Tag Archives | cyber security

Bigger than Heartbleed? Bug in bash leaves millions of web servers vulnerable


[Editor’s note: Apple has responded to the shellshock security risk, saying that most users are not at risk.]

This article was originally published on The Conversation.
Read the original article.

By Andrew Smith, The Open University

A first and quite reasonable thought readers may have will be to wonder: what is bash?

When you use a computer you probably interact with it through a point-and-click, visual interface such as Windows or Mac OS. More advanced users or specific tasks might require a text-only interface, using typed commands. This command line program is known as a shell, and bash is the acronym for Bourne Again SHell (a successor to the Bourne shell, written by Stephen Bourne – that’s geek humour right there), known to everyone as bash.

So what you need to know is that a shell is essential, and that bash as the most common shell in use is installed on pretty much every machine that runs a flavour of Linux or Unix.… Read the rest

Continue Reading

Obama Granted Sweeping Power in ‘Secret’ Cyber-Wars

Jacob Chamberlain writes at Common Dreams:

U.S. President Barack Obama has been granted sweeping powers to order preemptive cyber-strikes on any given country, anonymous officials involved in a “secret legal review” of U.S. cyber warfare rules, told the New York Times Monday.

Speaking to the Times, the unnamed officials said quickly advancing tactics of cyber-warfare can be unleashed exclusively via the direct orders of the President—should the administration suspect signs of a major digital attack. If the president approves a strike, the government will be able to “attack adversaries by injecting them with destructive code—even if there is no declared war,” the Times reports.

The administration has been working to hash out the nation’s first written rules on how and when the military and several government agencies can initiate acts of cyber-warfare; however, the rules will remain classified.

“What we know about the legal questions Obama has grappled with is all secret.

Read the rest
Continue Reading

How To Become A Russian Cyber Criminal

Thanks to Trend Micro, you too can now have cheap, easy access to Russian cyber crime. Via Wired UK:

If you want to buy a botnet, it’ll cost you somewhere in the region of $700 (£433). If you just want to hire someone else’s for an hour, though, it can cost as little as $2 (£1.20) — that’s long enough to take down, say, a call centre, if that’s what you were in the mood for. Maybe you’d like to spy on an ex — for $350 (£217) you can purchase a trojan that lets you see all their incoming and outgoing texts. Or maybe you’re just in the market for some good, old-fashioned spamming — it’ll only cost you $10 (£6.19) for a million emails. That’s the hourly minimum wage in the UK.

This is the current state of Russia’s underground market in cybercrime — a vibrant community of ne’er-do-wells offering every conceivable kind of method for compromising computer security.

Read the rest
Continue Reading