Security Alerts & News
by Tymoteusz A. Góral

History
#1812 0-days hitting Fedora and Ubuntu open desktops to a world of hurt
If you run a mainstream distribution of Linux on a desktop computer, there's a good chance security researcher Chris Evans can hijack it when you do nothing more than open or even browse a specially crafted music file. And in the event you're running Chrome on the just-released Fedora 25, his code-execution attack works as a classic drive-by.

The zero-day exploits, which Evans published on Tuesday, are the latest to challenge the popular conceit that Linux, at least in its desktop form, is more immune to the types of attacks that have felled Windows computers for more than a decade and have increasingly snared Macs in recent years.

While Evans' attacks won't work on most Linux servers, they will reliably compromise most desktop versions of Linux, which employees at Google, Facebook, and other security conscious companies often use in an attempt to avoid the pitfalls of Windows and Mac OS X. Three weeks ago, Evans released a separate Linux zero-day that had similarly dire consequences.
#1811 Mobile ransomware: How to protect against it
In our previous post, we looked at how malware can lock devices, as well as the scare tactics used to convince victims to pay the ransom. Now that we know what bad guys can do, we’ll discuss the detection and mitigation techniques that security vendors can use to stop them. By sharing these details with other researchers, we hope to improve the industry’s collective knowledge on mobile ransomware mitigation.
#1810 This $300 device lets you steal a Mac encryption password in 30 seconds
If you’re paranoid, and you know what hackers can do when they can get their hands on your computer even for just a few moments, you probably already know that you shouldn’t leave your laptop unattended.

Now, if you’re an Apple user, you have another great reason not to do that.

Using a contraption that costs around $300 and some open source software, a hacker could steal your MacBook password from your own laptop while it’s sleeping or locked in just 30 seconds. This would allow them to unlock the computer and even decrypt the files on your hard drive. In other words, game over.
#1809 Hit by ransomware? No More Ransom portal adds 32 more free decryption tools to help you
A scheme which enables victims of ransomware to decrypt their files and data for free is now offering even more decryption tools thanks to new partners pledging to help take the fight to cybercriminals.

Launched by Europol, the Dutch National Police, Intel Security, and Kaspersky Lab in July this year, the No More Ransom initiative provides keys to unlocking encrypted files, as well as information on how to avoid getting infected in the first place.

The website initially launched with four tools for unlocking different types of ransomware, including the notorious CryptXXX. During its first two months, No More Ransom helped 2,500 people rescue their data, depriving cybercriminals of more than €1.35 million in ransom.
#1808 Bye, privacy: Evernote will let its employees read your notes
Evernote is changing its privacy policy to let employees read its customers' notes, and they can't opt out.

Users have until Jan. 23 to move their notes out of the company's system and delete their accounts if they want to avoid the sanctioned snooping. Companies using Evernote Business can have their administrators opt out, but users won't have individual control over it.

The change a push by the company to enhance its machine learning capabilities by letting a select number of employees view the private information of its users to help with the training of algorithms.
#1807 DNSChanger exploit kit hijacks routers, not browsers
Attackers are targeting more than 166 router models with an exploit kit called DNSChanger that is being distributed via malvertising. Researchers at Proofpoint said the exploit kit is unique because the malvertising component of the attack doesn’t target browsers, rather a victim’s router.

Some of the vulnerable routers include specific models made by D-Link, Netgear and those that serve the SOHO market such as Pirelli and Comtrend, according to Proofpoint which published its research Tuesday. Owners of routers vulnerable to DNSChanger are urged to update their equipment’s firmware.

The router vulnerability exploited by DNSChanger is not to be confused vulnerabilities found in Netgear routers last week that could allow an attack to gain root access to devices remotely.
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12