Posted by Pedro Ribeiro on May 05
tl;dr heap and integer overflows in ICU, many packages affected,
unknown if these can be exploited or not – everyone names vulns
nowadays, so I name these I-C-U-FAIL.
Hi,
I have found two vulnerabilities in the ICU library while fuzzing
LibreOffice, full details in the advisory below.
Disclosure of these was done initially to LibreOffice and then to
distro-security. I then reported it to Chromium, Android and finally
CERT, so I ended up…
Microsoft is set to introduce a new update system for Windows 10 that will effectively do away with Patch Tuesday.
The post Microsoft to overhaul security updates for Windows 10 appeared first on We Live Security.
A breakthrough in e-voting from the University of Birmingham suggests that the old ballot box tradition may come to an end in time for future votes across the UK.
The post Online democracy by 2020? University reveals e-voting security breakthrough appeared first on We Live Security.
The cosmetic retailer states that it is investigating “reports of unusual activity” on payment cards used at some of their U.S. Sally Beauty retail stores.
“Since learning of these reports, we have been working with law enforcement and our credit card processor and have launched a comprehensive investigation with the help of a leading third-party forensics expert to aggressively gather facts while working to ensure our customers are protected,” the company says in a statement. “Until this investigation is completed, it is difficult to determine with certainty the scope or nature of any potential incident, but we will continue to work vigilantly to address any potential issues that may affect our customers.”
In last year’s beach more than 25,000 records of Sally Beauty customers were affected, including sensitive information like payment card numbers and security codes. The data went on sale on Rescator, a rather popular underground crime store.
Customers who are concerned about the security of their payment cards are advised to call the companies Customer Service Hotline, where the individual concerns will be addressed. Once available further updates will also be released on sallybeautyholdings.com.
For further information read the companies official statement over here or find out more about last year’s hack.
The post Was Sally Beauty Hacked Yet Again? appeared first on Avira Blog.
The good performance and the excellence of Panda Security has been recognized by ICSA (International Computer Security Association) because of having received quality certifications on their products for the last 15 years.
Panda Security received the 15 year ICSA Labs’ Excellence in Information Security Testing (EIST) Awards which recognizes Panda’s “outstanding achievements” maintaining the quality certification of their products during these 15 years.
Stephen Gaus, ICSA Labs Business Development gave the award to Luis Corrons, Technical Director of Panda Labs during the RSA 2015 Conference in San Francisco.
This distinction recognizes the resources, dedication and efforts invested by Panda Security to maintain this certification. Also highlights the “willingness to persevere the quality” of their products to benefit their customers and the security universe.
Congratulations to all! 
The post ICSA stands out Panda Security for 15 years of excellence appeared first on MediaCenter Panda Security.
Buffer and integer overflow vulnerabilities have been patched in the ICU Project ICU4C library, used in hundreds of open source and enterprise software packages.
The idea of needing to disable a computer quickly as the police–or another potential adversary–comes through the door typically has been the concern of criminals. But in today’s climate activists, journalists, and others may find themselves wanting to make their laptops unusable in short order, and that’s where usbkill comes in. The new tool is a […]
A single denial-of-service attack (DDoS) can make medium and large companies loose tens or hundreds of thousands of euros, according to most studies published in recent months.
As we have mentioned before, this kind of attacks consist on saturating the servers that store the files of a platform or web service. As a result, the access to the servers is suspended with the resulting interruption in the exchange of information.
Cybercriminals used tools or malware installed in one or several computers to perpetrate their crimes so far, but now they have expanded their horizons. Recently, Chinese researchers have found that criminals can launch DDoS through printers, webcams or even routers.
Asian experts have analyzed one of the greatest denial-of-service attacks that has ever happened. It took place in December 2014 and paralyzed the online gaming services of Sony and Microsoft for several days.
According to this investigation, the 30% of the devices accessing the servers until they were blocked were connected to the network. Cybercriminals had taken over the routers using a malware that attacked devices with weak passwords or security holes.
However, now is not even necessary to install any malware. Experts have identified an increasing technique that controls these devices based on the SSDP communication protocol, a channel mainly used by these peripherals to communicate with computers.
The SSDP is designed to send information, feature that the attackers use as leverage. If many printers send information repeatedly to the server where the web page is hosted, the outcome is likely to be a DDoS which will make the site crash.
Since this technique is so simple, it has a huge potential to be spread. It is easier to control these devices than a computer, and the amount of routers, printers and other office devices an attacker might use increases the efficiency of the attack.
Furthermore, the possibilities grow with the arrival of the Internet of Things in companies and homes. Smart TVs, thermostats and even cars are open doors for cybercriminals.
Although is difficult to avoid DDoS, it is possible (and we advise you should) to monitor the passwords to connect any device to the network. At least, we will be able to discourage cybercriminals from attacking.
The post When printers and routers become weapons to make web pages fall appeared first on MediaCenter Panda Security.
Mediacoder version 0.8.34.5716 SEH buffer overflow exploit.
We are sure you guys have a lot of questions as to how an antivirus company works. That’s why we’re happy to announce that Carlos Valero Llabata, our Manager for the Virus Lab Detection Service, will be doing an Ask Me Anything on Reddit, the extremely popular gathering place/social networking/news website.
The IAmA will take place on the Mai 12th and start at 16:00 CEST. Once the Ask Me Anything on Reddit is live, we will update this post with a link, so that you can’t miss it and start posting your questions.
AMA is an acronym and means “Ask Me Anything”. On Reddit it basically offers the opportunity to interview people, but in a new way. “IAmA” is the traditional way of beginning the description of who you are; “AMA” is the traditional way of ending the description. Carlos will begin the process by starting a short introduction post. Then it’s your turn: You can leave questions and vote on other questions according to which ones you would like to see answered. You can ask any question you want. Take a look at some of the old or running AMAs if you are still unsure, it’s a lot of fun.
This doesn’t sound too hard, right? So gather your questions – we’ll see you in a week on /r/IAmA/ !
The post Ask Me Anything (on Reddit) with Avira appeared first on Avira Blog.
