Free Republic

Back in September, Synack security researcher Patrick Wardle disclosed a nasty issue with Apple's nefarious-app stopping Gatekeeper system in OS X. While the software is great at stopping malware-infected apps that users have downloaded from the bowels of the internet, it did have a flaw: a signed app could, upon launch, initiate an unsigned program if it resided in the same directory. Because the end user is never aware that this second application is launching, it's a great way to infect a computer. As a responsible researcher, Wardle informed Apple and got a security update as a result. That should...

VMware sysadmins, get patching: the virtualisation outfit has released updates to its ESXi, Fusion, Player and Workstation software to block out a privilege-escalation vulnerability. The patch applies to VMware Windows Workstation versions before 11.1.2, Player and Fusion versions prior to 7.1.2, and various ESXi versions depending on their patch level: VMware ESXi 6.0 without patch ESXi600-201512102-SG VMware ESXi 5.5 without patch ESXi550-201512102-SG VMware ESXi 5.1 without patch ESXi510-201510102-SG VMware ESXi 5.0 without patch ESXi500-201510102-SG CVE-2015-6933 is a kernel memory corruption vulnerability in the tools' Shared Folders feature that can be exploited by software to escalate its privileges within a guest....

A zero-day vulnerability in the FFmpeg open-source multimedia framework, which is currently used in numerous Linux kernel-based operating systems and software applications, also for the Mac OS X and Windows platforms, was unveiled recently. The vulnerability was discovered on January 12, 2016, by Russian programmer Maxim Andreev in the current stable builds of the FFmpeg software, and it would appear that it allows anyone who has the necessary skills to hack a computer to read local files on a remote machine and send them over the network using a specially crafted video file. The vulnerability is limited to reading local...

OpenSSH developers have patched a serious flaw in the popular open source remote access protocol that could compromise encryption keys, with users urged to upgrade their OpenSSH installations straight away. According to the advisory, the vulnerability has been blamed on an experimental roaming feature, aimed at resuming SSH connections, in OpenSSH versions 5.4 to 7.1. Attackers who control servers could use the vulnerability to discover a client's private encryption keys, the OpenSSH developers said. "The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking...

Firewall vendor FortiNet has denied that the FortiGate OS operating system that runs its devices comes with a backdoor, despite a researcher purportedly posting proof of concept code on a security mailing list. Over the weekend, a Python script was posted anonymously, which appeared to allow remote access to Fortinet devices over the Secure Shell protocol. The post disclosed a passord hard-coded into the FortiGate OS. The password is said to work on FortiOS version 4.x to 5.0.7, and a screenshot was posted on Twitter, allegedly showing that the script for the backdoor is working, providing remote access to Fortinet...

The United States will increase the number of refu­gees it admits to allow in more people fleeing violence in Ccentral America, Secretary of State John F. Kerry said Wednesday. In a speech at the National Defense University, Kerry said the expansion of the Refugee Admissions Program will be directed toward people from El Salvador, Guatemala and Honduras, to “offer them a safe and legal alternative to the dangerous journey many are currently tempted to begin, making them easy prey for human smugglers who have no interest but their own profits.”

A Google Project Zero researcher has left security vendor Trend Micro with egg on its face, after discovering its software contains multiple, serious vulnerabilities that are easy to exploit without user interaction or notification. Tavis Ormandy of Project Zero noted that when Trend Micro antivirus is installed on Windows, the password manager component - written mostly in Javascript using the node.js framework that's included by default - allows any any website to run arbitrary code on users' machines. The flaw in password manager allegedly took Ormandy only about 30 seconds to discover. He said the vulnerability is trivial to exploit,...

Juniper has confirmed it will stop using a piece of security code that analysts believe was developed by the National Security Agency in order to eavesdrop through technology products. The Silicon Valley maker of networking gear said it would ship new versions of security software in the first half of this year to replace those that rely on numbers generated by Dual Elliptic Curve technology. The statement on a blog post came a day after the presentation at a Stanford University conference of research by a team of cryptographers who found that Juniper's code had been changed in multiple ways...

Has the State Department released a smoking gun in the Hillary Clinton e-mail scandal? In a thread from June 2011, Hillary exchanges e-mails with Jake Sullivan, then her deputy chief of staff and now her campaign foreign-policy adviser, in which she impatiently waits for a set of talking points. When Sullivan tells her that the source is having trouble with the secure fax, Hillary then orders Sullivan to have the data stripped of its markings and sent through a non-secure channel. That should be game, set, and match, yes?

Web hosting provider Linode has reset the account passwords of all its customers following what it suspects was an intrusion on its internal database. The mass credential reset comes just after the cloud firm suffered a sustained DDoS attack beginning on Christmas Day. Linode has issued a security advisory confirming that it still has no idea who is behind the hacks, or whether the same perpetrator is responsible for both incidents. "You may be wondering if the same person or group is behind these malicious acts. We are wondering the same thing.

Californian tech giant Cisco has released an advisory statement explaining that its chat client Jabbar is currently vulnerable to a man-in-the-middle attack. Found in the Windows client of Jabbar, the vulnerability could allow an unauthenticated, remote attacker to perform a STARTTLS downgrade attack. Discovered by Renaud Dubourguais and Sébastien Dudek from Synacktiv, a French cyber-security firm, versions affected include the 10.6.x, 11.0.x, and 11.1.x releases. Currently the client does not verify that the Extensible Messaging and Presence Protocol (XMPP) connection has been established with Transport Layer Security (TLS). XMPP enables the near-real-time exchange of structured yet extensible data between any...

A new type of ransomware has been spotted, the first of its kind, a ransomware that uses JavaScript to infect its users, being coded on top of the NW.js platform. NW.js, formerly known as Node-WebKit, is a powerful platform that allows developers to create desktop applications via Node.js modules. The platform lets programmers use JavaScript in the same way, and with the same power and reach inside the underlying operating system's guts, as other more powerful languages like C++, Delphi, Java, ActionScript, and C#. If the name hasn't tipped you off yet, NW.js uses a stripped down version of WebKit,...

In a study conducted by CVE Details, the most vulnerable software of the previous year has been identified as Apple’s OS X and the tech-giant is also the company with most bugs. With 2016 coming, people in all sectors have been busy summarizing 2015 with reports and lists of who have been the winners and who have been the losers. The tech experts and security personnel have been at it too, with CVE Details producing a list of most vulnerable software of the past year. Many would have expected the list to be topped by Adobe Flash, for the software...

NEW YORK – US Defense Department spokesman Mark Wright told The Jerusalem Post on Thursday that security clearance could be denied to an applicant with relatives in any foreign country. “If a security-clearance applicant has relatives or other close connections to people in any foreign country, this could potentially disqualify that person from being eligible for a security clearance,” he said. But, he added, “The Federal Adjudicative Guidelines do not call for any special scrutiny for applicants with relatives in Israel.” Wright spoke on Thursday in response to the recent protest by Jewish organizations against the US Navy’s denial of...

Fox News is reporting this morning that a Virginia state senator is making good on his promise to push for defunding armed bodyguards for anti-gun Gov. Terry McAuliffe unless the Democrat does an about face on an October order to prohibit firearms in most state office buildings. It brings up an interesting question that could apply to any government official anywhere, from mayors on up. If an elected official is opposed to the carrying of defensive sidearms by average citizens, should that official automatically lose his/her security guards? Virginia State Sen. Charles Carrico, a Republican, is quoted by Fox News...

THE JACKI DAILY Show! Listen live at 2PM Eastern! Now playing also on station KWEL in Midland-Odessa! The host of the Jacki Daily show has had an impressive career in energy, law, and politics.Most recently, Jacki served as General Counsel to an engineering firm specializing in energy, national security and environmental cleanup. Previously, she served many years as legal counsel on Capitol Hill to the Chairman of the Subcommittee on the Constitution and the former Ranking Member of the Commercial and Administrative Law Subcommittee, advising on the oversight of federal agencies. Prior to her career in Washington, she worked as...

Ringing in the New Year: Though hard to see through all the media hoopla, the British Daily Mail described “fanatics” London and New York city are bracing against in case of a full-blown terrorist attack are not necessarily going to strike on New Year’s Eve. You don’t have to be an expert in Islamic terrorism to intuit that terrorists on the rampage are far more likely to attack in places where authorities are not boasting about being out in such huge numbers. The most terrorist attacks in San Bernardino, California, and in Paris, France, were carried out by terrorists already...

The U.S. Secret Service stopped a drone Monday from flying alongside the motorcade of President Barack Obama, who is on a vacation with his family in Hawaii. In this photo, Obama's motorcade is seen heading to Marine Corps Base Hawaii in Kailua, Hawaii, Dec. 31, 2014. The U.S. Secret Service stopped a man from flying a recreational drone alongside President Barack Obama’s motorcade in Hawaii, reports said late Monday. The incident occurred at 4:00 p.m., local time, (9:00 p.m. EST) and was brought under control within minutes. The operator landed the drone near himself after agents from Secret Service approached...

My PayPal account was hacked on Christmas Eve. The perpetrator tried to further stir up trouble by sending my PayPal funds to a hacker gang tied to the jihadist militant group ISIS. Although the intruder failed to siphon any funds, the successful takeover of the account speaks volumes about why most organizations, including many financial institutions — remain woefully behind the times in authenticating their customers and staying ahead of identity thieves.

Even if some malware families never get to cause worldwide damage, it's sometimes interesting to read about new techniques that some malware authors employ for creating their threats. One of the most recent cases is a malware family that targets Android devices in China, discovered by Symantec, and named Android.Spywaller. The uniqueness of this threat is the fact that during infection, the malware looks for Qihoo 360, a popular security app among Chinese Android users. Android.Spywaller uses a firewall to block Qihoo 360 internal communications The malware searches and registers on the device with the same UID (unique identifier) used...