A California man who pleaded guilty Tuesday to causing dozens of swatting attacks — including a deadly incident in Kansas last year — now faces 20 or more years in prison.

Tyler Raj Barriss, in an undated selfie.

Tyler Barriss, 25, went by the nickname SWAuTistic on Twitter, and reveled in perpetrating “swatting” attacks. These dangerous hoaxes involve making false claims to emergency responders about phony hostage situations or bomb threats, with the intention of prompting a heavily-armed police response to the location of the claimed incident.

On Dec. 28, 2018, Barriss placed a call from California to police in Wichita, Kansas, claiming that he was a local resident who’d just shot his father and was holding other family members hostage.

When Wichita officers responded to the address given by the caller — 1033 W. McCormick — they shot and killed 28-year-old Andrew Finch, a father of two who had done nothing wrong.

Barriss admitted setting that fatal swatting attack in motion after getting in the middle of a dispute between two Call of Duty gamers, 18-year-old Casey Viner from Ohio and Shane Gaskill, 20, from Wichita.

Viner allegedly asked Barriss to swat Gaskill. But when Gaskill noticed Barriss’ Twitter account (@swattingaccount) suddenly following him online, he tried to deflect the attack. Barriss says Gaskill allegedly dared him to go ahead with the swat, but then gave Barriss an old home address — 1033 W. McCormick — which was then being occupied by Finch’s family.

Viner and Gaskill are awaiting trial. A more detailed account of their alleged dispute is told here.

According to the Justice Department, Barriss pleaded guilty to making hoax bomb threats in phone calls to the headquarters of the FBI and the Federal Communications Commission in Washington, D.C. He also made bomb threat and swatting calls from Los Angeles to emergency numbers in Ohio, New Hampshire, Nevada, Massachusetts, Illinois, Utah, Virginia, Texas, Arizona, Missouri, Maine, Pennsylvania, New Mexico, New York, Michigan, Florida and Canada.

U.S. Attorney Stephen McAllister said Barriss faces 20 years or more in prison. Barriss is due to be sentenced Jan. 30, 2019.

Many readers following this story over the past year have commented here that the officer who fired the shot which killed Andrew Finch should also face prosecution. However, the district attorney for the county that encompasses Wichita decided in April that the officer will not face charges, and will not be named because he isn’t being charged with a crime.

As the victim of a swatting attack in 2013 and two other attempted swattings, I’m glad to finally see a swatting prosecution that may actually serve as a deterrent to this idiotic and extremely dangerous crime going forward.

It’s also great to see police departments like Seattle’s taking steps to help head off swatting incidents before they happen. Last month, the Seattle Police 911 Center launched a new program that lets residents register their address and corresponding concerns if they feel they may be the target of swatting.

But it would also be nice if more police forces around the country received additional training on exercising restraint in the use of deadly force, particularly in responding to hostage or bomb threat scenarios that have hallmarks of a swatting hoax.

For example, perpetrators of swatting often call non-emergency numbers at state and local police departments to carry out their crimes precisely because they are not local to the region and cannot reach the target’s police department by calling 911. This is exactly what Tyler Barriss did in the Wichita case and others. Swatters also often use text-to-speech (TTY) services for the hearing impaired to relay hoax swat calls, as was the case with my 2013 swatting.

Source

image
By John Mason When news broke about Cambridge Analytica, the Internet went into a frenzy: “How could Facebook do this!” “Facebook should be made accountable!” Besides the fact that I think the whole Cambridge Analytica issue was blown out of proportion, I believe bigger issue is the fact that very few people are willing to be responsible for their […] This is a post from HackRead.com Read the original post: 5 Privacy Mistakes that Leave You Vulnerable Online

Source

image
By Waqas A class action lawsuit has been filed by Dave Cooper, a freelance videographer, against Adobe for a bug in its video-editing software Premiere Pro that deleted years of his work within no time. Cooper software watched in horror as his important videos and clips got permanently deleted. In the lawsuit, Cooper has alleged that the […] This is a post from HackRead.com Read the original post: Videographer sues Adobe after losing $250k worth of data through Premiere Pro bug

Source

Disclosed earlier this year, potentially dangerous Meltdown and Spectre vulnerabilities that affected a large family of modern processors proven that speculative execution attacks can be exploited in a trivial way to access highly sensitive information.

Since then, several more variants of speculative execution attacks have been discovered, including Spectre-NG, SpectreRSB, Spectre 1.1,

Source

Microsoft on Tuesday released 16 software updates to fix more than 60 security holes in various flavors of Windows and other Microsoft products. Adobe also has security patches available for Flash Player, Acrobat and Reader users.

As per usual, most of the critical flaws — those that can be exploited by malware or miscreants without any help from users — reside in Microsoft’s Web browsers Edge and Internet Explorer.

This week’s patch batch addresses two flaws of particular urgency: One is a zero-day vulnerability (CVE-2018-8589) that is already being exploited to compromise Windows 7 and Server 2008 systems.

The other is a publicly disclosed bug in Microsoft’s Bitlocker encryption technology (CVE-2018-8566) that could allow an attacker to get access to encrypted data. One mitigating factor with both security holes is that the attacker would need to be already logged in to the targeted system to exploit them.

Of course, if the target has Adobe Reader or Acrobat installed, it might be easier for attackers to achieve that log in. According to analysis from security vendor Qualys, there is now code publicly available that could force these two products to leak a hash of the user’s Windows password (which could then be cracked with open-source tools). A new update for Acrobat/Reader fixes this bug, and Adobe has published some mitigation suggestions as well.

In addition, Adobe pushed out a security update for Windows, Mac, Linux and Chrome versions of Flash Player. The update fixes just one vulnerability in Flash, but I’m sure most of us would rather Flash died off completely already. Adobe said it plans to end support for the plugin in 2020. Google Chrome is now making users explicitly enable Flash every time they want to use it, and by the summer of 2019 and make users go into their settings to enable it every time they want to run it.

KrebsOnSecurity has frequently suggested that Windows users wait a day or two after Microsoft releases monthly security updates before installing the fixes, with the rationale that occasionally buggy patches can cause serious headaches for users who install them before all the kinks are worked out.

Windows 10 likes to install patches all in one go and reboot your computer on its own schedule. Microsoft doesn’t make it easy for Windows 10 users to change this setting, but it is possible. For all other Windows OS users, if you’d rather be alerted to new updates when they’re available so you can choose when to install them, there’s a setting for that in Windows Update.

In either case, it’s a good idea to get in the habit of backing up your data before installing Windows updates. Unlike last month, when many Windows users saw the contents of their “My Documents” folder erased by a buggy update, I’m not aware of any major issues this time around.

If you experience any problems installing any of these patches this month, please feel free to leave a comment about it below; there’s a good chance other readers have experienced the same and may even chime in here with some helpful tips.

Source

November 13, 2018Swati Khandelwal

It’s Patch Tuesday once again…time for another round of security updates for the Windows operating system and other Microsoft products.

This month Windows users and system administrators need to immediately take care of a total of 63 security vulnerabilities, of which 12 are rated critical, 49 important and one moderate and one low in severity.

Two of the vulnerabilities patched by the tech giant this month are listed as publicly known at the time of release, and one flaw is reported as being actively exploited in the wild by multiple cybercriminal groups.

Zero-Day Vulnerability Being Exploited by Cyber Criminals

The zero-day vulnerability, tracked as CVE-2018-8589, which is being exploited in the wild by multiple advanced persistent threat groups was first spotted and reported by security researchers from Kaspersky Labs.

The flaw resides in the Win32k component (win32k.sys), which if exploited successfully, could allow a malicious program to execute arbitrary code in kernel mode and elevate its privileges on an affected Windows 7, Server 2008 or Server 2008 R2 to take control of it.

“The exploit was executed by the first stage of a malware installer in order to gain the necessary privileges for persistence on the victim’s system. So far, we have detected a very limited number of attacks using this vulnerability,” Kaspersky said.

Two Publicly Disclosed Zero-Day Vulnerabilities

The other two publicly known zero-day vulnerabilities which were not listed as under active attack reside in Windows Advanced Local Procedure Call (ALPC) service and Microsoft’s BitLocker Security Feature.

The flaw related to ALPC, tracked as CVE-2018-8584, is a privilege escalation vulnerability that could be exploited by running a specially crafted application to execute arbitrary code in the security context of the local system and take control over an affected system.

Advanced local procedure call (ALPC) facilitates high-speed and secure data transfer between one or more processes in the user mode.

The second publicly disclosed vulnerability, tracked as CVE-2018-8566, exists when Windows improperly suspends BitLocker Device Encryption, which could allow an attacker with physical access to a powered-off system to bypass security and gain access to encrypted data.

BitLocker was in headlines earlier this month for a separate issue that could expose Windows users encrypted data due to its default encryption preference and bad encryption on self-encrypting SSDs.

Microsoft did not fully address this issue; instead, the company simply provided a guide on how to manually change BitLocker default encryption choice.

November 2018 Patch Tuesday: Critical and Important Flaws

Out of 12 critical, eight are memory corruption vulnerabilities in the Chakra scripting engine that resides due to the way the scripting engine handles objects in memory in the Microsoft Edge internet browser.

All the 8 vulnerabilities could be exploited to corrupt memory, allowing an attacker to execute code in the context of the current user. To exploit these bugs, all an attacker needs to do is tricking victims into opening a specially crafted website on Microsoft Edge.

Rest three vulnerabilities are remote code execution bugs in the Windows Deployment Services TFTP server, Microsoft Graphics Components, and the VBScript engine. All these flaws reside due to the way the affected software handles objects in memory.

The last critical vulnerability is also a remote code execution flaw that lies in Microsoft Dynamics 365 (on-premises) version 8. The flaw exists when the server fails to properly sanitize web requests to an affected Dynamics server.

If exploited successfully, the vulnerability could allow an authenticated attacker to run arbitrary code in the context of the SQL service account by sending a specially crafted request to a vulnerable Dynamics server.

Windows Deployment Services TFTP Server Remote Code Execution Vulnerability

CVE-2018-8476

Critical

Microsoft Graphics Components Remote Code Execution Vulnerability

CVE-2018-8553

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8588

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8541

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8542

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8543

Critical

Windows VBScript Engine Remote Code Execution Vulnerability

CVE-2018-8544

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8555

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8556

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8557

Critical

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2018-8551

Critical

Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability

CVE-2018-8609

Critical

Azure App Service Cross-site Scripting Vulnerability

CVE-2018-8600

Important

Windows Win32k Elevation of Privilege Vulnerability

CVE-2018-8589

Important

BitLocker Security Feature Bypass Vulnerability

CVE-2018-8566

Important

Windows ALPC Elevation of Privilege Vulnerability

CVE-2018-8584

Important

Team Foundation Server Cross-site Scripting Vulnerability

CVE-2018-8602

Important

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

CVE-2018-8605

Important

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

CVE-2018-8606

Important

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

CVE-2018-8607

Important

Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability

CVE-2018-8608

Important

Microsoft RemoteFX Virtual GPU miniport driver Elevation of Privilege Vulnerability

CVE-2018-8471

Important

DirectX Elevation of Privilege Vulnerability

CVE-2018-8485

Important

DirectX Elevation of Privilege Vulnerability

CVE-2018-8554

Important

DirectX Elevation of Privilege Vulnerability

CVE-2018-8561

Important

Win32k Elevation of Privilege Vulnerability

CVE-2018-8562

Important

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2018-8572

Important

Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2018-8581

Important

Windows COM Elevation of Privilege Vulnerability

CVE-2018-8550

Important

Windows VBScript Engine Remote Code Execution Vulnerability

CVE-2018-8552

Important

Microsoft SharePoint Elevation of Privilege Vulnerability

CVE-2018-8568

Important

Windows Elevation Of Privilege Vulnerability

CVE-2018-8592

Important

Microsoft Edge Elevation of Privilege Vulnerability

CVE-2018-8567

Important

DirectX Information Disclosure Vulnerability

CVE-2018-8563

Important

MSRPC Information Disclosure Vulnerability

CVE-2018-8407

Important

Windows Audio Service Information Disclosure Vulnerability

CVE-2018-8454

Important

Win32k Information Disclosure Vulnerability

CVE-2018-8565

Important

Microsoft Outlook Information Disclosure Vulnerability

CVE-2018-8558

Important

Windows Kernel Information Disclosure Vulnerability

CVE-2018-8408

Important

Microsoft Edge Information Disclosure Vulnerability

CVE-2018-8545

Important

Microsoft SharePoint Information Disclosure Vulnerability

CVE-2018-8578

Important

Microsoft Outlook Information Disclosure Vulnerability

CVE-2018-8579

Important

PowerShell Remote Code Execution Vulnerability

CVE-2018-8256

Important

Microsoft Outlook Remote Code Execution Vulnerability

CVE-2018-8522

Important

Microsoft Outlook Remote Code Execution Vulnerability

CVE-2018-8576

Important

Microsoft Outlook Remote Code Execution Vulnerability

CVE-2018-8524

Important

Microsoft Word Remote Code Execution Vulnerability

CVE-2018-8539

Important

Microsoft Word Remote Code Execution Vulnerability

CVE-2018-8573

Important

Microsoft Excel Remote Code Execution Vulnerability

CVE-2018-8574

Important

Microsoft Project Remote Code Execution Vulnerability

CVE-2018-8575

Important

Microsoft Outlook Remote Code Execution Vulnerability

CVE-2018-8582

Important

Windows Search Remote Code Execution Vulnerability

CVE-2018-8450

Important

Microsoft Excel Remote Code Execution Vulnerability

CVE-2018-8577

Important

Internet Explorer Memory Corruption Vulnerability

CVE-2018-8570

Important

Microsoft JScript Security Feature Bypass Vulnerability

CVE-2018-8417

Important

Windows Security Feature Bypass Vulnerability

CVE-2018-8549

Important

Microsoft Edge Spoofing Vulnerability

CVE-2018-8564

Important

Active Directory Federation Services XSS Vulnerability

CVE-2018-8547

Important

Team Foundation Server Remote Code Execution Vulnerability

CVE-2018-8529

Important

Yammer Desktop Application Remote Code Execution Vulnerability

CVE-2018-8569

Important

Microsoft Powershell Tampering Vulnerability

CVE-2018-8415

Important

.NET Core Tampering Vulnerability

CVE-2018-8416

Moderate

Microsoft Skype for Business Denial of Service Vulnerability

CVE-2018-8546

Low

This month’s security update also covers 46 important vulnerabilities in Windows, PowerShell, MS Excel, Outlook, SharePoint, VBScript Engine, Edge, Windows Search service, Internet Explorer, Azure App Service, Team Foundation Server, and Microsoft Dynamics 365.

Users and system administrators are strongly advised to apply the above security patches as soon as possible in order to keep hackers and cyber criminals away from taking control of their systems.

Source

Microsoft’s November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack.

Source