Michael Kan

About the Author Michael Kan


‘Kill switch’ helps slow the spread of WannaCry ransomware

Friday’s unprecedented ransomware attack may have stopped spreading to new machines — at least briefly — thanks to a “kill switch” that a security researcher has activated.

The ransomware, called Wana Decryptor or WannaCry, has been found infecting machines across the globe. It works by exploiting a Windows vulnerability that the U.S. National Security Agency may have used for spying.

The malware encrypts data on a PC and shows users a note demanding $300 in bitcoin to have their data decrypted. Images of the ransom note have been circulating on Twitter. Security experts have detected tens of thousands of attacks, apparently spreading over LANs and the internet like a computer worm.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Ransomware attack spreads worldwide using alleged NSA exploit

A ransomware attack appears to be spreading around the world, leveraging a hacking tool that may have come from the U.S. National Security Agency.

The ransomware, called Wanna Decryptor, struck hospitals at the U.K.’s National Health Service on Friday, taking down some of its network.

Spain’s computer response team, CCN-CERT, has also warned of  a “massive attack” from the ransomware strain, amid reports that local telecommunications firm Telefonica was hit.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Trump’s cybersecurity order pushes U.S. government to the cloud

President Donald Trump has finally signed a long-awaited executive order on cybersecurity, and he called for the U.S. government to move more into the cloud and modernize its IT infrastructure.

The order, signed on Thursday, is designed to “centralize risk” and move the government’s agencies toward shared IT services, White House homeland security adviser Tom Bossert said in a press briefing   

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Patch to fix Intel-based PCs with enterprise bug rolls out this week

PC vendors this week will start rolling out patches that fix a severe vulnerability found in certain Intel-based business systems, including laptops, making them easier to hack.   

Intel on Friday released a new notice urging clients to take steps to secure their systems.

The chipmaker has also released a downloadable tool that can help IT administrators and users discover whether a machine they own has the vulnerability.

In addition, vendors including Fujitsu, HP and Lenovo have released lists showing which products are affected and when the patches will roll out. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Top tips for finding the right cybersecurity products

Having trouble finding the right security products for your business? You’re not the only one.

Today’s market is filled with hundreds of vendors and plenty of marketing hype. But figuring out which solutions are worthwhile can be a challenge, especially for businesses with little experience in cybersecurity.  

So we asked actual buyers of enterprise security products for tips, and here’s what they said.  

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Google Docs phishing scam underscores OAuth security risks

Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.

One security researcher has already managed to replicate it, even as Google is trying to protect users from such attacks.

“It looks exactly like the original spoof,” said Matt Austin, director of security research at Contrast Security.

The phishing scheme — which may have circulated to 1 million Gmail users — is particularly effective because it fooled users with a dummy app that looked like Google Docs.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Sneaky Gmail phishing attack fools with fake Google Docs app

Google Docs was pulled into a sneaky email phishing attack on Tuesday that was designed to trick users into giving up access to their Gmail accounts.

The phishing emails, which circulated for about three hours before Google stopped them, invited the recipient to open what appeared to be a Google Doc. The teaser was a blue box that said, “Open in Docs.”

In reality, the link led to a dummy app that asked users for permission to access their Gmail account.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Sneaky Gmail phishing attack fools with fake Google Docs app

Google Docs was pulled into a sneaky email phishing attack on Tuesday that was designed to trick users into giving up access to their Gmail accounts.

The phishing emails, which circulated for about three hours before Google stopped them, invited the recipient to open what appeared to be a Google Doc. The teaser was a blue box that said, “Open in Docs.”

In reality, the link led to a dummy app that asked users for permission to access their Gmail account.

screen shot 2017 05 03 at 2.38.57 pmReddit

An example of the phishing email that circulated on Tuesday.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Vulnerability hits Intel enterprise PCs going back 10 years

Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.

The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management.  

Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.

The vulnerable firmware features can be found in some current Core processors and all the way back to Intel’s first-generation Core, called Nehalem, which shipped in 2008. They’re part of versions 6.0 through 11.6 of Intel’s manageability firmware.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Vulnerability hits Intel enterprise PCs going back 10 years

Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.

The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management.  

Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.

The vulnerable firmware features can be found in some current Core processors and all the way back to Intel’s first-generation Core, called Nehalem, which shipped in 2008. They’re part of versions 6.0 through 11.6 of Intel’s manageability firmware.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

NSA ends surveillance tactic that pulled in citizens’ emails, texts

The U.S. National Security Agency will no longer sift through emails, texts and other internet communications that mention targets of surveillance.

The change, which the NSA announced on Friday, stops a controversial tactic that critics said violated U.S. citizens’ privacy rights.

The practice involved flagging communications where a foreign surveillance target was mentioned, even if that target wasn’t involved in the conversation. Friday’s announcement means the NSA will stop collecting this data.

“Instead, this surveillance will now be limited to only those communications that are directly ‘to’ or ‘from’ a foreign intelligence target,” the NSA said in a statement.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Ransomware attacks are taking a bigger toll on victims’ wallets

Hackers spreading ransomware are getting greedier. In 2016, the average ransom demand to free computers hit with the infection rose to $1,077, up from $294 the year before, according to security firm Symantec.

“Attackers clearly think that there’s more to be squeezed from victims,” Symantec said in a Wednesday report

In addition, the security company has been detecting more ransomware infection attempts. In 2016, the figure jumped 36 percent compared with the prior year.  

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Old Windows Server machines can still fend off hacks. Here’s how

If you’re running a Windows Server 2003 machine, you have a problem. Your already-vulnerable computer is now at severe risk of being hacked.

That’s due to the internet release earlier this month of a batch of updates that paint a bulls-eye on computers running Windows Server 2003, according to security researchers.

“I can teach my mom how to use some of these exploits,” said Jake Williams, founder of Rendition Infosec, a security provider. “They are not very complicated at all.”

To read this article in full or to leave a comment, please click here

Read more 0 Comments

LeakedSource’s shutdown deals a blow to amateur hackers

Amateur hackers are alarmed with the apparent demise of LeakedSource, a controversial breach notification site that’s been accused of doing more harm than good.

U.S. law enforcement has allegedly confiscated its servers, and now some hackers are wondering if customers of LeakedSource might be next.  

“All the people who used PayPal, credit card, etc. to buy membership, the FBI now have your email, payment details and lookup history,” wrote one user on HackForums.net.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Trump administration is giving us a good lesson on Twitter security

Several recent incidents involving U.S. President Donald Trump’s administration can teach users something about IT security—particularly about Twitter and what not to do with it.

It turns out that several White House-related Twitter accounts—including the president’s official account, @POTUS—until recently were revealing sensitive information that hackers might be able to exploit.

The problem revolves around the service’s password reset function. If the account holder doesn’t take certain steps to secure it, Twitter exposes information that anyone with the right skills can use to uncover what email address—in redacted form—was used to secure a Twitter account.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Trump administration is giving us a good lesson on Twitter security

Several recent incidents involving U.S. President Donald Trump’s administration can teach users something about IT security — particularly about Twitter and what not to do with it.

It turns out that several White House-related Twitter accounts — including the president’s official account, @POTUS — until recently were revealing sensitive information that hackers might be able to exploit.

The problem revolves around the service’s password reset function. If the account holder doesn’t take certain steps to secure it, Twitter exposes information that anyone with the right skills can use to uncover what email address — in redacted form — was used to secure a Twitter account.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Password-free security uses voice, user behavior to verify identity

Tired of conventional passwords? So is Nuance Communications, a tech firm that is promoting the human voice as a way to secure user accounts.

The company’s voice biometric product is among the technologies that promise to replace traditional — and often vulnerable — password authentication systems, which can be easy to hack. That isn’t the case with Nuance’s solution, the company claims.   

“To determine if it’s you or not, we are looking at over 100 different characteristics of your voice,” said Brett Beranek, Nuance’s director of product strategy.

The problem with passwords

The need to move beyond passwords hasn’t been more urgent, given that hackers are routinely finding ways to steal them. Last year, Yahoo, LinkedIn and Dropbox all reported major data breaches involving account details such as email addresses and hashed passwords.  

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Apple takes patent battle with Qualcomm to China

Apple has filed two new lawsuits against Qualcomm, this time in China, that allege the mobile chip maker abused its market dominance and patents to charge excessively high licensing fees.

Apple is seeking 1 billion yuan ($145 million) in damages from Qualcomm, according to Beijing’s intellectual property court, which announced Wednesday it would hear the lawsuits.  

The legal action centers on Qualcomm’s standards-essential patents for its cellular technology. Allegedly, the company refused to negotiate a fair licensing fee for the patents and even declined to license some of them to Apple. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Apple takes patent fight with Qualcomm to China

Apple has filed two new lawsuits against Qualcomm, this time in China, that allege the mobile chip maker abused its market dominance and patents to charge excessively high licensing fees.

Apple is seeking 1 billion yuan ($145 million) in damages from Qualcomm, according to Beijing’s intellectual property court, which announced Wednesday it would hear the lawsuits.  

The legal action centers on Qualcomm’s standards-essential patents for its cellular technology. Allegedly, the company refused to negotiate a fair licensing fee for the patents and even declined to license some of them to Apple. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Cyber criminals avoid fraud within their own ranks with new site

Sometimes it’s not easy being a cyber criminal. In addition to law enforcement and private security companies, cyber thieves have to battle fraudsters out to beat them at their own game, but a website offers to help.

Ripper.cc has been maintaining a database of known “rippers” or scammers since June last year and security firm Digital Shadows, which has been investigating it, says it may help online black markets flourish.

Fraud is a nagging problem in the cyber criminal world, according to Digital Shadows. Although some hackers believe in honor amongst thieves, others are peddling bogus goods, such as stolen credit card numbers or user credentials that turn out to be fake.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Yahoo pushes back timing of Verizon deal after breaches

Verizon’s planned acquisition of Yahoo will take longer than expected and won’t close until this year’s second quarter, the internet company said on Monday.

The $4.8 billion deal was originally slated to close in the first quarter, but that was before Yahoo reported two massive data breaches that analysts say may scrap the entire deal.

Although Yahoo continues to work to close the acquisition, there’s still work required to meet closing the deal’s closing conditions, the company said in an earnings statement, without elaborating.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Yahoo pushes back timing of Verizon deal after breaches

Verizon’s planned acquisition of Yahoo will take longer than expected and won’t close until this year’s second quarter, the internet company said on Monday.

The $4.8 billion deal was originally slated to close in the first quarter, but that was before Yahoo reported two massive data breaches that analysts say may scrap the entire deal.

Although Yahoo continues to work to close the acquisition, there’s still work required to meet closing the deal’s closing conditions, the company said in an earnings statement, without elaborating.

Verizon has suggested that the data breaches, and the resulting blow to Yahoo’s reputation, might cause it to halt or renegotiate the deal.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

China goes after unauthorized VPN access from local ISPs

China is going after unauthorized internet connections, including tools known as virtual private networks, which can bypass China’s efforts to control the web.

The crackdown is part of a 14-month campaign from China’s Ministry of Industry and Information Technology that’s meant to clean up the country’s internet service provider market.

Unless authorized, ISPs are forbidden from operating any “cross-border” channel business, including VPNs, the ministry said in a Sunday notice.  

The announcement is unusual. The country has typically withheld from openly campaigning against VPN use, even as government censors have intermittently tried to squelch access to them in the past.  

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Lavabit developer has a new encrypted, end-to-end email protocol

The developer behind Lavabit, an email service that noted leaker Edward Snowden used, is releasing source code for an open-source, end-to-end encrypted email standard that promises surveillance-proof messaging.

The code for the Dark Internet Mail Environment (DIME) standard will become available on Github, along with an associated mail server program, said its developer, Ladar Levison, on Friday.

DIME will work across different service providers and perhaps crucially will be “flexible enough to allow users to continue using their email without a Ph.D. in cryptology,” said Levison.

To coincide with its launch, Levison is also reviving Lavabit. The encrypted email service shut down in 2013 when federal agents investigating Snowden demanded access to email messages of his 410,000 customers, including their private encryption keys.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Spanish police nab suspect behind Neverquest banking malware

Spanish police have arrested a Russian programmer suspected of developing the Neverquest banking Trojan, a malware targeting financial institutions across the world.

The 32-year-old Russian citizen known as Lisov SV was arrested at the Barcelona airport, Spain’s law enforcement agency Guardia Civil said on Friday.

The FBI had been working with Spanish authorities to track down the suspect through an international arrest warrant, according to a statement from the agency. The FBI, however, declined to comment on the man’s arrest.

Neverquest is designed to steal username and password information from banking customers. Once it infects a PC, the malware can do this by injecting fake online forms into legitimate banking websites to log any information typed in. It can also take screenshots and video from the PC’s desktop and steal any passwords stored locally.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Wikileaks’ Assange wants to discuss extradition with the feds

WikiLeaks founder Julian Assange said he stands by an earlier pledge to face trial in the U.S., but he is first urging federal investigators to name the exact charges against him.

“I stand by what I said,” Assange stated during a webcast on Thursday. “We look forward to having a conversation with the DOJ (U.S. Department of Justice) about what the correct way forward is.”

Assange previously made his pledge on the condition that President Barack Obama grant clemency to Chelsea Manning, a former U.S. soldier who was jailed for disclosing sensitive documents to WikiLeaks back in 2010.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Mac malware is found targeting biomedical research

A Mac malware that’s been spying on biomedical research centers may have been circulating undetected for years, according to new research.

Antivirus vendor Malwarebytes uncovered the malicious code, after an IT administrator spotted unusual network traffic coming from an infected Mac.

The malware, which Apple calls Fruitfly, is designed to take screen captures, access the Mac’s webcam, and simulate mouse clicks and key presses, allowing for remote control by a hacker,  Malwarebytes said in a blog post on Wednesday.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Can a DDoS attack on Whitehouse.gov be a valid protest?

When Donald Trump is inaugurated as the U.S. President on Friday, Juan Soberanis intends to protest the event—digitally.

His San Francisco-based protest platform is calling on Americans to oppose Trump’s presidency by visiting the Whitehouse.gov site and overloading it with too much traffic. In effect, he’s proposing a distributed denial-of-service attack, an illegal act under federal law. But Soberanis doesn’t see it that way.

“It’s the equivalent of someone marching on Washington, D.C,” he said on Monday. “Civil disobedience has been part of the American democratic process.”

To read this article in full or to leave a comment, please click here

Read more 0 Comments

DDoS attack against Whitehouse.gov eyed as a valid protest

When Donald Trump is inaugurated as the U.S. President on Friday, Juan Soberanis intends to protest the event — digitally.

His San Francisco-based protest platform is calling on Americans to oppose Trump’s presidency by visiting the Whitehouse.gov site and overloading it with too much traffic. In effect, he’s proposing a distributed denial-of-service attack, an illegal act under federal law. But Soberanis doesn’t see it that way.

“It’s the equivalent of someone marching on Washington, D.C,” he said on Monday. “Civil disobedience has been part of the American democratic process.”

Soberanis’s call to action is raising eyebrows and highlights the isssue of whether DDoS attacks should be made a legitimate form of protest. Under the Computer Fraud and Abuse Act, sending a command to a protected computer with the intent to cause damage can be judged a criminal offense. But that hasn’t stopped hacktivists and cyber criminals from using DDoS attacks to force websites offline.  

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Obama commutes sentence for WikiLeaks source Chelsea Manning

President Barack Obama has commuted the prison sentence of Chelsea Manning, the former U.S. soldier who disclosed classified data to WikiLeaks relating to the Iraq War.

Manning was originally serving a 35-year sentence, but on Tuesday Obama reduced it. She’ll now be freed on May 17.

Manning was convicted of leaking U.S. military and diplomatic information to WikiLeaks back in 2010 that included videos of airstrikes in Iraq and Afghanistan, along with classified documents sent to the U.S. State Department. She was arrested and began serving jail time the same year.

The data supplied by Manning helped put WikiLeaks on the map as source for secret government information but drew swift condemnation from U.S. officials.   

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Suspected NSA tool hackers dump more cyberweapons

The hacking group that stole cyberweapons suspected to be from the U.S. National Security Agency is signing off—but not before releasing another arsenal of tools that appear designed to spy on Windows systems.

On Thursday, the Shadow Brokers dumped them online after an attempt to sell these and other supposedly Windows and Unix hacking tools for bitcoin.

The Shadow Brokers made news back in August when they dumped hacking tools for routers and firewall products that they claimed came from the Equation Group, a top cyberespionage team that some suspect works for the NSA.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Guccifer 2.0, alleged Russian cyberspy, returns to deride U.S.

As if the whodunnit into the hacking of the Democratic National Committee wasn’t already murky enough, the supposed Romanian hacker who first released the emails resurfaced on Thursday to say everyone has it wrong.

“I’d like to make it clear enough that these accusations are unfounded,” Guccifer 2.0 said in Thursday blog post. “I have totally no relation to the Russian government.”

According to U.S. intelligence agencies, Guccifer 2.0 is a front for Kremlin-backed cyberspies.

“It’s obvious that the intelligence agencies are deliberately falsifying evidence,” said a message on the Guccifer 2.0 blog.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Trump’s push for cyber defense is sorely needed, experts say

President-elect Donald Trump plans to consult “the greatest computer minds” for input on bolstering U.S. hacking defenses, as experts say an overhaul to the country’s cybersecurity is badly needed.

“We’re going to put those minds together, and we’re going to form a defense,” Trump said in a Wednesday press conference.

Trump made the statement as he said Russia, China and other parties continue to launch cyberattacks against the U.S. In recent weeks, he’s also been confronted with reports that the Kremlin used hacks and online propaganda in a covert campaign to tilt the election in his favor.

To read this article in full or to leave a comment, please click here

Read more 0 Comments