Tag: style-details

French agency caught minting SSL certificates impersonating Google

sharyn morrow Rekindling concerns about the system millions of websites use to encrypt and authenticate sensitive data, Google caught a French governmental agency spoofing digital certificates for several Google domains. The secure sockets layer (SSL) credentials were digitally signed by a valid certificate authority, an imprimatur that caused most mainstream browsers to place an HTTPS in front of the addresses and display other logos certifying that the connection was the one authorized by Google. In fact, the certificates were unauthorized duplicates that were issued in violation of rules established by browser manufacturers and certificate authority services. The certificates were issued by an intermediate certificate authority linked to the Agence nationale de la sécurité des systèmes d’information, the French cyberdefense agency better known as ANSSI. After Google brought the certificates to the attention of agency officials, the officials said the intermediate certificate was used in a commercial device on a private network to inspect encrypted traffic with the knowledge of end users, Google security engineer Adam Langley wrote in a blog post published over the weekend . Google updated its Chrome browser to reject all certificates signed by the intermediate authority and asked other browser makers to do the same. Firefox developer Mozilla and Microsoft, developer of Internet Explorer have followed suit . ANSSI later blamed the mistake on human error . It said it had no security consequences for the French administration or the general public, but the agency has revoked the certificate anyway. Read 5 remaining paragraphs | Comments        

Originally posted here:
French agency caught minting SSL certificates impersonating Google

Kingpin behind large chunk of world’s malware exploits led lavish life

A screenshot showing BlackHole statistics. Group-IB An online crime kingpin arrested in October and charged with creating and distributing the Blackhole exploit kit may have had his hand in as much as 40 percent of the world’s malware infections, according to information released by the security firm that helped track him down. The 27-year-old Russian, identified only as Paunch, allegedly earned about $50,000 per month selling BlackHole subscriptions for as much as $500 per month, according to a report published Friday by security firm Group-IB. He is also alleged to be behind the much more expensive Cool Exploit Kit and a “Crypt” service used to obfuscate malware to go undetected by antivirus programs. With more than 1,000 customers, he was able to lead a lavish lifestyle that included driving a white Porsche Cayenne, Group-IB said. A man Group-IB identifies as “Paunch” standing in front of a Porsche Cayenne. Group-IB Exploit kits are the do-it-yourself tools used to embed crimeware into hacked or malicious websites so they target a host of vulnerabilities found on end-user computers. People who visit the websites are exposed to “drive-by” attacks that are often able to install highly malicious software on the computers with no sign that anything is amiss. Group-IB estimated that Paunch may have supplied the code used in as much as 40 percent of the PC crimeware infections worldwide. Researchers arrived at that guess by gauging sales of BlackHole and Cool, which they said accounted for about 40 percent of world revenue for exploit kits. Even assuming that some crimeware is installed independent of exploit kits, it’s hard to overstate the role these two kits played in seeding the Web with exploit code that installed malware used in bank fraud and other forms of online crime. Read 3 remaining paragraphs | Comments        

See the original article here:
Kingpin behind large chunk of world’s malware exploits led lavish life

Mozilla making progress with Firefox’s long journey to multiprocess

Multiple Firefox processes. Gill Penney Internet Explorer and Chrome both use a multiprocess architecture to enhance stability and security. They separate the task of parsing and rendering Web pages from the job of drawing the browser on-screen, saving downloaded files, creating network connections, and so on. This allows them to run the dangerous parts—the parts exposed to malicious scripts and exploitative HTML—in a sandbox with reduced permissions, making it harder for browser flaws to be turned into system compromises. It also means that they’re much more tolerant of crash bugs; a bug will bring down an individual tab, but shouldn’t, in general, bring down the browser as a whole. In 2009, Mozilla announced the Electrolysis project , which was to bring this kind of multiprocess design to Firefox. Read 10 remaining paragraphs | Comments        

Read the article:
Mozilla making progress with Firefox’s long journey to multiprocess

Hack on JPMorgan website exposes data for 465,000 card holders

JPMorgan Chase has warned 465,000 holders of prepaid cash cards that their personal information may have been obtained by hackers who breached the bank’s network security in July, according to a report published Thursday. JPMorgan issued the cards on behalf of corporations and government agencies, which in turn used them to pay employees and issue tax refunds, unemployment compensation, and other benefits, Reuters reported . In September, bank officials discovered an attack on Web servers used by its www.ucard.chase.com site and reported it to law enforcement authorities. In the months since, bank officials have investigated exactly which accounts were involved and what pieces of information were exposed. Wednesday’s warning came after investigators were unable to rule out the possibility that some card holders’ personal data may have been accessed. The bank usually keeps customers’ personal information encrypted, but during the course of the breach, data belonging to notified customers temporarily appeared in plaintext in log files, Reuters said. The notified card holders account for about two percent of the roughly 25 million UCard users. Read 1 remaining paragraphs | Comments        

See the original post:
Hack on JPMorgan website exposes data for 465,000 card holders

Charged with theft, man arrested for plugging car into school’s outlet

Nissan A man in an Atlanta suburb was confronted by a police officer for plugging his electric car into an outside outlet at a school. Ten days later, he was arrested at home and charged with theft for taking about 5 cents worth of electricity “without consent.” Kaveh Kamooneh plugged an extension cable from his Nissan Leaf into a 110-volt external outlet at Chamblee Middle School while his son was practicing tennis. A short time later, he noticed someone in his car and went to investigate—and found that the man was a Chamblee police officer. “He informed me he was about to arrest me, or at least charge me, for electrical theft,” Kamooneh told Atlanta’s Channel 11 News . Kamooneh said that the car, when plugged into a 110-volt outlet, draws a kilowatt an hour. “Over an hour, that’s maybe eight or nine cents” worth of electricity, he said, depending on the rates. He was plugged in for less than 20 minutes, so he estimated the amount of power he drew from the school at less than 5 cents. Read 2 remaining paragraphs | Comments        

Read this article:
Charged with theft, man arrested for plugging car into school’s outlet

Found: hacker server storing two million pilfered paswords

Spider Labs Researchers have unearthed a server storing more than two million pilfered login credentials for a variety of user accounts, including those on Facebook, Yahoo, Google, Twitter, and a handful of other websites. More than 1.5 million of the user names and passwords are for website accounts, including 318,121 for Facebook, 59,549 for Yahoo, 54,437 for Google, and 21,708 for Twitter, according to a blog post published Tuesday by researchers from security firm Trustwave’s Spider Labs. The cache also included credentials for e-mail addresses, FTP accounts, remote desktops, and secure shells. More than 1.8 million of the passwords, or 97 percent of the total, appeared to come from computers located in the Netherlands, followed by Thailand, Germany, Singapore, and Indonesia. US accounts comprised 0.1 percent, with 1,943 compromised passwords. In all, the data may have come from as many as 102 countries. Read 5 remaining paragraphs | Comments        

Link:
Found: hacker server storing two million pilfered paswords

Google compute cloud load balances 1 million requests per second for $10

We hold Google ransom for… one million Web requests. New Line Cinema Google Compute Engine, the company’s infrastructure-as-a-service cloud that competes against Amazon Web Services, is trying to take reliability and scale to the extreme. Yesterday, the company said it was able to serve “one million load balanced requests per second” with a single IP address receiving the traffic and distributing it across 200 Web servers. Each of the million requests was just “one byte in size not including the http headers,” Google Performance Engineering Manager Anthony F. Voellm wrote in a blog . It’s thus not representative of real-world traffic, but the simulation shows that Compute Engine should be able to let websites absorb big bursts in traffic without shutting down. According to Google, the test showed the load balancer was able to serve the aforementioned one million requests “within five seconds after the setup and without any pre-warming.” The test ran for more than seven minutes. “The 1M number is measuring a complete request and successful response,” Voellm wrote. Read 9 remaining paragraphs | Comments        

Read More:
Google compute cloud load balances 1 million requests per second for $10

Scientist-developed malware covertly jumps air gaps using inaudible sound

Topology of a covert mesh network that connects air-gapped computers to the Internet. Hanspach and Goetz Computer scientists have developed malware that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection. The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an “air gap” between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals. The researchers, from Germany’s Fraunhofer Institute for Communication, Information Processing, and Ergonomics , recently disclosed their findings in a paper published in the Journal of Communications . It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps . The new research neither confirms nor disproves Dragos Ruiu’s claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today’s malware. Read 6 remaining paragraphs | Comments        

More:
Scientist-developed malware covertly jumps air gaps using inaudible sound

New Linux worm targets routers, cameras, “Internet of things” devices

Wesley Fryer Researchers have discovered a Linux worm capable of infecting a wide range of home routers, set-top boxes, security cameras, and other consumer devices that are increasingly equipped with an Internet connection. Linux.Darlloz , as the worm has been dubbed, is now classified as a low-level threat, partly because its current version targets only devices that run on CPUs made by Intel, Symantec researcher Kaoru Hayashi wrote in a blog post published Wednesday . But with a minor modification, the malware could begin using variants that incorporate already available executable and linkable format (ELF) files that infect a much wider range of “Internet-of-things” devices, including those that run chips made by ARM and those that use the PPC, MIPS, and MIPSEL architectures. “Upon execution, the worm generates IP addresses randomly, accesses a specific path on the machine with well-known ID and passwords, and sends HTTP POST requests, which exploit the vulnerability,” Hayashi explained. “If the target is unpatched, it downloads the worm from a malicious server and starts searching for its next target. Currently, the worm seems to infect only Intel x86 systems, because the downloaded URL in the exploit code is hard-coded to the ELF binary for Intel architectures.” Read 4 remaining paragraphs | Comments        

More:
New Linux worm targets routers, cameras, “Internet of things” devices

Always-on voice search from your desktop: “Ok Google” comes to Google.com

Google Smartphones have changed the computing landscape quite a bit, and it often seems like desktop computers and laptops get left behind. “Always-on” voice search is going to completely change the way we interact with computers, but, until now, it has been strictly-mobile only. Today, Google released a Chrome extension that enables always-on voice search from a desktop. With the extension installed, voice search works just like it does on the Nexus 5. When Google.com is open, just say “Ok Google” and then your search term. This happens when you say “Ok Google” from the search results. Google The hotword even works when you’re already on a search page. You can just say “Ok Google” again and search for something else. It all feels like a step closer to the Star Trek future Google keeps promising us . Read 1 remaining paragraphs | Comments        

Original post:
Always-on voice search from your desktop: “Ok Google” comes to Google.com