Tuesday, September 8, 2015

"Give me your money if you want to see my 0days"

One of the most important and cool security enterprises at the moment, FireEye, is fighting against a real breed 0days hunter. It is a proper dispute being observed by the computer security community. Which philosophy will win? Today we will stare at the PayPal security problems and the Seagate hard drives and an interesting study concerning the most dangerous corners of the net.

Kristian Erik Hermansen
The 0days hunters name is Kritian Erik Hermansen, who announced last Monday having discover an unknown leak in the security platform of the well-known enterprise, FireEye. He also added, in a tinkling way, that he had 3 0days more, which went out for sale at that moment. FireEye answered thanking him the advice and asking his to cooperate in order to solve the issue, as it is normally done when a hacker advises of a vulnerability, but Hermansen replied that if FireEye needed help they should pay for it. We will see where all of this ends, but, in any case, it is an interesting fight between philosophies, which result might be unforgettable.

Careful with PayPal on mobile phones devices

We are not moving out of topic since PayPal is living it´s own terrible ordeal: at first an investigator advise of a problem in their authentication process, which the enterprise solved in few hours, something we are, unfortunately, not used to. But now, from Vulnerability Lab, they affirm that the hole is not closed regarding the PayPal apps for mobile phone, so keep an eye on it.

Update you Seagate drive

Other dealing with security problems are Seagate Technology: investigators from Tangible Security were aware in March of many vulnerabilities in the hard drive that the North American enterprise creates, which would allow take control of the devices via telnet, apart from other holes. Now Seagate publishes a new firmware updated with the problems solved.

The most dangerous domains

To sum up, as always, with a pointer to reflection. Today is an study by Blue Coat about hundreds of millions web request from millions of users and enterprises, with the intention of discovering which ones are the most dangerous domains on the Internet, Just for carrying viruses or being used in phishing. The result is a ranking lead by .zip and .review: 100% of the sites that use this domains are harmful. 

PayPal, FireEye, Seagate… the year starts bad. Let´s hope keeping save and sound to tell our beloved readers.


Post a Comment