Security News for Monday, November 16 2015

In light of the Paris terrorist attacks this past week, the hacker collective known as anonymous has announced their “biggest operation” yet against ISIS, the group that has claimed responsibility for the attacks. From the article:

In the as-yet-unverified video, posted on YouTube, a spokesperson wearing the group’s signature Guy Fawkes mask said the group of hackers would use its expertise to wage “war” on the militant group.

“Expect massive cyber attacks. War is declared. Get prepared,” the announcer says in French.

According to this article, apps that can be installed on a mobile device in order to electronically “stalk” the owner of that device are still legal in the United States but Senator Al Franken is introducing legislation that will ban these apps. From the article:

Franken, one of the Senate’s staunchest defenders of privacy rights, has introduced similar legislation before and has been trying to ban stalking apps since 2011.

If it seems inconceivable that apps marketed and sold for the purpose of monitoring their users are legal, there’s a maddeningly logical explanation.

Spying apps that can track location, read text messages, monitor calls (and much more) also have legitimate purposes, despite the likelihood for abuse.

Posted in Security News | Leave a comment

Security News for Monday, November 9 2015

We have discussed ransomware several times over the past couple of years and like other malware, it has continued to evolve. This article discusses a new ransomware variant that not only encrypts files on a target system but also scrambles the file names make it even harder to determine what needs to be recovered. From the article:

The ransomware, which upon install encrypts files making it almost impossible to regain access, now scrambles file names making it even harder for victims to know which files are which. System restore points are also erased, taking away the option of returning to a previously saved state.

Adding insult to injury, the malware also mocks the user, congratulating the user for becoming [sic] “part of large community,” according to BleepingComputer, which first detailed the changes.

This article , based on recently released research from the Massachusetts Institute of Technology, discusses the potential for mobile devices such as smartphones to leak sensitive data including personally identifiable information (PII). From the article:

The researchers found that Android users in particular are getting drained, though Apple users’ devices aren’t exactly what you’d call hermetically sealed.

As they detail in their study – Who Knows What About Me? – 73% of Android apps shared personal information such as email address with third parties, and 47% of iOS apps shared geo-coordinates and other location data with third parties.

The full report is available here.

Posted in Security News | Leave a comment

Security News for Thursday, November 5 2015

This article is covering a new open-source app for Android that scans for the most common vulnerabilities that affect the popular mobile operating system. From the article:

Developed by mobile security firm NowSecure, the tool — dubbed the Android Vulnerability Test Suite (VTS) — is “meant to show the end user the attack surface that a given device is susceptible to,” says its website.

“In implementing these checks we attempt to minimize or eliminate both false positives/false negatives without negatively affecting system stability,” it says.

Also in Android news, according to this article, researchers have found malware affecting the OS in thousands of apps posing as popular titles including Facebook, Twitter, and more. From the article:

By taking legitimate apps from the Google Play store, malicious actors will repackage the app with baked-in adware, and serve it to a third-party app store. In many cases, the apps are still fully functional and doesn’t alert the device owner.

It works like this: the user installs an app from a third-party store, and the app auto-roots gaining access to the entire phone’s system — an act alone that punches a hole in Android’s security, opening up more ways for hackers to launch their attacks. Periodically from there, the app will serve ads, which generates money for the attacker.

Posted in Security News | Leave a comment

Security News for Tuesday, November 3 2015

This article is reporting that security startup Zerodium has agreed to pay out a 1 million dollar bounty to a team of hackers that have found a flaw in iOS that can be used to jailbreak a device if the user can be tricked into visting a specially crafted website. Jailbreaking is a technique that can be used to install unauthorized applications on an iOS device. From the article:

In fact, Bekrar tells WIRED that two teams of hackers had attempted to claim the bounty, which was announced in September with an October 31st deadline. Only one proved to have developed a complete, working iOS attack. “Two teams have been actively working on the challenge but only one has made a full and remote jailbreak,” Bekrar writes. “The other team made a partial jailbreak and they may qualify for a partial bounty (unconfirmed at this time).”

Posted in Security News | Leave a comment

Security News for Monday, November 2 2015

This article discusses the security issue of the Internet of Things (IoT), that includes network aware software, object, and sensors, such as those used for home automation (smart TV’s also fall under the umbrella of IoT). The core root of the problem is that so many companies are rushing their IoT ready products to the market that security is an after-thought. From the article:

Unlike the dedicated smartphone app-stores (Google Play, App Store, etc), there are no regulations whatsoever for Smart TV apps. Not only are security protocols absent, manufactures give developers the SDKs with no real security policy. Hackers can hence easily gain access to innards including the file I/O and the screen/app control API.

In other words, all Smart TV apps today are running with complete “root” access. If the installed app has application layer flaws, not much can be done to prevent data and identity theft. Smart TV can also be infected via their vulnerable built-in web browsers. This is because they typically use insecure webkit and flash with a wide range of old libraries.

According to this article, researchers at MiT have found a way to use wireless signals to “see” through walls in order to identify people. From the article:

The team is now working on a system called RF-Capture that picks up wireless reflections from the human body to see the silhouette of a human standing behind a wall.

It’s the first system capable of capturing the human figure when the person is fully occluded, MIT said in an announcement on Wednesday.

Posted in Security News | Leave a comment

Security News for Wednesday, October 28 2015

According to this article, yesterday the Senate passed a new cybersecurity bill that will encourage companies and the government to report on and share data about threats to their organizations. from the article:

The Cybersecurity Information Sharing Act passed by a 74-21 vote. It overcame concerns about privacy and transparency from some senators and technology companies, such as Apple and Yelp.

The Senate rejected amendments, including one addressing concerns that companies could give the government personal information about their customers. Another failed amendment would have eliminated part of the bill that would keep secret information about which companies participate and what they share with the government.

This article is reporting on the increased threat faced by mobile device users such as smart phones and tablets. From the article:

A new report released by security firm Blue Coat acknowledges that porn remains the top dog when it comes to threats to mobile users, but fresh tactics designed to steal your data, load ransomware onto your device or install potentially unwanted software (PUS) are also on the uptick.

“The underground market around mobile malware is growing,” Felix Leder, Director of Advance Malware Defense at Blue Coat told ZDNet.

While this type of testing has been done many times in the past, technology certificate provider CompTIA recently dumped 200 USB flash drives around high-traffic locations in major metropolitan areas too see if people would pick them up and plug them into their computers to see what they contained. According to this article, 17% pf the people that picked them up plugged them into their devices. From the article:

“These actions may seem innocuous, but each has the potential to open the door to the very real threat of becoming the victim of a hacker or a cybercriminal,” Todd Thibodeaux, president and CEO of CompTIA said.

With the cybersecurity threat landscape facing companies increasingly complex, employees engage in unsafe cybersecurity habits put both themselves and their employer at risk.

Posted in Security News | Leave a comment

Security News for Friday, October 16 2015

According to this article, the U.S. Justice Department has charged a Malaysian hacker with stealing the personal data of U.S. service members and selling it to the terrorist group ISIS. From teh article:

Ardit Ferizi, a citizen of Kosovo, was detained in Malaysia on a U.S. provisional arrest warrant, officials said. He was arrested a month ago, according to Malaysian news media.

Ferizi is accused of passing the data to Islamic State member Junaid Hussain, a British citizen who in August posted links on Twitter to the names, e-mail addresses, passwords, locations and phone numbers of 1,351 U.S. military and other government personnel. He included a warning that Islamic State “soldiers . . . will strike at your necks in your own lands!”

This article is reporting that a Russian hacker group known as Pawn Storm is using a vulnerability in Adobe Flash to plant malware on computers belonging to “foreign ministries”. From the article:

Pawn Storm “is the most significant cyber-espionage threat to the U.S. government and her NATO partners,” Trend Micro’s chief cybersecurity officer, Tom Kellermann, said in an email to The Daily Caller News Foundation. The exploit contains similarities to that which occurred on the White House just months ago, researchers found. That particular score allegedly resulted in a trove of Obama’s “unclassified” emails.


Posted in Security News | Leave a comment

Security News for Tuesday, October 6 2015

According to this article, Apple failed to “sign” the latest iOS 9.0.2 update which means that if it is installed, you will be unable to revert to a previous version of iOS. From the article:

This is a problem for a number of reasons. Firstly iOS 9.0.2 doesn’t fix all the bugs in iOS 9 and now any users who experience problems cannot get back to iOS 8 safety while Apple continues to beta test its first major iOS 9 update: iOS 9.1. Secondly, based on iOS beta history, iOS 9.1 is still at least 1-2 months away and Apple releasing a third pure bug fix for iOS 9 (iOS 9.0.3) would start to reek of panic stations.

This article is reporting that researchers in Singapore used a drone to intercept documents sent to a Wi-Fi printer from the secured floor in a 30-story office tower. From the article:

The drone is simply the transport used to ferry a mobile phone that contains two different apps the researchers designed. One, which they call Cybersecurity Patrol, detects open Wi-Fi printers and can be used for defensive purposes to uncover vulnerable devices and notify organizations that they’re open to attack. The second app performs the same detection activity, but for purposes of attack. Once it detects an open wireless printer, the app uses the phone to establish a fake access point that mimics the printer and intercept documents intended for the real device.

Posted in Security News | Leave a comment

Security News for Monday, October 5 2015

According to this article, a “vigilante hacker” is breaking into computers across the country to install a virus but supposedly not for nefarious purposes as one would think. From the article:

The virus scans to see if your home WiFi network is using a default password. If it is, the virus forces you to change the password to something more secure. It also tries to kill any malware on your router and forces it to update software automatically to protect you from computer viruses.

While this might not be news to those in the computer security industry, this article is reporting that cybercrime today is much more hostile than it ever has been. From the article:

The heightened level of belligerence is also indicative of the current trend towards more interaction between cybercriminals and their victims, especially when it comes to extortion.

This is also leading to a change in the consequences of such attacks, with the psychological impact of cybercrime far greater.

Posted in Security News | Leave a comment

Security News for Thursday, October 1 2015

This article is reporting that Microsoft accidentally posted a “test” update to the Microsoft Update service yesterday. The strange update (which wouldn’t even install) left many people with the notion that the service had been compromised. From the article:

Of course, even if no serious harm was caused by this false update the incident does raise serious questions for Windows users – in particular, Windows 10 home users who are forced to accept security updates, whether they want them or not.

This article discusses the recent uptick in cyber-attacks against university networks. These networks make attractive targets as they contain not only a wealth of research data, but also a large amount of personally identifiable information (PII) such as names, addresses, social security numbers, student records, and other information. From the article:

Rutgers University students this week learned the hard way what campus life is like without the Internet. A cyberattack knocked the New Jersey school’s networks offline Monday morning, sending roughly 66,000 pupils into the dark just as they were settling into their first class of the week. It’s just the latest attack against major American universities, which have struggled to fend off increasingly sophisticated hackers in search of the troves of valuable information nested in academic networks.

Posted in Security News | Leave a comment