Swiss cyber-security company Modzero discovered some worrying security flaws in certain HP laptops and made them public.
According to their report, some HP laptops come with an audio driver that includes a feature which would be best described as a keylogger. This feature records all the user's keystrokes and saves the information into a local file, which is accessible to third-party software or malware.
The keylogger feature was discovered in the Conexant HD Audio Driver Package version 22.214.171.124 and earlier. The audio driver in question is preinstalled on the HP laptops.
The problem with this is that it shouldn't be storing a local unencrypted record of your keystrokes. This behavior opens your personal keystrokes to anyone that has access to your computer. Both local and remote, which means your passwords can be compromised. This is a huge risk, especially because the affected laptops from HP are enterprise notebooks that could make businesses vulnerable.
Qualcomm announced they are launching a vulnerability rewards program (also known as a bounty) designed to expand their collaboration with invited white hat hackers. The company firmly believes that these type of hackers will help to improve the security of their Snapdragon family and LTE modems by finding the vulnerabilities and then reporting them to Qualcomm to fix.
The program is the first of its kind to be announced by a major silicon vendor. The program will be administered in collaboration with vulnerability coordination platform HackerOne. This also takes Qualcomm another step towards becoming one of the most secure silicon vendors in the industry.
Qualcomm says that they will offer up to $15,000 per vulnerability. By comparison, Google has numerous vulnerability bounties that range from $500 to $20,000. Apple, on the other hand offers up to $200,000 per vulnerability discovered on its devices.
Tens of millions of IP addresses were used to take down popular websites like Twitter, Spotify and Netflix on Friday by so far unknown sources. The DDoS attack on the DynDNS started on Friday morning, but the service was restored around 9:30 AM ET. However, around Friday noon, another attack began. Service was restored at approximately 1:00 PM ET same day, but many users had reported they had issues with certain websites.
Dyn reported there was an attempt of a third attack wave, but the were able to successfully mitigate it without customer impact.
Dyn issued a statement saying they are continuing their investigation.
At this point, we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. We are conducting a thorough cause and forensic analysis and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.
Twitter, Spotify, Amazon, Netflix, Reddit, Etsy and many other popular websites went offline earlier today due to a massive cyber attack on the DynDNS, a world renowned Domain Name Servers (DNS) service provider.
Dyn issued a statement acknowledging the attack.
Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure. Some customers may experience increased DNS query latency and delayed zone propagation during this time. Updates will be posted as information becomes available. This attack is mainly impacting US East and is impacting Managed DNS customer in this region. Our Engineers are continuing to work on mitigating this issue.
The DDoS attack began this morning, but the service was restored around 9:30 AM ET. However, around noon, another attack began. According to DownDetector's outage map, the DDoS attack is primarily targeting US users.
Tens of thousands of cyber attacks occur every second, but it's hard to imagine and visualize the number of attacks. Norse, a company from California that provides intelligence to many different companies, has created an interactive map where users can watch the cyber attacks in real-time.
The attacks are shown with colored lines that connect the source and the target of the attack. Norse tracks these attacks with the help of more than 8 million sensors located in 47 different countries.
French digital security company Oberthur Technologies has developed a revolutionary new bank card that should make it very difficult for fraudsters to do any damage to your account. Called Motion Code, the technology sees that three digit PIN on the back of your card change every hour for three years, meaning anyone who steals your card or acquires the digits will have minimal time to spend your money.
Most fraud occurs hours or days after cards are stolen, but no doubt the criminals will catch on and spend the money quicker upon recognizing a Motion Code card.
The downside is added difficulty in using your card remotely: no longer will you be able to memorize the PIN and use it regardless of whether you have your card on you or not. But for most, it's likely well worth it.
A hacker by the name of Avinash discovered Vine's source code is publicly available, and for his efforts, parent company Twitter has paid him $10,080.
The news is only coming out now, but Avinash presented his findings to Twitter about two months ago, at which point they fixed the issue within five minutes.
Tech giants paying hackers for bug bounties is a standard practice; bug bounty hunter Anand Prakash has earned roughly $1 million to date.
Even social media CEOs are susceptible to being hacked, it seems. Over the weekend, a couple of Facebook founder Mark Zuckerberg's social media accounts were compromised by Saudi Arabian hacking group OurMine Team.
OurMine is said to have found Zuckerberg's information in a recent LinkedIn dump, which they then used to gain control of his Twitter and Pinterest accounts. The group claims his password for both accounts was the surprisingly simple 'dadada', but there's reason to be skeptical of this as it also claimed it had overtaken his Instagram account, which Facebook has denied.
Both the Twitter and Pinterest account haven't been terribly active, at least not recently; Zuckerberg's Instagram account hasn't been too active either, although it has been used on a regular basis and multiple times in the last week.
Cellular networks are already pretty insecure as they are. Voice is sent unencrypted and in the clear despite having the necessary hardware to support even light encryption methods. Spoofing cellular towers, too, isn't exactly the most difficult thing to do either, but that's small potatoes compared to a vulnerability in the Signalling System No. 7 telephony protocol that can allow a potential malefactor to track you across the globe, with relative ease. Congress is now taking an interest and investigating these vulnerabilities.
The interest in the issue began with the airing of a 60 Minutes piece where Sharyn Alfonsi and a German computing enthusiast who specializes in nefarious programming techniques, showed off just how easy it is to exploit the SS7 protocol to track cellphone users. To demonstrate their point, the pair recruited US Representative Ted Lieu and asked him to use a new, not modified, iPhone when conducting staff phone calls. With just the phone number, they were able to pinpoint the location of the US Representative wherever he had the phone, and they were even able to record conversations he was having as well. It apparently didn't take much effort on the part of the researchers, either.
Mr. Lieu, following the demonstration he took part in, called for an official full investigation into the matter so that the vulnerabilities can be addressed. The flaw is something that potentially affects quite a few different markets, within the US and abroad, which could pose serious privacy issues. Not to mention if someone should use the flaw to target individuals as part of pre-meditated actions.
Encryption is a very pertinent issue in the modern age. We're at an impasse where certain individuals and groups would rather encryption be the stuff of history, perhaps even segregating encryption strengths like was common during the 80's and 90's. Email encryption isn't exactly the easiest thing to setup and requires a bit of preparation to do right. It can be cumbersome even to those that know what they're doing. A group of tech companies and independent researchers have gotten together to help make encryption of your emails easier, and much more seamless.
The new protocol that has been proposed is called SMTP STS, or Simple Mail Transfer Protocol Strict Transport Security, and is designed to ensure a secure, encrypted connection with email servers. It's not a method of encrypting your emails themselves, which would be best served by any free, or paid, PGP solution, but it adds a measure of security to email that helps to make sure that you're messages are at leat going through real, authentic mail servers to get to their destination.
What it does is talk those email servers that it's traveling through to determine whether or not the connection is secure and that it's who they say they are. If the server can be authenticated (through the use of certificates and a TLS encryption-based connection), then your message will pass along, knowing that at least that server is legit. If no encryption can be used, then there's the option that the message won't be sent.