The king of the castle has a new tormentor.
IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine. The targeted processes include Password Safe and KeePass, two open-source password managers. The variant also targets the nexus Personal Security Client used to secure financial transactions and other services that require heightened security.
When it comes to securing your Wi-Fi network, we always recommend WPA2-PSK encryption. It’s the only really effective way to restrict access to your home Wi-Fi network. But WPA2 encryption can be cracked, too — here’s how.
As usual, this isn’t a guide to cracking someone’s WPA2 encryption. It’s an explanation of how your encryption could be cracked and what you can do to better protect yourself.
Microsoft today deviated from its regular pattern of releasing security updates on the second Tuesday of each month, pushing out an emergency patch to plug a security hole in all supported versions of Windows. The company urged Windows users to install the update as quickly as possible, noting that miscreants already are exploiting the weaknesses to launch targeted attacks.
It’s easy to setup and use; as of August 2014 there had been over 10 million user installs that resulted in 80 petabytes of data transferred. In fact, many folks are using network-attached storage (NAS) systems and BitTorrent Sync “to create a secure, easy-to-manage private cloud that is free of subscription fees.”
The US State Department's unclassified e-mail systems were the victim of a cyberattack in recent weeks, around the same time as White House systems were breached, a senior US official said.
The official, who spoke on condition of anonymity, said no classified systems were compromised. Portions of State's unclassified systems have been shut down to improve security but should be back online shortly.