Cloudflare has revealed an interesting way to ensure randomness when generating encryption keys -- lava lamps. Cloudflare is a DNS service which also offers distributed denial-of-service attack protection, security, free SSL, encryption, and domain name services.
Encryption is a hot topic today. While law enforcement often clashes with technology providers over backdoors and strong encryption getting in the way of cracking criminal cases, online, encryption can keep communication, payments, and accounts secure. Cloudflare is known for providing good standards of encryption, but it seems the secret is out -- this reputation is built in part on lava lamps.Read more
A hacking group previously linked to the Vietnamese government or working on its behalf has broken into the computers of neighboring countries as well as a grouping of Southeast Asian nations, according to cybersecurity company Volexity.
Steven Adair, founder and CEO, said the hacking group was still active, and had compromised the website of the Association of Southeast Asian Nations over several high-profile summit meetings. ASEAN is holding another summit of regional leaders in the Philippines capital Manila this week. In May, cybersecurity company FireEye reported that the group was actively targeting foreign multinationals and dissidents in Vietnam.Read more
Today is not a good news day for Ethereum. A vulnerability found within a popular wallet has frozen potentially hundreds of millions of dollars of the crypto currency in a second setback in recent months.
Parity Technologies, the company behind widely used wallet service Parity, today disclosed an issue that could enable the contents of a wallet to be wiped. The issue affects multi-sig wallets — a technology that uses the consent of multiple parties for additional security on transactions — that were deployed after July 20. In other words, ICOs that were held since then may be impacted.Read more
More than one million people were tricked into downloading a fake Android app that was pretending to be WhatsApp. The app was called "Update WhatsApp" and is still on the Play Store, although the developer has now changed its name to "Dual Whatsweb Update" and switched the icon, which doesn't look like the WhatsApp icon anymore.
But before its facelift, the app mimicked WhatsApp in a clear attempt to trick users into downloading it thinking they were downloading an update for the popular messaging app, according to users who reviewed the app on the Play Store, and users on Reddit, who flagged the malicious app.Read more
Mac and Linux versions of the Tor anonymity browser just received a temporary fix for a critical vulnerability that leaks users' IP addresses when they visit certain types of addresses. TorMoil, as the flaw has been dubbed by its discoverer, is triggered when users click on links that begin with file:// rather than the more common https:// and http:// address prefixes.
When the Tor browser for macOS and Linux is in the process of opening such an address, "the operating system may directly connect to the remote host, bypassing Tor Browser," according to a brief blog post published Tuesday by We Are Segment, the security firm that privately reported the bug to Tor developers.Read more
Gaining access to the global network used by spies to track phone calls and intercept communications is relatively cheap and easy for hackers, criminals, or even anyone, an investigation has found.
The network, known as SS7, has faced renewed attention in the past few years, especially after researchers exploited it to eavesdrop on a congressman’s calls in real-time from the other side of the world. But a major concern is that more sinister hackers could conduct this sort of surveillance. To test just how possible opening the door to SS7 really is, experts posed as a small potential customer to a telecom in Europe, and was offered SS7 access for just a few thousand dollars.Read more
When you think you've seen it all, malware authors always find a way to impress you. Today's "that's clever!" moment comes courtesy of a criminal group that's been spreading a new version of the Zeus Panda banking trojan since June, this year.
Instead of relying on old techniques of malvertising and spam campaigns, this group has taken a novel approach, never before seen in the distribution of banking trojans. Black-hat SEO, for the win! This Zeus Panda group decided to rely on a network of hacked websites, on which they inserted carefully chosen keywords in new pages or hid the keywords inside existing pages.Read more
Imagine that one day you decide to use Bitcoin to pay for, say, a pizza. You copy the wallet address from the pizzeria’s website, enter the required amount, and click the Send button.
The transfer goes through, but the pizza doesn’t arrives. The pizzeria owners say they never received the payment. What’s going on? Don’t get mad at the pizza guys — it’s all down to CryptoShuffler. Unlike cryptoransomware, this Trojan avoids flashy effects, instead doing its best to slip under the radar. It resides quietly in the computer’s memory and monitors the clipboard — the temporary storage area for cut/paste operations.Read more
Apple might be aiming to build a hacker-proof iPhone, but it takes time until this ambitious goal is achieved, so for the time being, its devices keep falling victims to security researchers across the world.
The last it happened was at the Mobile Pwn2Own 2017 competition where hackers or groups of hackers are trying to break into mobile devices, including Apple’s very own iPhone. On the first day of the event, the iPhone 7 was the target of the Tencent Keen Security Lab team, who managed to break into a device running iOS 11.1 using four different vulnerabilities. Code execution was enabled after exploiting a Wi-Fi bug, with the team also hacking Safari browser on the device.Read more
A threat actor is mass-scanning the Internet for Ethereum mining equipment running ethOS that is still using the operating system's default SSH credentials. The attacker is using these creds to gain access to the mining rig and replace the owner's Ethereum wallet address with his own.
Replacing this wallet ID sends all subsequent mining revenue to the attacker instead of the equipment's real owner. Scans started on Monday. The attacks started on Monday and were first detected by a honeypot set up by Romanian cyber-security firm Bitdefender. Honeypot logs showed attackers trying two peculiar SSH username and password combos.Read more