Michael Kan

About the Author Michael Kan


There’s now a tool to test for NSA spyware

Has your computer been infected with a suspected NSA spying implant? A security researcher has come up with a free tool that can tell.

Luke Jennings of security firm Countercept wrote a script in response to last week’s high-profile leak of cyberweapons that some researchers believe are from the National Security Agency. It’s designed to detect an implant called Doublepulsar, which is delivered by many of the Windows-based exploits found in the leak and can be used to load other malware.

The script, which requires some programming skill to use, is available for download on GitHub.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

At $175, this ransomware service is a boon to cybercriminals

Cybercriminals have another easy-to-use ransomware kit to add to their arsenals, thanks to a new variant called Karmen that hackers can buy on the black market for $175.

A Russian-speaking user called DevBitox has been advertising the ransomware in underground forums, security firm Recorded Future said in a blog post on Tuesday.  

Karmen is what experts call ransomware-as-a-service — a particularly worrisome trend. Amateur hackers with little technical know-how can buy access to them, and in return, they’ll receive a whole suite of web-based tools to develop their own ransomware attacks.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Rival IoT malware clash in a botnet territory battle

Mirai—a notorious malware that’s been enslaving IoT devices—has competition.

A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things (IoT) products, with a resiliency that surpasses Mirai, according to security researchers.

“You can almost call it Mirai on steroids,” said Marshal Webb, CTO at BackConnect, a provider of services to protect against distributed denial-of-service (DDoS) attacks.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Microsoft: Past patches address leaked NSA exploits

Microsoft said it has already patched vulnerabilities revealed in Friday’s high-profile leak of suspected U.S. National Security Agency spying tools, meaning customers should be protected if they’ve kept their software up-to-date.

Friday’s leak caused concern in the security community. The spying tools include about 20 exploits designed to hack into old versions of Windows, such as Windows XP and Windows Server 2008.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Leaked NSA exploits plant a bull’s-eye on Windows Server

Friday’s release of suspected NSA spying tools is bad news for companies running Windows Server. The cyberweapons, which are now publicly available, can easily hack older versions of the OS.  

The Shadow Brokers, a mysterious hacking group, leaked the files online, setting off worries that cybercriminals will incorporate them in their own hacks.  

“This leak basically puts nation-state tools into the hands of anyone who wants them,” said Matthew Hickey, the director of security provider Hacker House.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Microsoft Word exploit linked to cyberspying in Ukraine conflict

A previously unknown Microsoft Office vulnerability was recently used to deliver spyware to Russian-speaking targets, in a possible case of cyberespionage.

Security firm FireEye noticed the intrusion attempt, which taps a critical software flaw that hackers are using to craft malicious Microsoft Word documents.

On Wednesday, FireEye said it uncovered one attack that weaponized a Russian military training manual. Once opened, the malicious document will deliver FinSpy, a surveillance software that’s been marketed to governments.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

US dismantles Kelihos botnet after Russian hacker’s arrest

The arrest last week of a Russian man in Spain was apparently for his role in a massive spam botnet and not related to an ongoing investigation into foreign tampering with last year’s U.S. election.

The botnet, called Kelihos, has enslaved hundreds of thousands of computers, and distributed spam and malware to users across the globe. However, the U.S. has taken action to dismantle the illegal operation, the Department of Justice said on Monday.

The arrest of 36-year-old Peter Yuryevich Levashov, the botnet’s alleged operator, was at first thought to be related to the ongoing U.S. investigation of presidential election-related hacking, but the DOJ said on Monday that wasn’t the case.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Suspected CIA spying tools linked to hacks in 16 countries

The suspected CIA spying tools exposed by WikiLeaks have been linked to hacking attempts on at least 40 targets in 16 countries, according to security firm Symantec.

The tools share “close similarities” with the tactics from an espionage team called Longhorn, Symantec said in a Monday post. Longhorn has been active since at least 2011, using Trojan programs and previously unknown software vulnerabilities to hack targets.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

The iCloud hackers’ bitcoin ransom looks like a fake

A group of hackers who claimed to hold millions of iCloud accounts for ransom said on Friday it had been paid. But one bitcoin expert said that’s bogus. 

The Turkish Crime Family grabbed headlines last month by claiming it had the stolen login credentials for more than 700 million icloud.com, me.com and mac.com accounts. The group demanded increasing ransoms from Apple while threatening to wipe the data from devices connected to the affected accounts if it did not.

On Friday, the hackers tweeted that they had been paid $480,000 in bitcoin. As proof, the group posted a link showing a transaction on Blockchain.info, a popular bitcoin wallet.  

To read this article in full or to leave a comment, please click here

Read more 0 Comments

WikiLeaks: CIA used bits of Carberp Trojan code for malware deployment

When the source code to a suspected Russian-made malware leaked online in 2013, guess who used it? A new release from WikiLeaks claims the CIA borrowed some of the code to bolster its own hacking operations.

On Friday, WikiLeaks released 27 documents that allegedly detail how the CIA customized its malware for Windows systems.

The CIA borrowed a few elements from the Carberp financial malware when developing its own hacking tool known as Grasshopper, according to those documents.

Carberp gained infamy as a Trojan program that can steal online banking credentials and other financial information from its victims’ computers. The malware, which likely came from the criminal underground, was particularly problematic in Russia and other former Soviet states.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

US says laptop ban may expand to more airports

The U.S. might add other airports to its ban restricting passengers from bringing laptops and other electronics into the cabin for certain flights from the Middle East.

“We may take measures in the not too distant future to expand the number of airports,” said Homeland Security secretary John Kelly on Wednesday during a congressional hearing.

Last month, the U.S. announced the ban, which affects ten airports, all of which are in Muslim-majority countries. Passengers flying to the U.S. are barred from bringing any electronic devices larger than a smartphone into a plane’s cabin, and must instead check them in as baggage.    

To read this article in full or to leave a comment, please click here

Read more 0 Comments

U.S. may expand laptop ban to more airports

The U.S. might add other airports to its ban restricting passengers from bringing laptops and other electronics into the cabin for certain flights from the Middle East.

“We may take measures in the not too distant future to expand the number of airports,” said Homeland Security secretary John Kelly on Wednesday during a congressional hearing.

Last month, the U.S. announced the ban, which affects ten airports, all of which are in Muslim-majority countries. Passengers flying to the U.S. are barred from bringing any electronic devices larger than a smartphone into a plane’s cabin, and must instead check them in as baggage.    

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Amazon to refund parents over kids’ in-app purchases, says FTC

Parents with children who ran up bills, sometimes huge, through in-app purchases stand to get some or all of that money back. Amazon could have to hand out more than $70 million in refunds to affected consumers, according to the U.S. Federal Trade Commission.

On Tuesday, the FTC and Amazon agreed to end their legal battle over whether the U.S. company unlawfully charged its customers for the purchases.

A year ago, a court found that Amazon had.

The company’s app store can be downloaded to Android devices and it runs on certain Kindle tablets. However, parents had complained that Amazon’s system had made it all too easy for their children to buy virtual items in the apps, without their consent.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Chinese hackers go after third-party IT suppliers to steal data

Companies that choose to outsource their IT operations should be careful. Suspected Chinese hackers have been hitting businesses by breaching their third-party IT service providers. 

Major IT suppliers that specialize in cloud storage, help desk, and application management have become a top target for the hacking group known as APT10, security providers BAE Systems and PwC said in a joint report.

That’s because these suppliers often have direct access to their client’s networks. APT10 has been found stealing intellectual property as part of a global cyberespionage campaign that ramped up last year, PwC said on Monday.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Notorious iOS spyware has an Android sibling

Security researchers have uncovered the Android version of an iOS spyware known as Pegasus in a case that shows how targeted electronic surveillance can be.

Called Chrysaor, the Android variant can steal data from messaging apps, snoop over a phone’s camera or microphone, and even erase itself.

On Monday, Google and security firm Lookout disclosed the Android spyware, which they suspect comes from NSO Group, an Israeli security firm known to develop smartphone surveillance products.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Notorious iOS spyware, Pegasus, has an Android sibling

Security researchers have uncovered the Android version of an iOS spyware known as Pegasus in a case that shows how targeted electronic surveillance can be.

Called Chrysaor, the Android variant can steal data from messaging apps, snoop over a phone’s camera or microphone, and even erase itself.

On Monday, Google and security firm Lookout disclosed the Android spyware, which they suspect comes from NSO Group, an Israeli security firm known to develop smartphone surveillance products.

Fortunately, the spyware never hit the mainstream. It was installed less than three dozen times on victim devices, most of which were located in Israel, according to Google. Other victim devices resided in Georgia, Mexico and Turkey, among other countries.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Banking hackers left clue that may link them to North Korea

The notorious hackers behind a string of banking heists have left behind a clue that supports a long-suspected link to North Korea, according to security researchers.

The so-called Lazarus Group has been eyed as a possible culprit behind the heists, which included last February’s $81 million theft from Bangladesh’s central bank through the SWIFT transaction software.

However, hackers working for the group recently made a mistake: They failed to wipe the logs from a server the group had hacked in Europe, security firm Kaspersky Lab said on Monday.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Latest WikiLeaks dump exposes CIA methods to mask malware

WikiLeaks may have dealt another blow to the CIA’s hacking operations by releasing files that allegedly show how the agency was masking its malware attacks.

On Friday, the site dumped the source code to the Marble Framework, a set of anti-forensic tools that WikiLeaks claims the CIA used last year.

The files do appear to show “obfuscation techniques” that can hide CIA-developed malicious coding from detection, said Jake Williams, a security researcher at Rendition InfoSec, who has been examining the files.

Every hacker, from the government-sponsored ones to amateurs, will use their own obfuscation techniques when developing malware, he said.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

In mining user data, ISPs have to weigh cash vs. privacy

U.S. internet service providers are about to face temptation.

Now that the broadband privacy rule repeal is almost certain, will they sell their customers’ data to marketers, or will they keep it private?

The U.S. broadband industry is telling consumers not to worry. Verizon, for instance, said that it remains committed to protecting users’ privacy.

What that exactly means is unclear, and some in the industry are skeptical.

Major broadband providers will be enticed to monetize their customers’ data in ad-heavy ways, said Dane Jasper, CEO of Sonic, a small ISP in California.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Congress to US citizens: Want online privacy? Pay up!

A congressional vote to repeal U.S. restrictions on broadband providers doesn’t mean that online privacy is dead. Consumers will just have to pay for it.

The coming repeal, which President Donald Trump is expected to sign into law, paves a clearer path for broadband providers to sell customers’ internet browsing history and other online data, without their consent.

Privacy advocates are worried. Imagine corporate giants snooping on your internet activities, and then bombarding your PC, phone and TV with targeted ads.

However, the privacy rule rollback might have an opposite effect, too. Expect broadband providers and other internet services to emerge offering online privacy protections, but at a price.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

US House votes to undo broadband privacy rules

The U.S. House of Representatives has followed the Senate in voting to repeal privacy rules that can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.

On Tuesday, the House voted 215-205 to do away with the privacy rules that the U.S. Federal Communications Commission passed last year. The rules had yet to come into effect.

They require broadband carriers to first obtain opt-in approval from customers before using and sharing their sensitive personal information, such as web browsing history, geo-location data and what applications they’ve used.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

House votes to undo broadband privacy rules

The U.S. House of Representatives has followed the Senate in voting to repeal privacy rules that can prevent broadband providers from selling customers’ internet-browsing histories and other data without their permission.

On Tuesday, the House voted 215-205 to do away with the privacy rules that the U.S. Federal Communications Commission passed last year. The rules had yet to come into effect.

They require broadband carriers to first obtain opt-in approval from customers before using and sharing their sensitive personal information, such as web browsing history, geo-location data and what applications they’ve used.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

China devotes $22B to domestic chip industry expansion

China is pouring more money into chasing its semiconductor ambitions. The state-backed Tsinghua Unigroup, which has been building up the country’s chip-industry infrastructure, received a 150 billion yuan (US$22 billion) in financing on Tuesday.

The funds come from the China Development Bank and a national integrated circuit investment fund, two groups tied to the country’s government.

Tsinghua Unigroup hasn’t said what the money will be specifically used for. But it will go toward making it more competitive in the semiconductor space, according to a company statement.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Apple wins China patent battle over iPhone 6 design

Apple has fended off a claim that the iPhone 6’s design infringed a patent from a little-known local company in China.

Shenzhen Baili had claimed that the iPhone 6 and 6 Plus bore striking similarities to the products from its parent company, Digione. But on Friday, Beijing’s intellectual property court disagreed and ruled in favor of Apple.

The product designs of the two companies contain differences, the court said. For instance, Apple’s iPhone 6 contains a symmetrical exterior curve on the device, while the design patent from Baili uses an asymmetrical curve.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Apple wins China patent battle over iPhone 6 design

Apple has fended off a claim that the iPhone 6 infringed a patent from a little-known local company in China.

Shenzhen Baili had claimed that the iPhone 6 and 6 Plus bore striking similarities to the products from its parent company, Digione. But on Friday, Beijing’s intellectual property court disagreed and ruled in favor of Apple.

The product designs of the two companies contain differences, the court said. For instance, Apple’s iPhone 6 contains a symmetrical exterior curve on the device, while the design patent from Baili uses an asymmetrical curve.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Google Play faces cat and mouse game with sneaky Android malware

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store — where software is vetted – is perhaps the best advice.  

But that doesn’t mean Google Play is perfect.

Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up with sneaky ways to infiltrate the platform, despite the vetting processes that protect it.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Google Play faces cat-and-mouse game with Android malware

What’s the best way to avoid Android malware? Downloading all your apps from the Google Play store — where software is vetted – is perhaps the best advice.  

But that doesn’t mean Google Play is perfect.

Security researchers do find new Android malware lurking on Google’s official app store. That’s because hackers are coming up with sneaky ways to infiltrate the platform, despite the vetting processes that protect it.

“Eventually, every wall can be breached,” said Daniel Padon, a researcher at mobile security provider Check Point.

To be sure, most Android users will probably never encounter malware on the Google Play store. Last year, the amount of malicious software that reached the platform amounted to only 0.16 percent of all apps, according to a new report from Google.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

FBI director floats international framework on encrypted data access

FBI director James Comey has suggested that an international agreement between governments could ease fears about IT products with government-mandated backdoors, but privacy advocates are doubtful.

Speaking on Thursday, Comey suggested that the U.S. might work with other countries on a “framework” for creating legal access to encrypted tech devices.

“I could imagine a community of nations committed to the rule of law developing a set of norms, a framework, for when government access is appropriate,” he said on Thursday.

Comey made his comments at the University of Texas at Austin, when trying to address a key concern facing U.S. tech firms in the encryption debate: the fear that providing government access to their products might dampen their business abroad.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

UK follows U.S. ban of electronic devices in cabins on some flights

The U.K. is joining the U.S. in its ban restricting passengers from bringing some electronic devices onto flights from the Middle East.

Phones, laptops, and tablets that are larger than 16 cm (6.3 inches) in length and wider than 9.3 cm will no longer be allowed in the cabin on select flights coming from several Middle Eastern countries, the U.K.’s department of transportation said on Tuesday. 

The U.K. said it was in “close contact” with the U.S. since the country announced its own ban on Monday.  However, the U.K. made no mention of any specific risk, only that it faces “evolving” terrorism threats. 

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Russia will strike US elections again, FBI warns

Future U.S. elections may very well face more Russian attempts to interfere with the outcome, the FBI and the National Security Agency warned on Monday.

“They’ll be back,” said FBI director James Comey. “They’ll be back in 2020. They may be back in 2018.”

Comey made the comment during a congressional hearing on Russia’s suspected efforts to meddle with last year’s presidential election. Allegedly, cyberspies from the country hacked several high-profile Democratic groups and people, in an effort to tilt the outcome in President Donald Trump’s favor.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Russia will strike U.S. elections again, FBI warns

Future U.S. elections may very well face more Russian attempts to interfere with the outcome, the FBI and the National Security Agency warned on Monday.

“They’ll be back,” said FBI Director James Comey. “They’ll be back in 2020. They may be back in 2018.”

Comey made the comment during a congressional hearing on Russia’s suspected efforts to meddle with last year’s presidential election. Allegedly, Russian cyberspies hacked several high-profile Democratic groups and people in an effort to tilt the outcome in President Donald Trump’s favor.

To read this article in full or to leave a comment, please click here

Read more 0 Comments

Yahoo breach exposes the drawbacks of state-sponsored hacking

When governments turn to private hackers to carry out state-sponsored attacks, as the FBI alleges Russia did in the 2014 breach of Yahoo, they’re taking a big risk.

On the one hand, it gives them a bit of plausible deniability while reaping the potential spoils of each attack, but if the hackers aren’t kept on a tight leash things can turn bad.

Karim Baratov, the 22-year-old Canadian hacker who the FBI alleges Russia’s state security agency hired to carry out the Yahoo breach, didn’t care much for a low profile.

To read this article in full or to leave a comment, please click here

Read more 0 Comments