Friday, October 31, 2014

Cars, toasters, medical devices add to DHS' cyber headaches

From Federal News Radio:

Cars, toasters, medical devices add to DHS' cyber headaches

My personal opinion: Just because you can network something doesn't mean you should.

Changing the Way We Fight Malware

From PCMagazine:

Changing the Way We Fight Malware

"Microsoft is sitting on an absolute gold mine of information. The Malicious Software Removal Tool (MSRT) running on billions of computers worldwide and every Windows Update process sends a ton of non-personal telemetry back to Microsoft Central. This data could help antivirus companies and academic researchers develop better ways to fight malware. In a keynote speech for the 9th IEEE International Conference on Malicious and Unwanted Software (Malware 2014 for short), Microsoft's Dennis Batchelder explained just what the software giant plans to do with all that data and it's not what you might expect."

Beware of the malware walking dead

From SCMagazine:

Beware of the malware walking dead

The Bill for Cybersecurity: $57,600 a Year

From Bloomberg:

The Bill for Cybersecurity: $57,600 a Year

This is a very realistic breakdown of costs associated with protecting your SMB.  There are ways you can reduce this expenditure.  One thing I would highly recommend that is touched upon in this article is cyber insurance.  This is because it is no longer a question of "if" you get hacked but "when" you do.  For more info please contact me via email or through the comments section of this blog.

Welcome To My Cyber Security Nightmare

From DarkReading:

Welcome To My Cyber Security Nightmare

Some FUD but a very realistic look at the threats facing both consumers & organizations of all sizes.

The security threat of unsanctioned file sharing

From Help Net Security:

The security threat of unsanctioned file sharing

More than 1,000 IT security professionals from the United States, United Kingdom, and Germany were surveyed. Key findings from the report include:
  • Almost half (49 percent) of respondents believe their company lacks clear visibility into employees’ use of file sharing/file sync and share applications.
  • Half of respondents (51 percent) aren’t convinced their organisations have the ability to manage and control user access to sensitive documents and how they are shared.
  • The majority of organisations have policies governing the use of file sharing, but policies are not being communicated to employees effectively.
  • Only 54 percent of respondents say their IT department is involved in the adoption of new technologies for end users, including cloud-based services.
More sobering, approximately 61 percent of respondents confessed that they have “often or frequently” done the following:
  • Accidentally forwarded files or documents to individuals not authorised to see them.
  • Used their personal file-sharing/file sync-and-share apps in the workplace.
  • Shared files through unencrypted email.
  • Failed to delete confidential documents or files as required by policies.

This is a very serious issue for SMB's. Whether it be open files shares on your network, employees accessing DropBox/Google Drive, copying business data to their laptop or using USB thumb drives it is very easy for this data to be mishandled.  If you would like to learn more please contact me via email or leave comments on this blog.


Thursday, October 30, 2014

Google Details New Security Features in Android 5.0 Lollipop

From SecurityWeek:

Google Details New Security Features in Android 5.0 Lollipop

I really like this feature.  The ability to separate personal from company data is a big leap for enterprise customers adopting BYOD policies.

"Another feature that's designed with enterprise customers in mind is support for multiple user accounts. Users who rely on their personal devices for work will be able to separate work-related tasks from personal activities by creating a corporate profile.
 
"The technology provides an elegant way of segmenting and managing corporate data without significantly impacting usability, and maintaining user privacy. For businesses, the separation of consumer and corporate profiles means much more control over corporate assets, stopping third-party apps from accessing corporate data, while letting the consumer profile act in the free environment that makes Android, well… Android," Aaron Cockerill, VP of enterprise at mobile security firm Lookout, said in a blog post."

Ferry Company Reports Card Breach

Part three of todays databreach trifecta / hat trick.  From DataBreachToday:

Ferry Company Reports Card Breach

CurrentC Developer Confirms Breach

Part two of today's databreach trifecta, or hat trick if you're a hockey fan.  From DataBreachToday:

CurrentC Developer Confirms Breach

Phishing Attack Leads To Bank Breach

One of a trifecta of breaches announced today.  From DataBreachToday:

Phishing Attack Leads To Bank Breach

Epidemic of medical data breaches leaking our most sensitive information

Medical/health information is much more valuable to cybercriminals than SSN and/or credit card numbers.  From Sophos Naked Security:

Epidemic of medical data breaches leaking our most sensitive information

Profile of a cyber criminal (infographic)

Pretty cool profile of a cybercriminal.  From VentureBeat:

Profile of a cyber criminal (infographic)

10 Signs Your Computer Has A Virus

From LifeHack:

10 Signs Your Computer Has A Virus

RSA Monthly Fraud Report

From RSA:

RSA Monthly Fraud Report

Popular Science Website Infected, Serving Malware

Just goes to show you that any site, small or large, is vulnerable.  From ThreatPost:

Popular Science Website Infected, Serving Malware

Assume ‘Every Drupal 7 Site Was Compromised’ Unless Patched By Oct. 15

A follow up to my last post.  This is a bit alarmist but evidently this is a serious vulnerability in the product.  From ThreatPost:

Assume ‘Every Drupal 7 Site Was Compromised’ Unless Patched By Oct. 15

Gotta love the irony here:
"The vulnerability, which became public on Oct. 15, is a SQL injection flaw in a Drupal module that’s designed specifically to help prevent SQL injection attacks. Shortly after the disclosure of the vulnerability, attackers began exploiting it using automated attacks. One of the factors that makes this vulnerability so problematic is that it allows an attacker to compromise a target site without needing an account and there may be no trace of the attack afterward."

Drupal Releases Public Service Announcement

From US-CERT:

Drupal Releases Public Service Announcement

TeamDigi7al US navy hacker sentenced to 2 years in jail

Cybercrime doesn't pay.  And for Pete's sake if you are dumb enough to do this stuff at least be smart enough not to mess with the DoD, Law Enforcement. military ...  From Sophos Naked Security:

TeamDigi7al US navy hacker sentenced to 2 years in jail

The "Dirty Dozen" SPAMPIONSHIP - who's got the biggest zombie problem?

What country sends the most spam?  Find out here from Sophos Naked Security:

The "Dirty Dozen" SPAMPIONSHIP - who's got the biggest zombie problem?

Wednesday, October 29, 2014

How Cost-Effective Is the Cybersecurity Framework?

If you want to get business onboard you MUST tell them the financial benefits.  Most businesses will not invest in something unless there is a CBA or ROI associated with the expenditure.

From InfoRiskToday:

How Cost-Effective Is the Cybersecurity Framework?

In cybersecurity battle, government-business cooperation necessary: Justice official

From the Washington Times:

In cybersecurity battle, government-business cooperation necessary: Justice official

Cybersecurity: Why It’s Not Just About Technology

Great article, make your employees security conscious & save a ton of money.  From Governing.com:

Cybersecurity: Why It’s Not Just About Technology

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data

From Wired:

Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data

"Researchers at the security startup Shape Security say they’ve found a strain of malware on a client’s network that uses that new, furtive form of “command and control”—the communications channel that connects hackers to their malicious software—allowing them to send the programs updates and instructions and retrieve stolen data. Because the commands are hidden in unassuming Gmail drafts that are never even sent, the hidden communications channel is particularly difficult to detect."

FBI says Nigerian fraudsters scamming victims of everything from laptops and routers to pharmaceuticals, safety and medical equipment

From Network World:

FBI says Nigerian fraudsters scamming victims of everything from laptops and routers to pharmaceuticals, safety and medical equipment

"The FBI said more than 85 companies and universities nationwide whose identities were used to perpetrate the scheme. Approximately 400 actual or attempted incidents have targeted some 250 vendors, and nearly $5 million has been lost so far."

NIST SP 800-150 DRAFT Guide to Cyber Threat Information Sharing

Now we're talking!  Nothing is needed more than inter & intra industry cyber threat information sharing.  From the National Institute for Standards & Technology (NIST):

NIST SP 800-150 DRAFT Guide to Cyber Threat Information Sharing

NIST SP 800-150 DRAFT Guide to Cyber Threat Information Sharing - direct link to PDF

OnguardOnline.gov: Protect Kids Online

From OnguardOnline.gov newsletter:

Protect Kids Online

OnguardOnline.gov: The Protection Connection:

From OnguardOnline.gov:

The Protection Connection

Retailers Facing Intensified Cyberthreat This Holiday Season

As well they should.  No system is bullet proof & these days it seems like its more "when" than "if" with regards to having a databreach.  That does not however mean a business, let a lone a retail one that processes credit/debit cards should sit on its laurels during the holiday season.  Think like a criminal folks, if its your busiest time of the year, you implement a change freeze and your POS terminals are still running XP you're just asking for someone to compromise you.

From Dark Reading:

Retailers Facing Intensified Cyberthreat This Holiday Season

Security Companies Team Up, Take Down Chinese Hacking Group

From DarkReading:

Security Companies Team Up, Take Down Chinese Hacking Group

North Korea Doubles Cyber War Personnel: Report

A follow up to my last post.  Let me see if I understand this correctly; the DPRK has millions of people starving because they cannot feed them, has imprisoned over 100,000 of its citizens in prison camps modeled after Nazi concentration camps but they can develop a crack squad of high tech hackers.  That makes perfect sense doesn't it?

From Security Week:

North Korea Doubles Cyber War Personnel: Report

South Korea Spy Agency Says North Hacking Smartphones

Mobile devices, the next weapons in cyberwarfare. From SecurityWeek:

South Korea Spy Agency Says North Hacking Smartphones

Hackers Breach White House Computer System

From SecurityWeek:

Hackers Breach White House Computer System

Cyber grenade

Cyberwar

























Cool graphic from my last post: Israeli Hacking School Trains Cyber Warriors

Israeli Hacking School Trains Cyber Warriors

From SecurityWeek:

Israeli Hacking School Trains Cyber Warriors

" Three hooded hackers hunch over their computer screens in the control room at Israel's new state-of-the-art "Cyber Gym", where IT and infrastructure company employees train to defend against cyber attacks."

3 ways to make your Outlook.com account safer

From Sophos Naked Security:

3 ways to make your Outlook.com account safer

Placemeter monitors streets from apartment windows: time to don a mask?

This is pretty creepy.  From Sophos Naked Security:

Placemeter monitors streets from apartment windows: time to don a mask?

"Florent Peyre, the co-founder of Placemeter, told the Guardian that the company's counting and measuring tool is one aspect of endowing computers with the ability to recognise objects in live video feed:
For example, this type of shape or group of pixels is most likely to be a pedestrian or a car or a bus.
It's almost like giving the gift of sight to a computer, he said, which should scare the bejesus out of the privacy-minded."

Arrests made after 'specialist malware' used in £1.6 million ATM heist

From Sophos Naked Security:

Arrests made after 'specialist malware' used in £1.6 million ATM heist

"London police made three arrests last week in connection with the theft of up to £1.6 million ($2.58 million) from over 50 ATMs in cities across the UK."

Tuesday, October 28, 2014

RBS WorldPay Hacker Gets Hefty Sentence

Cybercrime doesn't pay!!! From DataBreachToday:

RBS WorldPay Hacker Gets Hefty Sentence

A Data Science Approach to Detecting Insider Security Threats

This is a very interesting concept for detecting a potential insider threat.  From Pivotal:

A Data Science Approach to Detecting Insider Security Threats

Note: Toward the end it gets into a slight sales pitch for Pivotal.  I do not work for the company nor have I ever used any of its products.  This article is presented for educational purposes only and is not an endorsement of any kind.

Identity Theft Protection: Key Steps

From DataBreachToday:

Identity Theft Protection: Key Steps

"As part of their breach response strategies, organizations need to establish clear guidelines in advance so they know when it's appropriate to offer victims free credit monitoring or ID theft protection services, security experts advise.
In addition, they should educate breach victims about the steps they should take to protect their identities as well as how to use the services offered to them."

FTC Says AT&T Has Misled Millions of Consumers with ‘Unlimited’ Data Promises

From the Federal Trade Commission (FTC):

FTC Says AT&T Has Misled Millions of Consumers with ‘Unlimited’ Data Promises

"The Federal Trade Commission filed a federal court complaint against AT&T Mobility, LLC, charging that the company has misled millions of its smartphone customers by charging them for “unlimited” data plans while reducing their data speeds, in some cases by nearly 90 percent."

Ransomware Attacks Subvert Ad Networks

From DataBreachToday.com:

Ransomware Attacks Subvert Ad Networks

Researchers identify sophisticated Chinese cyberespionage group

From the Washington Post:

Researchers identify sophisticated Chinese cyberespionage group

Insurers fight to bar cyber coverage under commercial general liability policies

From BusinessInsurance.com:

Insurers fight to bar cyber coverage under commercial general liability policies

This is why you need a separate and distinct cyber insurance policy.  See my other posts on this topic for more info.

Shellshock Exploits Targeting SMTP Servers at Webhosts

From ThreatPost:

Shellshock Exploits Targeting SMTP Servers at Webhosts

Come on people get this thing patched.  In most cases it takes one simple command & requires no downtime.

yum update bash

Simple isn't it???

Zero-day in Samsung ‘Find My Mobile’ service allows attacker to remotely lock phone

From ComputerWorld

Zero-day in Samsung ‘Find My Mobile’ service allows attacker to remotely lock phone

"According to the National Institute of Standards and Technology (NIST):
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic."

US-CERT Alert (TA14-300A): Phishing Campaign Linked with “Dyre” Banking Malware

From US-CERT:

Alert (TA14-300A): Phishing Campaign Linked with “Dyre” Banking Malware

Monday, October 27, 2014

ShadowCrew Cybercrime Forum Vendor Sentenced to Prison

Cybercrime doesn't pay.  From SecurityWeek:

ShadowCrew Cybercrime Forum Vendor Sentenced to Prison

Adobe Updates Digital Editions Following Privacy Controversy

From SecurityWeek:

Adobe Updates Digital Editions Following Privacy Controversy

"Earlier this month, reports surfaced about Adobe collecting information from Digital Editions 4.0 users, including the books they read and the ones stored in their library. Researchers also noticed that all the data was sent back to Adobe's servers without being encrypted."

FTC Scam Alert: Headline news: Scammers issue bogus newspaper subscription renewal notices

From the Federal Trade Commission (FTC):

Headline news: Scammers issue bogus newspaper subscription renewal notices

"Nothing like a hot cup of coffee and the morning paper to start the day, right? Well, for many subscribers and newspaper publishers across the country, bogus renewal notices are leaving a bitter taste."

FTC publications — free and at your fingertips

From the Federal Trade Commission (FTC):

FTC publications — free and at your fingertips

"When you want free consumer information — for yourself or a group — the FTC is ready to take your order. Looking for identity theft brochures to share with your book club? We’ve got them. Online safety handouts to use in the classroom? Right here. Bookmarks about charity fraud to distribute at a community fair? Absolutely. Our new and better bulkorder site is your gateway to almost 200 free publications for consumers and businesses."

The FCC as data security cop: $10 million fine for carriers’ security breaches

From Network World:

The FCC as data security cop: $10 million fine for carriers’ security breaches

Do Wearable Devices Spill Secrets?

So much for wanting a FitBit.  From InfoRisk Today:

Do Wearable Devices Spill Secrets?

Malware directs stolen documents to Google Drive

From Help Net Security:

Malware directs stolen documents to Google Drive

DOJ's NSD Reorgs for Cyber/Corp Espionage

From MainJustice.com:

DOJ's NSD Reorgs for Cyber/Corp Espionage

China suspected of cyberattack on Apple

From The Hill:

China suspected of cyberattack on Apple

NSA-Approved Samsung Knox Stores PIN in Cleartext

Two words you NEVER want to hear in the same sentence "password" and "cleartext". From ThreatPost:

NSA-Approved Samsung Knox Stores PIN in Cleartext

"A security researcher has tossed a giant bucket of ice water on Samsung’s thumbs up from the NSA approving use of certain Galaxy devices within in the agency."

‘Replay’ Attacks Spoof Chip Card Charges

From Brian Krebs @briankrebs

‘Replay’ Attacks Spoof Chip Card Charges

"Over the past week, at least three U.S. financial institutions reported receiving tens of thousands of dollars in fraudulent credit and debit card transactions coming from Brazil and hitting card accounts stolen in recent retail heists, principally cards compromised as part of the breach at Home Depot.

The most puzzling aspect of these unauthorized charges? They were all submitted through Visa and MasterCard‘s networks as chip-enabled transactions, even though the banks that issued the cards in question haven’t even yet begun sending customers chip-enabled cards."

US Senate calls Whisper in for serious questioning on user tracking

From Sophos Naked Security:

US Senate calls Whisper in for serious questioning on user tracking

"Earlier this month, The Guardian published three articles alleging that Whisper's supposedly anonymous messaging service tracks even those who opt out of geolocation, that it shares what's supposed to be anonymous content with the Department of Defense, and that its user data is collated and stored indefinitely in a searchable database."

Friday, October 24, 2014

3 Enterprise Security Tenets To Take Personally

From InformationWeek:

3 Enterprise Security Tenets To Take Personally

"I recently bought a new house, and following recommended security practices, I had the door locks replaced, the security code on the garage-door opener changed, and the house alarm system upgraded. The process reminded me of what a locksmith told me years ago: You can't keep a thief from breaking in, but you can make it hard enough that he'll go where it is less risky.

Fast-forward to the Internet/cloud era, and that sage advice still holds true -- maybe even more so. The most recent breaches hitting HealthCare.gov, Home Depot, and the unfortunate theft of private photos from iCloud make it clear that even the US government, giant corporations, and advanced tech companies like Apple struggle to cope with the speed at which cyber-thieves are evolving their techniques. It's not a question of if someone can get into your accounts, but whether your security plan is a deterrent -- or makes you a target."

Couldn't have said it better myself.  No matter if it's personal or your SMB's data you need to take basic measures to ensure it is secured.

70 percent of IT security breaches can be attributed to human elements

From Dell Security:

70 percent of IT security breaches can be attributed to human elements

Hackers who threaten national security could face life sentences

From Sophos Naked Security:

Hackers who threaten national security could face life sentences

NAT-PMP Protocol Vulnerability Puts 1.2 Million SOHO Routers At Risk

From ThreatPost:

NAT-PMP Protocol Vulnerability Puts 1.2 Million SOHO Routers At Risk

"Vulnerabilities in embedded devices, in particular small office and home office routers, have been relentless. Another serious issue was discovered this week that affects more than 1.2 million such devices due to improper NAT-PMP protocol implementations, most of which run counter to the specification under which it was designed."

Disaster as CryptoWall encrypts US firm's entire server installation

From Network World:

Disaster as CryptoWall encrypts US firm's entire server installation

"An admin had clicked on a phishing link which was bad enough. Unfortunately, the infected workstation had mapped drives and permissions to all seven servers and so CryptoWall had quickly jumped on to them to hand the anonymous professional a work day to forget."

FTC Scam Alert: At FTC’s Request, Court Shuts Down New York-Based Tech Support Scam Business

From the Federal Trade Commission (FTC):

At FTC’s Request, Court Shuts Down New York-Based Tech Support Scam Business

The 'Backoff' malware used in retail data breaches is spreading

From PCWorld:

The 'Backoff' malware used in retail data breaches is spreading

STOP! USING! WINDOWS XP! UPGRADE! TO! WINDOWS 7!

Do we really need strong passwords?

From Sophos Naked Security:

Do we really need strong passwords?

The answer is yes and no.  This is not a black and white issue.  What users need are complex passwords that are easy to remember.  This can be done in any number of ways.  The best way is to use mnemonics. 

What I mean by this is to use things that are easily remembered and combine them in an easy to remember way.  For example, lets say this is for your Amazon account.  Your name is John Q. Public and you live on 123 Main St Anytown NJ 08001 with a phone number of 856-555-1212.  Your wife is named Jane and you have two children, Joe and Bertha, a dog named Spot and a cat named Tom.  You can take parts of all this information and come up with a complex password that is easy to remember.

Lets begin with Amazon since this is the account the password is for.  Start with "Am", the first two letters in Amazon.  Just for kicks we'll throw in a "." period to separate this from the rest of the password.  So now we have "Am.".  Then we can add some letters from your name to this and a "." period as another separator and we come up with "Am.jQp.".  Next reverse your street number and add it to the password with another "." separator and you come up with "Am.jQp.321."

At this point you now have an 11 digit somewhat complex password.  We're going to keep adding info to it to make it even more complex yet easy enough to remember.  Next lets add the last four digits of your phone number and the first letter of your wife, children, dog and cats names with a "." to separate them.  Now we have "Am.jQp.321.1212.JjBsT.".  Finally lets just throw some "!" exclamation points for kicks and come up with "!Am.jQp.321.1212.JjBsT.!"

Using simple mnemonics you now have a highly complex 24 character password.  Since it is composed of things that have meaning to you, with a little work, it will be easy to remember.  Another advantage is that by using slight tweaks it can be modified for your other accounts to prevent password reuse.  For example:

Facebook - "!Face.jQp.321.1212.JjBsT.!"
Ebay - "!EB.jQp.321.1212.JjBsT.!"
PayPal - "!pP.jQp.321.1212.JjBsT.!"
Twitter - "!TwIt.jQp.321.1212.JjBsT.!"
Instagram - "!IGram.jQp.321.1212.JjBsT.!"


Hope this is of help to my readers.

How to kill a troll

Cyberbullying must be stopped.  The stats in this article are eye opening.  I'm not so sure ignoring a cyberbully will stop it but at least the stats bear out that it is a start.  From Sophos Naked Security:

How to kill a troll

Pew surveyed 2849 internet users. Here are some of the results:
  • One out of every four women between 18 years old and 24 years old reports having been stalked or sexually harassed online.
  • Two out of five people reported having been victims of some form of online harassment.
  • One out of four had seen someone being physically threatened.
Out of those people who've reportedly been the targets of online harassment, these are the rates at which they've suffered particular forms of abuse:
  • 27% of internet users have been called offensive names
  • 22% have had someone try to purposefully embarrass them
  • 8% have been physically threatened
  • 8% have been stalked
  • 7% have been harassed for a sustained period
  • 6% have been sexually harassed

Twitter invites us to say goodbye to passwords, use Digits instead

This isn't a bad idea.  From Sophos Naked Security:

Twitter invites us to say goodbye to passwords, use Digits instead

Report: Russia, China near cybersecurity deal

What kind of deal?  One where they agree not to attack each other but everyone else is fair game?  What about one where Russia gets the monopoly on cybercrime and China gets the monopoly on cyberespionage?  This can't be good for the US and other Western countries.

From The Hill:

Report: Russia, China near cybersecurity deal

Thursday, October 23, 2014

FTC Scam Alert: Spanish speaking consumers conned out of $2 million

From the Federal Trade Commission:

Spanish speaking consumers conned out of $2 million

10 Things IT Probably Doesn't Know About Cyber Insurance

From DarkReading.com:

10 Things IT Probably Doesn't Know About Cyber Insurance

Cybersecurity help coming for franchises

Better late than never.  From The Hill:

Cybersecurity help coming for franchises

“Many small- and medium-sized businesses are franchises that rely on computerized networks and digital records — making them extremely vulnerable to cyber attacks,” said Michael Kaiser, executive director of NCSA.

Apple warns about organized network attacks against iCloud users

From Help Net Security:

Apple warns about organized network attacks against iCloud users

FBI Warns of Hacks by Moonlighting Foreign Agents

From Bloomberg:

FBI Warns of Hacks by Moonlighting Foreign Agents

Officers arrest man in Portsmouth after £1.6 million is stolen from UK cash machines in cyber attack

From the City of London Police:

Officers arrest man in Portsmouth after £1.6 million is stolen from UK cash machines in cyber attack

Insider Threats: Breaching The Human Barrier

From DarkReading.com:

Insider Threats: Breaching The Human Barrier

US-CERT: TA14-295A: Crypto Ransomware

From US-CERT:

TA14-295A: Crypto Ransomware

Windows 10 to get two-factor authentication built-in

Speaking of Two Factor Authentication, from Network World:

Windows 10 to get two-factor authentication built-in

'Bout time!

Researchers Discover Dozens of Gaming Client and Server Vulnerabilities

Yet another reason employees shouldn't be putting gaming (or any other) software on company owned systems.  From Threat Post:

Researchers Discover Dozens of Gaming Client and Server Vulnerabilities

NIST Publishes Draft Hypervisor Security Guide

If you have, or work in, an environment that leverages virtualization you're going to want to read this.  From ThreatPost:

NIST Publishes Draft Hypervisor Security Guide

Direct Link to NIST Publication:

IT threat evolution Q2 2014

From Kaspersky Labs:

IT threat evolution Q2 2014

Q2 in figures

  • According to KSN data, Kaspersky Lab products detected and neutralized a total of 995,534,410 threats in the second quarter of 2014.
  • Kaspersky Lab solutions repelled 354,453,992 attacks launched from online resources located all over the world.
  • Kaspersky Lab's web antivirus detected 57,133,492 unique malicious objects: scripts, web pages, exploits, executable files, etc.
  • 145,386,473 unique URLs were recognized as malicious by web antivirus.
  • 39% of web attacks neutralized by Kaspersky Lab products were carried out using malicious web resources located in the US and Germany.
  • Kaspersky Lab's antivirus solutions detected 528,799,591 virus attacks on users' computers. A total of 114,984,065 unique malicious and potentially unwanted objects were identified in these incidents.
  • In Q2 2014, 927,568 computers running Kaspersky Lab products were attacked by banking malware.
  • A total of 3,455,530 notifications about attempts to infect those computers with financial malware were received.

Google goes beyond two-step verification with new USB Security Key

Granted Two Factor Authentication is a bit of a pain for most users.  However it is a much more secure method of authentication.  I've worked extensively with RSA's SecurID products for many years and would recommend any SMB who needs to store any type of confidential data consider implementing some type of Two Factor Authentication system for systems containing that data.

From Sophos Naked Security:
Google goes beyond two-step verification with new USB Security Key

Wednesday, October 22, 2014

FTC Scam Alert: Operators of bogus business opportunity ordered to pay back $25 million

From the Federal Trade Commission:

Operators of bogus business opportunity ordered to pay back $25 million

FTC Action Results in Court Order Requiring Work-At-Home Scammers to Pay More Than $25 Million for Consumer Refunds

Windows Warning: Zero-Day Attack

From GovInfoSecurity:

Windows Warning: Zero-Day Attack

U.S. national security prosecutors shift focus from spies to cyber

From Reuters:

U.S. national security prosecutors shift focus from spies to cyber

As cybercrime goes global, it's getting costlier

From CBS:

As cybercrime goes global, it's getting costlier

Defendants in Massive Spam Text Message, Robocalling and Mobile Cramming Scheme to Pay $10 Million to Settle FTC Charges

From the Federal Trade Commission (FTC):

Defendants in Massive Spam Text Message, Robocalling and Mobile Cramming Scheme to Pay $10 Million to Settle FTC Charges

Feds urge early cooperation in malware investigations

From FCW:

Feds urge early cooperation in malware investigations

Why You Shouldn't Count On General Liability To Cover Cyber Risk

From DarkReading.com:

Why You Shouldn't Count On General Liability To Cover Cyber Risk

"As the legal troubles for P.F. Chang's restaurant chain kept piling up over the breach discovered this summer affecting 33 of its locations, its legal team made an insurance end-around play that many enterprises try after a breach. It filed a claim for coverage under its comprehensive general liability (CGL) policy. But a lawsuit filed earlier this month from its general liability insurer, Travelers Insurance, offers a good lesson to organizations on why this ploy rarely works."

US Justice Dept. focuses new squad on cybercrime combat

From Network World:

US Justice Dept. focuses new squad on cybercrime combat

Microsoft Releases Advisory for Unpatched Windows Vulnerability

From US-CERT:

Microsoft Releases Advisory for Unpatched Windows Vulnerability

SourceBooks Confirms Card Breach

From DataBreachToday:

SourceBooks Confirms Card Breach

"During that time, unauthorized parties were able to gain access to customer credit card information, including card number, expiration date, cardholder name and card verification value. In addition, the cyber-attackers also were able to view billing information, such as name, phone number and address. In some cases, account passwords were obtained as well, SourceBooks says."

Unsecured Folder Leads to Big Breach

LOCK! DOWN! SHARES! REVIEW! PERMISSIONS! REGULARLY!

From DataBreachToday:

Unsecured Folder Leads to Big Breach

"Touchstone Medical Imaging, a Brentwood, Tenn.-based provider of diagnostic imaging services nationwide, says it became aware in May "that a seldom-used folder containing patient billing information relating to dates prior to August 2012 had inadvertently been left accessible via the internet," according to a statement posted on the company's website."

Is your phone line a '6-figure liability waiting to happen'?

Phreaking is alive and well it seems.  Another from Sophos Naked Security:

Is your phone line a '6-figure liability waiting to happen'?

"Telecommunications fraud experts told the New York Times that this is how the premium-service scheme works:
  1. Criminals sign up to lease premium-rate phone numbers from one of dozens of web-based services that charge dialers over $1 a minute (£.62) and give the lessee a cut - as high as 24 cents (£.15) for every minute spent on the phone.
  2. Next, the crooks break into a business's phone system and make calls through it to their premium number. They typically do it over a weekend, when nobody's around to notice. High-speed computers enable hundreds of simultaneous calls, forwarding as many as 220 minutes' worth of phone calls a minute to the pay line.
  3. The intruder gets their share of the charges, typically sent via a Western Union, MoneyGram or wire transfer."

UK considering imprisoning 'cowardly, venomous trolls' for up to 2 years

Serious steps need to be taken to stop cyberbullying.  From Sophos Naked Security:

UK considering imprisoning 'cowardly, venomous trolls' for up to 2 years

"A few days after trolls threatened to rape British fitness instructor Chloe Madeley, Justice Secretary Chris Grayling told the Mail on Sunday that sentences for web trolls would be quadrupled to two years in proposed changes to current law."

Tuesday, October 21, 2014

Staples Launches Breach Investigation

First reported by Brian Krebs, picked up by DataBreachToday.com:

Staples Launches Breach Investigation

"The retailer confirmed the investigation after security blogger Brian Krebs reported that sources at more than six East Coast banks had seen a spike in card-related fraud that seemed to correspond with cards that were used by shoppers at 11 Staples locations across New Jersey, New York City and Pennsylvania."

Selling stolen card info online? That's the least of it

Great piece by Cadie Thompson from CNBC:

Selling stolen card info online? That's the least of it

"Turns out that's the least of it. The easy availability of stolen data created a thriving underground marketplace for purloined information, and some cybercriminals are even going up the value chain and selling things like they're own hacking services."

15 of the scariest things hacked

From Network World:

15 of the scariest things hacked

Facebook prowls the internet looking for your password

Good headline but not what you think.  From Sophos Naked Security:

Facebook prowls the internet looking for your password

Just a hint here, Google your password(s) and see what is returned.  If they are listed with a hash for them it's time to change.

Monday, October 20, 2014

Nearly Half Of Consumers Will Punish Breached Retailers During Holidays

From DarkReading.com:

Nearly Half Of Consumers Will Punish Breached Retailers During Holidays

"The results show that 45% of consumers reported that they "probably" or "definitely" would avoid a store over the holidays if they found out it had a data breach. Further, the news of retail breaches has made consumers somewhat allergic to plastic -- approximately 48% say the bad press has made them more likely to use cash in favor of cards."

California woman charged with possessing cellphone spyware and using it to intercept law enforcement communications (UPDATED)

Just saw this Tweeted by @teamcymru:

California woman charged with possessing cellphone spyware and using it to intercept law enforcement communications (UPDATED)

Whisper CTO trashes reports that it tracks even those users who turn off geolocation

From Sophos Naked Security:

Whisper CTO trashes reports that it tracks even those users who turn off geolocation

"Furnished with an extremely simple password, we were given access to the company's vast library of texts and photographs and, in most cases, the location of their authors. The company's developers have created a back-end analytics tool to conduct more refined searches of the database, the most powerful of which pinpoints location."

Dropbox used for convincing phishing attack

From ComputerWorld:

Dropbox used for convincing phishing attack

"Dropbox's file storage service was used for a tricky phishing attack, although the service was quick to shut down it down, according to Symantec."

Defending Against Government Intrusions

Thought this was an interesting piece from govinfosecurity.com

Defending Against Government Intrusions

"Based on the ensuing discussion, here are some of the top takeaways for anyone charged with defending networks in the post-Snowden era:"

Infographic: A brief history of malware

From Help Net Security:

Infographic: A brief history of malware

New attack hides stealthy Android malware in images

From PC World:

New attack hides stealthy Android malware in images

"Because of fragmentation in the Android ecosystem, especially when it comes to firmware updates, many devices will likely remain vulnerable to this attack for a long time, giving Android malware authors ample time to take advantage of it."

FTC Scam Alert: “Free” products weren’t really free

From the Federal Trace Commission (FTC):

“Free” products weren’t really free

Are you cyber streetwise?

Good site from the UK government:

CyberStreet

Average person has 19 passwords - but 1 in 3 don’t make them strong enough

From Sophos Naked Security:

Average person has 19 passwords - but 1 in 3 don’t make them strong enough

Top 10 Password Managers as reviewed by InformationWeek / Darkreading.com:

Top 10 Password Managers

US-CERT Alert (TA14-290A) - SSL 3.0 Protocol Vulnerability and POODLE Attack

More on POODLE from US-CERT:

US-CERT Alert (TA14-290A) - SSL 3.0 Protocol Vulnerability and POODLE Attack

US-CERT Bulletin (SB14-293) - Vulnerability Summary for the Week of October 13, 2014

Round of vulnerabilities found last week  from US-CERT:

US-CERT Bulletin (SB14-293) - Vulnerability Summary for the Week of October 13, 2014

Friday, October 17, 2014

Alert (TA14-290A) SSL 3.0 Protocol Vulnerability and POODLE Attack

From US-CERT:

Alert (TA14-290A) SSL 3.0 Protocol Vulnerability and POODLE Attack

Apple Releases Security Update 2014-005 (POODLE CVE-2014-3566)

From US-CERT:

Apple Releases Security Update 2014-005

OnGuardOnline.gov: Working Together to Prevent Bullying

Technically this has nothing to do with cybersecurity.  Unfortunately cyberbullying is an emerging threat to our kids.  Please read this and see what you can do to help:

OnGuardOnline.gov: Working Together to Prevent Bullying

FTC Consumer Info: How to guard against Ebola-related charity scams

Consumer Info from the Federal Trade Commission (FTC):

How to guard against Ebola-related charity scams

POODLE Info - How to disable SSL v3 in your server & browser

I came across these two links while researching how to disable SSL v3 on web browsers:

Disable SSLv3 in major browsers

SSL v3 goes to the dogs - POODLE kills off protocol


Any/all products/services are provided for informational purposes only.  The author does not endorse any single product. 

Use these products/services at your own risk.

POODLE Info - How to turn on TLS in IE, Firefox, Safari & Chrome

Many websites are disabling SSL v3.0 on their servers to protect users against the POODLE vulnerability.  I found this great tutorial from the US State Dept. on how to enable TLS on the four major browsers.  While you're enabling TLS you will want to disable SSL v3.0.  If I come across any how to's on that I will update this post.

 
 
Any/all products/services are provided for informational purposes only.  The author does not endorse any single product. 

Use these products/services at your own risk.