Week in review: Targeted attacks exploiting Windows flaw, massive Utah data breach and Flashback malware fallout

Here’s an overview of some of last week’s most interesting news, podcasts and articles:

Smart meters vulnerable to false data injection
False data injection attacks exploit the configuration of power grids by introducing arbitrary errors into state variables while bypassing existing techniques for bad measurement detection.

Poor internal security processes spell disaster
Poor internal security management processes present more risk than malicious threats. More than 50 percent of an AlgoSec survey respondents incurred a system outage due to an out-of-process change.

An unsecured computer is worse than an unlocked home
In a survey of 1,637 Internet users aged 18 and older, Webroot asked respondents to gauge the perceived threat level of dangerous offline behaviors, such as driving without a seatbelt or automobile insurance, versus risky online behaviors like sharing an online password or using an unsecured WiFi connection.

Utah data breach numbers 750K+ victims
Social Security numbers of some 280,000 Medicaid and Children’s Health Insurance Plans users and “less sensitive” information on 500,000 more of them has been exfiltrated from a Utah Department of Technology Services’ computer server by unknown attackers, making this breach the largest in state history.

The next step in BYOD security
The effect of granting enterprise access to personal devices does have direct implications on security, information ownership, device/network control and even helpdesk resources.

Zeus targets cloud payroll service to siphon money
In the latest example of financial malware targeting enterprises, Trusteer has discovered a Zeus attack that focuses on cloud payroll service providers.

Malware-laden cards delivered with HP switches
HP issued a security a security bulletin notifying buyers of its ProCurve 5400 zl switches that the compact flash cards contained in it might be infected with a virus.

Legitimate Chinese app stores riddled with security holes
If you are an Android user, you are surely aware of the fact that Chinese third-party app stores are where most malware for that particular OS has its debut. But, as it turns out, the app stores run by two of the biggest Chinese mobile operators are not without security vulnerabilities themselves.

Microsoft warns of targeted attacks exploiting Windows flaw
With the April Patch Tuesday, Microsoft has issued six bulletins – four critical, two important – and has delivered patches for 11 vulnerabilities. One particular bulletin (MS12-027) stands out and patching the vulnerability (CVE-2012-0158) documented in it should be considered a priority, as Microsoft shared that it is currently being exploited in the wild.

Zero-permission Android app exports sensitive data
As we already know, the “permission” security model mostly fails to protect users because many of them aren’t prepared to give up on installing a particular app even though the permission it asks could be exploited for data exfiltration and other even more malicious goals. But what about apps that don’t ask for any permission? What (if anything) are they able to access and exfiltrate?

Trojanized Angry Birds offered for download
The extreme popularity of Rovio’s Angry Birds mobile game has made it and its special editions perfect for luring unsuspecting users into downloading malware.

Flashback botnet shrinks, downloads of Mac AV software rise
News that nearly two percent of all Mac users have had their computers infected by the Flashback malware which roped them into a 600K strong botnet has hit the Mac community with the realization that their machines are not as secure as they believed and hoped they are.

HSBC customers under phishing attack
Customers of HSBC, one of the largest banking and financial services organizations in the world, are currently being targeted with a fake warning of account suspension.

0-day in Backtrack Linux found, patched
A zero-day vulnerability affecting the last version of Backtrack Linux has been spotted by a student during an Ethical Hacking class organized by the InfoSec Institute.

Apple pushes out Flashback removal tool
Apple has finally released a Flashback malware removal tool bundled with two new Java security updates – one for OS X Lion and one for Snow Leopard users.

Assorted ransomware targeting users
Trend Micro researchers have spotted a ransomware variant that overwrites the Master Boot Record (MBR) – very similar to ones detected last year, and the year before that – and F-Secure, Bitdefender and Dr. Web researchers have all practically simultaneously discovered a variant that encrypts all documents, images and shortcuts.

Stuxnet was planted via infected memory stick
If a report by Industrial Safety and Security Source is to believed, current and former US intelligence sources have confirmed that Israel’s intelligence agency Mossad is responsible for the worm’s introduction into the plant’s systems.

The sad reality of data security
In this podcast recorded at RSA Conference 2012, Bill Morrow, executive chairman and CEO at Quarri Technologies, talks about data breaches and data security, and points out the key actions that enterprises should take in order to minimize the risk of data theft.

Boeing to develop highly secure smartphones
The Boeing Corporation has been working on an Android-based, highly secure mobile phone and aims to launch it later this year.

Can we expect a cyber attack on the smart grid?
The vulnerability of the energy industry’s new wireless smart grid will inevitably lead to lights out for everyone, according to leading cyber expert David Chalk.

More about

Don't miss