Another Unpatched Adobe Flash Zero-Day vulnerability Exploited in the Wild

A critical vulnerability (CVE-2015-0313) exists in Adobe Flash Player 16.0.0.296 and earlier versions for Windows and Macintosh.  Successful exploitation could cause a crash and potentially allow an attacker to take control of the affected system.  We are aware of reports that this vulnerability is being actively exploited in the wild via drive-by-download attacks against systems running Internet Explorer and Firefox on Windows 8.1 and below. 

Adobe expects to release an update for Flash Player during the week of February 2.

Source:
https://helpx.adobe.com/security/products/flash-player/apsa15-02.html

Posted in Internet, Security | No Comments

New version of Autoruns integrates with VirusTotal

The new version of Microsoft’s Autoruns (version 13 – released last week) integrates the VirusTotal API for quick analysis and verification of unknown and questionable processes.  After running the program, just right-click on any entry and select Check VirusTotal:

You will need to accept VirusTotal’s Terms of Service by clicking Yes:

Once you click Yes to the Terms of Service prompt, Autoruns queries the VirusTotal API with the hash of the process and returns the results to you in the VirusTotal column:

If you want Autoruns to automatically check every process, you can configure this in Options -> Scan Options and selecting Check VirusTotal.com

Posted in Internet, Security, Software, Windows | No Comments

How to Log In To Your Linux Desktop With Google Authenticator

For additional security, you can require a time-based authentication token as well as a password to log into your Linux PC. This solution uses Google Authenticator and other TOTP apps.

This process was performed on Ubuntu 14.04 with the standard Unity desktop and LightDM login manager, but the principles are the same on most Linux distributions and desktops.

We previously showed you how to require Google Authenticator for remote access via SSH, and this process is similar. This doesn’t require the Google Authenticator app, but works with any compatible app that implements the TOTP authentication scheme, including Authy.

Source:
http://www.howtogeek.com/208205/how-to-use-two-factor-authentication-on-your-linux-desktop-with-google-authenticator/?PageSpeed=noscript

Posted in Linux, Privacy, Security | No Comments

D-Link routers vulnerable to DNS hijacking

At least one and likely more D-Link routers as well as those of other manufacturers using the same firmware are vulnerable to remote changing of DNS settings and, effectively, traffic hijacking, a Bulgarian security researcher has discovered.

Todor Donev, a member of the Ethical Hacker research team, says that the vulnerability is found in the ZynOS firmware of the device, D-Link’s DSL-2740R ADSL modem/wireless router.

The firmware in question is implemented in many networking equipment manufactured by D-Link, TP-Link Technologies and ZTE, he noted for Computerworld.

The flaw allows attackers to access the device’s Web administration interface without authentication, and through it to modify the DNS settings, which could allow them to redirect users to malware-laden and phishing sites and prevent them to visit legitimate sites for OS and software updates (including security software).

Donev hasn’t notified D-Link of this flaw, but has released exploit code for the flaw in a security advisory.

The flaw can be exploited remotely if the device’s interface is exposed to the Internet – and many are, to allow legitimate remote administration.

Source:
http://www.net-security.org/secworld.php?id=17888

Posted in Hardware, Internet, Privacy, Security | No Comments

New Chrome extension spots unencrypted tracking

A new Chrome extension highlights tools embedded in websites that could pose privacy risks by sending data unencrypted over the Internet.

It’s hard to find a major website that doesn’t use a variety of third-party tracking tools for online advertising, social media and analytics. But if the trackers send data unencrypted, it is possible for those who have network-level access — such as an ISP or government — to spy on the data and use it for their own tracking.

It’s partly the fault of websites that have not yet enabled HTTPS, which encrypts data sent between a computer and server, as well as companies that have not enabled it in their tracking tools.

Documents leaked by former U.S. National Security Agency contractor Edward Snowden showed the spy agency was using cookies in order to target users, according to a December 2013 report in the Washington Post. Cookies are small data files created by online trackers that are stored within a person’s Web browser, recording information such as a person’s browsing history.

The Chrome extension, called TrackerSSL, alerts users when a website is using insecure trackers and gives them an option of tweeting a message to the website letting it know of the issue. TrackerSSL was created by Open Effect, a digital privacy watchdog, and Citizen Lab, a technology-focused think tank at the University of Toronto.

Source:
http://www.pcadvisor.co.uk/news/security/3596045/new-chrome-extension-spots-unencrypted-tracking/

Posted in Internet, Privacy | No Comments