background preloader

DD-T

Facebook Twitter

FORTIGATE and Microsoft Windows Update. Apple relents, lets you “depurchase” that U2 album you never bought in the first place‏ Someone at Apple must be listening!

Apple relents, lets you “depurchase” that U2 album you never bought in the first place‏

ISIS is ramping up efforts to mount a massive cyber attack. A new Android ransomware family sets unlock password on devices. Ransomware is one of most prolific cyber threats to criminal ecosystem and according to security firms cyber gangs are increasing use the malicious code improving its capabilities with new features.

A new Android ransomware family sets unlock password on devices

Recently, experts at Doctor Web security firm have detected a new strain of Android ransomware which is equipped with a wider array of innovative features. In addition to locking a smartphone and demanding a ransom, the Android ransomware is able to set a screen unlock password by enabling a standard system feature. According to the experts the Andorid ransomware is also able to send short messages, a feature that could be exploited by bad actors to call SMS premium services. The threat actors spread the Android ransomware, dubbed Android.Locker.38.origin, masquerading it as a system update, during the execution it requests access to the device’s administrative features and mimics update installation. Citadel Malware Used in Attacks Aimed at Petrochemical Firms. Middle Eastern petrochemical organizations have been targeted in cyberattacks leveraging the notorious Citadel Trojan, researchers at IBM-owned Trusteer reported on Monday.

Citadel Malware Used in Attacks Aimed at Petrochemical Firms

Citadel is a variation of the Zeus malware which emerged after the source code for Zeus was leaked online back in 2011. The Trojan has been utilized by cybercriminals to steal sensitive information, particularly financial data. In a report published in March, Dell SecureWorks reported that Citadel was the second most prevalent banking botnet, representing 33% of the company's detections. In June 2012, Citadel was removed from a major commercial underground marketplace after its author was banned. Many experts predicted at the time that the incident may lead to the Trojan's downfall. The Smartphone "Kill Switch" Law - What Does It Mean For You? I recently spoke to a reporter preparing a story on California’s new smartphone “Kill Switch” law.

The Smartphone "Kill Switch" Law - What Does It Mean For You?

This law requires mobile devices sold in California starting July 1, 2015 to include an opt-in feature allowing consumers to remotely render a device useless in case of theft. While I support this, some don’t. Some industry experts believe this feature will allow oppressive governments to shut down cellular service or open up new channels for hackers to attack phones thus posing a consumer safety issue. However, I believe the opposite is true–this law will result in more positive outcomes than negative.

JPMorgan Shares Information on Recent Cyber Attacks. JPMorgan Chase, one of the largest banks in the United States, has confirmed that its systems were breached this summer, but investigators say there's no evidence that the attackers had gained access to highly sensitive information.

JPMorgan Shares Information on Recent Cyber Attacks

People familiar with the investigation have told The New York Times that the hackers penetrated roughly 90 of the company's servers between June and late July when the breach was detected. The attackers reportedly gained access to the details of one million customers and information on installed software after obtaining high-level administrative privileges, but an unnamed individual close to the matter said only names, addresses and phone numbers have been compromised. There appears to be no evidence that social security numbers, financial information, or proprietary software have been obtained. IRC Network Freenode Hacked, Passwords Exposed. The popular IRC network Freenode is asking users to change their passwords after some servers have been compromised by an unknown third party.

IRC Network Freenode Hacked, Passwords Exposed

In a blog post published on Saturday, Freenode staff reported that the breach was uncovered after an anomaly was noticed on one of the IRC servers. Further investigation revealed the existence of compromised binaries on several machines, which have been removed from the network and taken offline. Visual Basic Malware Continues Resurgence. What's old is new again.

Visual Basic Malware Continues Resurgence

In a follow-up to a report earlier this year on the reappearance of visual basic code in malicious documents, researchers at Sophos have found that the trend has not only continued - it's increased. According to new research, Sophos' most recent detection statistics show that the percentage of macro-based malware rose from around six percent of all document malware in June to 28 percent in July.

Visual Basic code offers attackers some benefits, Graham Chantry, senior security researcher at SophosLabs, noted in his report. "Few users run without any anti-virus software these days meaning malware families are forced to change form continuously in an effort to evade detection," he wrote. Hello, police, El Reg here. Are we a bunch of terrorists now? Build a business case: developing custom apps.

Hello, police, El Reg here. Are we a bunch of terrorists now?

Stand clear! Will HTC's One act as a defibrillator for Windows Phone? The essential guide to IT transformation Analysis HTC gave Microsoft a huge PR coup yesterday during the New York unveiling of the most stylish Windows Phone ever made.

Stand clear! Will HTC's One act as a defibrillator for Windows Phone?

Redmond could certainly use some good news right now. Windows Phone shipments fell 9.4 per cent in Q2, as Microsoft's languid timetable, along with a less-than-clockwork rollout of Windows Phone 8.1, finally caught up with it. The decline in shipments was no surprise, as ODMs have been waiting – and waiting – for the major release. As the rest of Microsoft moved to a brisker release schedule, Windows Phone moved to a slower one, creating an 18-month lacuna.

Samsung bags second Internet of Home Stuff home firm in a week. Secure remote control for conventional and virtual desktops Samsung has announced its second smart home slurp in a week with the acquisition of heating, ventilation and air conditioning distributor Quietside.

Samsung bags second Internet of Home Stuff home firm in a week

Samsung Electronics America said that it had agreed to buy the firm, which already distributes Sammy products, but didn’t disclose the terms of the deal. The company said that owning Quietside would give the A/C distie greater access to Sammy gear to sell. Quietside’s founder, Sang Lee, will be staying on as CEO and helping to expand the firm’s personnel and infrastructure to help sell the “enhanced product lineup” Sammy is planning for the North American market, the firms said.

Those products are likely to include smart options as part of Sammy’s push into the Internet of Stuff sector. Google plans YouTube clean-up, ready for kid customers. Google's so keen on getting underage advertising targets children onto its services, it's even mulling how to clean up the swamp that is YouTube. According to a report from The Information, the data-dealing big boy is contemplating how to roll out the child-sized red carpet with these new offerings: A dashboard for parents to watch over their kids' activities,A child-safe version of YouTube that would wall off racy videos and comments, andA new requirement that people share their age when they sign up for accounts on devices powered by the Android mobile operating system.

Right now, age only comes into play with accounts started on PCs. Delaware passes law to give others access to our e-lives when we die. Donna Johnson's father, an accountant in the US state of Delaware, died suddenly of a massive heart attack. As many people do when they die, Mr. Johnson left without passing on the digital keys to his family's finances: banking accounts, bill payments, online investments, or the login for his email account, where notices about such things were sent. His photos were also stored online, meaning that the family's memories were locked away from them. Google et al slammed by justice chief over ‘right to be forgotten’ Europe’s Commissioner for Justice, Martine Reicherts, has slammed Google and other opponents of the 'right to be forgotten' ruling, claiming that they are attempting to undermine the reform. Speaking to the IFLA World Library and Information Congress in Lyon, France, Reicherts said the European Union had come a long way in reforming rules centred around the protection of personal data but highlighted how certain parties were attempting to knock the wheels off the speeding cart: Just as work on this reform has picked up speed and urgency, detractors are attempting to throw a new spanner in the works.

They are trying to use the recent ruling by the European Court of Justice on the right to be forgotten to undermine our reform. They have got it wrong. And I will not let them abuse this crucial ruling to stop us from opening the digital single market for our companies and putting in place stronger protection for our citizens. Vulnerability Management: Just Turn It Off! PART III. By: Cindy Valladares Our previous posts in the ‘Just Turn It Off!’ Series (Part I and Part II) explained many commonly overlooked features than can unintentionally weaken your network’s security. Source Code of Android RAT Dendroid Leaked Online. The complete source code for the Android remote access Trojan (RAT) called Dendroid has been leaked online, which researchers have found contains several vulnerabilities. Malware Developers Port Linux DDoS Trojan to Windows.

Researchers at Russia-based security company Doctor Web have noticed that a piece of malware designed to run on Linux computers has been ported by its creators to Windows. Today's Biggest Security Gap? Identity. Identifying security gaps is a favorite pastime of security professionals. Vulnerability in WordPress Mobile Pack Exposes Password-Protected Posts. Researchers at dxw Security have discovered a flaw in the WordPress Mobile Pack plugin that can be exploited to access password-protected posts. 'Machete' Cyber Espionage Attacks Target Spanish-Speaking Countries.

Researchers have identified a cyber-espionage campaign focused on Spanish-speaking countries. Graphic Library Flaw Exposes Apps Created With Delphi, C++ Builder. Researchers at Core Security say they have identified a security vulnerability in the Visual Component Library (VLC) that affects apps developed with Delphi and C++ Builder. Reveton Ransomware Upgraded to Steal Passwords. The notorious Reveton ransomware has been updated to steal passwords and credentials, according to researchers with security firm Avast.

This latest edition affects more than 110 applications and turns the victim's computer into a botnet client. The malware also steals passwords from five crypto currency wallets, and its banking module is set to target 17 German banks. Counterfeit U.S. Cash Floods Crime Forums. Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor. Microsoft KILLS Windows 8.1 Update 2 and Patch Tuesday. The essential guide to IT transformation Microsoft has at last revealed the date when its second major update to Windows 8.1 will ship to customers: never. Munich Reverses Course, May Ditch Linux For Microsoft. AMD Launches Radeon R7 Series Solid State Drives With OCZ. Why Chinese Hackers Would Want US Hospital Patient Data.

Google's Driverless Cars Capable of Exceeding Speed Limit. Microsoft Azure goes TITSUP: Total Inability To Support Usual Performance. Build a business case: developing custom apps Updated Microsoft on Monday is struggling to correct a service outage that has left many customers unable to access various features of the company's Azure cloud services. According to a message posted to the Azure service status page, the outage spans "Cloud Services, Virtual Machines, Websites, Automation, Service Bus, Backup, Site Recovery, HDInsight, Mobile Services and possible other Azure Services in multiple regions. " Affected service regions include multiple areas of the US, Europe, Japan, Brazil, and the Asia Pacific region. The outage comes close on the heels of a similar cockup last week that saw customers worldwide locked out of Redmond's Visual Studio Online services for developers. In that case, the problem was reportedly a database issue that was resolved when Microsoft engineers rolled back some software changes that they had made to the data center over the preceding 24 hours.

Oculus sucked by Zuck? 'I'm over it' – Minecraft supremo Notch. Linux kernel devs made to finger their dongles before contributing code. Munich considers dumping Linux for ... GULP ... Windows! This'll end well: US govt says car-to-car jibber-jabber will SAVE lives. BlackBerry slices off juiciest bits, bottles them in 'Tech Solutions' Microsoft: Azure isn't ready for biz-critical apps … yet.

Apple takes blade to 13-inch MacBook Pro with Retina display. EU justice chief blasts Google on 'right to be forgotten' AMD slaps 'Radeon' label on Tosh flash: >Beard stroke< Hmm, cunning ... Apple analyst: fruity firm set to shift 75 million iPhones. Eat up Martha! Microsoft slings handwriting recog into OneNote on Android. Intel's Raspberry Pi rival Galileo can now run Windows. 'Fangless' activist investor chomps up chunk of Rackspace.