A new vulnerability arised in Safari Web Browser that can lead to an address spoofing allowing attackers to show any URL address while loading a different web page. While this proof of concept is not perfect, it could definitely be fixed to be used by phishing attacks very easily.
Fox-IT has a blog post (and has published Snort rules ) on how to detect man-on-the-side Internet attacks like the NSA’s QUANTUMINSERT. From a Wired article : But hidden within another document leaked by Snowden was a slide that provided a few hints about detecting Quantum Insert attacks, which prompted the Fox-IT researchers to test a method that ultimately proved to be successful. They set up a controlled environment and launched a number of Quantum Insert attacks against their own machines to analyze the packets and devise a detection method
Original release date: April 30, 2015 Systems Affected Networked systems Overview Securing end-to-end communications plays an important role in protecting privacy and preventing some forms of man-in-the-middle (MITM) attacks. Recently, researchers described a MITM attack used to inject code, causing unsecured web browsers around the world to become unwitting participants in a distributed denial-of-service attack.
Google has a new Chrome extension called “Password Alert”: To help keep your account safe, today we’re launching Password Alert, a free, open-source Chrome extension that protects your Google and Google Apps for Work Accounts. Once you’ve installed it, Password Alert will show you a warning if you type your Google password into a site that isn’t a Google sign-in page. This protects you from phishing attacks and also encourages you to use different passwords for different sites, a security best practice
Vulnerability Note VU#534407 Barracuda Web Filter insecurely performs SSL inspection Original Release date: 28 Apr 2015 | Last revised: 28 Apr 2015 Overview Barracuda Web Filter prior to version 8.1.0.005 does not properly check upstream certificate validity when performing SSL inspection, and delivers one of three default root CA certificates across multiple machines for SSL inspection. Description According to Barracuda Networks , the Barracuda Web Filter is a “comprehensive solution for web security and management” with many features, including the ability to provide “visibility into SSL-encrypted traffic”. This SSL inspection feature of the Barracuda Web Filter is vulnerable to multiple issues
As if every week wasn’t busy enough with new information security (InfoSec) news, this week was the RSA Conference, which brings with it a whole new batch of security news. If you find yourself struggling to keep up, follow my daily or weekly videos to get a quick summary of the latest relevant news.
Teslacrypt is a form of ransomware that was first noted in January of this year [ 1 ]. This malware apparently targets video game-related files [ 2 , 3 , 4 ].