Kategorie

McAfee, Sophos and Avast are among the antivirus software suites impacted.

On the heels of several Facebook data privacy snafus this week - and over the past year - users no longer trust the platform.

A researcher said that millions of records were leaking 300,000 Tap30 drivers' names, ID numbers and phone numbers.

Enlarge / A colorized transmission electron micrograph (TEM) of an Ebola virus virion. (Cynthia Goldsmith) (credit: CDC)

The most recent Windows patch, released April 9, seems to have done something (still to be determined) that's causing problems with anti-malware software. Over the last few days, Microsoft has been adding more and more antivirus scanners to its list of known issues. As of publication time, client-side antivirus software from Sophos, Avira, ArcaBit, Avast, and most recently McAfee are all showing problems with the patch.

Affected machines seem to be fine until an attempt is made to log in, at which point the system grinds to a halt. It's not immediately clear if systems are freezing altogether or just going extraordinarily slowly. Some users have reported that they can log in, but the process takes ten or more hours. Logging in to Windows 7, 8.1, Server 2008 R2, Server 2012, and Server 2012 R2 are all affected.

Booting into safe mode is unaffected, and the current advice is to use this method to disable the antivirus applications and allow the machines to boot normally. Sophos additionally reports that adding the antivirus software's own directory to the list of excluded locations also serves as a fix, which is a little strange.

Read 3 remaining paragraphs | Comments

A white-hat hacker found a way to get into the French government's newly launched, secure encrypted messaging app that otherwise can only be accessed by officials and politicians with email accounts associated with the government identities. Dubbed "Tchap," the end-to-end encrypted, open source messaging app has been created by the French government with an aim to keep their officials,

Facebook has updated 'tens of thousands of plaintext Instagram passwords ended up in logfile' to say it was more like a million.

Embedded browsers within apps can be useful if you want to use an existing account from another service -- say, your Gmail log-in -- to access their features. However, they're also really easy to weaponize for man-in-the-middle types of phishing attacks. Since Google can't differentiate between a legitimate log-in and a phishing attempt through a browser from within an application, it's blocking sign-ins from all embedded browser frameworks starting in June.

The French government just launched its own messaging app called Tchap in order to protect conversations from hackers, private companies and foreign entities. But Elliot Alderson, also known as Baptiste Robert, immediately found a security flaw. He was able to create an account even though the service is supposed to be restricted to government officials.

On this episode of the Infosec Cyberspeak podcast, Liz Mann, head of the Life Sciences and Health sectors, Americas Cybersecurity, EY Advisory, discusses her role at EY, the importance of diverse perspectives around risk management, and her work encouraging young women to enter the cybersecurity workforce. In the podcast, Mann and host Chris Sienko discuss: […]

The post Risk management and understanding what matters most appeared first on Infosec Resources.

Risk management and understanding what matters most was first posted on April 18, 2019 at 7:03 pm.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com

The incident was the work of malicious cyberattackers.

Facebook late last month revealed that the social media company mistakenly stored passwords for "hundreds of millions" of Facebook users in plaintext, including "tens of thousands" passwords of its Instagram users as well. Now it appears that the incident is far worse than first reported. <!-- adsense --> Facebook today quietly updated its March press release, adding that the actual number of

Posted by Jonathan Skelker, Product Manager, Account Security

We’re constantly working to improve our phishing protections to keep your information secure. Last year, we announced that we would require JavaScript to be enabled in your browser when you sign in so that we can run a risk assessment whenever credentials are entered on a sign-in page and block the sign-in if we suspect an attack. This is yet another layer of protection on top of existing safeguards like Safe Browsing warnings, Gmail spam filters, and account sign-in challenges.

However, one form of phishing, known as “man in the middle” (MITM), is hard to detect when an embedded browser framework (e.g., Chromium Embedded Framework - CEF) or another automation platform is being used for authentication. MITM intercepts the communications between a user and Google in real-time to gather the user’s credentials (including the second factor in some cases) and sign in. Because we can’t differentiate between a legitimate sign in and a MITM attack on these platforms, we will be blocking sign-ins from embedded browser frameworks starting in June. This is similar to the restriction on webview sign-ins announced in April 2016.

What developers need to know

The solution for developers currently using CEF for authentication is the same: browser-based OAuth authentication. Aside from being secure, it also enables users to see the full URL of the page where they are entering their credentials, reinforcing good anti-phishing practices. If you are a developer with an app that requires access to Google Account data, switch to using browser-based OAuth authentication today.

The flaw, which existed in a Shopify API endpoint, has been patched.

Take our short poll on how far Facebook can push its luck.

Posted by Jeff Vander Stoep, Android Security & Privacy Team

Each Android release comes with great new security and privacy features. When it comes to implementing these new features we always look at ways to measure the impact with data that demonstrates the effectiveness of these improvements. But how do these features map to an overall strategy?
Last week, we released a whitepaper describing The Android Platform Security Model. Specifically we discuss:

• The security model which has implicitly informed the Android platform’s security design from the beginning, but has not been formally published or described outside of Google.
• The context in which this security model must operate, including the scale of the Android ecosystem and its many form factors and use cases.
• The complex threat model Android must address.
• How Android’s reference implementation in the Android Open Source Project (AOSP) enacts the security model.
• How Android’s security systems have evolved over time to address the threat model.

Android is fundamentally based on a multi-party consent1 model: an action should only happen if the involved parties consent to it. Most importantly, apps are not considered to be fully authorized agents for the user. There are some intentional deviations from the security model and we discuss why these exist and the value that they provide to users. Finally, openness is a fundamental value in Android: from how we develop and publish in open source, to the open access users and developers have in finding or publishing apps, and the open communication mechanisms we provide for inter-app interactions which facilitate innovation within the app ecosystem.
We hope this paper provides useful information and background to all the academic and security researchers dedicated to further strengthening the security of the Android ecosystem. Happy reading!
Acknowledgements: This post leveraged contributions from René Mayrhofer, Chad Brubaker, and Nick Kralevich

Notes

1. The term ‘consent’ here and in the paper is used to refer to various technical methods of declaring or enforcing a party’s intent, rather than the legal requirement or standard found in many privacy legal regimes around the world. ↩

Nepříjemný problém musela poslední dny řešit ekvádorská vláda. Řada jejích oficiálních stránek se stala terčem masivního množství kyberútoků, k pondělnímu večeru jich bylo 40 milionů. Začalo k nim docházet prakticky okamžitě, co se Ekvádor po dlouhých letech rozhodl vydat britské policii ...

The U.S-focused eGobbler malvertising attacks are exploiting an unpatched Google Chrome bug.

The flaw could enable an unauthenticated, remote attacker to access the devices, Cisco said.

What if you got hit by ransomware - but the malware program itself was on the other side of the world where you'd never find it?

Intellectual property (IP) rights may apply to a multitude of things, from corporate branding names and new inventions to product designs and secret recipes. Do you have a secret sauce whether a novel or a novel idea? How is your secret sauce best protected? Types of Intellectual Property (IP) In the US, intellectual property rights […]

The post Protecting the Secret Sauce: What You Need to Know About Intellectual Property (IP) appeared first on Infosec Resources.

Protecting the Secret Sauce: What You Need to Know About Intellectual Property (IP) was first posted on April 18, 2019 at 8:01 am.
©2017 "InfoSec Resources". Use of this feed is for personal non-commercial use only. If you are not reading this article in your feed reader, then the site is guilty of copyright infringement. Please contact me at darren.dalasta@infosecinstitute.com