Independent – Page 370 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Thu, 13 Jul 2017 06:49:26 +0000

Vulnerability Summary The following advisory reports a vulnerability in OrientDB which allows users of the product to cause it to execute code. OrientDB is a Distributed Graph Database engine with the flexibility of a Document Database all in one product. The first and best scalable, high-performance, operational NoSQL database. Credit An independent security researcher, Francis … Continue reading SSD Advisory – OrientDB Code Execution

Independent Krebs

July 13, 2017 admin

Thieves Used Infrared to Pull Data from ATM ‘Insert Skimmers’

Credit to Author: BrianKrebs| Date: Thu, 13 Jul 2017 15:28:08 +0000

A greater number of ATM skimming incidents now involve so-called “insert skimmers,” wafer-thin fraud devices made to fit snugly and invisibly inside a cash machine’s card acceptance slot. New evidence suggests that at least some of these insert skimmers — which record card data and store it on a tiny embedded flash drive are — equipped with technology allowing it to transmit stolen card data wirelessly via infrared, the same technology built into a television remote control.

Independent Securiteam

July 12, 2017 admin

SSD Advisory – 360 Total Security Privileged Escalation

Credit to Author: SSD / Maor Schwartz| Date: Wed, 12 Jul 2017 10:55:43 +0000

Vulnerability Summary The following advisory describes an Privileged Escalation vulnerability found in 360 Total Security. 360 Total Security offers your PC complete protection from Viruses, Trojans and other emerging threats. Whether you are shopping online, downloading files or chatting with your friends you can be sure that 360 Total Security is there to keep you … Continue reading SSD Advisory – 360 Total Security Privileged Escalation

ComputerWorld Independent

July 12, 2017 admin

The 15 worst data security breaches of the 21st century

Some of the largest companies in the U.S. have been targets of hackers, including Yahoo, JP Morgan Chase and TJX. Watch as we detail the top 15 breaches and their overall impact on customers or employees.

ComputerWorld Independent

July 12, 2017 admin

Mingis on Tech: The language of malware

Credit to Author: Ken Mingis, Fahmida Y. Rashid| Date: Wed, 12 Jul 2017 03:00:00 -0700

Sometimes, how you say something can be as important as what you say — especially when’s there been a cyberattack and law enforcement officials are trying to figure out who you are.

That’s what CSO senior writer Fahmida Rashid found when she looked into how cybersecurity firms go about tracking down the bad actors behind malware campaigns. While linguistics may not be the first thing companies worry about when trying to protect — or retrieve access to — their data, it can help pinpoint an attack’s origin, Rashid told Computerworld Executive Editor Ken Mingis.

To read this article in full or to leave a comment, please click here

ComputerWorld Independent

July 12, 2017 admin

Mingis on Tech: How linguistics can help catch cyberattackers

When it comes to tracking down the bad actors behind malware and ransomware, cybersecurity firms are turning to linguists.

Independent Securiteam

July 11, 2017 admin

Hack2Win 2017 D-Link 850L Results

Credit to Author: SSD / Maor Schwartz| Date: Tue, 11 Jul 2017 08:36:11 +0000

On June 11th 2017 we announced the first online version of our ‘Hack2Win’ hacking competition. We allocated $10,000 USD as pay outs to valid submissions, and 2 months of competition time – by making the product available on the internet – to allow everyone a chance to hack it. The device was made publicly accessible … Continue reading Hack2Win 2017 D-Link 850L Results

ComputerWorld Independent

July 11, 2017 admin

Easy way to bypass passcode lock screens on iPhones, iPads running iOS 10

Credit to Author: Darlene Storm| Date: Tue, 11 Jul 2017 08:05:00 -0700

Update for iOS 10.3.2

Apple still has not patched the hole allowing you to bypass the iPhone lock screen. As of iOS 10.3.2 (and the 10.3.3 beta), you can still trick Siri into getting into a person’s iPhone.

It works like this:

Press the home button using a finger not associated with your fingerprint authentication, prompting Siri to wake up.
Say to Siri: Cellular data.

Siri will then open the cellular data settings where you can turn off cellular data.

Anyone can do this—it doesn’t have to be the person who “trained” Siri.

By also turning off Wi-Fi, you cut off her connectivity access. You will get an error saying, “Siri not available. You are not connected to the internet.” But you don’t care about that error because you have already bypassed the iPhone lock screen.

To read this article in full or to leave a comment, please click here