Xtra Reporters

A bug in Linux’s systemd init system causes root permissions to be given to services associated with invalid usernames, and while this could pose a security risk, exploitation is not an easy task. A developer who uses the online moniker “mapleray” last week discovered a problem related to systemd unit files, the configuration files used to describe resources and their behavior. Mapleray noticed that a systemd unit file containing an invalid username – one that starts with a digit (e.g. “0day”) – will initiate the targeted process with root privileges instead of regular user privileges. Systemd is designed not to allow usernames that start with a numeric character, but Red Hat, CentOS and other Linux distributions do allow such usernames. “It's systemd's parsing of the User= parameter that determines the naming doesn't follow a set of conventions, and decides to fall back to its default value, root,” explained developer Mattias Geniar. While this sounds like it could be leve...

The increasing amount of data we’re all generating is everywhere: in smartphones, laptops, thumb drives, and dozens of online services. How can we secure all of them against unwarranted access? We virtually can’t. Smartphones get stolen, thumb drives get lost, email passwords get brute-forced, cloud servers get breached, unwary users get phished, WiFi networks get tapped, and eventually, malicious users obtain access to your data. So how do you protect your data against unwelcome parties? You encrypt it. In case you don’t know it, encryption is the science of modifying data to prevent intruders from making sense of it. When you encrypt your data, only you and anyone else holding the decryption keys will be able to unlock and read it. This means that even if an attacker gains access to your data by breaking into a server or stealing your hard drive, they won’t be able to make sense of it if they don’t have the keys. As I’ve argued before, encryption is your last line of defense, the on...

NordVPN, a popular virtual private network provider, has launched CyberSec, a new security feature as part of the NordVPN 6.4.5.0 client update. CyberSec is a new security component of the official NordVPN client designed to block malware, intrusive advertisement, and other threats. Customers of NordVPN who upgrade the client to the latest version will receive a popup when they run the client after update installation that informs them about the new CyberSec feature. Introducing CyberSec ! From now on, NordVPN gives comprehensive protection from intrusive ads, malware, phishing attempts, DDoS attacks and other threats. CyberSec can best be described as a mechanism to control traffic. It resembles a content blocker but with the difference that it runs on the system level, and not as a browser extension. It is not the first feature of its kind; Private Internet Access’ client for instance ships with a similar feature called MACE for some time now. So what does it do? Blocks advertisement...

Hackers can steal passwords and PINs by analysing your brainwave signals, a new study has found. Researchers from the University of Alabama at Birmingham and the University of California Riverside collected data from electroencephalography (EEG) headsets, which sense the electrical activity inside a person’s brain. They’re growing increasingly popular amongst gamers, who can use them to control characters using their brain signals. Crucially, however, EEG headsets also monitor your brainwaves when you’re not playing. Users who paused a game but left their EEG headset on while checking their password-protected accounts could be vulnerable to hackers, the researchers found. They asked 12 people to use a physical keyboard to type a series of randomly generated PIN numbers and passwords into a text box while wearing a headset. After they had entered 200 characters, an algorithm created by the researchers was able to make educated guesses about the PINs with a 43.4 per cent success rate, an...

Energy companies, including nuclear energy companies, are likely to come under hacking attack warns the FBI and US Department of Homeland Security. The agencies have detected attempts by hacker to harvest access information to electricity providers. “Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” says the report. Last December hackers closed down electricity suppliers in the Ukraine with malware called Industroyer. The report says it thinks the hackers have been conducting reconnaissance on vulnerabilities at the energy companies for the last two months. The report describes 11 files used in the attacks, including malware downloaders and tools that allow the hackers to take remote control of computers and crawl across their networks.