Lucian Constantin

About the Author Lucian Constantin


Apple: Macs and iPhones are safe from newly revealed CIA exploits

The Mac and iPhone exploits described in new documents attributed to the U.S. Central Intelligence Agency were patched years ago, according to Apple.

WikiLeaks released a new set of files Thursday that supposedly came from the CIA. They contain details about the agency’s alleged malware and attack capabilities against iPhones and Mac computers.

The documents, dated 2012 and earlier, describe several “implants” that the CIA can install in the low-level extensible firmware interface (EFI) of Mac laptop and desktop computers. These EFI rootkits allow the agency’s MacOS spying malware to persist even after the OS is reinstalled.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Apple: Macs and iPhones are safe from newly revealed CIA exploits

The Mac and iPhone exploits described in new documents attributed to the CIA were patched years ago, according to Apple.

WikiLeaks released a new set of files Thursday that supposedly came from the CIA. They contain details about the agency’s alleged malware and attack capabilities against iPhones and Mac computers.

The documents, dated 2012 and earlier, describe several “implants” that the CIA can install in the low-level extensible firmware interface (EFI) of Mac laptop and desktop computers. These EFI rootkits allow the agency’s macOS spying malware to persist even after the OS is reinstalled.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

To punish Symantec, Google may distrust a third of the web’s SSL certificates

Google is considering a harsh punishment for repeated incidents in which Symantec or its certificate resellers improperly issued SSL certificates. A proposed plan is to force the company to replace all of its customers’ certificates and to stop recognizing the extended validation (EV) status of those that have it.

According to a Netcraft survey from 2015, Symantec is responsible for about one in every three SSL certificates used on the web, making it the largest commercial certificate issuer in the world. As a result of acquisitions over the years the company now controls the root certificates of several formerly standalone certificate authorities including VeriSign, GeoTrust, Thawte and RapidSSL.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Hackers threaten to wipe millions of Apple devices, demand ransom

A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them $150,000.

The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million icloud.com, me.com and mac.com email addresses. These are email domains that Apple has allowed for users creating iCloud accounts over the years.

Even though the Turkish Crime Family hasn’t been in the media spotlight before, its members claim that they’ve been involved in selling stolen online databases in private circles for the past few years.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Hackers demand $150K ransom, threaten to wipe millions of Apple devices

A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them US$150,000.

The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million icloud.com, me.com and mac.com email addresses. These are email domains that Apple has allowed for users creating iCloud accounts over the years.

Even though the Turkish Crime Family hasn’t been in the media spotlight before, its members claim that they’ve been involved in selling stolen online databases in private circles for the past few years.

The group said via email that it has had a database of about 519 million iCloud credentials for some time, but did not attempt to sell it until now. The interest for such accounts on the black market has been low due to security measures Apple has put in place in recent years, it said.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Some HTTPS inspection tools might weaken security

Companies that use security products to inspect HTTPS traffic might inadvertently make their users’ encrypted connections less secure and expose them to man-in-the-middle attacks, the U.S. Computer Emergency Readiness Team warns.

US-CERT, a division of the Department of Homeland Security, published an advisory after a recent survey showed that HTTPS inspection products don’t mirror the security attributes of the original connections between clients and servers.

HTTPS inspection checks the encrypted traffic coming from an HTTPS site to make sure it doesn’t contain threats or malware. It’s performed by intercepting a client’s connection to an HTTPS server, establishing the connection on the client’s behalf and then re-encrypting the traffic sent to the client with a different, locally generated certificate. Products that do this essentially act as man-in-the-middle proxies.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

String of fileless malware attacks possibly tied to single hacker group

Several attacks observed over the past few months that rely heavily on PowerShell, open-source tools, and fileless malware techniques might be the work of a single group of hackers.

An investigation started by security researchers from Morphisec into a recent email phishing attack against high-profile enterprises pointed to a group that uses techniques documented by several security companies in seemingly unconnected reports over the past two months.

“During the course of the investigation, we uncovered a sophisticated fileless attack framework that appears to be connected to various recent, much-discussed attack campaigns,” Michael Gorelik, Morphisec’s vice president of research and development, said in a blog post. “Based on our findings, a single group of threat actors is responsible for many of the most sophisticated attacks on financial institutions, government organizations, and enterprises over the past few months.”

To read this article in full or to leave a comment, please click here

Read more 0 Comments