Posted by & filed under Security News, Security Threats.

Netgear HackIn a news report from ZDNET, some models of Netgear routers has a vulnerability and hackers are exploiting the flaw. The hackers can route web browsing data to malicious serves, in which they can gather confidential information from the user.

Joe Giron, a security researcher told BBC that the administrative settings on his personal router were changed. The DNS traffic were effectively redirected.

Once an attacker has successfully redirected the DNS to his server, it can track the users browsing history that may lead to stealing of credentials, or other important informations. The attacker can also redirect the user to a malicious sites that contains malware.

According to Netgear that they are already knew the vulnerability and told that fewer than 5,000 units were affected.

Netgear released a patched firmware for at least nine affected routers.

To recreate or to know more about the vulnerability, visit SHELLSHOCKLABS


Visit Netgear knowledgeable base on how to upgrade your router.

Posted by & filed under Security News.

Following massive pressure from both local and international rightsholders, 21 months ago Russia took steps to improve its reputation of going soft on piracy.

On August 1, 2013, the country introduced a brand new intellectual property law which provided a mechanism through which sites could be blocked by intermediaries should they not comply with rightsholder takedown requests within 72 hours.

A year later telecoms watchdog Roscomnadzor revealed that during the law’s first year of operation the Moscow City Court imposed preliminary interim injunctions against 175 sites following copyright complaints. It went on to block just 12 file-sharing domains for being unresponsive to takedowns, many of them BitTorrent trackers.

With complaints from copyright holders continuing to mount, Russia decided to make further amendments to the legislation. Initially only video content was covered by the law but with an expansion scheduled for May 1, 2015, all multimedia content (photographs excluded) will receive protection. Furthermore, the law also amends the provisions on preliminary injunctions.

Although it remains unclear how the new system will work in practice, the theory is that intermediaries (ISPs and webhosts) can be ordered by the Court to permanently block websites that continually host or provide access to infringing content. At least at this early stage it appears to be the kind of system U.S. copyright holders are pushing for elsewhere, one in which content that is taken down, stays down.

With the new law just over a week away, State Duma Deputy Speaker Sergei Zheleznyak has been underlining the legislation’s reach.

“The anti-piracy legislation that created the ability to block access to sites that distribute copyright-infringing films and TV shows entered into force on 1 August 2013. On May 1, 2015 amendments to the Act will come into force that apply to music, books and software,” Zheleznyak says.

“This development will mean that the systematic violation of intellectual property rights will result in sites providing access to stolen content being blocked forever.”

Putting operators of torrent and similar sites on notice, Zheleznyak issued a stern warning.

“I would like to warn those who are still abusing piracy: you have until May 1 to try to and enter into constructive dialogue with rightsholders. They are open to cooperation,” he said.

“Our common goal is to ensure that all work is adequately rewarded and that the benefit from successful books, music and wonderful computer programs is enjoyed by those who created them, and not those who stole them. If [site owners] are not interested in legal business, the response of the state will become quite obvious.”

Russia’s first attempt at site blocking legislation failed to produce the apocalyptic conclusion many predicted. Only time will tell what the results of these latest tweaks will mean for local sites.

source: TorrentFreak News

Posted by & filed under Security News.

Famous hacktivist group, Anonymous has launched a massive cyberattack against the terrorist group Islamic State (ISIS). The attack includes taking down social media accounts that promotes the terrorist group's ideology and violent persecution of prisoners.

ISIS is responsible for the brutal killing of a Jordanian pilot, Muath al-Kaseasbeh, by burning him alive. The group uploaded the video on Youtube and Facebook. ISIS also made other inhumane actions against their prisoners and civilian hostages.

Anonymous has promised to take down ISIS' online activities under the hashtag campaign #OpISIS. The following is Anonymous”” video posted on Youtube.

In an excerpt from the Anonymous video, the group says:

“Operation ISIS continues. [..] We are Muslims,
Christians, Jews. We are hackers, crackers,
hacktivists, phishers, agents, spies, or just the guy
next door. [..] We are young or old, gay or straight.
[..] We come from all races, countries, religions and
ethnicity. United as one, divided by zero.”

Aside from video Anonymous also included a pastebin links that contains the social media accounts that they have taken down. Some of the accounts are already suspended while others are still active but have been identified by Anonymous as suspecting in contact with
terrorist organization.

Anonymous struck down French websites believed to be linked to extremists following the attack on Charlie Hebdo.

Posted by & filed under Security News.

microsoft-vs-googleGoogle has discovered a bug in the CryptProtectMemory memory-encrypting function found within Windows 7 and 8.1, and made its disclosure public after its Project Zero deadline of 90 days passed.

The bug was found by James Forshaw, who also discovered a privilege elevation flaw in Windows 8.1, the disclosure of which drew the ire of Redmond earlier this week.

Forshaw described his new issue as an impersonation check bypass that could be an issue if a service is vulnerable to a named pipe planting attack or is storing encrypted data in a world readable shared memory section.

“When using the logon session option (CRYPTPROTECTMEMORY_SAME_LOGON flag), the encryption key is generated based on the logon session identifier, this is for sharing memory between processes running within the same logon. As this might also be used for sending data from one process to another, it supports extracting the logon session ID from the impersonation token,” Forshaw said.

“The issue is the implementation in CNG.sys doesn”t check the impersonation level of the token when capturing the logon session ID (using SeQueryAuthenticationIdToken) so a normal user can impersonate at Identification level and decrypt or encrypt data for that logon session.

Read the rest of the story at ZDNet.