Cyber Security

User avatar
ZekeB
Posts: 13836
Joined: Mon Oct 12, 2009 10:07 pm
Location: Northwest part of Semi Blue State

Re: Cyber Security

#126

Post by ZekeB » Tue Oct 17, 2017 7:25 am

pipistrelle wrote:
Tue Oct 17, 2017 7:20 am
dubious marketing tactics
This sounds like one.
Anytime someone wants to sell or give me a program that will remove a virus that I may or may not have, I get suspicious. They may be attaching something of their own that will infect your computer in their own way.


Vím o prasatech hodně zajímavých věcí.

Žluté vlasy se k oranžové tváři nehodí.

User avatar
RTH10260
Posts: 13252
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#127

Post by RTH10260 » Tue Oct 17, 2017 8:49 am

MsDaisy wrote:
Tue Oct 17, 2017 7:02 am
Does this Coinhive thing affect Mac as well as PCs? :confused:
Yes, as it is coded in the browser scripting language Javascript and runs within the browser.



User avatar
RTH10260
Posts: 13252
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#128

Post by RTH10260 » Tue Oct 17, 2017 2:43 pm

More headache:
Key Reinstallation Attacks
Breaking WPA2 by forcing nonce reuse

Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven

We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can be abused to steal sensitive information such as credit card numbers, passwords, chat messages, emails, photos, and so on. The attack works against all modern protected Wi-Fi networks. Depending on the network configuration, it is also possible to inject and manipulate data. For example, an attacker might be able to inject ransomware or other malware into websites.

The weaknesses are in the Wi-Fi standard itself, and not in individual products or implementations. Therefore, any correct implementation of WPA2 is likely affected. To prevent the attack, users must update affected products as soon as security updates become available. Note that if your device supports Wi-Fi, it is most likely affected. During our initial research, we discovered ourselves that Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and others, are all affected by some variant of the attacks. For more information about specific products, consult the database of CERT/CC, or contact your vendor.

The research behind the attack will be presented at the Computer and Communications Security (CCS) conference, and at the Black Hat Europe conference. Our detailed research paper can already be downloaded.
https://www.krackattacks.com/

Note: links in text not carried over, please check article.

Note: Microsoft has just released a fix with the very recent monthly Patch Day release for their WiFi protocoll stack.



User avatar
Addie
Posts: 21738
Joined: Mon Jun 15, 2009 6:22 am
Location: downstairs

Re: Cyber Security

#129

Post by Addie » Tue Nov 21, 2017 7:13 pm

Bloomberg
Uber Concealed Cyberattack That Exposed 57 Million Peoples Data

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing company ousted Joe Sullivan, chief security officer, and one of his deputies for their roles in keeping the hack under wraps.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers were accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card details, trip location info or other data were taken, Uber said.
Adding:
WaPo: Uber waits a year to reveal major hack of customer data


¡Qué vergüenza!

User avatar
RTH10260
Posts: 13252
Joined: Tue Mar 02, 2010 8:52 am
Location: Near the Swiss Alps

Re: Cyber Security

#130

Post by RTH10260 » Tue Nov 21, 2017 9:18 pm

Addie wrote:
Tue Nov 21, 2017 7:13 pm
:snippity:
Adding:
WaPo: Uber waits a year to reveal major hack of customer data
According to the WaPo article an insider job by two (now former) employees. They were paid a ransom money to delete the data.



Post Reply

Return to “Computers & Internet”