Security News for Tuesday, October 6 2015

According to this article, Apple failed to “sign” the latest iOS 9.0.2 update which means that if it is installed, you will be unable to revert to a previous version of iOS. From the article:

This is a problem for a number of reasons. Firstly iOS 9.0.2 doesn’t fix all the bugs in iOS 9 and now any users who experience problems cannot get back to iOS 8 safety while Apple continues to beta test its first major iOS 9 update: iOS 9.1. Secondly, based on iOS beta history, iOS 9.1 is still at least 1-2 months away and Apple releasing a third pure bug fix for iOS 9 (iOS 9.0.3) would start to reek of panic stations.

This article is reporting that researchers in Singapore used a drone to intercept documents sent to a Wi-Fi printer from the secured floor in a 30-story office tower. From the article:

The drone is simply the transport used to ferry a mobile phone that contains two different apps the researchers designed. One, which they call Cybersecurity Patrol, detects open Wi-Fi printers and can be used for defensive purposes to uncover vulnerable devices and notify organizations that they’re open to attack. The second app performs the same detection activity, but for purposes of attack. Once it detects an open wireless printer, the app uses the phone to establish a fake access point that mimics the printer and intercept documents intended for the real device.

Posted in Security News | Leave a comment

Security News for Monday, October 5 2015

According to this article, a “vigilante hacker” is breaking into computers across the country to install a virus but supposedly not for nefarious purposes as one would think. From the article:

The virus scans to see if your home WiFi network is using a default password. If it is, the virus forces you to change the password to something more secure. It also tries to kill any malware on your router and forces it to update software automatically to protect you from computer viruses.

While this might not be news to those in the computer security industry, this article is reporting that cybercrime today is much more hostile than it ever has been. From the article:

The heightened level of belligerence is also indicative of the current trend towards more interaction between cybercriminals and their victims, especially when it comes to extortion.

This is also leading to a change in the consequences of such attacks, with the psychological impact of cybercrime far greater.

Posted in Security News | Leave a comment

Security News for Thursday, October 1 2015

This article is reporting that Microsoft accidentally posted a “test” update to the Microsoft Update service yesterday. The strange update (which wouldn’t even install) left many people with the notion that the service had been compromised. From the article:

Of course, even if no serious harm was caused by this false update the incident does raise serious questions for Windows users – in particular, Windows 10 home users who are forced to accept security updates, whether they want them or not.

This article discusses the recent uptick in cyber-attacks against university networks. These networks make attractive targets as they contain not only a wealth of research data, but also a large amount of personally identifiable information (PII) such as names, addresses, social security numbers, student records, and other information. From the article:

Rutgers University students this week learned the hard way what campus life is like without the Internet. A cyberattack knocked the New Jersey school’s networks offline Monday morning, sending roughly 66,000 pupils into the dark just as they were settling into their first class of the week. It’s just the latest attack against major American universities, which have struggled to fend off increasingly sophisticated hackers in search of the troves of valuable information nested in academic networks.

Posted in Security News | Leave a comment

Security News for Friday, September 25 2015

Another iOS update, another security issue. According to this article, even with the latest iOS 9.0.1 update, your iPhone’s lockscreen is unsafe. From the article:

Unfortunately it appears that there wasn’t time to fix a vulnerability Jose Rodriguez informed me about before the weekend, allowing unauthorised users to bypass your iPhone or iPad’s lockscreen.

Posted in Security News | Leave a comment

Security News for Wednesday, September 23 2015

According to this article, and based upon recently released research, large scale data breaches are not necessarily increasing as we might be led to believe by the media. From the article:

Of course, that doesn’t mean there’s nothing to worry about, but it does pull the focus away from the hype that typically accompanies a massive cybersecurity incident, like the breach of the Office of Personnel Management earlier this year.

n their report, Hype and Heavy Tails: A Closer Look at Data Breaches, researchers with the University of New Mexico and the Lawrence Berkeley National Laboratory outline the recent history of data breach trends.

Posted in Security News | Leave a comment

Security News for Tuesday, September 22 2015

According to this article, HP will soon be using new embedded software to run its printers that was developed with the aid of the Department of Homeland Security and the Department of Defense. From the article:

As the Stuxnet cyber attack on Iran’s nuclear program underscored, targets for hackers are everywhere. Examples include office printers; telephones seen on desks in the White House and aboard Air Force One; the machines controlling power plants; the routers that form the Internet’s backbone; the electronics handling car engines, door locks, and brakes; medical devices such as pacemakers and drug pumps; and even the International Space Station. Many of these embedded devices can now link with other computers, so not only are they targets themselves, but they could serve as back doors into otherwise secure computers and networks.

Apple’s iPhone has always been considered to be more secure than Android devices due to Apple’s strict vetting process for apps posted to its online stores. Times have changed and recently, Palo Alto Networks published a series of articles about malware that was discovered in the Apple App Store as this article is reporting. From the article:

This malware not only sailed past Apple’s security vetting process, but also originated from software vendors you wouldn’t expect to be involved in malware creation and distribution.

When Palo Alto began to unravel the how, to go with the what and the when, things quickly got interesting.

We frequently post stories about ransomware to this blog and as this attack is still so prevalent (mobile devices are now being targeted), we will continue to do so in order to raise awareness. This article provides a great overview of ransomware and the issues that it can cause. From the article:

And these days ransomware doesn’t just affect desktop machines or laptops; it also targets mobile phones. Last week news broke of a piece of ransomware in the wild masquerading as a porn app. The so-called Porn Droid app targets Android users and allows attackers to lock the phone and change its PIN number while demanding a $500 ransom from victims to regain access.

Posted in Security News | Leave a comment

Security News for Tuesday, September 15 2015

According to this article, and based upon research released by security vendor FireEye, attacks have been recently discovered where firmware on Cisco routers has been modified to maintain persistence on a victim network. From the article:

Such a technique would give an attacker an excellent position from which to surveil the victim’s network and potentially move to different machines, as well. The FireEye researchers say that the attackers are using a modified IOS image and typically are not exploiting any new vulnerabilities in order to compromise routers. Instead, they probably are taking advantage of either default or stolen credentials in order to gain initial access to the routers.

Posted in Security News | Leave a comment

Security News for Monday, September 14 2015

As many know, bad passwords (and passwords shared across multiple sites) are one of the weakest links in computer security. This article discusses this problem and why we still face it. From the article:

Having a long random password is good advice. It provides a measure of security for guarding access to important information, such as your online banking account.

Unfortunately, when faced with having to remember several random fifteen character passwords (characters being A to Z, a to z, 0 to 9 and an assortment of other printable characters such as ! @ # $ and %), most users apply a judgement to the value of the information protected by the password and act accordingly.

According to this article, there are reports of users computer systems automatically downloading Windows 10, even if they didn’t want it. From the article:

People with Windows 7 or Windows 8/8.1 devices are discovering that Windows 10 was downloaded to a hidden folder on their computers without prompting.

The unprompted downloading of Windows 10 appears to only impact users who have automatic updates turned on, according to Ars Technica.

This article is reporting that the US Department of Energy (DOE) has been compromised 159 times and attacked 1,131 times between October 2010 and October 2014 according to recently unclassified records. It is worth noting that the DOE is responsible for overseeing the US power grid, nuclear arsenals, and national science laboratories. From the article:

USA Today reports that 53 of the successful attacks were root compromises, meaning the attackers had administrator privileges on compromised DOE computer systems.

Posted in Security News | Leave a comment

Security News for Tuesday, September 8 2015

According to this article and recently released information from security vendor Sophos, a vulnerability in Microsoft Word is being exploited in the wild. From the article:

Word-based attacks are usually delivered via email rather than over the web.

Email-based attacks are generally self-contained: once you have received the email, you will probably end up infected even if you are offline when you open it.

This article is reporting on recently discovered vulnerabilities in several Seagate hard drives that could allow an attacker to gain remote access to your data in some cases. From the article:

The hard drive affected are Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie FUEL. All are wireless storage devices. They have multiple vulnerabilities, including one that lets an attacker gain remote control access to an undocumented, user account.

Posted in Security News | Leave a comment

Security News for Friday, September 4 2015

According to this article, one of the individuals behind what has been labeled “one of the most financially destructive computer viruses in history” is due in court in New York today. From the article:

Deniss Calovskis, a Latvian national, was arrested in November 2012 for his alleged role in writing some of the code that allowed the Gozi virus to be so effective. The malicious code infected at least 40,000 computers in the U.S., including NASA computers, and was allegedly used to steal tens of millions of dollars from bank accounts around the world, according to the U.S. Department of Justice.

This article is reporting that a hacker is claiming to have unreleased Hillary Clinton private emails for sale. It has been hard to avoid the news that Mrs. Clinton is under a lot of scrutiny for running a government work-related email server out of her home. from the article:

The anonymous “computer specialist” claims to be in possession of 32,000 emails from Clinton’s private server that were retrieved because, according to the site’s source, “Hillary or someone from her camp erased the outbox containing her emails, but forgot to erase the emails that were in her sent box.”

Posted in Security News | Leave a comment