Top 10 Stories

A former Justice Department official who served in the Obama administration said European countries must be willing to respond forcefully to efforts by Russia or others to use cyber attacks to meddle in their elections, saying the U.S. response fell short. Former Assistant Attorney General John Carlin, who ran the national security division at the Justice Department and oversaw the pursuit of cyber criminals, said the United States did not do enough to deter the hacking and...

“Issuing advisories has a cost,” the project's George Dunlap writes. “It costs the security team significant amounts of time to craft and send the advisories; it costs many of our downstreams time to apply, build, and test patches; and it costs many of our users time to decide whether to do an update, and if so, to test and deploy it. Given this, the Xen Project Security Team wants to clarify when they should issue an...

As of February 13th, 2017, Gmail has started deploying their new restrictive policy on .js file attachments, extending their list of file types blocked for security reasons. After the full release, Gmail users won’t be able to send or receive mail containing .js attachments, even if they’re in a compressed and archived form. Seeing that JavaScript attachments have proven to be one of the most popular ways for cybercriminals to spread their malicious work worldwide, this is...

Yahoo has sent out another round of account compromise notifications, warning users that hackers may have accessed their accounts by using forged cookies instead of passwords. How many in total, the company wouldn’t say. This attack is not exactly news, as the company disclosed it in November 2016 in a SEC filing. But, after the revelations about the massive Yahoo breaches from 2013 and 2014, it passed largely unnoticed. A first round of notifications to potentially affected users went...

A detailed analysis of the Shamoon malware – which is playing a huge role in the cyberwar between Saudi Arabia and Iran – has identified servers used to spread the software nasty. Shamoon surfaced in 2012 when it infected 30,000 workstations in the world’s largest oil production firm, Saudi Aramco, wiped their hard drives, and put the giant into panic mode. Since then the malware has been refined, and attacks have continued on high-value Saudi government and...

Cisco's taken umbrage at accusations that its Smart Install (SMI) protocol is vulnerable to abuse. The problem – if there is one, because “it's a feature, not a bug” – is that if netadmins are using SMI to auto-configure switches installed in branch offices they need to know it doesn't enforce authentication. Original source: The Register View full story

Researchers have devised an attack that could spell the end of ASLR as the world knows it now. The attack uses simple JavaScript code to identify the memory addresses where system and application components are loaded. When combined with attack code that exploits vulnerabilities in browsers or operating systems, the JavaScript can reliably eliminate virtually all of the protection ASLR provides. The technique, which exploits what's known as a side channel in the memory cache...

Speaking at the RSA security conference in San Francisco on Tuesday, Adrian Ludwig, director of Android security, said the Stagefright hole – which prompted the Chocolate Factory to start emitting low-level security patches on a monthly basis – did put 95 per cent of Android devices at risk of attack. However, there have been no “confirmed” cases of infections via the bug, Ludwig claimed. Original source: The Register View full story

Microsoft did not publish any updates this Patch Tuesday. Microsoft explained: “Our top priority is to provide the best possible experience for customers in maintaining and protecting their systems. This month, we discovered a last minute issue that could impact some customers and was not resolved in time for our planned updates today. After considering all options, we made the decision to delay this month’s updates. We apologize for any inconvenience caused by this change...

FireMon is previewing its Intelligent Security Management (ISM) platform in Booth #S1121 at the RSA Conference in San Francisco this week. ISM helps companies gain visibility into their complex security infrastructures and operate more proactively to both prevent and detect potential breaches. Enterprise security teams face a number of pressures to keep up with the speed of business, manage more advanced threats and adhere to increasingly strict compliance demands. In response, they have invested in...