Opera Software founder launches Vivaldi, a new browser

After more than one year in public development and millions of downloads, Vivaldi today released the first major release of its desktop browser: Vivaldi 1.0. The UI uses React and JavaScript, as well as Node.js. The core of the browser uses Chromium, ensuring pages render quickly and accurately. “We share the same core code as Chrome (Chromium) but we are very different with handling the privacy of our users. First of all, our business model … More

Tor Project exploring ways to keep its software and users safe

In view of the recent legal battle between the FBI and Apple regarding phone encryption, and this article revealing that there have been many instances where the US Department of Justice demanded source code and private encryption keys from tech companies, the Tor Project decided to voice their support for Apple, and to outline their current protections against their software being backdoored, as well as their active work on adding new ones. “For all of … More

OS X ransomware found bundled with legitimate software

Palo Alto researchers have discovered the first fully functional ransomware aimed at Mac users. The malware, dubbed KeRanger, has been found on Friday (March 4), bundled into the Mac version of the popular open source Transmission BitTorrent client, and made available for download on the Transmission developers’ official website. The website now sports an alert on the main page, saying that everyone running version 2.90 of Transmission on OS X should immediately upgrade to and … More

Weak default credentials, command injection bug found in building operation software

A vulnerability in servers programmed with Schneider Electric’s StruxureWare Building Operation software can be exploited by a low-skilled, remote attacker to gain access to the servers and make changes that could affect a building’s security. What’s more, the software was also shipped with weak default user credentials that administrators weren’t required to change when setting up the system. StruxureWare Building Operation software provides integrated monitoring, control and management of energy, HVAC, lighting and fire safety. … More

Critical Glibc flaw opens Linux distros, other software and devices to compromise

A critical bug has been found to open an unimaginable number of computers, networking and other connected devices to attacks that can result in complete system compromise. Discovered independently by Google and Red Hat researchers, the bug resides in the GNU C Library (aka “glibc”), the open-source implementation of the C and C++ programming language libraries. Glibc is incorporated in practically every major Linux distribution, many embedded systems, devices like routers, many small-device projects, and … More

Authorized Symantec reseller scams users into buying security software

Malwarebytes researchers have discovered a new tech support scam that, unlike most, is being perpetrated by an active member of the Symantec Partner Program. Users are being tricked into visiting a web page sporting a fake warning imitating those shown by Symantec’s Norton AV, and urged to contact tech support via a “support toll free helpline”: Calling the offered phone number will get the victims in touch with a “support technician” that first instructs them … More

GPS faker software broadcasts spam across thousands of fake profiles

Different from traditional email spam, social spam can reach a large audience by nature of the platform and can appear trustworthy since it is coming from people in your social network. This kind of spam also has a long lifespan since social media content stays online 24/7 and is rarely removed, if ever.More than a mere annoyance factor, such attacks degrade brand name reputation and platform integrity, hindering user growth and even driving away existing … More

Two arrested for helping malware developers evade AV software

Two suspects have been arrested on suspicion of operating a website offering services to help criminals overcome and avoid anti malware software, following a joint investigation led by the National Crime Agency and Trend Micro. The suspect’s website – reFUD.me – provided a number of functions, both free and for charge, which allowed malware developers to scan their illegal files. They would then learn whether or not they could successfully infect victims’ computers by circumventing … More

Buhtrap gang distributes malware through Ammyy’s remote desktop software

ESET has uncovered several examples of malware being distributed via a strategic web compromise. Recently, visitors to ammyy.com were offered a bundle containing not only the company’s legitimate Remote Desktop Software, Ammyy Admin, but also malware. Researchers noticed in late October that, for about a week, visitors to ammyy.com were downloading an installer that contained malware along with the Ammyy product. While Ammyy Admin is legitimate software, it has a long history of being used … More

Software-Defined Perimeter enables application-specific access control

Back in the early 1990s enterprises migrated away from proprietary protocols such as DECnet, SNA, and Novell IPX to common standards such as IP. The motivation was the open nature of IP and access to all of the investment and innovation in and around IP. But, enterprises still wanted complete control over their network. To achieve that, the concept of IP Firewalls was introduced so that enterprises could create a unique IP network—such as internal … More