Over 1 million tech questions and answers.

Researcher Exposes Flaws in Certificate Authority Web Applications

Q: Researcher Exposes Flaws in Certificate Authority Web Applications

Researcher Exposes Flaws in Certificate Authority Web Applications.

SSL certificate validation process easy "to game," he says

-- Tom

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Researcher Exposes Flaws in Certificate Authority Web Applications

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 82.8

Researcher: Flaws In Facebook App Authorization Could Lead To Clickjacking.

Vulnerabilities could enable attackers to collect data on Facebook users and friends, Dhanjani says

Vulnerabilities in the way members authorize the use of third-party applications in Facebook could potentially lead to loss of personal information or even targeted attacks on specific individuals, a security researcher said today.

Nitesh Dhanjani, a well-known security researcher and author of Hacking: The Next Generation, says he has discovered design flaws in Facebook that could allow attackers to collect the personal information of users on the social networking site, and even build profiles of "friends" that might facilitate direct attacks on specific individuals within a company.

The flaws were presented to Facebook in November; Dhanjani has agreed not to release specific code or other details for two weeks while technical staffers at the social networking site continue their efforts to patch the vulnerabilities. Dhanjani says he has begun to speak generally about the problem, without specifics.Click to expand...

-- Tom
 

Read other answers
RELEVANCY SCORE 82.8

Hello,

I am trying to resolve an issue where multiple client computers in the organisation are using an internally deployed Root CA certificate (before my time and no longer required) to sign the end entity certificate for external websites, google.co.uk
for example. All SSL sites appeared to be affected by this.




However this is not the case as sub domains of sites with issues show the correct cert chain, the below is for mail.google.com




Removing or untrusting this root ca cert breaks access to these sites.

I have reset root certs in various ways, removed machines from the domain, applied no GPOs, manually updated CRL and pulled down updated certs with rootsupd.exe.
It always attempts to use this rouge CA cert to sign the websites cert.

Any assistance would be much appreciated.

Read other answers
RELEVANCY SCORE 82

Hi,
I am trying to install CA root certificate on Windows 7, IE 9.
Encounter error: "Untrusted Certificate".  "This certificate cannot be verified up to a trusted certificate authority."
I have tried to install the certificate to Trusted Root Certificate Authorities->local computer and import was successful. BUT on IE->Internet Options->Certificate->Trusted Root Certificate Authorities, I am unable to find this root CA on
the list.
On mmc->Certificates->Trusted Root Certificate Authorities->certificates, I am able to view this root CA.
I then restarted the IE and view the ssl site again but failed too, "Untrusted Certificate".
Anyone, any idea ?
Regards,
Eye Gee

A:Unable to Install Root CA Certificate - Certificate cannot be verified up to a trusted certificate authority.

May the following workarounds work for you:
Workaround 1:
Modify the Windows settings to allow the Update Root Certificate feature to update the root certificates automatically. For details, see the following Microsoft TechNet article:
Certificate Support and Resulting Internet Communication in Windows Server 2008
http://technet.microsoft.com/en-us/library/cc771121(WS.10).aspx
Workaround 2?
If the Update Root Certificate feature cannot automatically update the root certificates, you may contact the website vender to see if there is a hotfix can fix the issue.

Read other 8 answers
RELEVANCY SCORE 74.4

We have local Certificate Authority server Windows 2012 R2. There is a code signing certificate that was issued by
the local  CA and is expiring  in 3 weeks. How can we renew the certificate?



Thanks

Read other answers
RELEVANCY SCORE 74.4

I have Windows 7 client and Cisco router is configured as Certificate Authority. Cisco calls it IOS CA. How can I do certificate enrollment of Windows 7 client with my Cisco IOS Certificate Authority?

Read other answers
RELEVANCY SCORE 68.4

Black Hat: PKI Hack Demonstrates Flaws in Digital Certificate Technology.

Researcher Dan Kaminsky illuminates flaws in X.509 authentication

-- Tom
 

Read other answers
RELEVANCY SCORE 65.2

Hi all !

Could somebody please help me out and explain following 4 questions

-> What are the main difference between a a self-sign certification implementation and a PKI?
-> What is the difference in the trust model between X500 certificates and openPGP keys?
-> What is the main difference between file encryption and rights management
-> What are the steps followed within an RM Solution, when a file is protected and authorized user attempts access?

Would be really nice to have a short explanation, not like the one I have myself of a full A4 page

Thanks to all in advance
 

A:Certificate authority questions

Sorry but we don't do homework so for that reason, together with the fact that you've posted this on at least two other sites, I'm closing this thread.
 

Read other 1 answers
RELEVANCY SCORE 64

CNNIC, a certificate authority for the Chinese Government, issued a trusted subordinate (intermediary) certificate to MCS Holdings. This allowed MCS Holding to issue and use a SSL/TLS certificate for any website, but it was expected it would only be used on websites they owned. Instead, it was used internally (and stored in plaintext) to perform a man in the middle attack against all traffic within their company. 
 

 
On Friday, March 20th, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by an intermediate certificate authority apparently held by a company called MCS Holdings. This intermediate certificate was issued by CNNIC. 
CNNIC is included in all major root stores and so the misissued certificates would be trusted by almost all browsers and operating systems. Chrome on Windows, OS X, and Linux, ChromeOS, and Firefox 33 and greater would have rejected these certificates because of public-key pinning, although misissued certificates for other sites likely exist.
We promptly alerted CNNIC and other major browsers about the incident, and we blocked the MCS Holdings certificate in Chrome with a CRLSet push. CNNIC responded on the 22nd to explain that they had contracted with MCS Holdings on the basis that MCS would only issue certificates for domains that they had registered. However, rather than keep the private key in a suitable HSM, MCS installed it in a man-in... Read more

Read other answers
RELEVANCY SCORE 63.2

Hello!

I have enterprise Certificate authority working at Windows Server 2008r2. All today available updates from Microsoft are installed on the server. 

Through the web interface in the browser IE11 is impossible to request user certificate - when you press "submit" button for certificate request, nothing happens.

At another PC with IE9 all works fine - i can submit request and recive certificate from CA

I installed all available updates for Windows and IE11, but its not resolve problem. I tryed to add CA to Trusted Sites, to set IE11 security settings to minimal level - it not helps 

I found article which describes this problem https://support.microsoft.com/en-us/kb/2988411 , but I have all necessary updates are installed on IE11, including those referred to in article.

How to solve this problem? Use console to request the certificate does not offer, i must be able to request it via the web interface

Read other answers
RELEVANCY SCORE 50.4

Hey there, I was cleaning a friend?s XP Pro SP3 PC and viewed the hidden files in the documents & settings to find out that there are multiple duplicates of LocalService.NT AUTHORITY and NetworkService.NT AUTHORITY (about 4 of each). I have looked in the registry under HKLM\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\ProfileList and found that LocalService.NT AUTHORITY.003 and NetworkService.NT AUTHORITY.003 are currently being used. Based on that, how should I go about deleting the other duplicates or is that a bad idea? Hope this isn't too confusing This user currently connects to a domain for work and has only one user profile on the PC besides the admin account.

Read other answers
RELEVANCY SCORE 45.6

I used to use Google Research to find information on the web - but they seem to have discontinued that service. Does anyone else know any web research services?
 

A:Finding a web researcher?

have you tried google answers?

http://answers.google.com/answers/main
 

Read other 3 answers
RELEVANCY SCORE 45.6

Ever consider conducting your own security research but didn?t know where to start? DataGravity CISO Andrew Hay has some advice for you.

It doesn?t seem that a week goes by without some new device or application being discovered vulnerable ? from IoT devices to big enterprise applications, proclaimed Andrew Hay, CISO at DataGravity, during a recent presentation at the MISCsecurity conference.

In his talk, MISC 2016: Bootstrapping A Security Research Project, Hay said that anyone can perform security research ? and it?s often not the technical details of the research itself that is the challenge for would-be researchers. It?s deciding on what to research and how to get going on that work, and knowing when it?s complete.

Security research isn?t only fun, it provides a way to potentially discover new things, or even help put misconceptions to rest, help improve the security of a software application or device, and raise security awareness. But, as Hay made clear during his talk, there?s more to consider and lot more work to be done than running a fuzzer against an app, and that there are important choices to be made before diving in.

Hay laid out everything anyone who would be interested in trying their hand at security research would need to know before they get started. Hay would know, recently he and his partner saw the release of the high tech Hello Barbie Doll as a catalyst for research and published Hello Barbie App, Hello Security Issues Security Ri... Read more

A:So you want to be a security researcher?

@Logethica thank for providing much needed article ,given the cyber environment now-a-days it is must read for everyone if she or he wants to do research or not
 

Read other 2 answers
RELEVANCY SCORE 45.2

(I'm cross posting this from
https://answers.microsoft.com/en-us/ie/forum/ie11-windows_7/a-certificate-chain-processed-but-terminated-in-a/e6895c7e-c6b9-4a96-a5f5-a4dcd40b7b45 as directed by the forum moderator there.)
Hello,

First, I have reviewed the other posts with similar questions and noted that I can install the certificate into root certificates and most likely this problem will go away, some specifics:

1) When a client reported this error using a pop.secureserver.net on an outlook 2003 client, I just figured it was godaddy or the REALLY old Outlook client, but nonetheless, I went in to troubleshoot it and was convinced it was godaddy, but when I tried
to start my Outlook 2016 client on my Windows 10 computer on their network, I got the same error.  Two notes are important: 1) I use godaddy as well and 2) I used the same computer at a different client just yesterday without a single error message.
2) They use POP 995 w/ SSL & SMTP 465 w/ SSL to pop.secureserver.net & smtpout.secureserver.net repsectively
3) I called the company that manages their firewall and was told that everything was fine, but was sent a certificate from the firewall that might fix the problem.
4) The firewall company tells me they use a fortinet firewall

I have some questions that I'm hoping one of the experts here can answer for me:

- What in a firewall setup can cause a certificate to fail as listed in the subject?
- Is there a port or configuration change they... Read more

Read other answers
RELEVANCY SCORE 45.2

Is there a rvkroots.exe available for download for the mentioned KB so that I can remediate a Nessus finding?
We are on a disconnected network so windows update is disabled in our network.
In the past we are able to just download rvkroots.exe and push it out to all our Win7 computers.

Read other answers
RELEVANCY SCORE 45.2

I have some Windows 7 systems which have not run Windows Updates for many years, and cannot due to regulatory reasons.   We rely upon Windows to automatically update the Trusted Root Certificate store whenever we browse to a web site/web service
that uses a certificate the system doesn't recognize. 
Sometime recently, the Trusted Root Certificate Store no longer updates automatically.  The Windows Event Log shows an error stating that the certificates cannot be downloaded from:
http : // ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab
If we browse to this location manually, the cab file contains an invalid Microsoft certificate. 

This was also an issue in Sept 2018.  At that time, the certificate had expired, and Microsoft eventually updated the certificate to resolve the issue.   This time, the certificate does not appear to have expired.  Why is the certificate
invalid this time, and can Microsoft fix it again?

Thanks

Read other answers
RELEVANCY SCORE 45.2

so whats up with this error message ??
Revocation information for the security certificate for this site is not available. Do you want to proceed? [Yes] [No] [View certificate]


i know it can be unchecked in security option under advanced. but is that really safe to do ???

Thx


Steven J Einhorn

Read other answers
RELEVANCY SCORE 45.2

Researcher: Update and You're Owned.

Hundreds of applications that use software updates are making computers more vulnerable to attack.

The lesson to be learned is that before you buy or download any software, inquire as to whether their software update process is encrypted or not.

-- Tom
 

A:Researcher: Update and You're Owned

Dear Tom,
Thank you! This comment below the article was interesting and i want your opinion on it! Quote" HTTPS isn't required for security.

If you want secure updates with HTTP, the update must be signed with a key known to the program (usually a public/private key pair). Then it doesn't matter if someone does a man-in-the-middle attack (and being on a "secure network" doesn't absolve you of that risk, it just removes one point where that can happen." Unquote.
 

Read other 1 answers
RELEVANCY SCORE 44.4

Hi,

Really confusing one here. Since this weekend (16/17 July) we have started getting Certificate errors on some sites and applications. This seems to be due to the structure of the URL compared to the "advertised" name IIS is presenting. I'll try
to explain.
I have a site, Website. This is in my domain, domain.com. Therefore the FQDN is website.domain.com. IIS is running and I can access this site through FQDN,NetBIOS or IP address. Good news.
I create a certificate for the server using the FQDN as the subject, I add the Netbios and IP addresses in the Subject Alternate Names and Bind this to port 443 on the server.
I browse to https://website and all is good. I browse to https://website.domain.com I get a certificate error. Checking the certificate, everything is fine, no errors, chain is trusted. open Chrome and do the same, I get that the certificate website.domain.com
is being presented by Website and may not be the site I want.
Using either URL has never been a problem until this weekend, but it seems that IE/Windows/IIS is not liking any URL that is not EXACTLY what IIS is presenting. so my questions are:-
Is anyone else finding this?
Can we issue a certificate that covers all possible DNS resolutions for a site?
How do I control WHAT IIS advertises itself as?
SO far this has affected two major systems on our network and I can see that more will arise, so any help would be appreciated.

Read other answers
RELEVANCY SCORE 44.4

Hiya

This update addresses the "Certificate Renewal Wizard Concatenates Certificate" issue in Internet Information Services (IIS) 5.0, and is discussed in Microsoft Knowledge Base (KB) Article Q325827. Download now to correct this issue for IIS 5.0

System Requirements
Supported Operating Systems: Windows 2000

Internet Information Services 5.0
Windows 2000 Professional
Windows 2000 Server
Windows 2000 Advanced Server

http://www.microsoft.com/downloads/...43-c72f-4652-b912-065ee2a83c02&DisplayLang=en

Regards

eddie
 

Read other answers
RELEVANCY SCORE 44.4

Can someone walk me through the steps of having Advanced Threat Analytics (ATA) request a new certificate from Active Directory Certificate Services (ADCS)?  I'm not familiar with either product so I will need detailed steps please.  At a high-level
i'm guessing
1. ATA issues a certificate request
2. I send the request to ADCS
3. ADCS issues a cert for that request
4. Install new cert in ATA
I'll need detailed command line statements.  My ATA Center server is named ATASERVER.DOMAIN.ORG, and I but the URL is configured as ATACENTER.DOMAIN.ORG in ATA.  Can the cert handle both the servername and the URL?
Thank you in advance!

Read other answers
RELEVANCY SCORE 44.4

In Internet Explorer, when I get a certificate error, if I continue to the web site, I can then view the certificate to see what was wrong.  However, obviously it would be preferable* to see the certificate
before I make the decision to go to the site.  Is this possible?  I'm sure I could use another browser that does this, or maybe use the F12 developer tools, or write a program.   But I'm looking
for a normal-user way to do it.  I think it used to be possible in Internet Explorer, but this might have been 6.x or even earlier.  Or even
way earlier.  Yep.  I'm that old.  I believe this feature is not in Edge either...unless I'm just missing it.  But I'm using ie11 right now.
*understatement level is set to "high".

Read other answers
RELEVANCY SCORE 44

Ben Edelman has been going after adware products for years now in a very methodical manner with extensive research. I highly recommend his past posts to help you learn how this stuff works and more importantly how it makes the creators of this junk lots of money.

He has gone after IAC/Ask.com before but today released his latest research and probes into the Google connection as well as the unusual appointment of Chelsea Clinton to IAC's board of directors.

http://www.benedelman.org/news/012213-1.html

Enjoy
James

A:Ben Exposes Ask.com Toolbar Practices...Again

And from Wednesday January 23 from HereOracle, please stop sneakily foisting third-party toolbars on us with your Java updatesRoger

Read other 3 answers
RELEVANCY SCORE 44

Researcher: Worm infects 1.1M Windows PCs in 24 hours.

-- Tom
 

A:Researcher: Worm infects 1.1M Windows PCs in 24 hours

Read other 8 answers
RELEVANCY SCORE 44

A researcher who found a slew of vulnerabilities in a popular router said it?s so hopelessly broken that consumers who own them should throw them away. Pierre Kim said attackers could easily exploit the vulnerabilities and use the device as a spamming zombie or a man-in-the-middle tool. ?I advise users to trash their routers because it?s trivial for an attacker to use this router as an attack vector,? Kim said. The router, D-Link?s DWR-932B, suffers from 20 vulnerabilities, including a backdoor, backdoor accounts, and a default Wi-Fi Protected Setup PIN, to name a few of them. Kim, who?s based in South Korea and has discovered his fair share of router bugs in the past, says the faulty D-Link router is still being sold in stores. Given the lack of vendor response, Kim doesn?t believe users shouldn?t expect a patch anytime soon. The model is based on the Quanta LTE brand router; a device that Kim looked at last winter and also found riddled with vulnerabilities. Kim began looking into D-Link router after receiving a tip from Gianni Carabelli, a developer at the Italian e-commerce platform Triboo Group, that the routers were similar. While Quanta ultimately decided not to fix the vulnerable router ? it was plagued by similar flaws; backdoors, a hard coded SSH key, and remote code execution bugs ? it?s unclear whether D-Link will address the issues in DWR-932B. Kim broke down all of the vulnerabilities in a public advisory, which he forwarded to security mai... Read more

Read other answers
RELEVANCY SCORE 44

Researcher cracks Mac in 10 seconds at PWN2OWN, wins $5k.

Charlie Miller defends his title; IE8 also falls on Day One of hacking contest

-- Tom
 

A:Researcher cracks Mac in 10 seconds at PWN2OWN, wins $5k

No mention of Linux.

I thought I remembered someone saying last year it could be done but was too hard.

Did they take Linux right out of this competition?
 

Read other 2 answers
RELEVANCY SCORE 44

Quote:
.Net-sploit can hide rootkits in a framework untouched by security software, where they can affect many applications







Quote:
A computer security researcher has released an upgraded tool that can simplify the placement of difficult-to-detect malicious software in Microsoft's .Net framework on Windows computers.
Microsoft discloses ambitious security strategy

The tool, called .Net-Sploit 1.0, allows for modification of .Net, a piece of software installed on most Windows machines that allows the computers to execute certain types of applications.
Microsoft makes a suite of developer tools for programmers to write applications compatible with the framework. It offers developers the advantage of writing programs in several different high-level languages that will all run on a PC.
.Net-Sploit allows a hacker to modify the .Net framework on targeted machines, inserting rootkit-style malicious software in a place untouched by security software and where few security people would think to look, said Erez Metula, the software security engineer for 2BSecure who wrote the tool.


more: Network World

A:Researcher offers tool to hide malware in .Net

WTF? Why would he *release* it?

How is this any different than instituting a DDoS on a security site?

Read other 2 answers
RELEVANCY SCORE 43.6

Good Day



We have a problem where we encrypted files using EFS, however we can't access or decrypt these files now.

We have the certificate in the certmgr.msc but we do see that the key is missing.



I have reproduced this on another computer and was able to run certutil -repairstore -user MY "Serial Number" which worked in repairing the store and files was decryptable again.

However on the machine that encrypted the files that we need to access this is not the case as there is a popup asking for your Smart Card.

We are not using Smart Cards at all, and have had a look at the following article regarding this issue, but the hotfix didn't work: https://support.microsoft.com/en-us/kb/2955631




I have software that can remove the encryption but will require the .pfx file, which can't be exported as the certstore doesn't show that it still has this.



It is a self signed certificate generated by Windows, so I can't request a new one using the CA.


Thanks for your help in advance.

Read other answers
RELEVANCY SCORE 43.6

Hi,
Having some fun with a windows 7 setup of DirectAccess, have it configured to use ECC certificates on the client for the IPSec authentication, which was working brilliantly, we even have it loaded up behind a Citrix Netscaler to do SSL offloading of the
HTTPS tunnel encryption. But when trying to get Client Preauthentication working, we hit a snag, it seems that the NetScalers dont support ECC certificates, which is a pain, but something we thought we could work around by using an RSA certificate on the client
to performed the pre-authentication (as shown here https://directaccess.richardhicks.com/2016/05/10/directaccess-ip-https-preauthentication-using-citrix-netscaler/).
So we have three CA's, CA1/2 issue RSA certs and CA3 is setup to do the ECC ones, so nice separation of the chains.
So we have our Cert chain for RSA loaded into the load balancer and a new cert issued to the client from CA1... But, every time the client connects to the server (LB) we see the handshake taking place, the server sends a list of its DNs (CA1/2) (https://blogs.msdn.microsoft.com/kaushal/2015/05/27/client-certificate-authentication/)
to the client, but then the client looks in its store, picks out the ECC certificate (issued from CA3) and fails to authenticate saying no suitable certificate can be found, its like its not even looking at the RSA one at all.
So, thinking something was wrong with the way the LB was asking for client authentication, I tried deleting the ECC cert a... Read more

Read other answers
RELEVANCY SCORE 43.6

This article, which I came across, affects all versions of Windows OS. Didn't know exactly where to post this, so I posted here. If not appropriate please fell free to relocate.
 
http://www.zdnet.com/article/code-injection-exposes-all-versions-of-windows-to-cyberattack/?ref=yfp
 

 
It is simply one more attack in the hacking toolbox, and so as problems like this design flaw will always be exploited if they can be, the best defense is knowing about it -- especially when there is no solution available.

 
Maybe it is time to change OS.

A:New Code Exposes Windows To Cyberattacks

That is just plain freaking scary as it uses legitimate Windows mechanisms. I NEVER have a browser store my passwords but still. This makes it more imperative you never open files from someone you do not know or even those you know unless you verify it first.
 

As noted by the research team, the only way to potentially mitigate attacks using this tool is to dive deeply into the API and monitor for any suspicious changes.

 
Hopefully the AV vendors will jump on this and provide protections. 
 
Maybe it's getting to the point where if you want to run Windows it needs to be in a virtual machine on a linux box. 
 
The thread should be moved to General Security.

Read other 0 answers
RELEVANCY SCORE 43.6

http://www.theregister.co.uk/2005/09/27/plusnet_voip/
 

Read other answers
RELEVANCY SCORE 43.6

This article, which I came across, affects all versions of Windows OS. Didn't know exactly where to post this, so I posted here. If not appropriate please fell free to relocate.
 
http://www.zdnet.com/article/code-injection-exposes-all-versions-of-windows-to-cyberattack/?ref=yfp
 

 
It is simply one more attack in the hacking toolbox, and so as problems like this design flaw will always be exploited if they can be, the best defense is knowing about it -- especially when there is no solution available.

 
Maybe it is time to change OS.

A:New Code Exposes Windows To Cyberattacks

That is just plain freaking scary as it uses legitimate Windows mechanisms. I NEVER have a browser store my passwords but still. This makes it more imperative you never open files from someone you do not know or even those you know unless you verify it first.
 

As noted by the research team, the only way to potentially mitigate attacks using this tool is to dive deeply into the API and monitor for any suspicious changes.

 
Hopefully the AV vendors will jump on this and provide protections. 
 
Maybe it's getting to the point where if you want to run Windows it needs to be in a virtual machine on a linux box. 
 
The thread should be moved to General Security.

Read other 9 answers
RELEVANCY SCORE 43.6

The McAfee.com website is full of security mistakes that could lead to cross-site scripting and other attacks, researchers said in a post on the Full Disclosure site on Monday. The holes with the site were found by the YGN Ethical Hacker Group, and reported to McAfee on Feb. 10, YGN says, before they were publicly disclosed to the security/hacking mailing list.Click to expand...

http://www.networkworld.com/news/2011/032811-mcafee-security-holes.html
 

A:McAfee's website full of security holes, researcher says

No big shocker now is it? They're a crap provider and I/we all knew this a long time ago since they got booted out of most ISP contracts etc...
 

Read other 6 answers
RELEVANCY SCORE 43.6

A security expert who in his spare time discovers data breaches affecting millions explains why he does it:

In September 2015,medical insurance claim company Systema Software made headlines for all the wrong reasons: 1.5 million Americans' data was publicly available online via an unsecured database, including everything from drug test results to social security numbers.

Then in December that year, 191 million US voters' records were found easily accessible online, again due to a misconfigured database. Later that month, 3.3 million Hello Kitty fans' data was also exposed ? including info on nearly 200,000 minors.

In April 2016, there was a second voter database discovered unprotected online ? this one containing data on 87 million Mexican citizens. In June,it was a huge terrorist and "heightened-risk individual" database, containing 2.2 million records.

All of these incidents have one thing in common: They were discovered by a prolific security researcher called Chris Vickery...

By day, Vickery ? who lives in Texas ? works in tech support for a law firm. "But by night I do the security research stuff," he told Business Insider.

If you know where to look, the modern internet is littered with unsecured and misconfigured databases ? often containing highly sensitive personal information on up to millions of individuals.

Vickery trawls the web looking for these databases, reporting notable ones to the companies responsible, a... Read more

Read other answers
RELEVANCY SCORE 43.6

IPhone lovers and other smartphone users should take heed: A security researcher showed ways to spy on a BlackBerry user during a presentation at the Hack In The Box (HITB) conference Wednesday, including listening to phone conversations, stealing contact lists, reading text messages, taking and viewing photos, and figuring out the handset's location via GPS.



More -
Security researcher shows how hackers spy on BlackBerry and other smartphones | Security Central - InfoWorld

Read other answers
RELEVANCY SCORE 43.6

A maker of hardware for computer gamers has taken its support site offline following a report that it was surreptitiously distributing malware on its downloads section.
Carlsbad, California-based Razer took the precautionary move after Rik Ferguson, a senior security adviser in Europe with anti-virus firm Trend Micro, warned users could be at risk.



Link -
Hardware biz issued trojan-laced drivers, says researcher ? The Register

Read other answers
RELEVANCY SCORE 43.2

IE flaw exposes weakness in Yahoo! filtering
By John Leyden
Posted: 23/03/2004 at 11:52 GMT

Flaws in the filtering technology used by Web-based email services make it possible for hackers to smuggle viruses past defences.

Israeli security outfit GreyMagic Software warned today that this "severe security" vulnerability could allow attackers to run code of their choice, "simply by sending an email to an unsuspecting Hotmail or Yahoo! user". When the victim attempts to read this email, the code executes to potentially dire consequence (e.g. theft of the user's login and password, seizure of machines etc.).

The problem stems from a Cross-Site Scripting vulnerability involving IE. To blame is a new way to embed script involving an IE technology called HTML+TIME (based on SMIL), which is meant to add timing and media synchronization support to HTML pages.

The flaw weakens the ability of Web-based email services to screen this type of HTML content for malicious code. But users with up-to-date anti-virus scanners and personal firewalls are likely to be protected, even if hackers punch through that layer of defence.

GreyMagic has alerted Microsoft to this issue and worked with the company to fix the vulnerability in Hotmail. Hotmail is no longer vulnerable.

Unfortunately, all attempts by GreyMagic to contact Yahoo's security department failed; so Yahoo! webmail is still vulnerable.

GreyMagic warns that other web-based email systems may also b... Read more

Read other answers
RELEVANCY SCORE 43.2

An unpatched flaw in drivers from ATI creates a means to smuggle malware past improved security defences in the latest version of Windows and into the Vista kernel.Microsoft is working with ATI on an update which security watchers warn might be far from straightforward to roll-out.http://www.theregister.com/2007/08/10/ati_driver_snafu/

Read other answers
RELEVANCY SCORE 43.2

Saw these this morning:http://www.malwarecity.com/news/kaspersky-...hacker-358.htmlhttp://www.information-age.com/channels/se...es-hacked.thtml

A:Kaspersky breach exposes sensitive database

If Kaspersky cannot protect their own databases then whats about their customers, like me?

Read other 1 answers
RELEVANCY SCORE 43.2

Vista feature exposes beta machines. Windows Vista beta testers have stumbled upon a networking feature in the operating system that could pose a security risk to them--but they say they're not worried.After installing the first beta release of the upcoming Windows client, some testers noticed suspicious network traffic to their machines. Concerned about a possible attack, these people last week contacted the SANS Internet Storm Center."There was very curious traffic that did not match anything that they had seen before," said George Bakos, a security expert at the Institute for Security Technology Studies at Dartmouth College who is associated with SANS. "The concern was that this may be some new type of attack, or somebody scanning for a vulnerability we were unaware of." After investigating the traffic for SANS, Bakos found the culprit: a peer-to-peer networking feature that is turned on by default in Vista Beta 1, released last month. The feature uses a new version of Microsoft's peer name resolution protocol (PNRP) and connects to other beta machines as soon as an Internet connection is available, he said.Published: August 18, 2005, 2:38 PM PDTBy Joris EversStaff Writer, CNET News.comFull story at CNET News

A:Vista feature exposes beta machines

cool. Kazaa and Warez all built in. Now lets see if Beta 2 has Bit Torrent support!

Read other 2 answers
RELEVANCY SCORE 43.2

Researcher Uncovers Massive, Sophisticated Trojan Targeting Top Businesses.

Trojan may already have infected hundreds of thousands of PCs, botnet expert says

"We weren't all that worried about Storm, and we weren't all that worried about Conficker," Stewart says. "This one you need to worry about."
...
The best strategy to defend against Clampi -- and other attacks that use a similar approach -- is to use separate machines for Web surfing and funds transfer, Stewart says. "Using Windows, it's too dangerous to do transactions on the same machine you do for Web surfing," he says. "You can't have any crossover between them."Click to expand...

-- Tom
 

A:Researcher Uncovers Massive, Sophisticated Trojan Targeting Top Businesses

Read other 14 answers
RELEVANCY SCORE 43.2

http://www.pcworld.com/article/260015/researcher_creates_proofofconcept_malware_that_infects_bios_network_cards.html>>>Rakshasa replaces the motherboard BIOS, but can also infect the PCI firmware of other peripheral devices like network cards or CD-ROMs, in order to achieve a high degree of redundancy.snipExistent computer architecture gives every peripheral device equal access to RAM (random access memory), Brossard said. "The CD-ROM drive can very well control the network card." This means that even if someone were to restore the original BIOS, rogue firmware located on the network card or the CD-ROM could be used to reflash the rogue one, Brossard said.The only way to get rid of the malware is to shut down the computer and manually reflash every peripheral, a method that is impractical for most users because it requires specialized equipment and advanced knowledge.Brossard created Rakshasa to prove that hardware backdooring is practical and can be done somewhere in the supply chain, before a computer is delivered to the end user. He pointed out that most computers, including Macs, come from China.<<<MODS: Please fix topic title s/b ReasearcherEdit: TY!

Read other answers
RELEVANCY SCORE 43.2

A prominent security researcher has discovered serious vulnerabilities in a system that allows awards voters to watch the latest movie screeners online. Chris Vickery, who previously gained access to the 'World-Check' terror, crime and sanctions database, informed TF of his discovery last month after an unsecured database was left open to the public.

So-called screener copies of the latest movies are some of Hollywood?s most valuable assets, yet every year and to the delight of pirates, many leak out onto the Internet.

Over the years, Hollywood has done its best to limit the leaks, but every 12 months without fail, many of the top titles appear online in close to perfect quality.

With that in mind, the studios have been testing Netflix-like systems that negate the need for physical discs to be sent out.

One such system has been made available at Awards-Screeners.com. Quietly referenced by companies including 20th Century Fox, the site allows SAG-AFTRA members and other industry insiders to view the latest movies in a secure environment. At least, that?s the idea.

Late August, TorrentFreak was contacted by security researcher Chris Vickery of MacKeeper.com who told us that while conducting tests, he?d discovered an exposed MongoDB database that appeared to be an integral part of Awards-Screeners.com.

?The database was running with no authentication required for access. No username. No password. Just entirely exposed to the open internet,? Vickery told... Read more

Read other answers
RELEVANCY SCORE 43.2

One researcher isn't buying Microsoft's and Google's explanation that hijacked Hotmail and Gmail passwords were obtained in a massive phishing attack.
Mary Landesman, a senior security researcher at San Francisco-based ScanSafe, said it's more likely that the massive lists -- which include approximately 30,000 credentials from Hotmail, Gmail, Yahoo Mail, and other sources -- were harvested by botnets that infected PCs with keylogging or data stealing Trojan horses.



More -
Researcher refutes Google's, Microsoft's accounts of hijacked passwords | Security Central - InfoWorld

Read other answers
RELEVANCY SCORE 42.8

A hack on a popular Web fantasy site may have exposed the personal data of some 650,000 players, site operators revealed late last week.Second Life, a virtual world in which players can live out another existence, was hit by a "zero-day exploit" last week, and a database containing players' names, addresses, passwords, and payment information was compromised...Systems administrators for Second Life voided all of the participants' passwords, forcing users to change to new passwords immediately. Users will have to answer a security question in order to get a new password...darkreading.com

A:Fantasy Site Hack Exposes Data On 650,000 Users

See my post:http://www.bleepingcomputer.com/forums/t/65020/on-line-game-second-life-hacked/Cheers,John

Read other 3 answers
RELEVANCY SCORE 42.4

Hiya

Microsoft has released a warning, and a work-around, for a security vulnerability in Microsoft Outlook. The vulnerability could run code of an attacker's choice via either web page or HTML e-mail

http://www.windows-help.net/features/ms-security071201.html

Regards

eddie
 

Read other answers