Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site, for more information about our income and expenses please see our donation page.
Is it wrong to hack back - to counter-cyber-attack when you have become a victim? The presumed answer is yes. In the US alone, the Department of Justice calls hacking back “likely illegal”; the Federal Bureau of Investigation “cautions” victims against it; and White House officials call it “a terrible idea.” But none has clearly declared it illegal. The law has not caught up with technology here - whether in the US or other geographies - and we do not have a test-case in court yet. In the meantime, we can look toward ethics for guidance, which surprisingly might permit hacking back. If cyber-attacks are a law enforcement issue, the usual solution is to let the authorities handle it. They would work to capture the suspects, put them on trial, and punish them if found guilty. To circumvent this process seems to be vigilantism, which threatens the rule of law and therefore civil societys foundation. But when cyber-attackers continue to elude identification - forget about capture and prosecution - does it still make sense to defer to the authorities? Help is not on the way. For instance, the FBI said this about ransomware, or malicious software that locks down a users system until money is extorted. “To be honest, we often advise people to just pay the ransom," they said. If the wheels of justice are systematically stuck, then it may not be vigilantism to take action against your attacker. Part of our social contract to create and abide by government is to give up our natural powers to take justice into our own hands, in exchange for a more reliable and fair legal system. Arguably, our obligation to defer to law enforcement is suspended, on this particular issue of cyber-attacks, if they can not uphold their end of the bargain.
Capcom has apologised to Street Fighter V players after it was caught installing a backdoor on Windows systems as part of its most recent title update. As with many PC games, Street Fighter V suffers from piracy and cheaters - the platforms perennial problems. Unlike most, however, the latest attempt to fix the problem came in the form of a title update bundling a Windows driver - capcom.sys - which disables selected system security features and provides publisher Capcom with administrator-level privileges to the entire operating system and all its files. The problems began with a security update released on September 22nd containing what Capcom described as an "updated anti-crack solution." In its announcement, the company claimed that that software was not DRM, but was designed such that it "prevents certain users from hacking the executable. The solution also prevents memory address hack [sic] that are commonly used for cheating and illicitly obtaining in-game currency and other entitlements that haven’t been purchased yet." Sadly, the update did significantly more than Capcom promised. In a thread on social networking site reddit, users tore down the code included with a kernel-level Windows driver file bundled with the software and discovered that it disabled the Supervisor Mode Execution Protection (SMEP) functionality of affected systems, forced the game to elevate its privileges and run at administrator level, and provided Capcom with complete and unrestricted access to the entire host system. In short: its a backdoor, and one which actively harms the overall security of players systems. Although the code in the driver disables SMEP only long enough to run a chunk of its own code and then re-enables the functionality, the damage is severe: using the driver, any unprivileged process on the system - including malware - can have its code executed at kernel level without question. Capcom, for its part, has apologised and promised to undo the damage caused. "We are in the process of rolling back the security measures added to the PC version of Street Fighter V," the company claimed in a statement on the matter. "After the rollback process to the PC version, all new content from the September update will still be available to players. We apologise for the inconvenience." Those who wish to ensure their systems security are advised to check for the driver "capcom.sys" even after the update which should remove it is installed.
DE-CIX questions legality of government tapping its system. The worlds largest internet exchange point is suing the German government for tapping its communications systems. DE-CIX runs a number of critical exchange points – most of them in Germany, but with others in France, Spain and the United States – and has sued the German interior ministry over orders from the German security services to allow them to tap its exchange centers. The goal of the lawsuit, filed in federal court in Leipzig, is to reach a "judicial clarification" over whether the German governments actions are legal, the company said (in German), and "in particular, legal certainty for our customers and our company."
Now available on the stable release version, users will have five locations globally to choose when using the VPN which features 256-bit AES encrypted connections. If privacy when surfing the World Wide Web is something you value, then using a virtual private network (VPN) to obscure your surfing patterns is a must. While most VPNs either require a subscription fee or installing additional software on your PC, Operas latest update to its stable desktop browser version adds VPN functionality for free and turning it on is as simple as clicking a button. Powered by Opera subsidiary SurfEasy, the VPN uses a 256-bit AES encrypted connection and does not log your browsing history. Users can choose from five server locations: Canada, Germany, the Netherlands, Singapore and the United States, or let the browser select the most optimal server. The free VPN for its desktop browser follows the companys previous announcement back in April where this feature was made available on the developer version of its browser. The company also introduced a mobile VPN service for both iOS and Android. Other new features in the updated browser include Chromecast support, automatic battery saving for unplugged laptops and support for RSS feeds with the newsreader feature. Opera says the VPN should be fast enough for watching video in HD (thats 1,280x720 pixels) but will also depend on the users location to the VPN server. Opera says this depends on the network situation as well, as most video sites have adaptive streaming protocol built-in. The updated Opera browser can be downloaded here: http://www.opera.com/computer/
Networking giant says there is no workaround for the issue Hackers have targeted some Cisco customers using a new vulnerability found thanks to leaked NSA cyber tools. The tools were released in August by a hacker group dubbed ShadowBrokers and are confirmed to belong to the Equation Group which has strong ties with the NSA. It is the second such vulnerability to be found by Cisco as a result of the data dump made by the hackers; Cisco has already fixed a flaw in the SNMP implementation in its ASA firewalls. Cisco has warned its customers that all versions of its IOS, IOS XE and IOS XR software are vulnerable to one of the many exploits released on August 15. The networking firm has not revealed which of its customers may have already been breached but the issue impacts firewalls, routers and switches made by the firm, enabling hackers to get hold of critical and confidential information from its customers. The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests, the firm said in a security advisory blog. But despite stating that its incident response team was aware of exploitation of the vulnerabilities of those customers running affected platforms, Cisco has not yet developed a patch for the flaw and has said no workarounds are available. Instead, it has released IPS signatures and Snort rules to mitigate the risks for its customers. The exploit is called BENIGNCERTAIN and is made up of three binaries, each of which can be exploited to obtain RSA private key data and VPN configuration details if used against Cisco PIX firewalls. Cisco isn’t the only networking company to have exploits revealed. The ShadowBrokers data dump included exploits for Juniper and Fortinet, amongst others. French Caldwell, former Gartner fellow and chief evangelist at GRC apps company MetricStream, warned other spy agencies – particularly the other Five Eyes members that they too are vulnerable to a similar hack. If the NSA was hacked, the chances that they too have been targeted are certainly more than 50-50, he said.
A notorious cybercriminal is advertising 200 million of alleged Yahoo user credentials on the dark web, and the company has said it is aware of the hackers claims, but has not confirmed nor denied the legitimacy of the data. On Monday, the hacker known as Peace, who has previously sold dumps of Myspace and LinkedIn, listed supposed credentials of Yahoo users on The Real Deal marketplace. Peace told Motherboard that he has been trading the data privately for some time, but only now decided to sell it openly. We are aware of a claim, a Yahoo spokesperson told Motherboard in an email, before the data was made public. The company did not deny that the customer details were Yahoo users, despite being asked if it corresponded to the companys own records. We are committed to protecting the security of our users information and we take any such claim very seriously. Our security team is working to determine the facts. Yahoo works hard to keep our users safe, and we always encourage our users to create strong passwords, or give up passwords altogether by using Yahoo Account Key, and use different passwords for different platforms.