Spyware, Viruses, & Security

Alert

NEWS - May 13, 2014

by Carol~ Forum moderator / May 13, 2014 1:28 AM PDT
NSA allegedly puts backdoors on American-made network devices

Glenn Greenwald's new book titled No Place to Hide is out today. Aside from telling the story of how he worked with NSA whistleblower Edward Snowden and journalist Laura Poitras to make public the mind-blowing extent of mass US surveillance, the book also includes a number of revelations and documents that have not been previously shared with the public.

Among these is the disclosure that the US National Security Agency has been interfering with shipments ("supply-chain interdiction") of American-made computer network devices destined for foreign markets.

"A June 2010 report from the head of the NSA's Access and Target Development department is shockingly explicit. The NSA routinely receives - or intercepts - routers, servers and other computer network devices being exported from the US before they are delivered to the international customers," he wrote for the Guardian.

Continued : http://www.net-security.org/secworld.php?id=16846

Related:
NSA backdoors US hardware headed overseas: Greenwald
Reported NSA backdoors might open up networks to more threats
New NSA Snowden Documents
Post a reply
Discussion is locked
You are posting a reply to: NEWS - May 13, 2014
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: NEWS - May 13, 2014
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Avast: Users frequently hitting websites loaded with ...
by Carol~ Forum moderator / May 13, 2014 1:38 AM PDT
In reply to: NEWS - May 13, 2014
.. ransomware

"Avast's user base has landed on websites hosting ransomware more than 18 million times over six weeks"

Fresh statistics from the maker of a widely used free security product show the extent to which users are encountering file-encrypting malware known as ransomware.

On Monday, Prague-based Avast said that over the past six weeks, users of its security products landed on websites hosting ransomware more than 18 million times. The company estimates 200 million Windows, Mac and Android devices have its software installed.

"Browser ransomware is making a huge impact on Avast users in France, most of North America, some of the Nordic countries, and Australia," wrote Jan Sirmer, senior virus analyst, on a company blog.

Avast isn't the only security company to notice an alarming uptick in ransomware attacks. Symantec and Microsoft have warned that such attacks from malware families such as Reveton, Crilock and Cryptolocker are increasingly prevalent and leave users helpless unless their files are backed up.

Continued : http://www.networkworld.com/news/2014/051314-avast-users-frequently-hitting-websites-281518.html
Collapse -
Points of Sale Poorly Secured, Facing Sophisticated Attacks
by Carol~ Forum moderator / May 13, 2014 2:26 AM PDT
In reply to: NEWS - May 13, 2014

The point-of-sale (PoS) systems on which financial transactions are conducted at nearly every physical retail location in the U.S. and and beyond are fast becoming a favorite target for sophisticated criminal organizations as well as standalone attackers.

The emergence of this trend is unsurprising given that a compromised PoS terminal could potentially yield all pertinent payment information about any credit or debit card processed in a transaction on that machine - including track one and two payment data as well as card numbers, expiration dates, security codes, and the names of the people they belong to. The problem is exacerbated - according to a PoS malware analysis published by Arbor Networks - in two ways: the maintainers of PoS systems are doing a poor job of protecting such systems against older and well-known attacks as criminals continue to create more sophisticated tools.

Continued : http://threatpost.com/points-of-sale-poorly-secured-facing-sophisticated-attacks/106027

Related: Report: Attack on Point of Sales Systems

Collapse -
Bill Gates offers $5000 for a Facebook share? It's an ..
by Carol~ Forum moderator / May 13, 2014 2:42 AM PDT
In reply to: NEWS - May 13, 2014
.. old joke and still not funny

Facebook users are spreading a message across the social network, claiming that Bill Gates will cough up $5000 if you share a photograph of him.

Here's the message: [Screenshot]

The photograph shows Bill Gates, holding a piece of paper which appears to contain the following words:

Hey Facebook,

As you some of you may know, I'm Bill Gates. If you click the "share" link, I will give you $5000. It's about time I give back to the people!


Bill Gates is an extraordinary charitable fellow, but he has far worthier causes to donate to than Facebook users who click a share button.

Continued : http://grahamcluley.com/2014/05/bill-gates-5000-facebook-share/
Collapse -
Linux gets fix for code-execution flaw that was undetected..
by Carol~ Forum moderator / May 13, 2014 5:51 AM PDT
In reply to: NEWS - May 13, 2014
.. since 2009

"Vulnerability could be particularly serious for shared Web-hosting services."

Maintainers of the Linux kernel have patched one of the more serious security bugs to be disclosed in the open source operating system in recent months. The five-year-old code-execution hole leaves computers used in shared Web hosting services particularly vulnerable, so users and administrators should make sure systems are running updated versions that contain a fix.

The memory-corruption vulnerability, which was introduced in version 2.6.31-rc3, released no later than 2009, allows unprivileged users to crash or execute malicious code on vulnerable systems, according to the notes accompanying proof-of-concept code available here. The flaw resides in the n_tty_write function controlling the Linux pseudo tty device.

Continued : http://arstechnica.com/security/2014/05/linux-gets-fix-for-code-execution-flaw-that-went-unpatched-since-2009/
Collapse -
Heartbleed Vulnerability Still Beating Strong
by Carol~ Forum moderator / May 13, 2014 5:51 AM PDT
In reply to: NEWS - May 13, 2014

It has been roughly a month since the 'Heartbleed' vulnerability in OpenSSL became public, and for all the publicity, many organizations remain vulnerable.

According to Netcraft, many organizations are not going far enough to patch the vulnerability. Just 43 percent of the sites the company scanned reissued their SSL certificates in light of the bug, meaning the majority of the sites were still susceptible. In addition, seven percent of the reissued SSL certificates were reissued using the same private key. Fifty-seven percent of the sites took no action whatsoever - they have neither reissued nor revoked their old certificates.

Continued : http://www.securityweek.com/heartbleed-vulnerability-still-beating-strong

Related: Four weeks on, huge swaths of the Internet remain vulnerable to Heartbleed

Popular Forums
icon
Computer Help 47,885 discussions
icon
Computer Newbies 10,322 discussions
icon
iPhones, iPods, & iPads 3,188 discussions
icon
Security 30,333 discussions
icon
TVs & Home Theaters 20,177 discussions
icon
HDTV Picture Setting 1,932 discussions
icon
Phones 15,713 discussions
icon
Windows 7 6,210 discussions
icon
Networking & Wireless 14,510 discussions

CNET Magazine

The summer issue is here!

In the latest edition of our quarterly magazine, we look at how you can spend your summer getting fit and having fun. Pick up a copy on newsstands today or order it now.