Tech News

Hackers are increasingly using domain name serves (DNS) amplification to deliver huge amounts of traffic in distributed denial of service (DDoS) attacks, according to a white paper from security company Symantec. Between January and August of this year the firm observed an 183% increase in the use of such attacks, in which hackers deliver requests to DNSs prompting floods of traffic to the target. Candid Wueest, threat researcher at Symantec, said: Distributed denial of service attacks are not a new concept, but they have proven to be effective. In the last few years they have grown in intensity as well as in number, whereas the duration of an attack is often down to just a few hours. Such attacks are simple to conduct for the attackers, but they can be devastating for the targeted companies. Amplification attacks especially are very popular at the moment as they allow relatively small botnets to take out large targets. Attack patterns employed by hackers can move over time as companies seek to defend themselves against popular attacking strategies, in what is often compared to an arms race.

In light of recent, highly publicized hacks on Target, Home Depot, and celebrity iCloud accounts, people are wondering if hackers are evolving more quickly than our cybersecurity methods. Not so, says cybersecurity expert Michael Ricotta of Blue Fountain Media Development. We are just bad at using the security measures already at our disposal to protect our data, he says. Many of the hacks that are happening are the result of being too careless, Ricotta told Business Insider. Hacking is not something that is done by some guy wearing a cloaked hoodie hiding in some corner who knows more than anyone else in the world … There are people who have an understanding of how computers work and are able to find where people who do not know how computers work are improperly handling their own system.

FBI Director James Comey is urging Congress to take up the topic of encryption -- setting up a potentially historic debate on Capitol Hill over whether U.S. tech firms can be required to bake into their technology ways for law enforcement to legally access users e-mails, texts and other digital communications. In remarks at the Brookings Institution on Thursday, Comey used the phrase going dark to describe the decisions by companies like Apple and Google to encrypt by default more and more of their services. (Comey recalled his response when he learned of those decisions: Holy cow.) The problem, Comey argued, is that the process locks away for good some data that could be useful to law enforcement as it fights crime. The argument against that notion? That any time you create a means of access for law enforcement -- what Comey called a front door that the FBI can use with clarity and transparency -- it increases the chances that those with ill-intentions can get at that same data. It is a complicated dynamic, and Comey appeared eager to punt the confusion over to Congress. He called for the House and Senate to begin rethinking the Communications Assistance for Law Enforcement Act, better known as CALEA, which empowers the FBI to access electronic communications. The 20-year old law, Comey argued, should require companies big and small to build into their systems lawful intercept capabilities that arent stymied by encryption.

Imagine its possible to force a victims browser to effectively create malware on-the-fly that would hand over control of the PC, phone or tablet to a hacker. Now imagine this could be done by having the target click on a link for a domain as popular and trusted as Google GOOGL -2.44%.com, and then executing an ostensibly legitimate file. This is, according to Trustwave SpiderLabs security researcher Oren Hafif, a real possibility. At the Black Hat Europe conference taking place next week hell detail his new attack technique called Reflected File Download (RFD). More savvy users will be wise enough not to actually click on the downloaded file, even if it does appear to have been delivered by a legitimate domain. But heres the most perturbing part: Hafif will show how he created code for a worm that could easily spread malicious links containing RFD attack code across the worlds biggest social networks. Anyone who clicked the links he created risked handing over their cookies, though real criminals could craft attacks that would do much worse. They could take over reams of machines. Hafif believes its the first cross-social-network worm ever created. One security expert, who wished to remain anonymous, noted that if the findings are correct, this method could be devastating. Many sites are vulnerable to RFD. Hafif told me that hed come unstuck in the disclosure process, having already informed Google and Microsofts MSFT +2.08% Bing.com their sites were vulnerable to RFD attacks back in May – both have now addressed the issue. Thats because he had at least 20 major websites that could be exploited using his techniques and it was not feasible to go through the process of informing each. Many more websites that accept and reflect user input are likely affected. If they are using JSON, an easy-to-use format for storing and exchanging data, they are almost certainly vulnerable to an instance of reflected file downloaded, according to Hafif. If I were to name all sites that were vulnerable Id have to extend our talk – Ive found a lot of websites are vulnerable, Im talking about big vendors.

By developing a new tool called PlayDrone, Jason Nieh, professor of computer science at Columbia Engineering, and PhD candidate Nicolas Viennot reported that they have discovered a crucial security problem in Google Play - the official Android app store where millions of Android users get their apps. PlayDrone uses hacking techniques to find a way around Google’s security to download Google Play apps, and then recover and analyse their sources. It scales down by simply adding more servers and in this way, it manages to compile over 880,000 of the 1.1 million free apps it downloads. IMAGE: http://www.igyaan.in/wp-content/uploads/2014/06/columbiaengi.png

Microsoft has revealed that computers running its Windows Vista and Windows 7 operating systems are more likely to be infected with malware than the 13-year-old Windows XP operating system that went out of support last month. According to the company’s biannual Security Intelligence Report (SIR), Windows XP computers had an infection rate of 2.42 per cent in the last quarter of 2013, compared to 3.24 per cent for Windows Vista and 2.59 per cent for Windows 7. Microsoft said the data had been normalised to account for the different numbers of computers running each version of the operating system. Windows 8 had a 1.73 per cent infection rate and Windows 8.1 (the latest version) just 0.08 per cent. The Security Intelligence Report also detected a dramatic rise in infection rates between the third quarter and fourth quarter of 2013 across all versions of Windows. Microsoft said this can be largely blamed on the Rotbrow family of malware, which presented itself as a browser add-on. Commenting on the report, security expert Graham Cluley said that the statistics do not necessarily suggest that Windows 7 is a less safe environment than Windows XP. Users of more modern versions of Windows can take full advantage of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET), which can block malware. The statistics in Microsoft’s report cover a period when Windows XP was still receiving security updates from Microsoft. Going forward we can expect XP computers to become more and more riddled with malware as security holes are left unpatched. In short, don’t downgrade your version of Windows to Windows XP, he said in a blog post. Also, dont expect to see Windows XP making as much of an impact in future Microsoft security reports. The company collects statistics on officially supported versions of the operating system and, as we hopefully all know by now, the creaky old XP version of Windows is no longer supported. He added that not all malware relies upon vulnerabilities and security holes, and a large number of malware attacks use simple social engineering techniques that trick users into making poor decisions, such as clicking on a malicious link or running a malware-infected file that has been sent to them. The news coincides with a report from the Information Commissioners Office, warning that a failure to keep software security up to date is one of the eight most common IT security vulnerabilities that have resulted in organisations failing to keep peoples information secure. In just the past couple of months we have already seen widespread concern over the expiry of support for Microsoft XP and the uncovering of the security flaw known as Heartbleed, said the ICOs group manager for technology, Simon Rice. While these security issues may seem complex, it is important that organisations of all sizes have a basic understanding of these types of threats and know what action they need to take to make sure their computer systems are keeping customers information secure.