Week in review: First Android bootkit, Global Payments breach, and how to do BYOD the right way

Here’s an overview of some of last week’s most interesting news, podcasts, interviews, videos and articles:

Penetration testing tips, tricks and unusual situations
Raul Siles is a senior security analyst with more than 10 years of expertise performing advanced security services. In this interview, Raul talks about unusual and interesting situations he encountered while working as a penetration tester, outlines practical tips for those interested in a penetration testing career, lists his favorite tools, profiles his upcoming training workshop at SANS Secure Europe 2012, and more!

Cloud computing trends that will affect cloud strategy
Continual monitoring of cloud computing trends, with regular updates to the enterprise’s cloud strategy, will be essential to avoid costly mistakes or miss market opportunities over the next few years, according to Gartner.

1.5 million cards compromised in Global Payments breach
A massive breach of the processing system of Atlanta-based Global Payments has been confirmed by the company.

Researchers link string of breaches to Chinese man
Security researchers rarely managed to trace hacking attacks back to a person or a specific entity, but it seems that Trend Micro experts have succeeded in tying a former Sichuan University student to a string of breaches of computers belonging to Tibetan activists and a number of Japanese and Indian companies.

Potential first Android bootkit spotted
Dubbed DKFBootKit, the malware piggybacks malicious payloads into legitimate apps that require root privilege.

Five steps to enhance mobile device security
There are numerous behaviors and capabilities that users can adopt to help them mitigate risks and enhance the security of mobile devices without introducing debilitating restrictions or limiting functionality that make them less useful.

ISO 27001 implementation: How to make it easier using ISO 9001
ISO 27001 and ISO 9001 may seem like quite different standards, but when you take a closer look at both, you can find a lot of similarities.

Pastebin to speed up takedown of sensitive information
The owner of Pastebin.com, the preferred pastebin site of Anonymous-affiliated hackers, is looking to clean up the site’s image by improving detection and removal of posts containing stolen personal, financial and login information.

UK govt to introduce new email and web usage monitoring law
The UK Conservative-Liberal Democratic Coalition government is trotting out a new version of the controversial Interception Modernisation Programme (IMP) that was proposed by the previous Labour government but was never realized due to their loss at the elections and the poor support for the bill.

Mac Trojan infects machines via unpatched Java bug
Flashback Trojan variants have been targeting Mac users since September 2011, and they have gone through a variety of changes and techniques aimed at achieving its installation and avoiding its detection.

Fake US Airways emails lead to Zeus variant
A US Airways-themed spam campaign aiming at infecting users with a variant of the Zeus banking Trojan has been hitting inboxes for the last two weeks, says Kaspersky Lab expert Dmitry Tarakanov, but warns that it is definitely not the only one employed by the criminals behind the scheme.

Video: InfoSec World Conference & Expo 2012
Taking place in Orlando, Florida, the primary objective of InfoSec World is providing education to all levels of information security and IT auditing professionals. Help Net Security has attended and here you can see a closer look of the conference.

How to do BYOD the right way
In this podcast recorded at Infosec World 2012, Mike Moir, Product manager with Entrust, talks about consumerization and the bring-your-own-device phenomenon, and points out the three key elements businesses need to take into consideration when opting for the BYOD approach.

Cybercriminals target Google, LinkedIn and Mass Effect 3 users
During March 2012, GFI Labs documented several spam attacks and malware-laden email campaigns infiltrating users’ systems under the guise of communications purporting to be from well-known companies and promotions for popular products and services.

Europe’s largest infosec training event
In this interview, Gareth Dance, Conference Director, EMEA, SANS Institute, talks about SANS Secure Europe 2012.

Instagram users targeted with spam
It’s almost a given that any social service, network or app that attracts a large number of users will eventually be facing the spam and scam problem. It happened to Facebook, Twitter, YouTube, Pinterest and many others, and Instagram – the popular photo sharing application and the network of users that grew up around it – is no exception.

Microsoft gains innovative security ideas at a low cost
April 1 marked the deadline for submissions for this year’s edition of Microsoft’s BlueHat Prize competition and, according to Katie Moussouris, a senior security strategist at Microsoft, twenty qualified proposals were accepted for evaluation.

User activity monitoring crucial to minimizing security risks
In this podcast recorded at RSA Conference 2012, Matthew Ulery, Director of Product Management with NetIQ, talks about need for user activity monitoring that involves your contractor’s and various services’ employees as well as your own.

SMS-controlled Android malware records calls
Dubbed TigerBot, the Trojan hides by not showing any icon on the home screen and takes the names and icons of popular and common Google and Adobe apps like “Flash” or “System” in order to blend in with the legitimate apps installed on the phone.

It’s official, corporate passwords are cheap
Nearly 50 per cent of employees would readily sell their corporate passwords for less than £5, according to Ping Identity.

Sophos finds unauthorized RATs on server, takes partner portal offline
“Two unauthorized programs were found on the server, and our preliminary investigations indicate that these were designed to allow unauthorized remote access to information,” announced the company, and added that they have taken the server in question offline for the time being.




Share this