iPhone: Google has updated the Chrome browser for iOS with a new download feature. It also gets better support for the iPhone 6/6+. Read more…
See more here:
Chrome for iOS Now Downloads and Save Files in Supported Applications
Tag: exploit
NASA’s JPL Develops Multi-Metal 3D Printing Process
yyzmcleod (1534129) writes The technology to 3D print a single part from multiple materials has been around for years, but only for polymer-based additive manufacturing processes. For metals, jobs are typically confined to a single powdered base metal or alloy per object. However, researchers at NASA’s Jet Propulsion Laboratory say they have developed a 3D printing technique that allows for print jobs to transition from one metal to another in a single object. From the article: In JPL’s technique, the build material’s composition is gradually transitioned as the print progresses. For example, the powdered build material might contain 97 percent titanium alloy and 3 percent stainless steel at the beginning of the transition. Then, in 1 percent increments between layers, the gradient progresses to 97 percent stainless steel and 3 percent Ti alloy by some defined point in the overall 3D printing process. Read more of this story at Slashdot.
See the article here:
NASA’s JPL Develops Multi-Metal 3D Printing Process
Over 300,000 Servers Remain Vulnerable To Heartbleed
An anonymous reader writes “Even though it’s been a couple months since the Heartbleed bug was discovered, many servers remain unpatched and vulnerable. “Two months ago, security experts and web users panicked when a Google engineer discovered a major bug — known as Heartbleed — that put over a million web servers at risk. The bug doesn’t make the news much anymore, but that doesn’t mean the problem’s solved. Security researcher Robert David Graham has found that at least 309, 197 servers are still vulnerable to the exploit. Immediately after the announcement, Graham found some 600, 000 servers were exposed by Heartbleed. One month after the bug was announced, that number dropped down to 318, 239. In the past month, however, only 9, 042 of those servers have been patched to block Heartbleed. That’s cause for concern, because it means that smaller sites aren’t making the effort to implement a fix.”” Read more of this story at Slashdot.
Original post:
Over 300,000 Servers Remain Vulnerable To Heartbleed
Microsoft’s Office Online–the free, web-based version of Word, Excel, PowerPoint and OneNote–is he
Microsoft’s Office Online —the free, web-based version of Word, Excel, PowerPoint and OneNote—is headed for the Chrome Web Store as a series of apps. Read more…
View the original here:
Microsoft’s Office Online–the free, web-based version of Word, Excel, PowerPoint and OneNote–is he
Stung By File-Encrypting Malware, Researchers Fight Back
itwbennett (1594911) writes “When Jose Vildoza’s father became the victim of ransomware, he launched his own investigation. Diving into CryptoDefense’s code, he found its developers had made a crucial mistake: CryptoDefense used Microsoft’s Data Protection API (application programming interface), a tool in the Windows operating system to encrypt a user’s data, which stored a copy of the encryption keys on the affected computer. Vildoza and researcher, Fabian Wosar of the Austrian security company Emsisoft, collaborated on a utility called the Emsisoft Decrypter that could recover the encrypted keys. In mid-March Vildoza had launched a blog chronicling his investigation, purposely not revealing the mistake CryptoDefense’s authors had made. But Symantec then published a blog post on March 31 detailing the error.” Read more of this story at Slashdot.
More:
Stung By File-Encrypting Malware, Researchers Fight Back
Weak Apple PRNG Threatens iOS Exploit Mitigations
Trailrunner7 writes “A revamped early random number generator in iOS 7 is weaker than its vulnerable predecessor and generates predictable outcomes. A researcher today at CanSecWest said an attacker could brute force the Early Random PRNG used by Apple in its mobile operating system to bypass a number of kernel exploit mitigations native to iOS. ‘The Early Random PRNG in iOS 7 is surprisingly weak, ‘ said Tarjei Mandt senior security researcher at Azimuth Security. ‘The one in iOS 6 is better because this one is deterministic and trivial to brute force.’ The Early Random PRNG is important to securing the mitigations used by the iOS kernel. ‘All the mitigations deployed by the iOS kernel essentially depend on the robustness of the Early Random PRNG, ‘ Mandt said. ‘It must provide sufficient entropy and non-predictable output.'” Read more of this story at Slashdot.
View original post here:
Weak Apple PRNG Threatens iOS Exploit Mitigations
4.6 Million Snapchat User Names and Phone Numbers Leaked (Check Yours)
Oh dear. In an inauspicious start to 2014 for both Snapchat and its users, a website appears to have published user name and phone number information for 4.6 million accounts. Read more…
More:
4.6 Million Snapchat User Names and Phone Numbers Leaked (Check Yours)
Meet Paunch: the Accused Author of the BlackHole Exploit Kit
tsu doh nimh writes “In early October, news leaked out of Russia that authorities there had arrested and charged the malware kingpin known as ‘Paunch, ‘ the alleged creator and distributor of the Blackhole exploit kit. Today, Russian police and computer security experts released additional details about this individual, revealing a much more vivid picture of the cybercrime underworld today. According to pictures of the guy published by Brian Krebs, if the Russian authorities are correct then his nickname is quite appropriate. Paunch allegedly made $50, 000 a month selling his exploit kit, and worked with another guy to buy zero-day browser exploits. As of October 2013, the pair had budgeted $450, 000 to purchase zero-days. From the story: ‘The MVD estimates that Paunch and his gang earned more than 70 million rubles, or roughly USD $2.3 million. But this estimate is misleading because Blackhole was used as a means to perpetrate a vast array of cybercrimes. I would argue that Blackhole was perhaps the most important driving force behind an explosion of cyber fraud over the past three years. A majority of Paunchâ(TM)s customers were using the kit to grow botnets powered by Zeus and Citadel, banking Trojans that are typically used in cyberheists targeting consumers and small businesses.'” Read more of this story at Slashdot.
Link:
Meet Paunch: the Accused Author of the BlackHole Exploit Kit
An IT Flaw Has Let Unauthorized Users Exploit Army PCs for Years
Earlier this week, Buzzfeed reported that a computer security flaw in has left Army computers vulnerable for at least two years; today, the Army confirmed to Buzzfeed that this was, in fact the case. And that they have no plans to do anything to fix it. Read more…
View original post here:
An IT Flaw Has Let Unauthorized Users Exploit Army PCs for Years
How an Aussie University Creates the World’s Best Hackers
bennyboy64 writes “An Australian university appears to be excelling at cultivating some of Australia’s best computer hackers. Following the University of NSW’s students recently placing first, second and third in a hacking war game (the first place winners also won first place last year), The Sydney Morning Herald reports on what exactly about the NSW institution is breeding some of Australia’s best hackers. It finds that a lecturer and mentor to the students with controversial views on responsible disclosure appears to the be the reason for their success.” Read more of this story at Slashdot.
Continued here:
How an Aussie University Creates the World’s Best Hackers