Week in review: Trojanized Netflix app, new Sony attack and German government’s Trojan/backdoor

Here’s an overview of some of last week’s most interesting news, articles and photos:

Most social networks users don’t keep up with privacy settings changes
The proliferation and usage of mobile devices is exponentially growing, as is consumers’ dependence on the Web, causing many to lose sight of the importance of keeping their personal information and social media profiles secure and protected.

163 new advanced evasion techniques discovered
Stonesoft announced it has delivered 163 new advanced evasion technique (AET) samples for global vulnerability coordination. The new samples include AETs over a number of various protocols, including IPv4, IPv6, TCP and HTTP.

Massive international identity theft operation shut down
111 individuals have been indicted in the largest identity theft takedown in U.S. history. The defendants, members of five organized forged credit card and identity theft rings based in Queens County and having ties to Europe, Asia, Africa and the Middle East, are charged in ten indictments with stealing the personal credit information of thousands of unwitting American and European consumers and costing these individuals, financial institutions and retail businesses more than $13 million in losses over a 16-month period.

Demystifying cloud computing security
Phil Neray is the VP, Data Security Strategy, InfoSphere Guardium & Optim at IBM. In this interview Phil talks about the complex issues surrounding cloud computing security, offers insight into what companies migrating to the cloud can expect and lines up tips for those who have to consider migrating to a cloud computing solution for mission-critical IT services.

Government telecommunication-spying malware opens backdoor
The Chaos Computer Club claims that a government-made “lawful interception” Trojan has abilities that exceed those allowed by the nation’s legislature and that those features can be easily misused by third parties through a series of design and implementation flaws.

U.S. military drones hit by computer virus
An unnamed virus with a “keylogger” payload has been found in the computers used to operate U.S. Air Force’s Predator and Reaper remotely operated drones.

Don’t worry about zero-days, says Microsoft
Microsoft released its Security Intelligence Report volume 11 (SIRv11), which found that less than 1 percent of exploits in the first half of 2011 were against zero-day vulnerabilities. In contrast, 99 percent of all attacks during the same period distributed malware through familiar techniques, such as social engineering and unpatched vulnerabilities.

Fake virus warning from company IT department brings real malware
The email contains a warning of an infection of the users’ computer and asks them to download an antivirus to clean it up.

October 2011 Patch Tuesday fixes 23 vulnerabilities
In this month’s Patch Tuesday, Microsoft delivered 8 security bulletins (two rated “critical,” six “important”) that address 23 vulnerabilities affecting Internet Explorer, .NET Framework & Silverlight, Microsoft Windows, Microsoft Forefront UAG and Microsoft Host Integration Server.

Two state-sponsored groups responsible for RSA breach
Two distinct groups were behind the March attack against RSA’s networks, said RSA president Tom Heiser, and they seem to have been directed in their efforts by a single nation-state.

Photos: The look and feel of RSA Conference Europe 2011
Help Net Security is attending RSA Conference Europe 2011 in London this week. Here’s an overview of the event in photos.

90,000 accounts compromised in new Sony attack
60,000 PlayStation Network and Sony Entertainment Network accounts and 33,000 Sony Online Entertainment accounts have been compromised during what Sony describes as a testing of a “massive set of sign-in IDs and passwords” against their network database.

40% of SMBs suffered breach due to unsafe Web surfing
40 percent of small and medium-sized businesses have suffered a security breach due to unsafe web surfing, and nearly one-third still do not have a policy to govern the use of social networking sites.

SANS London 2011 training
Andrew Smith is the Managing Director, EMEA, for the SANS Institute. In this interview he discusses the SANS London 2011 training event and offers insight into what exactly you can expect if you decide to expand your information security knowledge this December.

Security pros say that hackers have the upper hand
Interviews with 1,967 professionals at the recent Cisco Live and Black Hat USA conferences found that more than 75 percent of network management and security professionals believe that automated tools give hackers the upper hand in evading the defensive systems utilized by most enterprises to protect their critical assets and data.

WineHQ database breached; Fedora Project forces password change
“What we know at this point that someone was able to obtain unauthorized access to the phpmyadmin utility,” wrote developer Jeremy White. We do not exactly how they obtained access; it was either by compromising an admins credentials, or by exploiting an unpatched vulnerability in phpmyadmin.”

How to conduct an internal audit according to ISO 27001 and BS 25999-2
To achieve the best benefits, the internal audit should be done continually, but at least once a year before the certification audit. Register for this webinar to learn how.

Trojanized Netflix app steals account login credentials
Cyber criminals have also taken advantage of the gap between supply and demand and have pushed out a Trojanized version of the app bent on stealing the users’ account login credentials.

When it comes to intrusions, size matters
A survey of enterprise IT managers and network administrators that has been conducted annually since 2005 shows that there has been a gradual increase in smaller enterprises experiencing intrusions of their user machines, office network, and/or servers, while intrusion rates for large enterprises have fluctuated in the last three years.

What threats can we expect in October?
Fraudulent online storefront promising cheap HP Touchpads, poisoned search engine results targeting users searching on Yahoo and Bing, and spam promising a US green card have targeted people during September, says GFI.

How the German “Federal Trojan” was actually used
After the CCC hackers made public the results of their analysis of a few samples of the so-called “Federal Trojan” and found it capable of more than just monitoring VoIP conversations, the Bavarian Interior Minister made sure to state that it was used only for telecommunication surveillance of suspects and only in investigations involving “serious crime”, i.e. that threatened citizens’ “life, limb or liberty”. Except, as it turns out, it isn’t strictly true.




Share this