Week in review: White House Military Office breach, Brian Honan on infosec pros and the Incapsula review
Here’s an overview of some of last week’s most interesting news, videos, reviews and articles:
Interesting times for information security professionals
Our modern lives, economies and societies rely more and more on the digital realm than ever before. This ever increasing reliance on technology brings with it many new threats and also amplifies existing threats.
Visual Android Trojan as virtual theft aid
The name of the malware in question is PlaceRaider, and its goal is to surreptitiously take photos with Android smartphones’ built-in camera in order for attackers to be able to recreate a 3D model of the user’s indoor environment and steal all kinds of information.
Inside SANS London 2012
Matt Anderson is the Director, EMEA at SANS Institute. In this interview he talks about SANS London 2012, Europe’s biggest and most important information security training event.
HD Moore: The wild west
D Moore is the CSO of Rapid7 and Chief Architect of Metasploit. In this video, recorded at Derbycon last week in Kentucky, he talks about ghost towns, highways, and seedy underpasses of the information super-highway, diving deep into the “best of the worst” and other notables of what passes for modern communication.
IEEE password compromise was due to proxy “anomaly”
Romanian researcher Radu Dragusin has revealed last week that he found the usernames and passwords of 100,000 members of the Institute of Electrical and Electronics Engineers (IEEE) unencrypted on a FTP server, available for anyone to stumble upon.
White House Military Office breached by Chinese hackers
According to unnamed sources, the attackers managed to get into one of the U.S. government’s most sensitive computer networks, but it seems that protective measures allowed the breach to be quickly detected and blocked.
Pen-testing Cookie Cadger continues where Firesheep left off
Cookie Cadger is an open source pen-testing tool made for intercepting and replaying specific insecure HTTP GET requests into a browser.
DDoS attacks reach new level of sophistication
The DDoS attacks have been launched in the last week using the so-called itsoknoproblembro DDoS toolkit. The malicious actor(s) behind the attacks have used this potent tool in conjunction with sophisticated attack methods that clearly demonstrate knowledge of common DDoS mitigation methods.
Twitter account hijacking exposes easy-to-exploit security flaw
The hijacking of the Twitter account that belongs to user Daniel Dennis Jones and his subsequent investigation into the matter has revealed a Twitter security weakness that makes it easy for hackers to do the same to all users that employ short and uninventive password.
Incapsula: Enterprise-grade website security
Over the last few years, small to medium businesses has seen a huge increase in website attacks. Website owners are seeking for affordable and effective tools to protect their websites from hackers, spammers, scrapers and DDoS attacks. Incapsula can definitely answer those needs: a cloud-based service that provides seamless enterprise-level security protection and performance optimization for web sites.
Universal Man in the Browser attack targets all websites
Trusteer have discovered a new Man in the Browser (MitB) scam that does not target specific websites, but instead collects data submitted to all websites without the need for post-processing. This development, which they are calling Universal Man-in-the-Browser (uMitB), is significant.
Hackers leak 120,000+ records raided from top universities
Team GhostShell, a hacker group affiliated with Anonymous, has leaked online information from over 120,000 user accounts stolen from the databases of over 100 higher education institutions.
NIST selects winner of SHA-3 competition
The National Institute of Standards and Technology (NIST) announced the winner of its five-year competition to select a new cryptographic hash algorithm, one of the fundamental tools of modern information security.
Why more bandwidth won’t save your network
A Vanson Bourne Omnibus survey of 100 IT managers in large UK enterprises revealed the trends that will affect the WAN over the next few years as the performance of the WAN, the foundation of the globally connected enterprise, comes increasingly under threat as networks choke with data.
Google alerts users about new state-sponsored attacks
Google has started pushing out new alerts on Tuesday – as evidenced by a slew of U.S. journalists, researchers and foreign policy experts who said they already received the warning.
Europe joins forces in massive simulated cyber attack
Hundreds of cyber security experts from across the EU are testing their readiness to combat cyber-attacks in a day-long simulation across Europe on Thursday. In Cyber Europe 2012, 400 experts from major financial institutions, telecoms companies, internet service providers and local and national governments across Europe faced more than 1200 separate cyber incidents (including more than 30 000 emails) during a simulated DDoS campaign.
Bogus Skype password change notifications lead to phishing
Users who haven’t recently initiated the password change themselves are in danger of believing that their account is in the process of being hijacked and following the offered links without thinking.
FTC cracks down on international tech support scams
The Federal Trade Commission has launched a major international crackdown on tech support scams in which telemarketers masquerade as major computer companies, con consumers into believing that their computers are riddled with viruses, spyware and other malware, and then charge hundreds of dollars to remotely access and “fix” the consumers’ computers.
HSTS approved as proposed standard
The HSTS is a web security policy mechanism that allows web servers to order browsers that connect to it or any of its subdomains to use a secure connection, and it does so via a HTTP response header field named “Strict-Transport-Security”.
Trojan disguised as image delivered via Skype messages
The spamming campaign has surfaced in the last few days and is being propagated via compromised Skype accounts.