Researchers have found a CSRF vulnerability within the core of the Yandex browser that allowed attackers to steal users browsing data. The vulnerability was discovered by Ziyahan Albeniz at Netsparker, and if exploited would have allowed an attacker to steal the victim’s browser history, passwords, and autocomplete information. Dr Christopher Kruegel, Co-Founder and CEO at Lastline commented below. Dr Christopher Kruegel, Co-Founder and CEO at Lastline: “In March of 2016, Lastline published “Three interesting changes in malware activity over the past year”. Though not specifically centered on the study of Yandex’s specific browser, one of the three largest trends centered on the browser as an…
ISBuzz Team
A man from Chicago, who allegedly hacked 30 celebrity accounts through phishing in 2014 and posted their nude photos online, has been charged and is facing a nine month prison sentence. IT security experts from ESET, AlienVault and Imperva commented below. Mark James, Security Specialist at ESET: “Sadly this sends the wrong signal. Although of course I don’t have access to all the information regarding this case, it does seem somewhat shy of fair justice for the people it affects. Nine months (even if he serves the full term) seems a short sentence, the likes of Jennifer Lawrence, Kirsten Dunst,…
The flaw would give attacker complete control over a home’s internet traffic – another example of widespread problems with weak router security. Berkshire, UK. F-Secure researchers have uncovered a critical vulnerability in some models of Inteno home routers that, if exploited, is severe enough to allow an attacker complete control over the victim device and the internet traffic travelling through it. The finding highlights the security challenges plaguing consumer routers. The vulnerability allows an attacker to install their own firmware to the device, which would still work as before, but with back doors and other unwanted features. An attacker exploiting…
Following the report about resetting passwords to keep your files safe, Patrick Heim, Global Head of Trust and Security at Dropbox commented below. Patrick Heim, Global Head of Trust and Security at Dropbox: “Since our original post, there have been many reports about the exposure of 68 million Dropbox credentials from 2012. The list of email addresses with hashed and salted passwords is real, however we have no indication that Dropbox user accounts have been improperly accessed. We’re very sorry this happened and would like to clear up what’s going on. “Based on our analysis, the credentials were likely obtained in 2012. We first heard rumours about this list…
TorrentLocker, crypto-ransomware targeting specific countries, has received improvements making it even harder to track and analyse. TorrentLocker, analysed by ESET in 2014, that hit Ireland as well, is still active and, thanks to how it chooses its potential victims with targeted spam, avoids the attention more prominent crypto-ransomware receives. However, ESET researchers have continued to keep their eyes on this malware. “The gang behind TorrentLocker still seems to be in the game. They have been improving their tactics and have been slowly innovating this ransomware while trying to stay under the radar,” says Marc-Etienne M. Léveillé, ESET malware researcher. TorrentLocker is being distributed via…
Krebs on Security is reporting Kimpton Hotels on Wednesday formally acknowledged that malware found on payment terminals in many of its hotels and restaurants may have compromised credit/debit cards of guests who patronized the properties in the first half of this year. Shane Stevens, VASCO Data Security Director of Omni-Channel Identity and Trust Solutions commented below. Shane Stevens, Data Security Director of Omni-Channel Identity and Trust Solutions at VASCO: “Seriously, who is not next? The fraudsters are hitting every industry hard and the travel Industry is no exception. Hotels, airlines and car rental agencies need to stop kidding themselves, learn from other industries, and make cyber security a priority. Point-of-sale…
Kaspersky Lab experts have discovered an Android trojan called Guerilla, which attempts to overcome the Google Play Store anti-fraud protection mechanisms. It uses a rogue Google Play client application that behaves as if there was a real human behind it. This fake app allows attackers to conduct shady advertisement campaigns using infected devices to download, install, rate and comment on the mobile applications published on Google Play. The malware is only capable of abusing Google Play mechanisms from rooted devices. As a platform for millions of users and software developers, Google Play is an attractive target for cybercriminals. Among other…
Following the news about the SWIFT network attacks, Igor Baikalov, Chief Scientist at Securonix commented below. Igor Baikalov, Chief Scientist at Securonix: “I find it highly amusing that there’s even a discussion of who is responsible for the security of a SWIFT terminal – SWIFT itself, the financial institution, or the local banking regulator? It seems like something that should have been resolved well before the largest global payments network, connecting 10,000 banks, was established. And banks have long been aware that third-party security is their problem, not that of the third-party. That must have been one of the founding…
LeakedSource announced that it has received 43,570,999 user records from music streaming service Last.fm. The data was reportedly stolen in March 2012 and has been verified. Each record contains username, email address, password and some other internal data. The hashed passwords used the outdated MD5 algorithm, which was declared ‘cryptographically broken and unsuitable for further use’ by the CMU Software Engineering Institute back in 2009. IT security experts from Barracuda, Digital Guardian, ForgeRock and WhiteHat Security commented below. Wieland Alge, VP & GM EMEA at Barracuda Networks: “Last.fm’s security breach has leaked enough details to leave users open to sophisticated phishing attacks.…
Following the news that one million IoT devices were infected by malware driven DDoS bonet, Sean Newman, Director at Corero Network Security commented below. Sean Newman, Director at Corero Network Security: “This is yet another example of how the collective power of vulnerable devices openly connected to the internet can be harnessed for nefarious activities. The rise of IoT, and the devices associated with it, is making it easy for today’s educated attackers. “IoT devices often have just enough processing power to deliver their required functionality, with security an after-thought at best and often not present at all. Combine this…