(credit: Gionnico)

As you read these words, malicious ads on legitimate websites are targeting visitors with malware. But that malware doesn't infect their computers, researchers said. Instead, it causes unsecured routers to connect to fraudulent domains.

Using a technique known as steganography, the ads hide malicious code in image data. The hidden code then redirects targets to webpages hosting DNSChanger, an exploit kit that infects routers running unpatched firmware or are secured with weak administrative passwords. Once a router is compromised, DNSChanger configures it to use an attacker-controlled domain name system server. This causes most computers on the network to visit fraudulent servers, rather than the servers corresponding to their official domain.

Patrick Wheeler, director of threat intelligence for security firm Proofpoint, told Ars:

Read 7 remaining paragraphs | Comments

 
Exim CVE-2016-9963 Unspecified Information Disclosure Vulnerability
 

Russia-based hackers are apparently not happy with the attention they've been getting for their Olympic anti-doping agency "conspiracy" leaks.

This morning, Ars received an odd ask by Twitter direct message: "Hello, we are Fancy Bears' Hack Team. Are you interested in WADA and USADA confidential documents?"

Fancy Bears HT is the front for the hacking operation that spear-phished International Olympic Committee members to gain access to the systems of the World Anti-Doping Agency (WADA). Those records were leaked—and in some cases, according to WADA officials, modified—in an effort to discredit the Olympics' drug-testing rules. The leaks were seen by officials as retribution for the bans imposed on Russian athletes after widespread doctoring of drug tests by the Russians at multiple Olympic games was exposed by a WADA investigation.

The hack of the United States Anti-Doping Agency (USADA) e-mails was first revealed in October. A spokesperson for USADA told Ars that the e-mails were probably exposed during the Paralympic Games in Rio de Janeiro, possibly when a scientific advisor to USADA was using public Wi-Fi at the games.

Read 4 remaining paragraphs | Comments

 
[SECURITY] [DSA 3736-1] libupnp security update
 
Redis CVE-2015-4335 EVAL Lua Sandbox Security Bypass Vulnerability
 
Resteasy CVE-2016-9571 Remote Code Execution Vulnerability
 
[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities
 
PLC WinProladder CVE-2016-8377 Stack Buffer Overflow Vulnerability
 
CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom
 
CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free
 
OpenSSL CMS CVE-2015-1792 Denial of Service Vulnerability
 
Internet Storm Center Infocon Status