Software

Russia Moves to Block Telegram via Lawsuit

Russia Moves to Block Telegram via Lawsuit

Russia’s communications watchdog, Roskomnadzor, said that it has filed a lawsuit against popular encrypted messaging app Telegram for refusing to give the FSB access to its users’ private messages. The Russian security service said that it needed access to the secret messages to aid its work, particularly against terrorism, and said that Telegram had to comply with its obligation as an organizer of information distribution. However, founder and CEO Pavel Durov had already said on Twitter that “Threats to block Telegram unless it gives up private data of its users will not bear fruit. Telegram will stand for freedom and […]

Cisco Issues Warning Against State-backed Hackers

Cisco Issues Warning Against State-backed Hackers

Cisco’s Talos Intelligence group warned this week that nation-state hackers are exploiting a “protocol misuse” issue in Cisco’s Smart Install Client to gain access to critical infrastructure providers in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. Symantec additionally reported that the suspects may be the hacking group Dragonfly which may have carried out attacks that the US CERT had issued an alert for. The new warning comes after the release of a patch addressing a critical remote code execution flaw affecting the Smart Install Client which Talos researcher Nick Biasini urged customers in a post last […]

Microsoft Bans Swearing, “Inappropriate Content” on Skype

Microsoft Bans Swearing, “Inappropriate Content” on Skype

A blogger named Jon Corbett recently wrote that Microsoft had already implemented some changes to Skype’s “Code of Conduct” to ban inappropriate content such as offensive language. Microsoft’s Skype and other services prohibit the sharing of content that include “nudity, bestiality, pornography, offensive language, graphic violence, or criminal activity”. However, a number of users pointed out that while this is makes sense for public platforms like Twitter, the policy change raise privacy and censorship questions since Microsoft would effectively be policing sharing a private conversation between two consenting adults. Microsoft has not yet responded to questions on how it will […]

Hacking of British Surgeon May Have Led to Air Strike

Hacking of British Surgeon May Have Led to Air Strike

British surgeon David Nott recently revealed to the BBC that hackers may have compromised his computer and gotten information that led to the bombing of an Aleppo hospital. Nott had reportedly helped his colleagues in Syria via Skype and WhatsApp on one occasion which was broadcasted in 2016. The hospital where his colleagues worked at was hit by a bunker buster bomb weeks later. However, cybersecurity researcher Graham Cluely said that while Nott’s theory may be plausible, he thinks it is more likely that the phone of the doctors in Syria had been infected. Matthew Hickey from Hacker House additionally […]

Firefox Password System ‘Insufficiently Secured’ for Years

Firefox Password System ‘Insufficiently Secured’ for Years

Wladimir Palant, the author of the AdBlock Plus extension, recently revealed that the encryption scheme used by Firefox for years had relatively been unsecure and could easily be broken by brute force attacks. Palant said that Firefox’s and Thunderbird’s master password system, which has an SHA-1 function iteration count of 1, is a huge red flag since the industry standard is 10,000. Software engineer Justin Dolske had reported the same issue nine years ago right after the master password feature’s launch. However, Mozilla only responded to Palant’s report and said that the issue would be fixed in the new password […]

Israeli Startup Claims to Have Fix for All Third-Party Script Vulnerabilities

Israeli Startup Claims to Have Fix for All Third-Party Script Vulnerabilities

An Israeli startup named Source Defense recently claimed to have developed a solution against website hacking via third-party scripts. According to the company, almost all websites can be compromised by attackers exploiting this vulnerability. CEO Hadar Blutrich says that they were able to come up with a solution using virtual pages where the third party scripts are run in the memory of the browser. In there, the script is only provided information that it is allowed to see, and then the resulting information that the script wants to write is also filtered. Blutrich adds that by loading third parties into […]

Florida Shooting Prompts Trump to Talk to Video Game Industry

Florida Shooting Prompts Trump to Talk to Video Game Industry

US president Donald Trump is set to meet with executives from the video game industry to discuss, according to him, the link between certain games and violent acts. The Republican president believes that violence in video games may have had an influence on the 19-year old shooter who had killed 17 people in a Florida high school. The meeting will also be attended by executives from Take-Two Interactive Software Inc, the parent company of Rockstar Games Inc, and ZeniMax Media Inc, the parent company of Bethesda Softworks, conservative activists, Republican Senator Marco Rubio and other members of Congress. Source: Reuters

Pentagon Uses Google Tech for Drone Video Analysis

Pentagon Uses Google Tech for Drone Video Analysis

Google recently confirmed that the Pentagon is using its image recognition technology to analyse drone footage. However, it is said that this had caught a lot of the search giant’s employees by surprise, with some even getting outraged. A Google spokeswoman said that the tie-up involved the provision of software tools to let the US Department of Defense (DoD) make use of the company’s TensorFlow machine learning code. She further clarified that the technology is used to help human reviewers go through hours of footage more efficiently and is not used for offensive purposes. It was noted that Google is […]

Facebook Project Attempts to Deradicalize Using Messenger

Facebook Project Attempts to Deradicalize Using Messenger

It was reported that Facebook is currently engaged in a project where its messaging service is being used to deradicalize extremists. The Facebook-funded pilot is led by the Institute for Strategic Dialogue (ISD), a counter-extremism organization. In the program, users in the UK who post extreme-far right Islamist content are contacted and have their views challenged, which is similar to the recruitment methods of extremist groups. The researchers claim that out of 569 people that were contacted, there were eight that showed signs of a positive impact. Source: BBC

Hackers Turn to Code Signing Certificates to Bypass Detection

Hackers Turn to Code Signing Certificates to Bypass Detection

Recorded Future’s Insikt Group recently reported that malicious actors are now using code-signing certificates to bypass security appliances. It was previously believed that hackers merely steal and repurpose certificates from companies and developers. However, it seems that the high market price code signing certificates fetch have enticed other hackers to sell them instead. Prices go for as low as $299, with extended validation certificates that go through rigorous vetting process as high as $1599. Principal security researcher at Cybereason and Mac malware expert Amit Serper says that it is impossible to execute non-code signed program with devices such as Apple. […]