Zero-day vulnerability found in Telegram

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjA-cNL6Fal2i1LFz43EYL7drbl57ZLgqrdAbHhdmybDGTagsG4C6Qvx_TTS5FgwQx7SMTlAIX-brWQ4pHGnAotzHZDZF_fKnWxDOBkGxr8sFLhQOXyGuoQVR0h06wHrsIZ_FwwcA0hfPX1/s1600/telegram-zeroday-vulnerability.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="466" data-original-width="732" height="404" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjA-cNL6Fal2i1LFz43EYL7drbl57ZLgqrdAbHhdmybDGTagsG4C6Qvx_TTS5FgwQx7SMTlAIX-brWQ4pHGnAotzHZDZF_fKnWxDOBkGxr8sFLhQOXyGuoQVR0h06wHrsIZ_FwwcA0hfPX1/s640/telegram-zeroday-vulnerability.png" width="640" /></a></div> <br /> Research conducted by Kaspersky showed that the zero-day flaw was based on the <a href="https://www.fileformat.info/info/unicode/char/202e/index.htm" target="_blank">RLO </a>(right-to-left override) Unicode method, which is generally used for coding languages written from right to left, such as Arabic and Hebrew. However, it can also be used by hackers to dupe unknowing recipients into downloading malware, for example disguised as images.<br /> <br /> Kaspersky analysts identified “several scenarios of <a href="http://www.hackerschronicle.com/search/label/Zero-Day" target="_blank">zero-day</a> exploitation in the wild by threat actors.” The threats identified were two-fold. First, the exploit was used to deliver mining software, allowing hackers to use the victim’s machine to mine <a href="http://www.hackerschronicle.com/search/label/CryptoCurrency" target="_blank">cryptocurrency </a>including “Monero, Zcash, Fantomcoin and others.”<br /> <br /> Second, a backdoor was installed allowing <a href="http://www.hackerschronicle.com/search/label/Cyber%20Crime" target="_blank">cybercriminals </a>to gain remote access to the victim’s computer after which it started to “operate in a silent mode,” allowing “the threat actor to remain unnoticed in the network and execute different commands, including the further installation of spyware tools.”<br /> <br /> Kaspersky says its analysis suggests the cybercriminals are of <a href="http://www.hackerschronicle.com/search/label/Russian%20Hackers" target="_blank">Russian </a>origin, and the company has offered some tips to protect your PC against attack.  These include not downloading and opening unknown files from untrusted sources, avoiding sharing sensitive personal information in messenger apps and making sure to have reliable antivirus software installed on your machine.<br /> <br /> It appears that only Russian cybercriminals were aware of this <a href="http://www.hackerschronicle.com/search/label/Vulnerability" target="_blank">vulnerability</a>, with all the exploitation cases that we detected occurring in Russia. Also, while conducting a detailed research of these attacks we discovered a lot of artifacts that pointed to involvement by Russian cybercriminals.</div>

Hacking News Malwares News Russian Hackers Telegram Vulnerability Zero-Day Zero-day vulnerability found in Telegram

Research conducted by Kaspersky showed that the zero-day flaw was based on the RLO (right-to-left override) Unicode method, which is generally used for coding languages written from right to left, such as Arabic and Heb…

Read more »

New AndroRAT found, exploiting Rooting Vulnerability

<div dir="ltr" style="text-align: left;" trbidi="on"> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQaGho1rE0MYQqEGOAPLEjLxhg3aSXXE0WWpln3Vjy1GTlEcjUDJ9AR4Hwe1Gy-XrSiCg-avCQOt8RYwD6MABqpfekK-k-HBHikdwSv3Kdk1s8kVsu9TgZX4r-m90syf-YyYRwJ_o14zI/s1600/AndroRAT_malware.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="468" data-original-width="888" height="336" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgQaGho1rE0MYQqEGOAPLEjLxhg3aSXXE0WWpln3Vjy1GTlEcjUDJ9AR4Hwe1Gy-XrSiCg-avCQOt8RYwD6MABqpfekK-k-HBHikdwSv3Kdk1s8kVsu9TgZX4r-m90syf-YyYRwJ_o14zI/s640/AndroRAT_malware.jpg" width="640" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">New AndroRAT found, exploiting Rooting Vulnerability</td></tr> </tbody></table> <br /> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> Trend Micro detected a new variant of Android Remote Access Tool (AndroRAT) (identified as ANDROIDOS_ANDRORAT.HRXC) that has the ability to inject root exploits to perform malicious tasks such as silent installation, shell command execution, WiFi password collection, and screen capture. This AndroRAT targets <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1805">CVE-2015-1805</a>, a publicly disclosed vulnerability in 2016 that allows attackers to penetrate a number of older Android devices to perform its privilege escalation.</div> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> RATs have long been a common Windows threat, so <b>it shouldn't be a surprise that it has come to Android</b>. A RAT has to gain root access — usually by exploiting a <a href="http://www.hackerschronicle.com/search/label/Vulnerability">vulnerability </a>— in order to have control over a system.<b> Discovered in 2012, </b>the original authors intended AndroRAT — <a href="https://forum.xda-developers.com/android/apps-games/androrat-remote-administration-tool-t2734932">initially a university project </a>— as an open-source client/server application that can provide remote control of an <a href="http://www.hackerschronicle.com/search/label/Android">Android </a>system, which naturally attracted cybercriminals.</div> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> This new variant of AndroRAT disguises itself as a malicious utility app called TrashCleaner, which is presumably downloaded from a malicious URL. The first time TrashCleaner runs, it prompts the Android device to install a Chinese-labeled calculator app that resembles a pre-installed system calculator. Simultaneously, the TrashCleaner icon will disappear from the device’s UI and the RAT is activated in the background.</div> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG_dFWhyphenhyphenokqpobyjnG8ynbQ2gJGlFK11zcZUGVZRcQluN7XUjJKE6QJpM4_oZDL2slP-VbLmcPWQauu9k4m40AcPBCGEsahR95UiL8Ah3vKqdsfZryffr1jZCtX67C1F_fL7P398YFAi0/s1600/TrachCleaner.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="139" data-original-width="129" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhG_dFWhyphenhyphenokqpobyjnG8ynbQ2gJGlFK11zcZUGVZRcQluN7XUjJKE6QJpM4_oZDL2slP-VbLmcPWQauu9k4m40AcPBCGEsahR95UiL8Ah3vKqdsfZryffr1jZCtX67C1F_fL7P398YFAi0/s1600/TrachCleaner.jpg" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">Icon of the malicious TrashCleaner</td></tr> </tbody></table> <br /> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4YyKssi2ASFC2VtKhwr6OrsRdetN-0OFhEBujZLtuPEGGny5IfUh71z7WEPt08JFrb8zUcBwui-oAZNQRq3XMwXyJXF0DvV4EYLS3duKHxSMFHvtq_lPCEk55mbE13HhuZvkWrdQoE3Q/s1600/AndroRAT_Calculator.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="147" data-original-width="111" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4YyKssi2ASFC2VtKhwr6OrsRdetN-0OFhEBujZLtuPEGGny5IfUh71z7WEPt08JFrb8zUcBwui-oAZNQRq3XMwXyJXF0DvV4EYLS3duKHxSMFHvtq_lPCEk55mbE13HhuZvkWrdQoE3Q/s1600/AndroRAT_Calculator.jpg" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">Icon of the Chinese-labeled calculator app</td></tr> </tbody></table> </div> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> The configurable RAT service is controlled by a remote server, which could mean that commands may be issued to trigger different actions. The variant activates the embedded root exploit when executing privileged actions. It performs the following malicious actions found in the original AndroRAT:</div> <ul style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin: 0px 0px 0px 30px; outline: 0px; padding: 0px; vertical-align: baseline;"> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Record audio</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Take photos using the device camera</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of system information such as phone model, number, IMEI, etc.</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of WiFi names connected to the device</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of call logs including incoming and outgoing calls</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of mobile network cell location</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of GPS location</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of contacts list</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of files on the device</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of list of running apps</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of SMS from device inbox</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Monitor incoming and outgoing SMS</li> </ul> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> Apart from the original features of the <a href="http://www.hackerschronicle.com/search/label/AndroRAT">AndroRAT</a>, it also performs new privileged actions:</div> <ul style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin: 0px 0px 0px 30px; outline: 0px; padding: 0px; vertical-align: baseline;"> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of mobile network information, storage capacity, rooted or not</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of list of installed applications</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of web browsing history from pre-installed browsers</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of calendar events</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Record calls</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Upload files to victim device</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Use front camera to capture high resolution photos</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Delete and send forged SMS</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Screen capture</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Shell command execution</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Theft of WiFi passwords</li> <li style="background: transparent; border: 0px; list-style: disc; margin: 0px; outline: 0px; padding: 0px 0px 5px; vertical-align: baseline;">Enabling accessibility services for a key logger silently</li> </ul> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> <b style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><i style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Targeting CVE-2015-1805</i></b></div> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> Google already <a href="https://source.android.com/security/advisory/2016-03-18">patched </a>CVE-2015-1805 in March 2016,<b> but devices that no longer receive patches or those with a long rollout period are at risk of being compromised by this new AndroRAT variant. </b> Older versions of Android, which are still being used by a significant number of mobile users, may still be vulnerable.</div> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> <b style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><i style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Indicators of Compromise (IoCs)</i></b></div> <table style="background: rgb(255, 255, 255); border-collapse: collapse; border-spacing: 0px; border: 1px solid rgb(228, 228, 228); color: #777777; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline; width: 619px;"><tbody style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"> <tr style="background: rgb(241, 241, 241); border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="295"><b style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">SHA256</b></td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="108"><b style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">App Label</b></td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="187"><b style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;">Package Name</b></td></tr> <tr style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="295">2733377c14eba0ed6c3313d5aaa51171f6aef5f1d559fc255db9a03a046f0e8f</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="108">TrashCleaner</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="187">com.cleaner.trashcleaner</td></tr> <tr style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="295">fde9f84def8925eb2796a7870e9c66aa29ffd1d5bda908b2dd1ddb176302eced</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="108">TrashCleaner</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="187">com.cleaner.trashcleaner</td></tr> <tr style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="295">2441b5948a316ac76baeb12240ba954e200415cef808b8b0760d11bf70dd3bf7</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="108">TrashCleaner</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="187">com.cleaner.trashcleaner</td></tr> <tr style="background: transparent; border: 0px; margin: 0px; outline: 0px; padding: 0px; vertical-align: baseline;"><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="295">909f5ab547432382f34feaa5cd7d5113dc02cda1ef9162e914219c3de4f98b6e</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="108">TrashCleaner</td><td style="background: transparent; border: 1px dotted rgb(228, 228, 228); margin: 0px; outline: 0px; padding: 8px; text-align: center; vertical-align: baseline; word-break: break-word !important;" width="187">com.cleaner.trashcleaner</td></tr> </tbody></table> <div style="background: rgb(255, 255, 255); border: 0px; color: #666666; font-family: Arial, sans-serif; font-size: 14px; line-height: 21px; margin-bottom: 10px !important; outline: 0px; padding: 0px; vertical-align: baseline;"> <br /></div> </div>

Android AndroRAT Hacking News Malwares News rat Rooting Trojan Vulnerability New AndroRAT found, exploiting Rooting Vulnerability

New AndroRAT found, exploiting Rooting Vulnerability Trend Micro detected a new variant of Android Remote Access Tool (AndroRAT) (identified as ANDROIDOS_ANDRORAT.HRXC) that has the ability to inject root exploits to pe…

Read more »

Winter Olympics website Hacked

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> </div> <br /> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1My7mRq4ONaWtW5UqnTwKc6O_83l8K6Es3HlQtB6FbgadLO2oivYS6_VwE4k_dYgsAd5wsWa1A06gxGP3uj9ZhiPOLflEZQ14G7sNxy3513K5VMckLbP2jG9FjU74CRHx7HK-3A16kFsQ/s1600/f16c2dba-0e1c-11e8-a09e-8861893b1b1a_1280x720_131300.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img alt="Winter Olympics website hacked" border="0" data-original-height="551" data-original-width="980" height="358" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh1My7mRq4ONaWtW5UqnTwKc6O_83l8K6Es3HlQtB6FbgadLO2oivYS6_VwE4k_dYgsAd5wsWa1A06gxGP3uj9ZhiPOLflEZQ14G7sNxy3513K5VMckLbP2jG9FjU74CRHx7HK-3A16kFsQ/s640/f16c2dba-0e1c-11e8-a09e-8861893b1b1a_1280x720_131300.jpg" title="Winter Olympics website hacked" width="640" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">Winter Olympics website hacked</td></tr> </tbody></table> <span style="background-color: white; font-family: "arimo" , "arial" , "freesans" , "helvetica" , sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"><br /></span> <span style="background-color: white; font-family: "arimo" , "arial" , "freesans" , "helvetica" , sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;">The Pyeongchang 2018 Winter Olympics' website went down just before the event's Friday opening ceremony, thanks to a cyber-attack, and </span><b style="font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;">stayed down for about 12 hours</b><span style="background-color: white; font-family: "arimo" , "arial" , "freesans" , "helvetica" , sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;">.</span><br /> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> The outage left users unable to print tickets or view information about the games. Some networks around the games venues also went down.</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> Speculation quickly suggested the outages were not accidental and at a Sunday evening news conference, Pyeongchang 2018 spokesperson Sung Baik-you confirmed they were caused by an attack.</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> <br /></div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> <b>"We know the cause of that problem, but that kind of issues occur very frequently during the Olympic Games," he said. "We have decided with the IOC that we are not going to reveal the source."</b></div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> International Olympics Committee (IOC) head of communications Mark Adams suggested the problem could be ongoing. He told the briefing "We wouldn't start giving you the details of an investigation before it has come to an end, particularly because it involves security which at these games is incredibly important. I am sure you appreciate we need to maintain the security of our systems."</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> "At the moment we are making sure our systems are secure, which they are, so discussing details of it is not helpful."</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> "This is normal practice," Adams insisted. "You will understand that maintaining secure operations is our focus. That's the focus of any organisation that has been hit by such a thing. An in line with best practice, which is industry practice, we are not going to comment on the issue because it is an issue we are dealing with."</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> <br /></div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> Adams later added that the IOC has not identified the attacker and would not name them at a press conference, but promised a "full report" into the incident. He would not commit to making it public.</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> As North Korea has made peaceful overtures towards the South ahead of the games, <b>it's thought to be unlikely it's behind whatever attack hit the Games' website</b>.</div> <div style="background-color: white; font-family: Arimo, Arial, FreeSans, Helvetica, sans-serif; font-size: 16.0000400543213px; line-height: 24.0000610351563px;"> The North has, however, assaulted the world with a 200-plus troupe of cheerleaders that performs choreographed song and dance routines in the stands at the games. The troupe is going a bit viral, a demonstration of the North's ability to distribute propaganda about its capabilities.</div> </div>

Hacking News News Olympics Winter Olympics website Hacked

Winter Olympics website hacked The Pyeongchang 2018 Winter Olympics' website went down just before the event's Friday opening ceremony, thanks to a cyber-attack, and stayed down for about 12 hours. The outage left users…

Read more »

Millions of Netgear Routers Vulnerable

<div dir="ltr" style="text-align: left;" trbidi="on"> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="float: right; margin-left: 1em; text-align: right;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9Z1CuHPFx2gWwQnNmtt8u5RYO91uU3Cmb3Q5n9oefAJZR5kN-2QD85zJtbCtcL5WUEIeoeLjNvbBF0S_5111uomZufNqA48_3KEQ8RdbTAU3Y5fGt5P15xplZwYI0On9237wkjEkdGn1k/s1600/router_back_label.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img alt="" border="0" data-original-height="192" data-original-width="750" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi9Z1CuHPFx2gWwQnNmtt8u5RYO91uU3Cmb3Q5n9oefAJZR5kN-2QD85zJtbCtcL5WUEIeoeLjNvbBF0S_5111uomZufNqA48_3KEQ8RdbTAU3Y5fGt5P15xplZwYI0On9237wkjEkdGn1k/s1600/router_back_label.png" title="Netgear Routers wonderable to be Hacked" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">Netgear Routers wonderable to be Hacked</td></tr> </tbody></table> <br /> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEincWcxLWVnPBm6fA4JIuoYKibbxMKRm2oSGclVczATNSqHZGWsAHd-6J6LYOIejPQh99u2fEsB0E8bl3mPGUCNYEx341q3-rSCJJ9U_2QFSU3eD8t0dE4m3sjdsgXMZD9Pg3B8IbMlRfSS/s1600/netgear_password_bypass.png" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="400" data-original-width="680" height="188" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEincWcxLWVnPBm6fA4JIuoYKibbxMKRm2oSGclVczATNSqHZGWsAHd-6J6LYOIejPQh99u2fEsB0E8bl3mPGUCNYEx341q3-rSCJJ9U_2QFSU3eD8t0dE4m3sjdsgXMZD9Pg3B8IbMlRfSS/s320/netgear_password_bypass.png" width="320" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">Netgear Routers</td></tr> </tbody></table> <br /> <strong><span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">Security firm Trustwave has disclosed the details of several vulnerabilities affecting Netgear routers, including devices that are top-selling products on Amazon and Best Buy.</span></span></strong><br /> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">The flaws were discovered by researchers in March 2017 and they were patched by Netgear in August, September and October.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">One of the high severity vulnerabilities has been described as a password recovery and file access issue affecting 17 Netgear routers and modem routers, including best-sellers such as R6400, R7000 (Nighthawk), R8000 (Nighthawk X6), and R7300DST (Nighthawk DST).</span></span></div> <br /> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">According to Trustwave, the web server shipped with these and other Netgear routers has a resource that can be abused to access files in the device’s root directory and other locations if the path is known. The exposed files can store administrator usernames and passwords, which can be leveraged to gain complete control of the device.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">An unauthenticated attacker can exploit the flaw remotely if the remote management feature is enabled on the targeted device. Improperly implemented cross-site request forgery (CSRF) protections may also allow remote attacks.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";"><b>Another high severity flaw affecting 17 Netgear routers, including the aforementioned best-sellers, can be exploited by an attacker to bypass authentication using a specially crafted reques</b>t. Trustwave said the vulnerability can be easily exploited.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">A flaw that can be exploited to execute arbitrary OS commands with root privileges without authentication has also been classified as high severity. Trustwave said command injection is possible through a chained attack that involves a CSRF token recovery vulnerability and other weaknesses.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">Two other command injection vulnerabilities have been found by Trustwave researchers, but they have been rated medium severity and they only affect six Netgear router models.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">One of the flaws requires authentication, but experts pointed out that an attacker can execute arbitrary commands after bypassing authentication using the aforementioned authentication bypass vulnerability.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">The other medium severity command injection is related to the Wi-Fi Protected Setup (WPS). When a user presses the WPS button on a Netgear router, a bug causes WPS clients to be allowed to execute arbitrary code on the device with root privileges during the setup process.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">“In other words, <b>if an attacker can press the WPS button on the router, the router is completely compromised</b>,” Trustwave said in an advisory.</span></span></div> <div style="background-color: white; color: #333333; font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 12px;"> <span style="font-size: small;"><span style="font-family: "trebuchet ms" , "geneva";">Netgear has put a lot of effort into securing its products, especially since the launch of its bug bounty program one year ago. In 2017, the company published more than 180 security advisories describing vulnerabilities in its routers, gateways, extenders, access points, managed switches, and network-attached storage (NAS) products.</span></span></div> </div>

Hacking News Netgear Routers News Vulnerability Millions of Netgear Routers Vulnerable

Netgear Routers wonderable to be Hacked Netgear Routers Security firm Trustwave has disclosed the details of several vulnerabilities affecting Netgear routers, including devices that are top-selling products on Amazon a…

Read more »

'Biggest Leak in History' : iPhone source code LEAKED

<div dir="ltr" style="text-align: left;" trbidi="on"> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTCpeNjQs-nRH19WHT0uo3TGM3QzlaCoLEL9HNvuBaGcH_oNbmXIs7_4F-0-rh8Z8oAXu9cDxitDTxsYpjzC_RimkEKFsnzifm9jjBbqGJ9dtaLLrCdh0aIngAkJnvBQAkQ8xKfnL8lo0Z/s1600/iPhone-code-leaked.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="350" data-original-width="590" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjTCpeNjQs-nRH19WHT0uo3TGM3QzlaCoLEL9HNvuBaGcH_oNbmXIs7_4F-0-rh8Z8oAXu9cDxitDTxsYpjzC_RimkEKFsnzifm9jjBbqGJ9dtaLLrCdh0aIngAkJnvBQAkQ8xKfnL8lo0Z/s640/iPhone-code-leaked.jpg" width="640" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">'Biggest Leak in History' : iPhone source code leaked</td></tr> </tbody></table> <br /> Someone just posted what experts say is the <a href="http://www.hackerschronicle.com/search/label/Source%20Code" target="_blank">source code</a> for a core component of the iPhone’s operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve.<br /> The GitHub code is labeled “<b>iBoot</b>,” which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. In other words, it’s the program that loads iOS, the very first process that runs when you turn on your iPhone. It loads and verifies the kernel is properly signed by Apple and then executes it—it’s like the iPhone’s BIOS.<br /> <br /> The code says it’s for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11.<br /> <br /> Apple has traditionally been very reluctant to release code to the public, though it has made certain parts of <a href="http://www.hackerschronicle.com/search/label/iOS" target="_blank">iOS</a> and MacOS open source in recent years. But it has taken particular care to keep iBoot secure and its code private; bugs in the boot process are the most valuable ones if reported to Apple, which values them at a max payment of $200,000. “<b>This is the biggest leak in history</b>,” Jonathan Levin, the author of  on iOS and Mac OSX internals, told me in an online chat. “It’s a huge deal.”<br /> <br /> Levin said the code appears to be the real iBoot code because it aligns with code he <a href="http://www.hackerschronicle.com/search/label/Reverse%20Engineering" target="_blank">reverse engineered</a> himself. A second security researcher familiar with iOS also said they believe the code is real. We don’t know who is behind the leak. Apple did not respond to a request for comment.<br /> Having access to the source code of iBoot gives iOS security researchers a better chance to find vulnerabilities that could lead to compromising or jailbreaking the device, Levin said. That means hackers could have an easier time finding flaws and bugs that could allow them to crack or decrypt an iPhone. And, perhaps, this leak could eventually allow advanced programmers to emulate iOS on non Apple platforms.<br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU63mWjBrFYlpcwlnVfohdJ3jJYYUz3pFHIjjJ9SMS2KhaSZoi1vjJki5mM2UC_mjSFhiO_dLHxvYOsiwY48cUww3Qv2BBsj5jAKJmBg8HeRn65NyZdg5cAB6c35aF7ey3kLZXmS3qCEXB/s1600/ios-code.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="482" data-original-width="640" height="301" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjU63mWjBrFYlpcwlnVfohdJ3jJYYUz3pFHIjjJ9SMS2KhaSZoi1vjJki5mM2UC_mjSFhiO_dLHxvYOsiwY48cUww3Qv2BBsj5jAKJmBg8HeRn65NyZdg5cAB6c35aF7ey3kLZXmS3qCEXB/s400/ios-code.png" width="400" /></a></div> <div class="separator" style="clear: both; text-align: center;"> <br /></div> <div class="separator" style="clear: both;"> <a href="http://www.hackerschronicle.com/search/label/Vulnerability" target="_blank">Vulnerabilities </a>in previous versions of iBoot allowed jailbreakers and hackers to brute-force their way through the iPhone’s lock screen and decrypt a user’s data. But newer iPhones have a chip , which has hardened the security of the device.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> For regular users, Levin added, this means that tethered jailbreaks, which require the phone to be connected to a computer when booting, could soon be back. These jailbreaks used to be relatively easy to pull off and were common, but are now extremely hard to come by on up-to-date iOS devices, which have advanced security mechanisms that make it hard for even highly skilled researchers from even looking for bugs, as they need to first jailbreak the device before beginning to probe the device.</div> <div class="separator" style="clear: both;"> It’s these security improvements . Nowadays, finding bugs and vulnerabilities in iOS is something that requires a significant amount of time and resources. That’s why the jailbreaking community gets excited for any leak of source code or any exploit.</div> <div class="separator" style="clear: both;"> <br /></div> <div class="separator" style="clear: both;"> “iBoot is the one component <a href="http://www.hackerschronicle.com/search/label/Apple" target="_blank">Apple </a>has been holding on to, still encrypting its 64 bit image,” Levin said. “And now it’s wide open in source code form.”</div> <br /></div>

Data Leak iOS News Source Code 'Biggest Leak in History' : iPhone source code LEAKED

'Biggest Leak in History' : iPhone source code leaked Someone just posted what experts say is the source code for a core component of the iPhone’s operating system on GitHub, which could pave the way for hackers and sec…

Read more »

Fake tech support scam : Google Chrome users be Alert

<div dir="ltr" style="text-align: left;" trbidi="on"> <table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto; text-align: center;"><tbody> <tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPK5yrlhrNtgZPH-2SLXsbmGRikYga3Ma-Vp-meI3KY4A6cKTjHRJyn8B_zqmm205p3AGd90adFUgmIvko5A6JCf0jorRybnoH_RAU-eGcim0OESAQpWkIkKifMBISAvITYQZDaGO8KgUO/s1600/Tech-Support-Scams-Targeting-Mac-Owners.jpg" imageanchor="1" style="margin-left: auto; margin-right: auto;"><img border="0" data-original-height="445" data-original-width="811" height="348" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjPK5yrlhrNtgZPH-2SLXsbmGRikYga3Ma-Vp-meI3KY4A6cKTjHRJyn8B_zqmm205p3AGd90adFUgmIvko5A6JCf0jorRybnoH_RAU-eGcim0OESAQpWkIkKifMBISAvITYQZDaGO8KgUO/s640/Tech-Support-Scams-Targeting-Mac-Owners.jpg" width="640" /></a></td></tr> <tr><td class="tr-caption" style="text-align: center;">Fake tech support scam : Google Chrome users be Alert</td></tr> </tbody></table> Tech support scams are increasingly hitting Windows users on the Google Chrome browser—even when it's been updated to the latest version.<br /> <ul style="text-align: left;"> <li>Tech support scams may use an API to freeze a user's browser, prompting them to call a fake support line and share their credit card information. </li> <li>Fake Google Chrome browser alerts asking users to contact false tech support lines have increased over the last quarter for Windows users, according to Malwarebytes.</li> </ul> Fake browser alerts pushing these tech support scams have increased in the last quarter, according to Malwarebytes. Most of these attack campaigns come from <a href="http://www.hackerschronicle.com/search/label/Malwares" target="_blank">malicious </a>advertising and compromised websites, with criminals looking to scare users into calling the number—sometimes by completely locking their browser.<br /> <br /> These scams take the form of browser alerts asking users to contact fake tech support lines in attempts to gain their credit card information. And the attacks on <a href="http://www.hackerschronicle.com/search/label/Google%20Chrome" target="_blank">Google Chrome</a> are far from the first to hit the web: In January 2017, when you Googled "<b>Facebook customer support</b>," .In February 2017, a top <a href="http://www.hackerschronicle.com/search/label/Google" target="_blank">Google </a>search result that appeared to be an ad for Amazon.com was actually a malicious link .<br /> <br /> The US Federal Trade Commission recently launched an effort to put a stop to these scams, but they will likely remain pervasive, This means businesses must be especially vigilant in training employees to recognize scams, phishing attacks, and other cybersecurity issues.<br /> <br /> Since these attacks do not seem to be slowing down, it's important for businesses to train their end users to recognize them. The best way to handle such an <a href="http://www.hackerschronicle.com/search/label/Cyber%20Attack" target="_blank">attack </a>is to avoid panicking and close the browser using the Task Manager. The pop-ups themselves are usually harmless, so long as the user doesn't call the number provided.<br /> <br /> Professionals, whether working at home or in the office, should always go through their IT or security department to handle security issues. All users should be aware that it is highly unlikely that tech vendors will proactively reach out to users offering support.</div>

Google Chrome Hacking News News Scam Fake tech support scam : Google Chrome users be Alert

Fake tech support scam : Google Chrome users be Alert Tech support scams are increasingly hitting Windows users on the Google Chrome browser—even when it's been updated to the latest version. Tech support scams may use …

Read more »

Is IBM Cloud Blumix insecure ?

<div dir="ltr" style="text-align: left;" trbidi="on"> <div> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0-WaNEDO6AXAm3Ym8BB067AYfipaSRdX1H7ejEHJK_o0nLbpSeekz1IHr6IcY1ai2IaVWUIMpZRgP0SFPiXjwghWRdhIY4ELsRDE2PqtHA9QuTA-axzW-pkS_nAyYeQbzjRNPuqKg4uk/s1600/ibm+insecure.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="399" data-original-width="1103" height="228" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0-WaNEDO6AXAm3Ym8BB067AYfipaSRdX1H7ejEHJK_o0nLbpSeekz1IHr6IcY1ai2IaVWUIMpZRgP0SFPiXjwghWRdhIY4ELsRDE2PqtHA9QuTA-axzW-pkS_nAyYeQbzjRNPuqKg4uk/s640/ibm+insecure.jpg" width="640" /></a></div> <br /> An e-mail has gone out from IBM about its Bluemix cloud: after next Tuesday, the SoftLayer APIs will no longer accept connections encrypted with the ancient TLS 1.0.</div> <div> It's not <i>quite</i> a surprise that the 1990s-era protocol was still accepted: a great many services are still midway through their deprecation plans.</div> <div> To give just one example, Salesforce <a href="https://help.salesforce.com/articleView?id=TLS-1-0-Disablement-Critical-Update-Console-CRUC-Setting&type=1" rel="nofollow" target="_blank">began</a> its phase-out of TLS 1.0 in production instances on July 22, 2017.</div> <div> And the PCI Council, which had originally wanted TLS 1.0 gone last year, had to extend its deprecation date to 30 June 2018 (and it's still <a href="https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls" rel="nofollow" target="_blank">blogging </a>early warnings for members, in case they're still failing to catch up).</div> <div> In the Bluemix e-mail, IBM notes: “There should be no impact to customers using a modern web client. This notification is intended to be informative only.</div> <div> The two services affected by the depreciation are api.softlayer.com and api.service.softlayer.com – so there's another community that's got to pay attention, namely developers who wrote to the APIs and used TLS 1.0 to secure their API access.</div> <div> TLS 1.0 has long been known as insecure, as far back as 2011 when it was bitten by the BEAST exploit. ®</div> </div>

Encryption Hacking News IBM Is IBM Cloud Blumix insecure ?

An e-mail has gone out from IBM about its Bluemix cloud: after next Tuesday, the SoftLayer APIs will no longer accept connections encrypted with the ancient TLS 1.0. It's not quite a surprise that the 1990s-era protocol…

Read more »