News & Updates

(credit: BBC)

Briton Lauri Love will be extradited to the US to face charges of hacking, Westminster Magistrates’ Court ruled on Friday.

Love faces up to 99 years in prison in the US on charges of hacking as part of the Anonymous collective according to his legal team.

Handing down her ruling at Westminster Magistrates’ Court in London, district judge Nina Tempia told Love that he can appeal against the decision. The case will now be referred to the home secretary Amber Rudd while Love remains on bail.

Read 6 remaining paragraphs | Comments


Cisco has released several Security Updates to fix many vulnerabilities in its products, including a nasty RCE in WebEx Meetings servers.

Cisco has issued a patch to address the remote code execution flaw (CVE-2016-1482) that affects company WebEx Meetings servers.

The remote code execution flaw (CVE-2016-1482) could be exploited by remote, unauthenticated attackers to execute arbitrary commands on WebEx Meetings servers.

It is crucial for system administrators to apply the patch before hackers would exploit the vulnerability in attacks against their systems, Cisco highlighted that there is no workaround to mitigate the issue.

“A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to bypass security restrictions on a host located in a DMZ and inject arbitrary commands on a targeted system,” Cisco reported in a security advisory.

As explained by the company the vulnerability in WebEx servers is the result of an insufficient sanitization of the user data. The attackers can exploit it to inject arbitrary commands into application scripts and compromise WebEx Meetings servers.

“The vulnerability is due to insufficient sanitization of user-supplied data processed by the affected software. An attacker could exploit this vulnerability by injecting arbitrary commands into existing application scripts running on a targeted device located in a DMZ [and] could allow an attacker to execute arbitrary commands on the device with elevated privileges.”

According to the advisory published by the company, Cisco WebEx Meetings Server version 2.6 is vulnerable to attacks that trigger the flaw.


Cisco also addressed other security issues in its products, including Denial of service flaws that affect Cisco’s Web Security Appliance, WebEx Meetings server, IOS XE software, and carrier routing system.

Another vulnerability affects that WebEx server, tracked as CVE-2016-1483 and rated as “high,” it is the result of the improper validation of user accounts by specific services.

“An unauthenticated, remote attacker could exploit this vulnerability by repeatedly attempting to access a specific service, causing the system to perform computationally intensive tasks and resulting in a denial of service attack condition.” 

The US-CERT has published a warning of Cisco Releases Security Updates, inviting users to apply the necessary updates.

Below the complete list published by the US-CERT:

Hurry up, update your system now!

medianet_width=’300′; medianet_height= ‘250’; medianet_crid=’762221962′;

Pierluigi Paganini

(Security Affairs – CISCO, RCE)

The post Cisco releases multiple Security Updates, it fixed a nasty RCE in WebEx Meetings servers appeared first on Security Affairs.

Source: Security affairs

The first major film event about Edward Snowden did not come this year thanks to Director Oliver Stone. Instead, it came in the form of Citizenfour, the deserving winner of the 2015 Academy Award for Best Documentary.

That film is given a lot of attention in Stone’s own creation, this week’s Snowden, as many of its scenes include actor portrayals of Snowden, filmmaker Laura Poitras, and journalist Glenn Greenwald. The reenacted documentary scenes are quite authentic, complete with Snowden ducking under a blanket to enter a password while he’s being filmed, and they were shot in the same Hong Kong hotel where Snowden was staying when the documents he copied were revealed to the world.

One documentary scene didn’t make the dramatized cut, however. The first moment in which Snowden appears in the documentary includes Greenwald asking about the leaker’s life and identity. To those, he almost immediately responded, “I’m not the story here.”

Read 26 remaining paragraphs | Comments



The Grand Tour—the new Amazon Prime motoring show from ex-Top Gear presenters Jeremy Clarkson, James May, and Richard Hammond—is launching on November 18.

New episodes will run every week exclusively for Amazon Prime and Amazon Prime Video subscribers, but there’s no word yet on whether the show will run in regions that do not have access to Prime Video.

While Amazon is keeping the finer details of The Grand Tour firmly under wraps, the company has dropped a few details on what will be in the first episode, which features a studio tent recording in California that will be filmed later this month. The studio tent has previously made its way to Johannesburg, with other locations due to be revealed in the lead-up to launch. Further updates are promised on the show’s Facebook and Twitter accounts.

Read 5 remaining paragraphs | Comments


Over the course of 2015, I noticed a trend. Rather than replacing routers when they literally stopped working, I increasingly needed to act earlier—swapping in new gear because an old router could no longer keep up with increasing Internet speeds available in the area. Famously around the Ars forums, this problem soon evolved into our homebrew router initiative. In January, I showed my math as a DIY-Linux router outpaced popular off-the-shelf options like the Netgear Nighthawk X6 and the Linksys N600 EA-2750. And in August, I shared the steps necessary to build one of your own.

After readers got a look at the performance charts, I got a ton of outraged “why didn’t you test my favorite brand?!” comments. If you were one of those skeptics, congrats—today is your day! The Ars homebrew router special has been coaxed out of retirement to test its speeds against an entirely new lineup of gear. And to raise the stakes a bit further, the Ars team has broken out some new and improved methods that test more hardware and a couple of purpose-designed router distros. This time, we’re even offering power consumption figures as well.

Methodology updates

For our new and improved testing, we’re still hammering everything with streams of HTTP connections and varying filesizes. But we’ve tightened down the time that the HTTP sockets are allowed to respond (from 240 seconds down to 20) mostly in order to make prettier graphs. Wait, did I say graphs? (Yes!) This time around, we’re going to look at realtime bandwidth graphs of the testing as it’s being performed, which lets us see what’s happening with the contestants more clearly than we could the first time around. We’ll also look at power consumption for each device, both idle and under (routing) load. And when we look at raw throughput numbers, we’re going to look solely at completed downloads, since we care more about “how much can we successfully download” rather than “how much useless noise this thing can make on my network.”

Read 54 remaining paragraphs | Comments


Enlarge / A surgeon performs a robot-assisted prostate tumorectomy using ultrasound imaging. (credit: Getty | JEFF PACHOUD)

In the wake of a cancer diagnosis, deciding to sit back and see how things play out may seem like a ballsy move. But, if that diagnosis is for early-stage prostate cancer, it might be the smart one.

In a trial of 1,643 men diagnosed with early prostate cancer, those who actively monitored their cancer instead of immediately starting treatment had the same minuscule risk of death in a ten-year study as men who underwent either radiation therapy or surgery straightaway. The finding, reported Wednesday in the New England Journal of Medicine, suggests that it’s safe to hold off on the often slow-growing cancer when it’s caught early and only seek treatments—which can have devastating side effects, including incontinence and impotence—if the disease progresses.

Disease progression (i.e. the cancer grows and spreads to other parts of the body) was more common among the 545 men randomly assigned to the monitoring group. About half ended up getting either radiation or surgery by the end of the ten-year study. However, they still had the same low death rate from the cancer as the radiation and surgery groups—about one percent. And the remaining portion that didn’t progress and go through treatments were able to dodge needless side effects.

Read 7 remaining paragraphs | Comments


Two Researchers have discovered several vulnerabilities in Signal, the popular end-to-end encrypted messaging app recommended by whistleblower Edward Snowden.

One of those vulnerabilities could allow potential attackers to add random data to the attachments of encrypted messages sent by Android users, while another bug could allow hackers to remotely execute malicious code on the targeted


Enlarge (credit: Justin Sullivan / Getty Images News)

One-quarter of all body-worn camera footage from the Oakland, California, police was accidentally deleted in October 2014, according to the head of the relevant unit.

As per the San Francisco Chronicle, Sgt. Dave Burke testified on Tuesday at a murder trial that this was, in fact, a mistake.

This incident marks yet another setback in the efforts to roll out body-worn cameras to police agencies nationwide.

Read 7 remaining paragraphs | Comments