Easy-to-exploit rooting flaw puts Linux computers at risk

October 21, 2016 – 1:15 PM

The maintainers of Linux distributions are rushing to patch a privilege escalation vulnerability that’s already being exploited in the wild and poses a serious risk to servers, desktops and other devices that run the OS.

The vulnerability, tracked as CVE-2016-5195, has existed in the Linux kernel for the past nine years. This means that many kernel versions that are used in a variety of computers, servers, routers, embedded devices and hardware appliances are affected.

The Red Hat security team describes the flaw as a “race” condition, “in the way the Linux kernel’s memory subsystem handles the copy-on-write (COW) breakage of private read-only memory mappings.” This allows an attacker who gains access to a limited user account to obtain root privileges and therefore take complete control over the system.

The vulnerability was fixed this week by the Linux kernel developers and patches for Linux distributions, including Red Hat, Debian, Ubuntu, Gentoo and Suse, have been released or are in the process of being released.

The vulnerability, which has been dubbed Dirty COW by the security community, was discovered by security researcher Phil Oester when it was reportedly used in an attack against one of his servers. This suggests that attackers have known about the vulnerability and have exploited it in the wild for some time.


Remove ransomware infections from your PC using these free tools

October 7, 2016 – 4:36 PM

Ransomware, a variety of malware which encrypts user files and demands payment in return for a key, has become a major threat to businesses and the average user alike.

Coming in a variety of forms, ransomware most often compromises PCs through phishing campaigns and fraudulent emails. Once a PC is infected, the malware will encrypt, move, and potentially delete files, before throwing up a landing page demanding a ransom in Bitcoin.

Demands for payment can range from a few to thousands of dollars. However, giving in and paying the fee not only further funds the development and use of this malware, but there is no guarantee any decryption keys given in return will work.

It is estimated that ransomware attacks cost more than $1 billion per year.

The No More Ransom Project, launched by the National High Tech Crime Unit of the Netherlands’ police, Europol, Kaspersky, and Intel Security, is a hub for victims to find out how to remove infections — and how to prevent themselves becoming infected in the future.

Unfortunately, not every type of ransomware has been cracked by research teams. Time and vulnerabilities which can be exploited by cybersecurity experts are required, and so some ransomware families do not have a solution beyond wiping your system clean and using backup data.

However, researchers are cracking more types of ransomware every month and there are a number of tools available which give victims some hope to retrieve their files.


Yahoo Built a Secret Tool to Scan Your Email Content for US Spy Agency

October 4, 2016 – 5:17 PM

Users are still dealing with the Yahoo’s massive data breach that exposed over 1 Billion Yahoo accounts and there’s another shocking news about the company that, I bet, will blow your mind.

Yahoo might have provided your personal data to United States intelligence agency when required.

Yahoo reportedly built a custom software programmed to secretly scan all of its users’ emails for specific information provided by US intelligence officials, according to a report by Reuters.

The tool was built in 2015 after company complied with a secret court order to scan hundreds of millions of Yahoo Mail account at the behest of either the NSA or the FBI, according to the report that cites three separate sources who are familiar with the matter.

According to some experts, this is the first time when an American Internet company has agreed to such an extensive demand by a spy agency’s demand by searching all incoming emails, examining stored emails or scanning a small number of accounts in real time.

The tool was designed to search for a specific set of character strings within Yahoo emails and “store them for remote retrieval,” but it’s unclear exactly what the spies were looking for.


10 easy ways to prevent malware infection

August 26, 2016 – 5:43 PM

We told you how to tell if you’re infected with malware. We told you how to clean up the infection if you get it. How about how to stop the infection from happening in the first place?

Yes, it’s possible to clean up an infected computer and fully remove malware from your system. But the damage from some forms of malware, like ransomware, cannot be undone. If they’ve encrypted your files and you haven’t backed them up, the jig is up. So your best defense is to beat the bad guys at their own game.

While no single method is ever 100 percent fool-proof, there are some tried and true cybersecurity techniques for keeping malware infections at bay that, if put into practice, will shield you from most of the garbage of the Internet.


Google Chrome will start blocking all Flash content next month

August 10, 2016 – 4:04 PM

Flash was an integral part of the internet in years past, but it has also been a drag on performance and the source of a great many security vulnerabilities. Today, HTML5 is a better way to get the same sort of interactive content running on the web, and it works on mobile devices. The next phase in Adobe Flash’s agonizingly slow demise starts next month when Google Chrome begins blocking all Flash content.

This will come as part of the Chrome 53 update, which should be available in early September. Chrome 53 will block all the small, non-visible Flash elements on web pages. These are usually tacking platforms and page analytics, but they can slow down page loads just like larger Flash content. This is not Google’s first attempt to de-emphasize Flash on the web. Last year in Chrome 52, Google made most Flash content “click-to-play.”

So, what’s different now? In Chrome 52, the Flash block only applied to Flash objects that were above a certain size, but now that’s being extended to smaller Flash objects. The previous restriction was in place because at the time, there was no reliable way to detect viewability. Now, Chrome’s intersection observer API allows that. You will have the option to enable Flash objects on a page if they are necessary for the experience. If non-visible Flash objects are blocked, an icon in the address bar will alert you.

Google says that all Chrome users will see a benefit from this move. All the Flash objects loading in the background can make page loading sluggish. If you’re on a laptop, Flash also gobbles up power and reduces your battery life. Flash’s innate inefficiency is why it never took off on mobile devices.