• The wave of domain hijackings besetting the Internet is worse than we thought

  The report was published Wednesday by Cisco’s Talos security group. It indicates that three weeks ago, the highjacking campaign targeted the domain of Sweden-based consulting firm Cafax. Cafax’s only listed consultant is Lars-Johan Liman, who is a senior systems specialist at Netnod, a Swedish DNS provider. Netnod is also the operator of i.root, one of the Internet’s foundational 13 DNS root servers. Liman is listed as being responsible for the i-root. As KrebsOnSecurity reported previously, Netnod domains were hijacked in December and January in a campaign aimed at capturing credentials. The Cisco report assessed with high confidence that Cafax was targeted in an attempt to re-establish access to Netnod infrastructure.

• New Windows Zero-Day Vulnerability Grants Hackers Full Control Over PCs [Ed: The NSA already had these permissions. Now everyone has these.]

  According to the latest Kaspersky Lab Report, a Windows Zero-Day vulnerability is serving as a backdoor for hackers to take control of users’ PCs.

  The latest exploit utilizes a use-after-free attack and has a technical name CVE-2019-0895. The exploit is found in win32k.sys and grants hackers Local Privilege meaning they’re able to access resources usually outside of users’ capabilities.

• New zero-day vulnerability CVE-2019-0859 in win32k.sys

• AP Exclusive: Mysterious operative haunted Kaspersky critics

  He also asked Giles to repeat himself or speak louder so persistently that Giles said he began wondering “whether I should be speaking into his tie or his briefcase or wherever the microphone was.”

  “He was drilling down hard on whether there had been any ulterior motives behind negative media commentary on Kaspersky,” said Giles, a Russia specialist with London’s Chatham House thinktank who often has urged caution about Kaspersky’s alleged Kremlin connections. “The angle he wanted to push was that individuals — like me — who had been quoted in the media had been induced by or motivated to do so by Kaspersky’s competitors.”

• Feds: Saint Rose grad used 'killer' device to fry computers

  In 2016, College of Saint Rose graduate assistant Vishwanath Akuthota said he believed there was a "lot of opportunity" for him at the school.

  On Monday, federal prosecutors said he took advantage of a different kind of opportunity — access to campus — when he destroyed dozens of computers at a cost of more than $50,000.

• Student Uses “USB Killer” To Fry $58,000 Worth of Computers

• Security updates for Wednesday

• Oracle Management Software Supplier Adds Security Patching for MySQL and SQL Server

• Oracle releases Critical Patch Update addressing 296 vulnerabilities

  Oracle has released a Critical Patch Update addressing 296 vulnerabilities across several of its software products.

• Cisco Talos details exceptionally dangerous DNS hijacking attack
  

• DevOps and Security: Be Ready to Shield Your Application

  All of us have heard of continuous improvement/continuous delivery (CI/CD). There are many benefits to implementing CI/CD, as it helps seamless integration from end to end for development and deployment processes. CI/CD helps in rapid improvement, shorter release cycles and more, but it also helps with the challenge of handling security effectively at DevOps speed.

• Top 9 Free Wi-Fi hacking apps for Android

  The core reason people want to get access to free Wi-Fi is to gain high speed internet connection. Here are top WiFi hacking apps for Android.

  [[...]

  A trusted and reliable app used and trusted by many hackers. Widely used over the Ubuntu operating system. Since Ubuntu and Android are both Linux based, hence it was designed again and released by enthusiastic Android developers.

Hours after the ejection of Julian Assange from the London Ecuadorean embassy last week, police officers in Ecuador detained the Swedish citizen and open source developer Ola Bini. They seized him as he prepared to travel from his home in Quito to Japan, claiming that he was attempting to flee the country in the wake of Assange’s arrest. Bini had, in fact, booked the vacation long ago, and had publicly mentioned it on his twitter account before Assange was arrested.

Ola’s detention was full of irregularities, as documented by his lawyers. His warrant was for a “Russian hacker” (Bini is neither); he was not read his rights, allowed to contact his lawyer nor offered a translator.

The charges against him, when they were finally made public, are tenuous. Ecuador’s general prosecutor has stated that Bini was accused of “alleged participation in the crime of assault on the integrity of computer systems” and attempts to destabilize the country. The “evidence” seized from Ola’s home that Ecuadorean police showed journalists to demonstrate his guilt was nothing more than a pile of USB drives, hard drives, two-factor authentication keys, and technical manuals: all familiar property for anyone working in his field.

Ola is a free software developer, who worked to improve the security and privacy of the Internet for all its users. He has worked on several key open source projects, including JRuby, several Ruby libraries, as well as multiple implementations of the secure and open communication protocol OTR. Ola’s team at ThoughtWorks contributed to Certbot, the EFF-managed tool that has provided strong encryption for millions of websites around the world.

Like many people working on the many distributed projects defending the Internet, Ola has no need to work from a particular location. He traveled the world, but chose to settle in Ecuador because of his love of that country and of South America in general. At the time of his arrest, he was putting down roots in his new home, including co-founding Centro de Autonomia Digital, a non-profit devoted to creating user-friendly security tools, based out of Ecuador’s capital, Quito.

• Debian Web Team Sprint 2019

  The Debian Web team held a sprint for the first time, in Madrid (Spain) from March 15th to March 17th, 2019.

  We discussed the status of the Debian website in general, review several important pages/sections and agreed on many things how to improve them.

• Freexian’s report about Debian Long Term Support, March 2019

  Like each month, here comes a report about the work of paid contributors to Debian LTS.

• Raphaël Hertzog: Freexian’s report about Debian Long Term Support, March 2019

  Like each month, here comes a report about the work of paid contributors to Debian LTS.

• Your Favorite Ad Blocker Can Be Exploited To Infect PCs With Malicious Code

  In July 2018, the popular Adblock Plus software released its version 3.2 that brought a new feature called $rewrite. This feature allowed one to change the filter rules and decide which content got blocked and which didn’t. It was said that often there are content elements that are difficult to block. This feature was soon implemented by AdBlock as well as uBlock.

  In a troubling development, it has been revealed that this filter option can be exploited by notorious actors to inject arbitrary code into the web pages. With more than 100 million users of these ad blocking tools, this exploit has great potential to harm the web users.

• Adblock Plus filter lists may execute arbitrary code in web pages
  

  A new version of Adblock Plus was released on July 17, 2018. Version 3.2 introduced a new filter option for rewriting requests. A day later AdBlock followed suit and released support for the new filter option. uBlock, being owned by AdBlock, also implemented the feature.

  Under certain conditions the $rewrite filter option enables filter list maintainers to inject arbitrary code in web pages.

  The affected extensions have more than 100 million active users, and the feature is trivial to exploit in order to attack any sufficiently complex web service, including Google services, while attacks are difficult to detect and are deployable in all major browsers.

• Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong.

  The disputes ares playing out in court. In a closely watched legal battle, Mondelez sued Zurich Insurance last year for a breach of contract in an Illinois court, and Merck filed a similar suit in New Jersey in August. Merck sued more than 20 insurers that rejected claims related to the NotPetya attack, including several that cited the war exemption. The two cases could take years to resolve.

  The legal fights will set a precedent about who pays when businesses are hit by a cyberattack blamed on a foreign government. The cases have broader implications for government officials, who have increasingly taken a bolder approach to naming-and-shaming state sponsors of cyberattacks, but now risk becoming enmeshed in corporate disputes by giving insurance companies a rationale to deny claims.