Happy Friday. Due to vacations in the Information Security Office, posting to this blog will be on hiatus the week of December 9th.
Microsoft has released their Advance Notification Security Bulletin for December here. There will be a total of 11 bulletins that will correct an unspecified number of vulnerabilities. Five of the bulletins contain at least 1 critical vulnerability.
This post discuses steps you can take to determine if your password has been stolen. From the post:
The announcement yesterday’s of the discovery of a botnet command and control database of user credentials for Facebook, Twitter, Yahoo, ADP and others is just the latest in a trend going back several years. You can’t trust Internet services to protect your passwords; you have to protect them yourself.
According to this post, Microsoft and several government agencies have successfully disrupted the ZeroAccess, one of the world’s largest botnets. From the post:
ZeroAccess, also known as the Sirefef botnet, is believed to have infected more than 9 million computers worldwide. The botnet makes its operators money through click fraud, targeting search results on Google, Yahoo and Bing and costing the online advertisers an estimated $2.7 million per month.
This article takes a look at the prevalence of zero-day vulnerabilities. From the article:
On any given day, nation-states and criminal hackers have access to an entire arsenal of zero-day vulnerabilities – undocumented and unpatched software flaws that can be used to silently slip past most organizations’ digital defenses, new research suggests. That sobering conclusion comes amid mounting evidence that thieves and cyberspies are ramping up spending to acquire and stockpile these digital armaments.
According to this post old Android mobile devices running Jelly Bean, an older version of Google’s software, can be unlocked using malware. From the post:
Around a third of Android devices still ran Jelly Bean as of July this year, according to Android Central. In September, Google announced that one billion Android devices had been activated – so the number of handsets at risk from malware targeting this vulnerability is liable to be tens or hundreds of millions.
It might be a good time to change your Facebook password. This article is reporting that 2 million accounts have been compromised via malware. From the article:
John Miller, security research manager at Trustwave, said that the hack wasn’t due to a flaw in any of those company’s servers. “It was the individual users’ computers that had the malware installed on their machine,” he told ABC News. He adds that the unnamed hackers were most likely motivated by profit. “These passwords were never publicly posted. We can’t say for sure, but [the hackers] were probably going to sell them.”
This post is reporting on cloned Facebook accounts being used to spam people and to make requests for money. From the post:
Giving a stranger access to a Facebook account might not be the same as handing over our Social Security numbers, but it does give potential attackers valuable bait for phishing expeditions.
This may sound like a plot from a movie or book but apparently the threat is real. According to this post, and based on research released from German computer scientists, malware can be created that transmits sensitive data covertly by transmitting the data at near ultrasonic frequencies through a computers built-in speaker. From the article:
The idea, described in a paper entitled “On Covert Acoustical Mesh Networks in Air”, is that the data can be sent at high frequency over the air as computer operating systems do not tightly control a program’s access to the speaker.
This article is reporting that Anonymous, the loosely knit hacker collective, have been exploiting flaws in Adobe products in a year-log attack against US government computers. From the article:
A memo sent out by the US Federal Bureau of Investigations (FBI) on Thursday described the attacks as “a widespread problem that should be addressed”, according to the news agency, which says that it’s seen the memo.
The holiday season is upon us which means that cybercriminals are gearing up to do what they do best. This article discusses the issue and offers tips to protect yourself online. From the article:
October marked a considerable hike for phishing attacks, with the RSA Anti-Fraud Command Center recording 62,105 cases – a 35% increase from September and an 84% increase year over year. More impressive, this represents the highest number of attacks we’ve ever seen in one month. Could this spike be cybercriminals preparing for a record breaking holiday shopping season?
According to this post, and based on research by security vendor HP Fortify, vulnerabilities exist in 9 out of 10 corporate mobile applications for iOS. From the post:
The company used their Mobile Fortify On Demand product to test the security posture of 2,107 applications published by 601 companies on the Forbes Global 2000. Only iOS apps were tested, but HP says that there is good reason to believe the same problems exist in any Android counterparts.
Overall, the problems fell into one of four categories. The analysis showed that 86% of apps that accessed potentially private data sources, such as address books or Bluetooth connections, lacked sufficient security measures to protect the data from access.
According to this post, one of the Internet Explorer vulnerabilities that was supposed to be fixed in this past Tuesday’s patch release from Microsoft was not actually patched. According to MS, the update bulletin contained a documentation error and the issue will be addresses with a future patch.
Just in time for the holiday season, this article take a look at 12 tips you can use to make your online purchasing safer. Some of the tips may seem like common sense but it is still worth looking at and heeding these warnings.
According to this article, and based on recently released research by Swiss IT firm High-Tech Bridge, one in five banks have faced “high risk” security incidents via web apps. From the article:
“The statistics confirm that even financial institutions should pay more attention to their web application security, not only to protect their customers but to maintain their digital reputation. The fact that there are few security incidents publicly exposed in 2013 does not necessarily confirm that web applications are becoming more secure. It’s more about new objectives of hackers – today they are not looking for glory but for profit, therefore don’t make any noise and compromise web systems without being noticed.”
An interesting infographic has been posted here on the topic of Facebook privacy and security. The graphic offers some pretty startling statistics as well as some good tips.
According to this post, Microsoft patched a total of 19 flaws yesterday, including a zero-day vulnerability in Internet Explorer.
This article goes on to provide some hypothetical detail about the “BadBIOS” virus that was reported here this past Friday. The information is hypothetical because the researchers who originally reported on this virus has yet to release much in the way of technical details.
A new breed of malware called Cryptolocker has been making the rounds. This malware will encrypt all of a users personal files and will force them to pay for a decryption key. This article takes a look at methods that can be used to avoid this ransomware.
Disclaimer: The above link is posted as a resource for users to protect their home computers. Please obtain proper permission before installing any tools on University resources.
As is usually the case on Fridays, it is a slow news day today.
This article is discussing the “BadBIOS” virus that has been making waves in the security community over the last couple days. There are some pretty bold claims (unsubstantiated) that are being made about this virus. This is only a partial list so see the article for everything this virus claims to do.
- It is said to infect the low-level system firmware of your computer, so it can’t be removed or disabled simply by rebooting.
- It is said to include components that work at the operating system level, so it affects the high-level operation of your computer, too.
- It is said to be multi-platform, affecting at least Windows, OS X, and OpenBSD systems.
- It is said to prevent infected systems being booted from CD drives.