IoT Scanner Checks for Vulnerabilities In Your Connected Devices

October 24, 2016 – 4:17 PM

Last week’s DDoS attack on Dyn that shut down portions of the internet was fueled by bots created from hacked connected devices, like internet-connected cameras and DVRs, but can also theoretically include connected routers, printers, and more. While there’s not exactly a fix for this problem, IoT Scanner is a tool that can at least tell you if a device in your house is creating a vulnerability.

In the case of last week’s attacks, the botnet was created by taking control of a bunch of different connected cameras that still had the default passwords in use. To scan if you have such devices in your network, Bullguard Security created IoT Scanner. Head to the site, click the scan button, and IoT Scanner looks for open ports on your network.

If IoT Scanner comes back saying that your network can be breached, that means some device that’s connected to your Wi-Fi network has an open port that makes it accessible from the internet. This could be on purpose if you’re running a server or have some other device that you can access from outside your home network. If you’re not doing that and IoT Scanner says your network can be breached, then it’s a good idea to dig in and see which device has that open port.

Like most tools of this ilk, take the results with a grain of salt and use them as a starting point to really secure your network. IoT Scanner’s results are vague, but they’ll at least give you a place to start your search.


Easy-to-exploit rooting flaw puts Linux computers at risk

October 21, 2016 – 1:15 PM

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that’s already being exploited in the wild and poses a serious risk to servers, desktops and other devices that run the OS.

The vulnerability, tracked as CVE-2016-5195, has existed in the Linux kernel for the past nine years. This means that many kernel versions that are used in a variety of computers, servers, routers, embedded devices and hardware appliances are affected.

The Red Hat security team describes the flaw as a “race” condition, “in the way the Linux kernel’s memory subsystem handles the copy-on-write (COW) breakage of private read-only memory mappings.” This allows an attacker who gains access to a limited user account to obtain root privileges and therefore take complete control over the system.

The vulnerability was fixed this week by the Linux kernel developers and patches for Linux distributions, including Red Hat, Debian, Ubuntu, Gentoo and Suse, have been released or are in the process of being released.

The vulnerability, which has been dubbed Dirty COW by the security community, was discovered by security researcher Phil Oester when it was reportedly used in an attack against one of his servers. This suggests that attackers have known about the vulnerability and have exploited it in the wild for some time.


Remove ransomware infections from your PC using these free tools

October 7, 2016 – 4:36 PM

Ransomware, a variety of malware which encrypts user files and demands payment in return for a key, has become a major threat to businesses and the average user alike.

Coming in a variety of forms, ransomware most often compromises PCs through phishing campaigns and fraudulent emails. Once a PC is infected, the malware will encrypt, move, and potentially delete files, before throwing up a landing page demanding a ransom in Bitcoin.

Demands for payment can range from a few to thousands of dollars. However, giving in and paying the fee not only further funds the development and use of this malware, but there is no guarantee any decryption keys given in return will work.

It is estimated that ransomware attacks cost more than $1 billion per year.

The No More Ransom Project, launched by the National High Tech Crime Unit of the Netherlands’ police, Europol, Kaspersky, and Intel Security, is a hub for victims to find out how to remove infections — and how to prevent themselves becoming infected in the future.

Unfortunately, not every type of ransomware has been cracked by research teams. Time and vulnerabilities which can be exploited by cybersecurity experts are required, and so some ransomware families do not have a solution beyond wiping your system clean and using backup data.

However, researchers are cracking more types of ransomware every month and there are a number of tools available which give victims some hope to retrieve their files.


Yahoo Built a Secret Tool to Scan Your Email Content for US Spy Agency

October 4, 2016 – 5:17 PM

Users are still dealing with the Yahoo’s massive data breach that exposed over 1 Billion Yahoo accounts and there’s another shocking news about the company that, I bet, will blow your mind.

Yahoo might have provided your personal data to United States intelligence agency when required.

Yahoo reportedly built a custom software programmed to secretly scan all of its users’ emails for specific information provided by US intelligence officials, according to a report by Reuters.

The tool was built in 2015 after company complied with a secret court order to scan hundreds of millions of Yahoo Mail account at the behest of either the NSA or the FBI, according to the report that cites three separate sources who are familiar with the matter.

According to some experts, this is the first time when an American Internet company has agreed to such an extensive demand by a spy agency’s demand by searching all incoming emails, examining stored emails or scanning a small number of accounts in real time.

The tool was designed to search for a specific set of character strings within Yahoo emails and “store them for remote retrieval,” but it’s unclear exactly what the spies were looking for.


10 easy ways to prevent malware infection

August 26, 2016 – 5:43 PM

We told you how to tell if you’re infected with malware. We told you how to clean up the infection if you get it. How about how to stop the infection from happening in the first place?

Yes, it’s possible to clean up an infected computer and fully remove malware from your system. But the damage from some forms of malware, like ransomware, cannot be undone. If they’ve encrypted your files and you haven’t backed them up, the jig is up. So your best defense is to beat the bad guys at their own game.

While no single method is ever 100 percent fool-proof, there are some tried and true cybersecurity techniques for keeping malware infections at bay that, if put into practice, will shield you from most of the garbage of the Internet.