Week in review: LinkedIn password leak, iOS security guide published, Flame spreading via Windows Update
Here’s an overview of some of last week’s most interesting news, videos and articles:
Consumers confused about data breaches
According to more than 700 survey respondents, 72 percent of people who received notification of a data breach were dissatisfied with the communication and often felt the need for more information.
UGNazi attack 4chan, CloudFlare
Visitors to 4chan have recently been automatically redirected to the Twitter account of hacker group UGNazi, and an investigation into the matter revealed that the attack has been executed through a change of 4chan’s DNS records by the hands of the hackers.
Apple publishes iOS security guide
Apple has a reputation for being extremely reticent when it comes to discussing security in public. Consequently, the news that the Cupertino-based giant has actually published an iOS security guide that details these features will surely surprise many.
Win8’s AV will kick in after other solutions stop working
Gary Davis, director of global consumer product marketing for McAfee, has revealed that Windows 8 will have built-in antivirus protection in the guise of “Windows Defender”, which will activate itself if it doesn’t detect another active AV solution.
Passing the internal scan for PCI DSS 2.0
This article provides insight on the updated PCI DSS requirement, highlighting the need for internal vulnerability scanning (“perform quarterly internal vulnerability scans”), which was less visible in previous versions.
Flame abused Windows Update to spread
Initially, Kaspersky Lab experts thought computers were infected via an unknown 0-day vulnerability, as fully patched Windows 7 machines were being infected over the network in a very suspicious manner.
Researchers bypass Google’s Android Bouncer
As a way of announcing their upcoming talk at the SummerCon conference, researcher Jon Oberheide has shown how he and Charlie Miller succeeded in discovering just what kind of virtual environment Bouncer uses and how it might be vulnerable.
Flame’s massive C&C infrastructure revealed
Day after day, new details are discovered by security researchers that seem to prove the talent and the apparently unlimited resources that the authors of the Flame toolkit had at their disposal.
How fraudsters are disguising PCs to fool device fingerprinting
Trusteer came across a tutorial published in underground forums that explains how to circumvent fraud detection systems that use device identification to track and detect anomalous transaction and access patterns.
Google warns Gmail users of state-sponsored attacks
Google will start warning users that might be targeted by state-sponsored attackers with clear alerts that pop up above their Gmail inboxes no matter what browser they use.
6.5 million LinkedIn passwords apparently leaked
It has been a tough 24 hours for LinkedIn. First they were accused of storing users’ potentially confidential private and business information on the company servers without their knowledge, and then it has been discovered that a batch of what are allegedly the LinkedIn passwords of some 6.5 million users was published on a Russian forum. Read more about the ramifications of the LinkedIn password leak.
World’s largest biometric database
In the last two years, over 200 million Indian nationals have had their fingerprints and photographs taken and irises scanned, and given a unique 12-digit number that should identify them everywhere and to everyone. This is only the beginning, and the goal is to do the same with the entire population (1.2 billion), so that poorer Indians can finally prove their existence and identity when needed for getting documents, getting help from the government, and opening bank and other accounts.
Android spying app masquerades as Gmail
A new piece of Android malware that has recently been unearthed by NQ Mobile researchers is capable of logging text messages and phone calls, as well as record them, and send them to a remote server controlled by attackers.
The rise of Tumblr and Google Play spam campaigns
In May, GFI threat researchers observed a number of attacks focused on Tumblr users including two spam campaigns centred around a fake “Tumblr Dating Game” which lead to surveys, fake advertising spam asking for personally identifiable information in exchange for ad revenue generated by the victim’s tumblelog, and a phishing site posing as the Tumblr login page.
eHarmony confirms leak of their users’ passwords
Another collection of passwords – containing 1.5 million unsalted MD5 hashes – was leaked. The analysis of the already cracked passwords that were included pointed to the popular dating site eHarmony.
Last.fm confirms password leak
Users who have logged in to the site were greeted by a warning asking them to change their password while the site investigates a security problem.
Beware of bogus Facebook hacking tools
Trend Micro’s Smart Protection Network has recently unearthed a suspicious file that claims to be such a tool (“Facebook Hacker Pro”), and which obviously can come in hand only if its user has physical access to the machine of the user whose Facebook account he wants to crack.
Make your pentester work harder for his money
In this video recorded at Infosecurity 2012, Wolfgang Kandek, CTO at Qualys, talks about their recent research dealing with Java. Many modern exploits use Java as a stepping stone to gain access to a system. While this has been common on computers running Windows for some time, recently Mac OS X users have become targets as well.
Facebook unveils new mobile security measures
Facebook has introduced three security updates for protecting its mobile users: a code generator, the ability to report unwanted content on your phone, and improved mobile recovery flows.
New BIOS rootkit spotted
Towards the end of 2011, a Chinese company detected the first rootkit ever that targeted computers’ BIOS in order to be able to reinfect computers over and over again, even after the hard drive is physically removed and replaced. Fast forward to the present, and a second BIOS rootkit – dubbed Niwa!mem – has been detected by McAfee. Initially a rootkit that infected the Master Boot Record (MBR), its latest variant became a “BIOSkit”.