NSA-linked Cisco exploit poses bigger threat than previously thought French submarine builder information leak could be result of hacking, Indian defence minister says – ABC Online Security And Privacy Lessons From The Ashley Madison Hacking Investigation – Lifehacker Australia India says submarine document leak ‘a case of hacking’ – Reuters US Investigates Suspected Russian Hacking of American Journalists – Voice of America Russian Intelligence Suspected Of Hacking US Journalists – RadioFreeEurope/RadioLiberty Russian Hackers Reportedly Target The New York Times – Fortune Hints suggest an insider helped the NSA “Equation Group” hacking tools leak Wildfire, the ransomware threat that takes Holland and Belgium hostage The seven best hacking movies to watch before Oliver Stone’s Snowden – International Business Times UK The seven best hacking movies to watch before Oliver Stone’s Snowden – International Business Times UK The seven best hacking movies to watch before Oliver Stone’s Snowden – International Business Times UK Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Hacking the hackers: everything you need to know about Shadow Brokers’ attack on the NSA – Wired.co.uk Deus Ex: Mankind Divided Guide: Tips For Hacking Successfully – Attack of the Fanboy Deus Ex: Mankind Divided – Hacking Tips – USgamer (satire) (registration) (blog) ‘Deus Ex: Mankind Divided’ Hacking Guide: Tips For The Script Kiddies – iDigitalTimes.com ‘Deus Ex: Mankind Divided’ Hacking Guide: Tips For The Script Kiddies – iDigitalTimes.com This Hacker Says He Stole More NSA Hacking Tools – Gizmodo Mr. Robot:1.51exfiltrati0n Review: Subtle Hacking – Gamezebo Ukrainian man to be sentenced in largest computer hacking scheme ever uncovered – NorthJersey.com Bounty hunters are legally hacking Apple and the Pentagon – for big … – The Guardian Bounty hunters are legally hacking Apple and the Pentagon – for big money – The Guardian 10 best anti-hacking software to protect your Windows 10 run PC from hackers – Techworm Threat intelligence report for the telecommunications industry New security protocol will protect smart cars from hacking – The Indian Express Cybersecurity student researches how to keep cars safe from hacking – Phys.Org Temple-Belton city, school websites report no hacking issues – Temple Daily Telegram Hacking the U.S. Election ‘Possible’ But Difficult, Experts Say – Voice of America (blog) Hacking the U.S. Election ‘Possible’ But Difficult, Experts Say – Voice of America (blog) Hacking the U.S. Election ‘Possible’ But Difficult, Experts Say – Voice of America (blog) Hacking the U.S. Election ‘Possible’ But Difficult, Experts Say – Voice of America (blog) How to keep smart cars safe from hacking – The Hindu The week in security: Experts worried as NSA hack spreads innovative hacking tools, exploits – CSO Australia Roger Ailes biographer: ‘The impact could be greater than phone hacking’ – The Guardian NSA-linked hackers hoard malware secrets. What could possibly go wrong? – Los Angeles Times Here’s how to keep smart cars safe from hacking – The Indian Express ‘Watch Dogs 2’ Carries ‘Hacking Invasion’ With Team-Up Mode; ‘Bounty Hunter’ Comes Too, Here’s How To Activate … – University Herald Hacking group OurMine strikes next victim taking over Wikipedia co-founder Jimmy Wales’ Twitter account – The Drum New Snowden documents prove the hacked NSA files are real – Business Insider Victims of Comelec hacking may call new agency hotline – Inquirer.net Wikipedia co-founder Jimmy Wales – Mashable Russian Gang Suspected of Hacking Oracle’s POS System – E-Commerce Times Russian Gang Suspected of Hacking Oracle’s POS System – E-Commerce Times Russian Gang Suspected of Hacking Oracle’s POS System – E-Commerce Times Russian Gang Suspected of Hacking Oracle’s POS System – E-Commerce Times Russian Gang Suspected of Hacking Oracle’s POS System – E-Commerce Times Russian Gang Suspected of Hacking Oracle’s POS System – E-Commerce Times Growing evidence suggest recent hacks the work of Russian-backed … – Fox News Growing evidence suggest recent hacks the work of Russian-backed cyber militias – Fox News How the NSA snooped on encrypted Internet traffic for a decade The Latest: Another DNC official resigns in hacking fallout – KPTV.com Cybersecurity student researches how to keep cars safe from … – Science Daily Cybersecurity student researches how to keep cars safe from hacking – Science Daily Hacking tools stolen from NSA show Chinese cyberfirms were targeted, experts say – South China Morning Post GCHQ Details Cases of When It Would Use Bulk Hacking – Motherboard Top Stories: Louisiana Floods; Alleged Russian Hacking Of Democrats’ Emails – NPR US suspects Russia responsible for Democrat, Republican network hacking – Jerusalem Post Israel News Don’t Get Left Behind: How Security Can Keep Up With the Speed of Development A Pox on the Celebrity Hacking Epidemic: Please Let the … – E! Online A Pox on the Celebrity Hacking Epidemic: Please Let the Photoshopped Nude of Justin Bieber Be the Tipping Point – E! Online Security Officials Consider National Hacking of Voting Machines Extremely Unlikely. Here’s Why. – Daily Signal In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News In ‘Bizarre’ NSA-Linked Hacking Saga, Some Exploits Prove Real – ABC News Brazilian banking Trojans meet PowerShell Vegas Cons 2016 Wrap Up Clinton Foundation hired cyber firm after suspected hacking … – Reuters Security against Election Hacking – Part 2: Cyberoffense is not the best cyberdefense! – Freedom to Tinker (blog) Clinton Foundation Suspected Hacking – Daily Beast Alleged NSA data dump contains powerful, rarely seen hacking tools – PCWorld Is Russia hacking the US election? – BBC News Alleged NSA data dump contains hacking tools rarely seen … – Computerworld

NSA-linked Cisco exploit poses bigger threat than previously thought

Enlarge

Recently released code that exploits Cisco System firewalls and has been linked to the National Security Agency can work against a much larger number of models than many security experts previously thought.

An exploit dubbed ExtraBacon contains code that prevents it from working on newer versions of Cisco Adaptive Security Appliance (ASA), a line of firewalls that’s widely used by corporations, government agencies, and other large organizations. When the exploit encounters 8.4(5) or newer versions of ASA, it returns an error message that prevents it from working. Now researchers say that with a nominal amount of work, they were able to modify ExtraBacon to make it work on a much newer version. While Cisco has said all versions of ASA are affected by the underlying vulnerability in the Simple Network Messaging Protocol, the finding means that ExtraBacon poses a bigger threat than many security experts may have believed.

(credit: SilentSignal)

The newly modified exploit is the work of SilentSignal, a penetration testing firm located in Budapest, Hungary. In an e-mail, SilentSignal researcher Balint Varga-Perke wrote:

Read 7 remaining paragraphs | Comments

Wildfire, the ransomware threat that takes Holland and Belgium hostage

While ransomware is a global threat, every now and then we see a variant that targets one specific region. For example, the Coinvault malware had many infections in the Netherlands, because the authors posted malicious software on Usenet and Dutch people are particular fond of downloading things over Usenet. Another example is the recent Shade […]

Threat intelligence report for the telecommunications industry

 Download PDF Introduction The telecommunications industry keeps the world connected. Telecoms providers build, operate and manage the complex network infrastructures used for voice and data transmission – and they communicate and store vast amounts of sensitive data. This makes them a top target for cyber-attack. According to PwC’s Global State of Information Security, 2016, IT […]

Don’t Get Left Behind: How Security Can Keep Up With the Speed of Development

You are tasked with ensuring that critical applications soon to hit production are secure. As an application owner, you meticulously configure a dynamic scan with features you wish to enable for your scan, crawl scripts, login scripts, whitelisting and blacklisting of specific sites, and you kick off a scan. The scan runs for a few […]

When Bug Bounties Are Counter-Productive

Crowdsourcing security holes—aka bug bounties—has become an increasingly-popular tech firm tactic, bordering on Silicon Valley standard-operating-procedure. But as tempting as such an approach is, it’s not without serious drawbacks. What we’re talking about is encouraging and incentivizing anyone and everyone to dig into your app/OS and beat up on it to try and find any […]