit surprised when word started to trickle out about a new bit of ransomware that doesn’t ask for money. Instead, “Rensenware” forces players to get a high Read More …
Author: Fatima Kurth
New WikiLeaks dump: The CIA built Thunderbolt exploit, implants to target Macs
WikiLeaks today dumped a smaller subset of documents from its “Vault 7” collection of files from a CIA software developer server. . Yet again, these documents are more important from the perspective of WikiLeaks having them than for showing any revelatory content. The exploits detailed in these new files are for vulnerabilities that have largely Read More …
A simple command allows the CIA to commandeer 318 models of Cisco switches
Cisco Systems said that more than 300 models of switches it sells contain a critical vulnerability that allows the CIA to use a simple command to remotely execute malicious code that takes full control of the devices. There currently is no fix. Cisco researchers said they discovered the vulnerability as they analyzed a cache Read More …
Virtual machine escape fetches $105,000 at Pwn2Own hacking contest
Contestants at this year’s Pwn2Own hacking competition in Vancouver just pulled off an unusually impressive feat: They compromised Microsoft’s heavily fortified Edge browser in a way that escapes a VMware virtual machine it runs in. The hack fetched a prize of $105,000, the highest awarded so far over the past three days. According to Read More …
Payments Giant Verifone Investigating Breach
Credit and debit card payments giant Verifone [NYSE: PAY] is investigating a breach of its internal computer networks that appears to have impacted a number of companies running its point-of-sale solutions, according to sources. Verifone says the extent of the breach was limited to its corporate network and that its payment services network was not Read More …
Researchers uncover PowerShell Trojan that uses DNS queries to get its orders
Researchers at Cisco’s Talos threat research group are publishing research today on a targeted attack delivered by a malicious Microsoft Word document that goes to great lengths to conceal its operations. Based entirely on Windows PowerShell scripts, the remote access tool communicates with the attacker behind it through a service that is nearly never blocked: Read More …
Watershed SHA1 collision just broke the WebKit repository, others may follow
Thursday’s watershed attack on the widely used SHA1 hashing function has claimed its first casualty: the version control system used by the WebKit browser engine, which became completely corrupted after someone uploaded two proof-of-concept PDF files that have identical message digests. The bug resides in Apache SVN, an open-source version control system that WebKit Read More …
Serious Cloudflare bug exposed a potpourri of secret customer data
Cloudflare, a service that helps optimize the security and performance of more than 5.5 million websites, warned customers today that a recently fixed software bug exposed a range of sensitive information that could have included passwords and cookies and tokens used to authenticate users. A combination of factors made the bug particularly severe. First, Read More …
Newly discovered flaw undermines HTTPS connections for almost 1,000 sites
Encrypted connections established by at least 949 of the top 1 million websites are leaking potentially sensitive data because of a recently discovered software vulnerability in appliances that stabilize and secure Internet traffic, a security researcher said Thursday. The bug resides in a wide range of firewalls and load balancers marketed under the F5 Read More …
‘Top 10 Spammer’ Indicted for Wire Fraud
Michael A. Persaud, a California man profiled in a Nov. 2014 KrebsOnSecurity story about a junk email purveyor tagged as one of the World’s Top 10 Worst Spammers, was indicted this week on federal wire fraud charges tied to an alleged spamming operation. According to an indictment returned in federal court in Chicago, Persaud Read More …