Archive for September, 2015
Dyreza malware steals IT supply chain credentials
Cyber criminals using the Dyreza computer trojan appear to be shifting gears from online banking and moving into the industrial supply chain. New versions of Dyreza are configured to steal credentials for order fulfillment, warehousing, inventory management, e-commerce and other…
Newly found TrueCrypt flaw allows full system compromise
Windows users who rely on TrueCrypt to encrypt their hard drives have a security problem: a researcher has discovered two serious flaws in the program. TrueCrypt may have been abandoned by its original developers, but it remains one of the…
Online ads used for DDoS after pushing malware
Rogue online advertisements that infect computers with malware have become a common occurrence on the Internet. But now, it appears, hackers have also figured out how to launch crippling distributed denial-of-service (DDoS) attacks through ad networks. The DDoS mitigation team…
Identity theft hit 7% of US population last year
Almost 18 million people were victims of identity theft in the United States last year, with the majority of crimes targeting credit cards and bank accounts, the Department of Justice said Sunday. The figure represents 7 percent of the U.S….
Cookie handling in browsers can break HTTPS security
Cookies, the files that websites create in browsers to remember logged-in users and track other information about them, could be abused by attackers to extract sensitive information from encrypted HTTPS connections. The issue stems from the fact that the HTTP…
It's official: North America is out of new IPv4 addresses
North America has finally run out of new addresses based on IPv4, the numbering system that got the Internet where it is today but which is running out of space for the coming era of networking. The American Registry for…
Skype still down worldwide
According to monitoring site DownDetector, Skype went down worldwide today at 1:23 a.m. PT. As of 8:30 a.m., it’s still down. When Microsoft first detected the outage, the Microsoft Heartbeat service reported: Some of you may experience problems with Skype presence…
The perils of free digital certificates
Let’s Encrypt, the open source digital certificate authority backed by industry stalwarts Mozilla, Cisco, and Akamai, announced the release of its first certificate two days ago. Intended to ease the transition to TLS (Transport Layer Security) protocol, the more secure successor to…
IPv6 will get a big boost from iOS 9, Facebook says
Apple’s iOS 9 is expected to cause a boom in the use of IPv6, which could speed up service provider networks but create a lot of work for mobile developers. The new Apple mobile OS, coming out on Wednesday, will…
The Web's 10 most dangerous neighborhoods
Wouldn’t it be convenient if all the spam and malware sites were all grouped together under one top-level domain — .evil, say — so that they would be easy to avoid? According to a new study from Blue Coat, there…