Apple has hired cryptography pioneer Jon Callas for a third time. Callas, who previously at Apple helped design and implement encryption systems for Macs, was most recently at Silent Circle.
Tag Archives: Privacy
LinkedIn is Latest Contributor to Breach Fatigue
Expert Troy Hunt waxes on last week’s LinkedIn data dump of 117 million credentials and how it reflects on a new breed of hackers.
Instagram Patches Brute-Force Authentication Flaws
Facebook paid researcher Arne Swinnen a $5,000 bounty for a pair of authentication vulnerabilities in Instagram that enabled brute-force attacks against usernames and passwords.
Google Allo a Clash of Privacy and Functionality
Google Allo has an end-to-end encryption capability powered by Signal, but it’s not turned on by default because it would interfere with an artificial intelligence powering Google Assistant.
LinkedIn Slams Breach Data Reseller With Cease and Desist Order
LinkedIn is striking back against websites that are attempting to monetize the 117 million usernames and passwords stolen from the company as part of a 2012 data breach.
Facebook Sued for illegally Scanning Users' Private Messages
Facebook is in trouble once again regarding its users’ privacy.
Facebook is facing a class-action lawsuit in Northern California over allegations that the company systematically scans its users’ private messages on the social network without their consent and makes the profit by sharing the data with advertisers and marketers.
<!– adsense –>
According to the lawsuit filing, Facebook might
2012 LinkedIn Breach Just Got a Lot Worse: 117 Million New Logins For Sale
More than 100 million LinkedIn usernames and passwords for sale on dark web as 2012 breach comes back to haunt business-savvy social network.
Scope of Gaping Android Security Hole Grows
Security researchers at Skycure are upping the ante on a vulnerability that it says now leaves 95.4 percent of all Android devices vulnerable to an attack that hands over control of a phone or tablet to an attacker.
Ransomware criminals should be “shot at sunriseâ€
Should be “Shot at sunrise” is the opinion of U.S. politician Michael C.Burgess, the representative for Texas, when talking about the cybercriminals who distribute ransomware that victimizes consumers and businesses.
Ransomware, malicious software designed to block access to a computer system until a sum of money is paid, and the use of exploit kits to distribute it, are adding new challenges to threat detection and protection. And now Angler, an exploit kit, which has been a known Internet threat since 2013, is being used to distribute ransomware. With the sole intent of installing ransomware on victim’s machines.
Our AVG Web Threats team is tracking these widespread ransomware attacks being delivered by the Angler crimeware exploit kit.
The use of exploit kits to distribute ransomware is a new trend – one that could cause widespread ransomware distribution. Exploit kits are software packages readily available for sale and are used by malicious operators to easily create malware that performs a wide variety of malicious functions. The malware is installed on hacked web servers and attacks the machines of visitors to web sites, in many instances, without their knowledge.
There is a common misperception that web users are only at risk if they browse risky sites, however, hacked sites are often brand names and appear safe. Small business sites in particular can be prime targets because they have less security and their visitors typically know the company and trust their brand.
The malware on these sites seeks out vulnerabilities in commonly used tools that improve website experiences, such as Flash, Silverlight and other software that employs Java and PDF-format files. The malware then runs malicious code on the visitors’ machine to install ransomware, backdoors and Spybot clients.
Our AVG Web Threats team has researched a particular instance of a Java exploit commonly found in association with Angler. This threat is detected by AVG, which we’ve been detecting since January. AVG customers who participate in anonymous threat sharing reported 6,123 hacked domains serving Angler in January, 8,260 in February and 4,412 in March.
Angler ransomware installs
TeslaCrypt is the most common type of ransomware installation currently that’s associated with Angler, according to our AVG Web Threats team analysis of this threat. TeslaCrypt encrypts users’ files, including writeable shares, and messages the user to extort payment for recovering the encrypted data. Paying the ransom to unlock files typically does not result in the recovery of the files.
Below are screen shot examples of ransomware attacks that attempt to extort $1,000 USD, payable through the untraceable currency of bitcoins.
Backdoor installs
Our AVG Web Threats team track the Angler-infected host machines have also tracked incidences of downloading malware known as backdoor malcode (commonly Bedep). Backdoor, or Bedep, can snatch passwords and personal confidential data from visitors’ machines.
Protecting your desktop
AVG recommends that consumers and businesses take the following preventive measures:
- Frequently backup data and important files; do not leave the backup device connected to the machine
- Ensure that security software, such as AVG, is up to date
- Ensure that Windows updates are downloaded and installed; doing this automatically is recommended.
- Update browsers and ensure you are using the latest versions available
Protecting web servers
Malicious code from the Angler exploit kit is initially installed on the web pages of vulnerable servers. For businesses, standard security precautions and monitoring are the basic defense. Researchers find a large number of Angler injections on WordPress and Apache servers – these should be given an extra measure of scrutiny.
- Ensure all Operating System patches and updates are applied quickly
- Regularly review and assess the state of 3rd party software running on the server. For example, vulnerabilities in packages like WordPress are particularly important, as these are common attack vectors
- Consider removing site content and 3rd party software that is out of date or not being used
- Keep backups of websites in a safe place (not on a shared directory); offsite backups are best
- Monitor web pages for unexpected and unauthorized changes
- Keep antivirus and other security software, such as AVG, updated
- Consider using intrusion detection applications, such as AVG
Our AVG Web Threats team continue to monitor and track threats such as Angler, so that we can deliver the security you need to keep your devices and businesses safe.
Microsoft Quietly Kills Controversial Wi-Fi Sense Feature
Later this summer, when Microsoft rolls out a massive update to Windows 10 called Anniversary Edition, notably missing will be the controversial Wi-Fi Sense feature.