Saturday, February 21, 2015

Secure Domains: The DNS Security Debate

From Healthcare Info Security:

Secure Domains: The DNS Security Debate

The importance of improving the Internet infrastructure was a dominant theme throughout President Obama's White House Summit on cybersecurity and consumer protection last week.

How to get rid of the Lenovo "Superfish" adware

From Sophos Naked Security:

How to get rid of the Lenovo "Superfish" adware

The Lenovo "Superfish" controversy was caused by the revelation that Lenovo, for the last three months of 2014, had shipped adware known as "Superfish" on some of its notebook computers.

Google warning: FBI wants to hack any computer in world

From RT:

Google warning: FBI wants to hack any computer in world

US search engine giant Google has warned against increasing the government's powers for infiltrating computer systems around the world, saying it would open a number of "monumental" constitutional issues.

What will happen to the Lizard Squad hackers?

From The Guardian:

What will happen to the Lizard Squad hackers?

From Kevin Mitnick to LulzSec and Anonymous, the destiny of a hacker group tends to follow the same arc – hack something, hack something bigger, until someone makes a mistake that leads to one or more members being arrested

Accused British hacker, wanted for crimes in US, won’t give up crypto keys

From ars tehnica:

Accused British hacker, wanted for crimes in US, won’t give up crypto keys

An alleged British hacker who has criminal charges pending in three American federal districts is preparing to petition a Suffolk, United Kingdom court to compel the National Crime Agency (NCA) to return his encrypted seized computers and storage devices.

Creating cybersecurity that thinks

From ComputerWorld:

Creating cybersecurity that thinks

Until recently, using the terms “data science” and ”cybersecurity” in the same sentence would have seemed odd. Cybersecurity solutions have traditionally been based on signatures – relying on matches to patterns identified with previously identified malware to capture attacks in real time. In this context, the use of advanced analytical techniques, big data and all the traditional components that have become representative of “data science” have not been at the center of cybersecurity solutions focused on identification and prevention of cyber attacks.

Lenovo Releases Tool To Remove The Sketchy Exploitable “SuperFish” Garbage It Pre-Loaded On Laptops

All this aside.  I've used a number of Lenovo laptops &, quite frankly, they are the biggest pieces of crap I've ever used.  Stick to Dell, Toshiba & HP.

From TechCrunch:

Lenovo Releases Tool To Remove The Sketchy Exploitable “SuperFish” Garbage It Pre-Loaded On Laptops

Earlier this week, word started spreading that Lenovo had been pre-installing a sketchy adware program called “SuperFish” onto many of its Windows PCs for months.

Then researchers started finding nasty vulnerabilities — namely, that SuperFish was using some pretty ugly hacks to tinker with your computer’s encryption certificates, and doing so in a way that seemingly leaves your otherwise “encrypted” communications (everything that goes over HTTPS) unsecure whenever you’re on a shared WiFi connection (like at a coffee shop)

Hackers May Have Taken Customer Data From Morgan Stanley Broker

From the NY Times:
Hackers May Have Taken Customer Data From Morgan Stanley Broker

There’s been little dispute that a former Morgan Stanley broker, Galen Marsh, violated the firm’s rules when he downloaded information about 350,000 customers onto his personal computer. But Mr. Marsh may not be responsible for posting that information online late last year and trying to sell it, people familiar with the investigation said on Thursday.

How Social Media Is The Newest Military Battleground

From Make Use Of (another one I never heard of until just now):

How Social Media Is The Newest Military Battleground

During the Second World War the British 77th Brigade went behind enemy lines and used unorthodox tactics against the Japanese in Burma. There hasn’t been a 77th since 1945, but it will be making its return this year with a new sort of tactic: psychological operations (PsyOps) via social media.

Lenovo Installed Malicious Adware on Customers’ Computers – Here’s How to Remove it

From The Digital Reader:

Lenovo Installed Malicious Adware on Customers’ Computers – Here’s How to Remove it

When Sony was caught in 2005 using audio CDs to install rootkits on their customers' computers, they set a new standard for boneheaded attacks on the people who give you money.

Spies Can Track You Just by Watching Your Phone’s Power Use

From Wired:

Spies Can Track You Just by Watching Your Phone’s Power Use

Smartphone users might balk at letting a random app like Candy Crush or Shazam track their every move via GPS. But researchers have found that Android phones reveal information about your location to every app on your device through a different, unlikely data leak: the phone’s power consumption.

Internet of Things security check: How 3 smart devices can be dumb about the risks

From PCWorld:

Internet of Things security check: How 3 smart devices can be dumb about the risks

Internet of Things security is no longer a foggy future issue, as more and more such devices enter the market—and our lives. From self-parking cars to home automation systems to wearable smart devices, analysts currently estimate that some 50 billion to 200 billion devices could be connected to the Internet in 2020. Google CEO Eric Schmidt told world leaders at the World Economic Forum in Davos, Switzerland, in January, "there will be so many sensors, so many devices, that you won't even sense it, it will be all around you," he said. "It will be part of your presence all the time."

Android malware fakes phone shutdown to steal your data

From PCWorld:

Android malware fakes phone shutdown to steal your data

Next time you turn off your Android phone, you might want take the battery out just to be certain.

Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.

The NSA Reportedly Stole Millions Of SIM Encryption Keys To Gather Private Data

From TechCrunch:

The NSA Reportedly Stole Millions Of SIM Encryption Keys To Gather Private Data

The American National Security Agency (NSA), and the British Government Communications Headquarters (GCHQ), similar clandestine intelligence agencies, stole SIM card encryption keys from a manufacturer, allowing the groups to decrypt global cellular communications data.

Cyber-attacks become top business continuity threat

From Computer Business Review:

Cyber-attacks become top business continuity threat

Hackers are worrying continuity managers more than other dangers.
Cyber-attacks are now regarded as the top threat to business continuity, according to a study by the Business Continuity Institute (BCI).

The Dark Web: anarchy, law, freedom and anonymity

From Sophos Naked Security:

The Dark Web: anarchy, law, freedom and anonymity

The Deep Web, the bit of the World Wide Web that's not indexed by search engines like Google and Bing, is of intense interest to people who want to avoid government spies and law enforcement.

TrueCrypt Audit Stirs Back To Life

From ThreatPost:

TrueCrypt Audit Stirs Back To Life

The stagnant TrueCrypt audit stirred to life in the last 24 hours with the announcement that the second phase of the audit, tasked with examining the cryptography behind the open source disk encryption software, will begin shortly.

BadUSB Vulnerabilities Live in ICS Gear Too

From ThreatPost:

BadUSB Vulnerabilities Live in ICS Gear Too

CANCUN – BadUSB was the hot hack of the summer of 2014. Noted researcher Karsten Nohl delivered a talk at Black Hat during which he explained how USB controller chips in peripheral devices that connect over USB can be reprogrammed. The result is a completely compromised device hosting undetectable code that could be used for a number of malicious purposes, including remote code execution or traffic redirection.

Friday, February 20, 2015

US-CERT: IRS Issues Warning for a Scam Targeting Tax Preparers

From US-CERT:

IRS Issues Warning for a Scam Targeting Tax Preparers

The Internal Revenue Service (IRS) has issued a press release addressing a new spear phishing scam targeting tax preparers and other tax professionals. Scam operators often use fraudulent e-mails to entice their targets to reveal login credentials.

US-CERT encourages users and administrators to review the IRS press release for details and refer to US-CERT Security Tip ST15-001 for information on "tax" themed phishing attacks.

US-CERT: ISC Releases Security Updates for BIND

From US-CERT:

ISC Releases Security Updates for BIND

The Internet Systems Consortium (ISC) has released security updates to address a vulnerability in BIND. Exploitation of this vulnerability may allow a remote attacker to cause a denial of service condition.
Updates available include:
  • BIND 9.9.6-P2
  • BIND 9.10.1-P2
Users and administrators are encouraged to review ISC Knowledge Base Article AA-01235 and apply the necessary updates.

Thursday, February 19, 2015

Android malware spies on you even after phone is shut down

From Mashable:

Android malware spies on you even after phone is shut down

A particularly devious new Android malware can make calls or take photos even if you shut the device down, according to security research firm AVG.

Desert Falcon Group Swooped on One Million Files

From Forensic Magazine:

Desert Falcon Group Swooped on One Million Files

Kaspersky Lab has unearthed what it claims to be the first major group of sophisticated Arab cyber criminals operating a full attack campaign — hitting thousands of tactical targets in the Middle East.

The Possible Put Into Digital Forensic Practice With Grier Technology

From Forensic Magazine:

The Possible Put Into Digital Forensic Practice With Grier Technology

After listening to colleagues for years and exploring it further, Jonathan Grier saw how pressing the need was for technology like his. As explained in the previous discussion with Grier, his technology decreases the time to image a hard drive by 3 to 13 times, speeding digital investigation and reducing the use of resources.

MegaNet - New Decentralized, Non-IP Based and Encrytpted Network

From The Hacker News Network:

MegaNet - New Decentralized, Non-IP Based and Encrytpted Network

The Famous Internet entrepreneur and former hacker Kim Dotcom, who introduced legendary Megaupload and MEGA file sharing services to the World, has came up with another crazy idea — To start his very own Internet that uses the "blockchain".

See How This Android App Clones Contactless Credit Cards In Seconds

From Forbes:

See How This Android App Clones Contactless Credit Cards In Seconds

Australian security researcher Peter Fillmore has a history of card cloning. In October last year, Fillmore showed how he could clone Visa V -0.01% and MasterCard MA +1.68% payment cards with an Android app running on a Google GOOGL +0.71% Nexus 4. He successfully shopped with it, buying some beers in a Sydney pub and a Snickers bar from a supermarket.

Password Cracking Experts Decipher Equation Group Crypto Hash

From Forensic Magazine:

Password Cracking Experts Decipher Equation Group Crypto Hash

Unraveling a mystery that eluded the researchers analyzing the highly advanced Equation Group the world learned about recently, password crackers have deciphered a cryptographic hash buried in one of the hacking crew's exploits. It's Arabic for "unregistered."

Army Reserve Partnership Aims to Grow Cyber Warriors

From Forensic Magazine:

Army Reserve Partnership Aims to Grow Cyber Warriors

The Army Reserve has partnered with universities and private companies across the country to recruit and grow cybersecurity professionals.

Bank Hackers Steal Millions With Malware

From Forensic Magazine:

Bank Hackers Steal Millions With Malware

In late 2013, an ATM in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

Encryption and Silence Can be Targets’ Best Assets

From ThreatPost:

Encryption and Silence Can be Targets’ Best Assets

CANCUN–Things are getting real these days for executives, researchers, journalists and others involved in the security community. Targeted surveillance is a reality for many in the community, and researchers and activists are trying now to help them assess and address that threat to their privacy and security.

APT Groups Emerging in Middle East

From ThreatPost:

APT Groups Emerging in Middle East

CANCUN–Since security researchers and vendors began exposing the inner workings of APT groups a few years ago, virtually all of the operations that have been made public have been the work of attackers in Europe, Asia or North America. But recently, groups in the Middle East have joined the game as well.

Cybercrime Gang: Fraud Estimates Hit $1B

From GovInfoSecurity:

Cybercrime Gang: Fraud Estimates Hit $1B

A notorious cybercrime gang continues to target financial services firms and retailers. A new report estimates that the Anunak - a.k.a. Carbanak - gang has now stolen up to $1 billion from banks in Russia, the United States and beyond, in part by using "jackpotting" malware that infects ATMs and which attackers can use to issue cash from ATMs, on demand.

Code typo helps tie North Korea to the Sony hack

From ComputerWorld:

Code typo helps tie North Korea to the Sony hack

A security company in the U.S. has provided further evidence that last year's devastating hacking attack on Sony Pictures Entertainment was carried out by a group with ties to North Korea.

Vladimir Drinkman Pleads Not Guilty In 160 Million Credit Card Hacking Case

From Forbes:

Vladimir Drinkman Pleads Not Guilty In 160 Million Credit Card Hacking Case

A Russian man pleaded not guilty to 11 charges in a New Jersey federal court on Tuesday, as part of the largest international hacking and data breach case ever prosecuted in the United States.

This $150,000 Kickstarter Campaign Wants To Turn Kids Into Crime Scene Investigators

From Forbes:

This $150,000 Kickstarter Campaign Wants To Turn Kids Into Crime Scene Investigators

London-based startup Forensic Outreach is hoping to raise at least $150,000 via Kickstarter to create a “virtual faculty” that would get kids into the science behind crime scene investigation. The CASE Academy already has an impressive line-up of teachers and backers, including Kimberlee Sue Moran, current FBI forensic examiner and cryptanalyst, and Thomas Mauriello, former special agent with the US Department of Defense.

Legislation and the future of federal cybersecurity

From FCW:

Legislation and the future of federal cybersecurity

Cybersecurity continues to be at the forefront of national focus, thanks to Congress’ passing and the president’s signing of three cybersecurity-related bills last December.

Destroying your hard drive is the only way to stop this super-advanced malware

From PCWorld:

Destroying your hard drive is the only way to stop this super-advanced malware

A cyberespionage group with a toolset similar to ones used by U.S. intelligence agencies has infiltrated key institutions in countries including Iran and Russia, utilizing a startlingly advanced form of malware that is impossible to remove once it's infected your PC.

Cyberespionage: You’re Not Paranoid, Someone Is Spying on Your Company

From DarkReading:

Cyberespionage: You’re Not Paranoid, Someone Is Spying on Your Company

By now you, your peers, and your board should have accepted that cyberespionage is real, active, and not going away. Whether it is a customer or competitor, country or criminal, someone wants to know a lot more about you. They could be looking for intellectual property to steal, product or inventory details to strengthen their negotiating position, customer information to use or sell, or hundreds of other items. Their goal could be getting a better price, gaining a competitive advantage, disrupting your efforts, stealing your customers, or something equally as nefarious.

In the Age of Data Breaches

From Symantec's Official Blog:

In the Age of Data Breaches

When I think of the cyber security realm, three characteristics come top of mind- Velocity, Volume and Variety. These three facets of the attack landscape make security a consistently moving target. It’s one of the only verticals where an active attack actor can change the state of an industry with a touch of keyboard.

Hacker Claims Feds Hit Him With 44 Felonies When He Refused to Be an FBI Spy

From Wired:

Hacker Claims Feds Hit Him With 44 Felonies When He Refused to Be an FBI Spy

A year ago, the Department of Justice threatened to put Fidel Salinas in prison for the rest of his life for hacking crimes. But before the federal government brought those charges against him, Salinas now says, it tried a different tactic: recruiting him.

25 billion Cyberattacks hit systems in Japan during 2014

From Security Affairs:

25 billion Cyberattacks hit systems in Japan during 2014

The National Institute of Information and Communications Technology revealed that more than 25 billion cyberattacks hit  systems in Japan during 2014.

Arid Viper – Israel entities targeted by malware packaged with sex video

From Security Affairs:

Arid Viper – Israel entities targeted by malware packaged with sex video

Attackers behind the Arid Viper and the Yanbian Gang exploited sex  content for their campaigns against victims in Israel and Kuwait, and South Korea.

Visual hacking exposed

Back in the day we called this "shoulder surfing"  If someone is standing next to you and you have to enter a password, PIN ... it's NOT rude to politely ask them to turn around or take a few steps back so they cannot see what you're entering.

From Help Net Security:

Visual hacking exposed

While most security professionals focus on thwarting data breaches from cyber attacks, a new study exposes visual hacking, a low-tech method used to capture sensitive, confidential and private information for unauthorized use, as an under-addressed corporate risk.

Cybercrime fighters target human error

From Nature.com (?!?!?!):

Cybercrime fighters target human error

It would be easy to blame the poor soul at Sony Pictures Entertainment who opened the door to one of the most disastrous hacks in history just by clicking an e-mail link. As US President Barack Obama pointed out during a visit to Stanford University in California on 13 February, user negligence is often the key to a successful cyberattack.

Yes, You Can Afford a Hacker

From The Daily Beast:

Yes, You Can Afford a Hacker

Want to break into your partner’s email? Got a few hundred bucks lying around? You can afford your very own hacker.

Darkleaks: An online black market for selling secrets

From Help Net Security:

Darkleaks: An online black market for selling secrets

Whistleblowers and those individuals that are simply out to make a buck out of any confidential and valuable information, can now offer it for sale on Darkleaks, a decentralized, anonymous black market on the Internet.

Hackers force closure of Canadian Bitcoin exchange Cavirtex

From Sophos Naked Security:

Hackers force closure of Canadian Bitcoin exchange Cavirtex

Canadian Bitcoin exchange Cavirtex has announced its imminent closure following an apparent security breach.

Massive, Decades-Long Cyberespionage Framework Uncovered

From ThreatPost:

Massive, Decades-Long Cyberespionage Framework Uncovered

CANCUN–Researchers at Kaspersky Lab have uncovered a cyberespionage group that has been operating for at least 15 years and has worked with and supported the attackers behind Stuxnet, Flame and other highly sophisticated operations. The attackers, known as the Equation Group, used two of the zero days contained in Stuxnet before that worm employed them and have used a number of other infection methods, including interdicting physical media such as CDs and inserting their custom malware implants onto the discs.

Kaspersky outs hard drive infecting malware

From Bit-Tech:

Kaspersky outs hard drive infecting malware

Anti-virus researchers at Kaspersky Labs have uncovered evidence of what they claim is the most sophisticated malware operation in history, carried out by the Equation Group, including modules which have the ability to reprogram and infect the firmware of storage devices.

Malware infected about 16 million mobile devices last year

From Android Community:

Malware infected about 16 million mobile devices last year

Not that we don't know this one yet but millions of mobile devices have been infected by malware last year. According Alcatel-Lucent, a French telecommunications equipment company, malware affected about 16 million gadgets in 2014. The figure saw a 25 percent increase compared to the previous year. Mobile devices' malware infection rate is still at 0.68 perfect but mobile spyware is on the rise.

Hackers’ Op-Sec Failures Important Clues to Uncover APT Gangs

From ThreatPost:

Hackers’ Op-Sec Failures Important Clues to Uncover APT Gangs

CANCUN – Sophistication, resourcefulness and ingenuity are characteristics usually associated with state-sponsored espionage hacker groups. But they’re certainly not infallible.

Like most detective work, security analysts generally are able to toss back the covers on APT campaigns and major financial hacks because the bad guy makes a bad mistake – or two. Or three.

UK Computer Emergency Response Team (CERT) Introduction to Social Engineering

From PublicIntelligence.net:

UK Computer Emergency Response Team (CERT) Introduction to Social Engineering

The following guide to social engineering was released by the UK Computer Emergency Response Team (CERT) on January 21, 2015.

Skeleton Key Malware Analysis

From Dell SecureWorks:

Skeleton Key Malware Analysis

Dell SecureWorks Counter Threat Unit(TM) (CTU) researchers discovered malware that bypasses authentication on Active Directory (AD) systems that implement single-factor (password only) authentication. Threat actors can use a password of their choosing to authenticate as any user. This malware was given the name "Skeleton Key."

Kaminsky: DNS Insecurity Isn’t Coincidence, it’s Consequence

From ThreatPost:

Kaminsky: DNS Insecurity Isn’t Coincidence, it’s Consequence

CANCUN – “2015 got weird… really weird.” Those were some of the first words spoken by Dan Kaminsky in his talk today at the Kaspersky Security Analyst Summit Monday.

He was referring to a few key events from the last several weeks: the Sony hack debacle, or what he called “North Korean or Teenager?”; and President Obama’s stop at Stanford last week to stress further government/technology information sharing, to name a few. However Kaminsky, the co-founder and chief scientist at the security firm White Ops, confessed that it’s going to take more than just a proficient coder to solve today’s cybersecurity woes.

Data breaches up by 49% in 2014, exposing more than a billion records

From ComputerWeekly:

Data breaches up by 49% in 2014, exposing more than a billion records

Cyber criminals compromised more than a billion data records in 2014 in more than 1,500 breaches, according to the latest breach report from Gemalto.

This represents a 49% increase in data breaches and a 78% increase in the number of data records stolen or lost compared with 2013, which works out at 32 records lost or stolen every second.

Every internet-connected device is a potential privacy risk

From The Age:

Every internet-connected device is a potential privacy risk

Samsung's warning that its Smart TV may collect and send sensitive data online might seem alarming, but it's certainly not the only device in your house snooping on you.

US-China tensions build on cybersecurity

From The Hill:

US-China tensions build on cybersecurity

Tensions over cybersecurity are building between the U.S. and Beijing after the latest string of hacking attacks in the United States, some of which have been traced back to China.

The two countries have dug in their heels on differing approaches to cybersecurity and don’t appear ready to budge, experts say.

Defeating TrueCrypt: Practical Attacks against TrueCrypt Security

From the InfoSec Institute:

Defeating TrueCrypt: Practical Attacks against TrueCrypt Security

The need to defend confidentiality of our sensitive information against persistently rising cyber threats has turned most of us toward using encryption on a daily basis. This is facilitated by easy-to-use GUI tools like TrueCrypt that offer advanced encryption without hassles. TrueCrypt offers ‘on-the-fly’ encryption, which means we do not have to wait for large files to decrypt after entering the correct passphrase; files are immediately accessible. Many of us have come to trust TrueCrypt to defend extremely sensitive personal and business secrets. However, there is no such thing as absolute security. Vulnerabilities always exist, and in this paper we look at some of the ways in which TrueCrypt security can be “beaten”. Please note that these attacks may not target a flaw in TrueCrypt itself, but rely on ‘bypassing’ TrueCrypt security or taking advantage of user negligence.

Banking trojan Dyreza generating 'tens of thousands' of malicious emails a day

From The Guardian:

Banking trojan Dyreza generating 'tens of thousands' of malicious emails a day

British customers of banks including NatWest, Barclays and HSBC are being targeted by a wave of malicious emails attempting to install the Dyreza malware on their computers.

What is the Deep Web? A First Trip Into the Abyss

From The Hacker News Network:

What is the Deep Web?  A First Trip Into the Abyss

According several researches the principal search engines index only a small portion of the overall web content, the remaining part is unknown to the majority of web users.
What do you think if you were told that under our feet, there is a world larger than ours and much more crowded? We will literally be shocked, and this is the reaction of those individual who can understand the existence of the Deep Web, a network of interconnected systems, are not indexed, having a size hundreds of times higher than the current web, around 500 times.

Canada's next-generation military smart gun unveiled

This has absolutely nothing to do with cybersecurity.  This is just one hi-tech badass weapon.

Canada's next-generation military smart gun unveiled

Looking every bit like a weapon from a science fiction movie, the latest integrated assault rifle prototype being developed for the Canadian Armed Forces (CAF) is packed with some very smart weapons technology. Along with the ability to fire new lightweight telescoped ammunition, and a secondary effects module that adds either a three-round 40 mm grenade launcher or a 12-gauge shotgun, there is also a NATO-standard power and data bus to allow the attachment of smart accessories, such as electro-optical sights and position sensors that connect to command and control networks.

Chinese Bitcoin exchange Bter hacked, $1.75 million worth of cryptocurrency stolen

From The Next Web:

Chinese Bitcoin exchange Bter hacked, $1.75 million worth of cryptocurrency stolen

Even as Bitcoin is starting to shake things up in the US, all is not well in the cryptocurrency world. China-based Bitcoin exchange Bter was hacked on Valentine’s Day and $1.75 million worth of Bitcoin was stolen.

Smart phones help cyber crime: Top cop

From The Times of India:

Smart phones help cyber crime: Top cop

AURANGABAD: City police commissioner Rajender Singh on Saturday emphasized on creating awareness among internet users to prevent cybercrime. He said the widespread use of internet and smart phones has paved way for unconventional channel of crimes that are difficult to investigate.

Employees vulnerable to cyber crime

From The Scotsman:

Employees vulnerable to cyber crime

EMPLOYEES are the chief source of cyber crime against companies, and healthcare data is a key target, writes Gareth Mackie

Mobile Malware Mostly Infecting Android Devices Rises Steadily

From eWeek:

Mobile Malware Mostly Infecting Android Devices Rises Steadily

Data gathered from cellular networks show that 0.68 percent of mobile devices are infected with malware, with 99 percent of the infected devices running Android.

Pakistan arrests cyber criminals wanted by FBI, Interpol

From the Deccan Times:

Pakistan arrests cyber criminals wanted by FBI, Interpol

Bank Hackers Steal Millions via Malware

From the NY Times:

Bank Hackers Steal Millions via Malware

PALO ALTO, Calif. — In late 2013, an A.T.M. in Kiev started dispensing cash at seemingly random times of day. No one had put in a card or touched a button. Cameras showed that the piles of money had been swept up by customers who appeared lucky to be there at the right moment.

The Anonymity Network At Risk

From TechCrunch:

The Anonymity Network At Risk

You don’t have to watch NCIS to know that almost everything we do leaves some kind of trail or trace. Every click of the Internet and every post we make, email we send and file we download are all being tracked by someone somewhere. Unless, of course, it isn’t.

Phishing attacks increasingly target financial data

From Help Net Security:

Phishing attacks increasingly target financial data

28.8 percent of phishing attacks last year aimed to steal financial data from consumers, according to a new report by Kaspersky Lab. The results show how cybercriminals have shifted their focus from banks to payment systems and online shopping websites.

The limits of prevention-centric security programs

From Help Net Security:

The limits of prevention-centric security programs

In an analysis of tens of thousands of malicious files, Damballa discovered that it can take more than six months for traditional AV tools to create signatures for 100% of the files. With 'time to breach' a critical component in damage control in today's threat environment, the analysis further underlines the importance of adopting a proactive stance to threat detection.

Don’t dig a well when your house is on fire

Whether your SMB/SOHO relies on a hosting provider or is looking to use the services of one inquire as to whether or not they use DDoS protection.  If they do, ask them about it.  If they don't, keep looking.

From SecurityBistro:

Don’t dig a well when your house is on fire

Relying on human intervention to mitigate DDoS attacks is like digging a well when your house is on fire.  When it comes to ensuring service availability and maintaining uptime and SLAs, hosting providers should use minimal (if any) manual intervention when defending against a DDoS attack.  Instead, real-time DDoS mitigation will allow providers to eliminate data center outages and collateral damage within the hosted environment.  The following is a real-world example of real-time DDoS protection, utilizing purpose built DDoS protection technology, coupled with sophisticated visibility, reporting and analytics capabilities.

Report: Mobile commerce fraud increased in 2014

From Mobile Payments Today:

Report: Mobile commerce fraud increased in 2014

Revenue that mobile commerce merchants lost to fraud spiked 70 percent in 2014 to 1.36 percent compared with 0.80 percent in 2013, according to a new report from LexisNexis Risk Solutions Inc. For comparison, all merchants lost 0.68 percent of revenue to fraud in 2014 in comparison to 0.51 percent in 2013.

How to remotely install malicious apps on Android devices

From Security Affairs:

How to remotely install malicious apps on Android devices

Security researchers discovered how to install and launch malicious applications remotely on Android devices exploiting two flaws.

Discovered 40000 vulnerable MongoDB databases on the Internet

From Security Affairs:

Discovered 40000 vulnerable MongoDB databases on the Internet

Three German students have discovered that tens of thousands of MongoDB databases running as a service or website backend were exposed on the Internet.

How cyber-cops are taking the fight to online fraudsters

From the BBC:

How cyber-cops are taking the fight to online fraudsters

When it comes to fighting cybercrime, law enforcement agencies are facing an uphill struggle.

Lack of resources, conflicting international jurisdictions, and the borderless nature of the internet, all make catching coder criminals particularly difficult.

Visa to track travelers’ smartphones to cut fraud

From The Columbus Dispatch:

Visa to track travelers’ smartphones to cut fraud

NEW YORK — Those days of calling your bank to let them know that, yes, you really are in Thailand, and yes, you really did use your credit card to buy $200 in sarongs, could be coming to an end.

This is a crucial year to combat cybercrime

From The Sacremento Bee:

This is a crucial year to combat cybercrime

On Friday, the White House is hosting a cybersecurity summit at Stanford University on how to keep us all safe from cybercriminals throughout the world who work tirelessly to wreak havoc on our economy. This summit is bringing together experts from across many fields to brainstorm on how to prevent cyberattacks in the future and stay one step ahead of the bad guys.

Read more here: http://www.sacbee.com/opinion/op-ed/soapbox/article9900719.html#storylink=cpy

Private Eye Is Said to Face Prosecution in a Hacking

From the NY Times:

Private Eye Is Said to Face Prosecution in a Hacking

Private investigators may be the newest front for federal prosecutors in cracking down on the hacker-for-hire business.

Exclusive: Obama set to announce executive order on cybersecurity threat data

From Reuters:

Exclusive: Obama set to announce executive order on cybersecurity threat data

(Reuters) - President Barack Obama is expected to announce an executive order directing the government and companies to share more information about cybersecurity threats in response to attacks like that on Sony Entertainment.

Cyber warfare – Cyber Space and the status quo balance of power; dichotomy or symphony? How Technology backfires

From Security Affairs:

Cyber warfare – Cyber Space and the status quo balance of power; dichotomy or symphony? How Technology backfires

Cyber warfare is becoming the most progressive warfare domain after the Second World War. Which global actors benefit the most from this capability.

The value of personal data in the criminal underground

From Security Affairs:

The value of personal data in the criminal underground

Which is the cost of personal data in the criminal underground? How cyber criminals steal personal data? Which is the cashout process?

CTB-Locker Ransomware Spoofs Chrome and Facebook Emails as Lures, Linked to Phishing

From TrendLabs Security Intelligence Blog:

CTB-Locker Ransomware Spoofs Chrome and Facebook Emails as Lures, Linked to Phishing

We recently talked about recent improvements to the CTB-Locker ransomware. To recap, the malware now offers a “free decryption” service, extended deadline to decrypt the files, and an option to change the language of the ransom message.

Patched Windows Kernel-Mode Driver Flaw Exploitable With One Bit Change

From ThreatPost:

Patched Windows Kernel-Mode Driver Flaw Exploitable With One Bit Change

The vulnerabilities addressed in this month’s Patch Tuesday security bulletins from Microsoft have been a mashup of critical bugs affecting most supported versions of Windows and Internet Explorer that could pave the way for attackers to gain complete control of affected systems.

Security professionals warn against relying on cyber insurance

Organizations small and large should have cyber insurance.  Take the time to sit down with your agent and do a comprehensive review of the policies available to you.

From ComputerWeekly:

Security professionals warn against relying on cyber insurance

Security professionals have warned businesses not to rely on cyber insurance in the face of increased cyber attacks.

The warning comes after the head of the largest Lloyd’s of London insurer, Stephen Catlin, said cyber attacks are now so dangerous to global businesses that governments should step in to cover the risks.

Infosec and the Blame Game

From Infosecurity Magazine:

Infosec and the Blame Game

In a previous article I used the phrase: “In security, it can be your job to put your job on the line.” A good friend and colleague responded to me via Twitter with two words: “That’s dysfunctional!” Insofar as this can be read as career self-sacrifice, I concur.

Exploiting DNS Poisoning in Brazilian Boleto Fraud Scheme

From Security Affairs:

Exploiting DNS Poisoning in Brazilian Boleto Fraud Scheme

In recent months Brazilian criminal crews have started using DNS poisoning technique to target Brazilian Boletos.

Cybersecurity prep seen as mounting task for small U.S. advisers

From Reuters:

Cybersecurity prep seen as mounting task for small U.S. advisers

(Reuters) - Financial regulators are increasingly zoning in on brokerages' vulnerability to computer hackers, a focus likely to hit smaller financial services firms especially hard as they try to convince examiners that their safeguards are up to snuff.

Vulnerability Research and Disclosure: Evolving To Meet Targeted Attacks

From Trend Labs Security Intelligence Blog:

Vulnerability Research and Disclosure: Evolving To Meet Targeted Attacks

Recently, both HP’s Zero Day Initiative (ZDI) and Google’s Project Zero published vulnerabilities in Microsoft products (specifically, Internet Explorer and Windows 8.1) because Redmond did not fix them within 90 days of the vulnerabilities being reported.

Pwn2Own Hacking Contest Shrinks Exploit Prize Pool

From ComputerWorld:

Pwn2Own Hacking Contest Shrinks Exploit Prize Pool

ISIS-Aligned ‘CyberCaliphate’ Hackers Go After Military Spouses of Strength

BASTARDS!!!

From Breitbart:

ISIS-Aligned ‘CyberCaliphate’ Hackers Go After Military Spouses of Strength

The CyberCaliphate, an ISIS-affiliated hacker group, is sure to make a great deal of American blood boil with their latest stunt: they hijacked the Twitter account of a support group for called Military Spouses of Strength, which “aims to improve mental health awareness by providing resources and knowledge through tangible programming” in the words of their mission statement.

How do you solve a problem like cybercrime?

From Information Age:

How do you solve a problem like cybercrime?

Despite cyber security being on business agendas for several years now, 2014 was, if anything, more prolific than ever for breaches. Is it time organisations got real about security?

Cyber Security Surprise: Dating Apps Are a Risk to Employers

From The Fiscal Times:

Cyber Security Surprise: Dating Apps Are a Risk to Employers

The millions of people using dating apps on company smartphones could be exposing themselves and their employers to hacking, spying and theft, according to a study by International Business Machines Corp.

A Crypto Trick That Makes Software Nearly Impossible to Reverse-Engineer

From Wired:

A Crypto Trick That Makes Software Nearly Impossible to Reverse-Engineer

Software reverse engineering, the art of pulling programs apart to figure out how they work, is what makes it possible for sophisticated hackers to scour code for exploitable bugs. It’s also what allows those same hackers’ dangerous malware to be deconstructed and neutered. Now a new encryption trick could make both those tasks much, much harder.

How the Sony Breach Changes Cybersecurity

From The Wall Street Journal:

How the Sony Breach Changes Cybersecurity

How one man could have deleted any photo album he could see on Facebook

From Sophos Naked Security:

How one man could have deleted any photo album he could see on Facebook

Facebook is probably the biggest database of photographs ever compiled.

We upload around 350 million photos to the world's most popular social network every day. Facebook users aren't quite as busy sharing photos as the kids who use Snapchat or WhatsApp but they're not far off, and they've been doing it a lot longer.

Financial cyber threats in 2014: things changed

From SecureList:

Financial cyber threats in 2014: things changed

In 2013 we conducted our first in-depth research into the financial cyber-threat landscape. At that time we registered a sudden surge in the number of attacks targeting users' financial information and money. The financial cyber threats landscape was discussed in detail in Kaspersky Lab's "Financial Cyber-threats in 2013" report.