The number of scams spreading through the messaging app WhatsApp keeps on increasing, reports Lucas Paus. And there’s already a new one in 2017.
The post Beware new WhatsApp scam offering “free internet without Wi-Fi” appeared first on WeLiveSecurity
Security fix for CVE-2017-5337, CVE-2017-5334, CVE-2017-5336, CVE-2017-5335
The Mailjet module integrates with a 3rd party system to deliver site-generated emails, including newsletters, system notifications, etc.
The Mailjet module included v5.2.8 of the PHPMailer library in its “includes” directory. Per PSA-2016-004, this version of the PHPMailer library was vulnerable to PHP code execution.
Per Drupal.org policy, 3rd party code should not be stored in drupal.org repositories.
Updating this module will require manual actions to replace the PHPMailer library as described in the README.txt file included in the release.
Drupal core is not affected. If you do not use the contributed module, there is nothing you need to do.
Install the latest version:
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
OpenLucius is a work management platform for social communication, documentation, and projects.
The distribution doesn’t sufficiently use tokens when marking messages for users as read thereby exposing a Cross Site Request Forgery (CSRF) vulnerability.
The distribution does not sufficiently filter taxonomy term names before outputting them to HTML thereby exposing a Cross Site Scripting (XSS) vulnerability. This vulnerability is mitigated by the fact that an attacker must have permissions to insert malicious taxonomy terms.
Drupal core is not affected. If you do not use the contributed OpenLucius News module, there is nothing you need to do.
Install the latest version:
Also see the OpenLucius News project page.
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Security fix for CVE-2017-5337, CVE-2017-5336
Just like most of you, I too really hate filling out web forms, especially on mobile devices.
To help make this whole process faster, Google Chrome and other major browsers offer “Autofill” feature that automatically fills out web form based on data you have previously entered in similar fields.
However, it turns out that an attacker can use this autofill feature against you and trick you
This module creates a new widget for taxonomy fields based on JQuery UI autocomplete.
The module doesn’t sufficiently escape the entered taxonomy terms thereby exposing a Cross Site Scripting (XSS) vulnerability. This vulnerability is mitigated by the fact that an attacker must have the permission to edit a taxonomy field.
Drupal core is not affected. If you do not use the contributed Autocomplete Deluxe module, there is nothing you need to do.
Install the latest version:
Also see the Autocomplete Deluxe project page.
The Drupal security team can be reached at security at drupal.org or via the contact form at https://www.drupal.org/contact.
Learn more about the Drupal Security team and their policies, writing secure code for Drupal, and securing your site.
Follow the Drupal Security Team on Twitter at https://twitter.com/drupalsecurity
Fix CVE-2016-9962 – Insecure opening of file-descriptor allows privilege escalation
—-
built docker @projectatomic/docker-1.12 commit 6009905
—-
built docker @projectatomic/docker-1.12 commit 97974ae
—-
built docker @projectatomic/docker-1.12 commit 7b5044b
This Tuesday, the Italian state police dismantled a cyber-espionage ring spearheaded by a brother and sister that sought to exert control over public institutions and administrations, professional studios, employers, and politicians. The network was able to access confidential information by installing a virus on victims’ computers, stealing information sensitive to financial institutions and state security.
Among those affected are former Prime Ministers Matteo Renzi and Mario Monti, as well as the president of the Central European Bank, Mario Draghi, as well as other individuals in possession of confidential information. Mayors, cardinals, regional presidents, economists, employers, and law enforcement officials are also on the list.
The investigation has been dubbed “Eye Pyramid”, after the particularly invasive malware that the suspects used to infiltrate the systems of the people they spied on.
These intrusions appear to have first surfaced in 2012, reaching 18,327 users with the theft of 1,793 passwords using a keylogger. This comes out to be around 87GB data. The method of infiltration was simple given the serious nature of the attack: the cybercriminal sent an email, the recipient opened it, and upon opening the email a software was installed on the device, giving access to its secret files.
Older versions of the malware with unknown origins (although possibly linked to Sauron) were probably used in 2008, 2010, 2011, and 2014 in various spear phishing campaigns.
In a hyperconnected world, with mounting tension between cybersecurity and cyber-espionage — we’ve recently seen a crossfire of accusations exchanged between major powers like the US, China, and Russia — these attacks appear to have special relevance to state security and the dangers it faces in the cyber world.
This attack, unprecedented in Italy, will continue to be under investigation and, according to authorities, may end up revealing connections to other cyberattacks carried out in other countries.
Protecting your confidential and sensitive data from cybercriminal networks and attacks such as ATPs is crucial in combatting the growing professionalization of cybercrime.
Advanced threats are no longer an issue when you’ve got an advanced cybersecurity solution like Adaptive Defense 360, the platform that connects contextual intelligence with defense operations to stay ahead of malicious behaviors and data theft. Protection systems are triggered and jump into action before the malware even has a chance to run.
Thwarting potential threats before they become a real problem is the only way to rest easy knowing that your information has not ended up falling into the wrong hands.
The post “Eye Pyramid”, the Cyber-Espionage Malware that has Italy Reeling appeared first on Panda Security Mediacenter.
Most smartphones have a built-in function that allows you to share the mobile internet connection with other people nearby. Acting very much like a traditional WiFi hotspot, mobile internet connection sharing turns your phone into a hub – authorised devices can then connect to your phone and share the data connection.
This “mobile hotspot” feature is particularly useful when your friends cannot get a reliable connection to their mobile network. Or when you need to get online with your laptop really quickly while “out and about”.
But just as you (should) secure your home network to prevent abuse and deter hackers, you need to take a few extra steps to keep yourself safe. If someone does manage to hack your mobile hotspot they may be able to steal the data stored on your phone – or run up a large phone bill simply by using up your data allowance.
When someone tries to connect to your mobile hotspot, they will be prompted to enter a password – which is exactly the same procedure as connecting to any other secure WiFi network. This password needs to be “complex” to prevent hackers from guessing it.
Android and iOS both generate long, complicated passwords by default, but it is worth checking your own settings to confirm. You must resist the urge to replace the password with something simple though – if you make it too easy for your friends to get connected, you also make it easier for hackers to jump online.
The Apple iPhone mobile hotspot requires a password at least eight characters long, but you should consider choosing something even longer that uses a combination of upper and lower case letters, mixed with numbers and punctuation marks (like ! Or ?) to deter dictionary attacks from “guessing” the password. The same password tip applies to smartphones running Android.
You can toggle the mobile hotspot function on and off – so it’s only available when you actually need it. You should always ensure the hotspot is toggled off when not in use to reduce the risk of unauthorised connections.
A few extra taps on the screen to enable the hotspot may be annoying – but nowhere near as frustrating as an unexpectedly high phone bill run up by people abusing your mobile data connection.
Both Android and iOS provide helpful on-screen indicators to show when your mobile hotspot is switched on, and how many devices are currently connected. You should keep an eye on that indicator – it will help you spot when someone is connecting without your permission.
If you do detect an unauthorised connection, turn the hotspot off, and change the password immediately. This will help to prevent your connection being hijacked again.
Using these three tips, you can greatly reduce the risk of becoming another mobile fraud victim. For more help securing your mobile device, download a free trial of Panda Mobile Security.
The post How to share your internet mobile connection safely appeared first on Panda Security Mediacenter.