Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

Comments

top

Apple's "warrant canary" disappears, suggesting new Patriot Act demands

Trailrunner7 Not accurate (3 comments)

This isn't accurate. The language just changed. It now says, "To date, Apple has not received any orders for bulk data." Read the graf on National Security Orders: https://www.apple.com/privacy/...

about 2 months ago
top

End of Windows XP Support Era Signals Beginning of Security Nightmare

Trailrunner7 Chord?? (646 comments)

"cuts the chord"? Are they dissecting sheet music now? Cripes.

more than 2 years ago
top

US Inadvertently Enabled Chinese Google Hackers

Trailrunner7 Olllddd (103 comments)

This is a month old, and Schneier has since backed off this assertion.

more than 4 years ago
top

Microsoft's Risky Tablet Announcement

Trailrunner7 Re:I don't understand... (338 comments)

How exactly can Microsoft be responding to an event that hasn't taken place yet (the Apple tablet announcement)? Is that "pre-sponding"?

more than 4 years ago
top

Spafford: Cybersecurity Czar Job is Useless

Trailrunner7 part of the story (2 comments)

It's also worth having a look at the blog posts that Spafford has written on this topic in the last few months. There's more background and context in there and some excellent reasoning on why this position is built to fail. http://www.cerias.purdue.edu/site/blog/

more than 4 years ago
top

Spammer Lance Atkinson Fined $16 Million

Trailrunner7 Re:Damn moronic 'anti-spam' laws. (100 comments)

According to the original documentation, 'In early 2008, a security company identified one botnet -- which it dubbed "Mega-D" -- that sent sparn promoting Affking's VPXL and King Replica products as the worst botnet in the world, accounting for 32% of all spam.'

The Mega-D botnet consisted at least 264,784 computers.

That's 264,784 UNAUTHORIZED COMPUTER ACCESS FELONIES.

Why the FUCK are we 'fining' someone who committed at least 264,784 felonies? We invade goddamn countries and charge people with war crimes for that level of criminality!

Anti-spam laws are nonsense. Forget the damn anti-spam laws. Lock them up for the felonies they're committing. Extradition would be a lot easier, too. (Of course, we could just find a few hundred IPs this guy hijacked in Australia, turn them over, and have him locked up there his entire life, instead.)

The laws are completely useless and always have been. They were passed to make consumers think that government is doing something. But the extradition and prosecution is a lot harder than it sounds, even when the criminal is in a friendly country like Australia. It takes forever and costs a lot of money, so the law enforcement agencies pass.

more than 4 years ago
top

The Root of the Botnet Epidemic

Trailrunner7 Bad isn't the word for it (2 comments)

I think people sort of lose focus on how bad this threat is. The scope of it is ridiculous. There are tens of millions of bot-infected machines out there, and I'd bet that 99% of the owners have no idea they're infected and wouldn't know what to do about it if they did. The bad guys are way ahead of the good guys on this and it's not clear when or how it will get better.

more than 4 years ago
top

TCP DoS Flaw Finally Patched by Microsoft, Cisco

Trailrunner7 Re:Closed source in a nutshell (3 comments)

I'm sure they do possess that knowledge, but that's got nothing to do with this. Microsoft, Cisco and all of the other vendors have the same, or higher, level of skill on their staffs but they other priorities, too. It's not a simple fix and didn't involve just one version of one product.

more than 5 years ago
top

Hackers send malware-infected CDs to credit unions

Trailrunner7 Re:If they really wanted it to work... (2 comments)

Excellent point. And that wouldn't be difficult to accomplish either, with a little money slipped to someone at the NCUA or something.

more than 5 years ago
top

Many sites use silent Flash cookies to track users

Trailrunner7 not Adobe's problem (2 comments)

I see this as the sites' failing, not a problem for Adobe to fix. It's their fault for not telling users what they're doing and how.

more than 5 years ago
top

New Linux kernel flaw allows null pointer exploits

Trailrunner7 Re:Other versions? (6 comments)

Right now it looks like just that version, but it won't be long I'd bet before others are testing it against older releases.

more than 5 years ago
top

Facebook Violates Canadian Privacy Law

Trailrunner7 Re:Draconian Laws (179 comments)

wait wait wait. They have computers in Canada?

more than 5 years ago
top

New Mac OS X rootkit to be revealed at Black Hat

Trailrunner7 Re:Oh noes! Macs can be attacked? (7 comments)

May not be many Macs in enterprises, but there are millions of them in homes, and they're just as valuable as bots as any windows box. And owning any box gets you access to banking passwords, whatever else.

more than 5 years ago
top

Hackers Find Remote iPhone Crack

Trailrunner7 Re:Misleading Title/Summary (114 comments)

Exactly. And this was on 2.0, and 3.0 is out already. Nothing to see here.

more than 5 years ago
top

US Plans To Bulldoze 50 Shrinking Cities

Trailrunner7 Re:Suggestion: (806 comments)

Are nominations still open? DC, B'more and Orlando should be at the top of the list. Maybe Dallas too.

more than 5 years ago
top

New attack exploits virtually all intranets, VPNs

Trailrunner7 Thanks IETF!! (1 comments)

I think this is similar to a problem that networking people have been dealing with for like 15 years. The main problem is in the RFC, which was written before there were hundreds of millions of machines on the interwebs.

more than 5 years ago
top

Schneier Says We Don't Need a Cybersecurity Czar

Trailrunner7 Re:Makes sense (173 comments)

That's exactly it. The czar concept in general is flawed, even in departments or industries that have a clear mission and control of that mission. Neither is true in cyber security. We don't need another figurehead creating the illusion of action.

more than 5 years ago
top

Snow Leopard security not good enough

Trailrunner7 Apple doesn't care security (2 comments)

Apple has clearly shown it's not interested in security. If it were, it wouldn't wait and release 49 patches at once or only include portions of ASLR in OS X.

more than 5 years ago

Submissions

top

Thousands of Compromised Joomla, WordPress Plugins and Themes Used in Attack

Trailrunner7 Trailrunner7 writes  |  3 days ago

Trailrunner7 (1100399) writes "Researchers have discovered a group of attackers who have published a variety of compromised WordPress themes and plug-ins on legitimate-looking sites, tricking developers into downloading and installing them on their own sites. The components then give the attackers remote control of the compromised sites and researchers say the attack may have been ongoing since September 2013.

CryptoPHP is the name the researchers have given to the malware that’s delivered with the compromised components, and the backdoor has a number of capabilities. It carries with it several hardcoded domains for command-and-control communications and uses RSA encryption to protect its communications with the C2 servers. Some versions also have a backup ability to communicate over email if the C2 domains are taken down. The PHPCrypto malware can update itself, inject content into the compromised sites it sits on and perform several other functions.

But the main purpose of the malware is to conduct blackhat SEO operations. The goal of these campaigns is to jack up the rank of sites controlled by the attackers, or their customers, which helps them look legitimate. This is done sometimes for gambling sites or similar sites and can also be tied to other scams.

The researchers have traced the attack to an IP address in Moldova, and the C2 servers are located in the Netherlands, Germany, Poland and the United States. Fox-IT said that they have identified thousands of plug-ins that have been backdoored, including both WordPress and Joomla plug-ins and themes and Drupal themes."
top

Nasty Code Execution Bug Found in Android

Trailrunner7 Trailrunner7 writes  |  4 days ago

Trailrunner7 (1100399) writes "There is a vulnerability in Android versions below 5.0 that could allow an attacker to bypass ASLR and run arbitrary code on a target device under certain circumstances. The bug was fixed in Lollipop, the newest version of the mobile OS, released earlier this week.

The vulnerability lies in java.io.ObjectInputStream, which fails to check whether an object that is being deserialized is actually a serialized object. Security researcher Jann Horn discovered the vulnerability and reported it to Google earlier this year.

Horn said via email that the exploitability of the vulnerability is difficult to judge.

“An attacker would need to get a malicious app onto the device in order for this to work. The app would need no permissions,” he said. “However, I don’t have a full exploit for this issue, just the crash PoC, and I’m not entirely sure about how predictable the address layout of the system_server really is or how easy it is to write a large amount of data into system_server’s heap (in order to make less accurate guesses for the memory position work). It might be necessary to crash system_server once in order to make its memory layout more predictable for a short amount of time, in which case the user would be able to notice the attack, but I don’t think that’s likely.”"
top

Zero Day in iOS Used in WireLurker Attacks Disclosed

Trailrunner7 Trailrunner7 writes  |  about two weeks ago

Trailrunner7 (1100399) writes "The vulnerability used in the WireLurker attacks has been uncovered and was reported to Apple in July but has yet to be patched, a researcher at FireEye said.

Today’s disclosure of the Masque attack, which affects iOS 7.1.1, 7.1.2, 8.0, 8.1, and 8.1.1 beta, revealed that Apple mobile devices are not only exposed over USB as with WireLurker, but can also be taken over remotely via a SMS or email message pointing a victim toward a malicious app.

The vulnerability allows an attacker to swap out a legitimate iOS app with a malicious one without the user’s knowledge. Researcher Tao Wei, a senior staff research scientist at FireEye, said Apple’s enterprise provisioning feature does not enforce matching certificates for apps given identical bundle identifiers. Enterprise provisioning is an Apple developer service that allows enterprise iOS developers to build and distribute iOS apps without having to upload the app to Apple. Attacks can be successful against jailbroken and non-jailbroken devices.

“We have seen clues this vulnerability has been circulated, so we had to disclose it,” Wei told Threatpost this morning."
top

Darkhotel APT Crew Targets Top Executives in Long-Term Campaign

Trailrunner7 Trailrunner7 writes  |  about two weeks ago

Trailrunner7 (1100399) writes "APT groups tend to be grouped together in a large amorphous blob of sinister intentions and similar targets, but not all APT crews are created equal. Researchers have identified a group that’s been operating in Asia for at least seven years and has been using hotel networks as key infection points to target top executives at companies in manufacturing, defense, investment capital, private equity, automotive and other industries.

The group, which researchers at Kaspersky Lab are calling Darkhotel, has access to zero day vulnerabilities and exploits and has shown a willingness to use them in situations where the zero days might be discovered. One of the zero days the group has used is a Flash vulnerability that was disclosed in February.

“This crew occasionally deploys 0-day exploits, but burns them when required. in the past few years, they deployed 0-day spear-phishing attacks targeting Adobe products and Microsoft internet Explorer, including cve-2010-0188. in early 2014, our researchers exposed their use of cve-2014-0497, a Flash 0-day described on Securelist in early February,” the Darkhotel report says.

The Darkhotel group has been operating mainly in Asian countries, but there have been infections recorded in the United States, South Korea, Singapore, Germany, Ireland and many others, as well. The key infection method for this group is the compromise of WiFi networks in business hotels. When users connect to the network, they are presented with a dialog box prompting them to install a fake update, typically something that looks legitimate, such as Adobe Flash. If a victim agrees to install the fake update, he instead receives a digitally signed piece of malware, courtesy of the attackers. The malware has keylogging and other capabilities and steals information, which is then sent back to the attackers."
top

More Tor .Onion Sites May Get Digital Certificates Soon

Trailrunner7 Trailrunner7 writes  |  about two weeks ago

Trailrunner7 (1100399) writes "News broke last week that Facebook had built a hidden services version of its social network available to users browsing anonymously via the Tor Project’s proxy service. Unlike any .onion domain before it, Facebook’s would be verified by a legitimate digital signature, signed and issued by DigiCert.

Late yesterday, Jeremy Rowley, DigiCert’s vice president of business development and legal, explained his company’s decision to support this endeavor in a blog entry. He also noted that DigiCert is considering opening up its certification business to other .Onion domains in the future.

“Using a digital certificate from DigiCert, Tor users are able to identify the exact .onion address operated by Facebook,” Rowley explained. “Tor users can evaluate the digital certificate contents to discover that the entity operating the onion address is the same entity as the one operating facebook.com.”"
top

NSA Director Says Agency Shares Most, But Not All, Bugs it Finds

Trailrunner7 Trailrunner7 writes  |  about three weeks ago

Trailrunner7 (1100399) writes "When the National Security Agency discovers a new vulnerability that looks like it might be of use in penetrating target networks, the agency considers a number of factors, including how popular the affected software is and where it’s typically deployed, before deciding whether to share the new bug. The agency shares most of the bugs it finds, NSA Director Mike Rogers said, but not all of them.

Speaking at an event at Stanford University, Rogers said that the NSA has been told by President Barack Obama that the default decision should be to share information on new vulnerabilities.

“The president has been very specific to us in saying, look, the balance I want you to strike will be largely focused on when you find vulnerabilities, we’re going to share them. By orders of magnitude, when we find new vulnerabilities, we share them,” Rogers said.

“He also said, look, there are some instances when we’re not going to [share vulnerability information]. The thought process as we go through this policy decision, the things we tend to look at are, how foundational and widespread is this potential vulnerability? Who tends to use it? Is it something you tend to find in one nation state? How likely are others to find it? Is this the only way for us to generate those insights we need or is there another alternative we could use?” Rogers said. “Those answers shape the decision.”"
top

Drupal Warns Users of Mass, Automated Attacks on Critical Flaw

Trailrunner7 Trailrunner7 writes  |  about three weeks ago

Trailrunner7 (1100399) writes "The maintainers of the Drupal content management system are warning users that any site owners who haven’t patched a critical vulnerability in Drupal Core disclosed earlier this month should consider their sites to be compromised.

The vulnerability, which became public on Oct. 15, is a SQL injection flaw in a Drupal module that’s designed specifically to help prevent SQL injection attacks. Shortly after the disclosure of the vulnerability, attackers began exploiting it using automated attacks. One of the factors that makes this vulnerability so problematic is that it allows an attacker to compromise a target site without needing an account and there may be no trace of the attack afterward."
top

Former NSA Lawyer: Cyberespionage Is a Problem That Doesn't Have a Solution

Trailrunner7 Trailrunner7 writes  |  about three weeks ago

Trailrunner7 (1100399) writes "Gentlemen may not read each other’s mail, as Henry Stimson famously said so long ago, but in today’s world they certainly steal it and there’s precious little in the way of gentlemanly conduct happening in the realm of cyberespionage. It’s every man—or country—for himself in this environment, and that free-for-all is creating unforeseen consequences for governments and their citizens around the world.

“This isn’t a problem that can be solved. Don’t think it has a solution,” Joel Brenner, former head of national counterintelligence at the Office of the Director of National Intelligence and former senior counsel at the NSA, said in a keynote speech at the Kaspersky Government Cybersecurity Forum here Tuesday. “We are economically interdependent with the Chinese in an extraordinary way.”

The animosity between the U.S. and China and other countries over cyberespionage and the theft of intellectual property has been simmering for several years now, and it has resulted in plenty of vague assertions and accusations from both sides, and some not-so-vague ones as well. U.S. officials maintain that American intelligence agencies don’t use their attacks on foreign adversaries in order to gain economic advantages for American companies, something that they say China and other governments do on a regular basis.

Still, experts say it’s difficult to know exactly who’s doing what to whom.

“I don’t think anyone’s hands are clean,” said Howard Schmidt, former White House cybersecurity adviser under President Barack Obama and a former security adviser to President George W. Bush."
top

Researcher Finds Tor Exit Node Adding Malware to Downloads

Trailrunner7 Trailrunner7 writes  |  about a month ago

Trailrunner7 (1100399) writes "A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services.

Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. Downloading any kind of file from the Internet is a dodgy proposition these days, and many users know that if they’re downloading files from some random torrent site in Syria or The Marshall Islands, they are rolling the dice. Malware runs rampant on these kinds of sites.

But the scenario that worries security experts much more involves an attacker being able to control the download mechanism for security updates, say for Windows or OS X. If an attacker can insert malware into this channel, he could cause serious damage to a broad population of users, as those update channels are trusted implicitly by the users’ and their machines. Legitimate software vendors typically will sign their binaries and modified ones will cause verification errors. What Pitts found during his research is that an attacker with a MITM position can actively patch binaries–if not security updates–with his own code.

In terms of defending against the sort of attack, Pitts suggested that encrypted download channels are the best option, both for users and site operators.

“SSL/TLSis the only way to prevent this from happening. End-users may want to consider installing HTTPS Everywhere or similar plugins for their browser to help ensure their traffic is always encrypted,” he said via email."
top

Cisco Fixes Three-Year-Old Telnet Flaw in Security Appliances

Trailrunner7 Trailrunner7 writes  |  about 1 month ago

Trailrunner7 (1100399) writes "There is a severe remote code execution vulnerability in a number of Cisco’s security appliances, a bug that was first disclosed nearly three years ago. The vulnerability is in Telnet and there has been a Metasploit module available to exploit it for years.

The FreeBSD Project first disclosed the vulnerability in telnet in December 2011 and it was widely publicized at the time. Recently, Glafkos Charalambous, a security researcher, discovered that the bug was still present in several of Cisco’s security boxes, including the Web Security Appliance, Email Security Appliance and Content Security Management Appliance. The vulnerability is in the AsyncOS software in those appliances and affects all versions of the products."
top

Schmidt Says Attack on Google Prompted Encryption Changes

Trailrunner7 Trailrunner7 writes  |  about a month and a half ago

Trailrunner7 (1100399) writes "Eric Schmidt, executive chairman of Google, said that the changes to Android's encryption model, which have angered law enforcement officials, should have come as no surprise to law enforcement and government agencies, given the events of the last couple of years.

“The people who are criticizing this should’ve expected this. After Google was attacked by the British version of the NSA we were annoyed to no end,” Schmidt said. “We put in encryption end to end, at rest and in transit. Law enforcement has many many ways to get this information without doing this.”

After the details of Apple’s and Google’s encryption changes became public, some in the law enforcement community have suggested that the companies should include a backdoor in their devices. Both Sen. Ron Wyden and Schmidt dismissed this suggestion out of hand.

“U.S. companies shouldn’t be forced to build backdoors into their products,” Wyden said."
top

Twitter Sues DoJ Over Restrictions on National Security Letter Data

Trailrunner7 Trailrunner7 writes  |  about a month and a half ago

Trailrunner7 (1100399) writes "Twitter has filed a lawsuit in federal court asking that the United States Department of Justice’s prohibitions on publishing the number and kind of government requests for data the company receives be declared unconstitutional. The suit claims that the rules infringe on Twitter’s right to free speech by requiring that the company “engage in speech that has been preapproved by government officials or else to refrain from speaking altogether.”

The move by Twitter is the first public shot across the bow of the FBI and Justice Department on this issue. Many companies, including Google, Microsoft, Apple and others, have been pressing the government for the ability to publish detailed information about the scope of the requests they receive for user data. The government so far has said that companies can publish only broad ranges of numbers about the volume of National Security Letters they receive, which only gives a vague picture of the situation.

"Twitter’s ability to respond to government statements about national security surveillance activities and to discuss the actual surveillance of Twitter users is being unconstitutionally restricted by statutes that prohibit and even criminalize a service provider’s disclosure of the number of national security letters (“NSLs”) and court orders issued pursuant to FISA that it has received, if any," the suit says."
top

DARPA Working on 'Unhackable' Embedded Software

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "DARPA is the birthplace of the network that eventually became today’s Internet, and the agency has spent the decades since it released that baby out into the world trying to find new ways defend it. That task has grown ever more complex and difficult, and now DARPA is working on a new kind of software that is provably secure for specific properties.

Arati Prabhakar, the director of DARPA, said that the agency, which performs advanced research and development for the United States military and government, has been working on the software in the hopes that it can run on some embedded systems. The software isn’t meant as a general purpose operating system for servers or desktops, but Prabhakar said that the agency believes it has plenty of applications.

“Unfortunately there’s not going to be a silver bullet. There are pieces of this we think can become tractable. One of our programs is working on software that’s unhackabale for specific security properties,” said Prabhakar, who was speaking at the Washington Post Cybersecurity Summit on Wednesday. “We’re working on a mathematical proof that the software can’t be hacked from the outside. It’s for embedded systems with a modest number of lines of code.”"
top

Google to Pay Researchers Extra Cash for Exploits

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "Google is again increasing the amount of money it offers to researchers who report vulnerabilities in Chrome as part of the company’s bug bounty program. Now, researchers will be able to earn $15,000 at the high end of the scale, and Google also is offering more cash for researchers who can submit a working exploit for their vulnerability submission.

The range for Google’s vulnerability reward program is now $500-$15,000, and there are a number of factors that go into the company’s decision on what to pay a researcher for a submission. Much of it has to do with the severity of the vulnerability and the likelihood that it will affect a large number of users.

“We’ll pay at the higher end of the range when researchers can provide an exploit to demonstrate a specific attack path against our users. Researchers now have an option to submit the vulnerability first and follow up with an exploit later," Google's Tim Willis said."
top

FBI Plans to Open Up Malware Analysis Tool to Outside Researchers

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "The FBI has developed an internal malware-analysis tool, somewhat akin to the systems used by antimalware companies, and plans to open the system up to external security researchers, academics and others.

The system is known as Malware Investigator and is designed to allow FBI agents and other authorized law enforcement users to upload suspicious files. Once a file is uploaded, the system runs it through a cluster of antimalware engines, somewhat akin to the way that Virus Total handles submissions, and returns a wide variety of information about the file. Users can see what the detection rate is among AV engines, network connection attempts, whether the file has been seen by the system before, destination and source IP addresses and what protocols it uses.

Right now, Malware Investigator is able to analyze Windows executables, PDFs and other common file types. But Burns said that the bureau is hoping to expand the portal’s reach in the near future.

“We are going to be doing dynamic analysis of Android files, with an eye toward other operating systems and executables soon,” he said."
top

Google Funds New Group to Improve Usability of Open Source Security Tools

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "The dramatic revelations of large-scale government surveillance and deep penetration of the Internet by intelligence services and other adversaries have increased the interest of the general public in tools such as encryption software, anonymity services and others that previously were mainly of interest to technophiles and activists. But many of those tools are difficult to use and present major challenges for users, so to help improve the usability of these applications, Google, Dropbox and others are supporting a new project called Simply Secure.

The project is focused on making open-source security and privacy tools easier to use and to remove some of the pain of using crypto packages, off-the-record messaging and other tools that protect users online. The organization’s activities will center on bringing developers of open source security tools together with usability researchers and experts to help solve the difficult problems the developers face. Many open source projects are run by volunteers who don’t have the time or resources to tackle these issues on their own."
top

NSA Director Says Agency is Still Trying to Figure Out Cyber Operations

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "In a keynote speech at a security conference in Washington Tuesday, new NSA Director Mike Rogers emphasized a need to establish behavioral norms for cyber war.

“We’re still trying to work our way through distinguishing the difference between criminal hacking and an act of war,” said Rogers. “If this was easy, we would have figured it out years ago. We have a broad consensus about what constitutes an act of war, what’s an act of defense.”

Rogers went on to explain that we need to better establish standardized terminology and standardized norms like those that exist in the realm of nuclear deterrence. Unfortunately, unlike in traditional national defense, we can not assume that the government will be able to completely protect us against cyber-threats because the threat ecosystem is just too broad."
top

Major Android Flaw Lets Attackers Bypass Same Origin Policy

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "There’s a serious vulnerability in pre-4.4 versions of Android that allows an attacker to read the contents of other tabs in a browser when a user visits a page the attacker controls. The flaw is present in a huge percentage of the Android devices in use right now, and there’s now a Metasploit module available to exploit the vulnerability.

The vulnerability was first disclosed in late August, but there has not been much in the way of public discussion of it. Exploiting the flaw is a straightforward matter and allows the attacker to bypass the same-origin policy in the Android browser.

  “What this means is, any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page. Imagine you went to an attackers site while you had your webmail open in another window — the attacker could scrape your e-mail data and see what your browser sees. Worse, he could snag a copy of your session cookie and hijack your session completely, and read and write webmail on your behalf.”"
top

Research Finds No Large-Scale Exploits of Heartbleed Before Disclosure

Trailrunner7 Trailrunner7 writes  |  about 2 months ago

Trailrunner7 (1100399) writes "In the days and weeks following the public disclosure of the OpenSSL Heartbleed vulnerability in April, security researchers and others wondered aloud whether there were some organizations–perhaps the NSA–that had known about the bug for some time and had been using it for targeted attacks. A definitive answer to that question may never come, but traffic data collected by researchers on several large networks shows no large-scale exploit attempts in the months leading up to the public disclosure.

“For all four networks, over these time periods our detector found no evidence of any exploit attempt up through April 7, 2014. This provides strong evidence that at least for those time periods, no attacker with prior knowledge of Heartbleed conducted widespread scanning looking for vulnerable servers. Such scanning however could have occurred during other time periods.”

That result also doesn’t rule out the possibility that an attacker or attackers may have been doing targeted reconnaissance on specific servers or networks. The researchers also conducted similar monitoring of the four networks, and noticed that the first attempted exploits occurred within 24 hours of the OpenSSL disclosure."
top

Twitter Launches Bug Bounty Program

Trailrunner7 Trailrunner7 writes  |  about 3 months ago

Trailrunner7 (1100399) writes "Twitter is the latest major Internet company to establish a bug bounty program, and has put no upper limit on the bounty that a researcher can earn for reporting a vulnerability.

The company announced on Wednesday that it will operate its bounty program through the HackerOne platform, a bug bounty system that enables vendors to access a pool of hundreds of researchers who perform authorized research against a company’s products. HackerOne is used by a number of prominent companies, including Square, Yahoo and CloudFlare and also is the platform that supports the Internet Bug Bounty.

Twitter’s bug bounty program will pay researchers for finding vulnerabilities in its main Web site and the Twitter apps for iOS and Android. The types of vulnerabilities that are in scope for the program include XSS, CSRF, remote code execution, unauthorized access to private tweets or direct messages.

- See more at: http://threatpost.com/twitter-..."

Journals

Trailrunner7 has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?