Week in review: Bit9 hack, malicious applications of augmented reality, and Adobe 0-day mitigation
Here’s an overview of some of last week’s most interesting news, videos, reviews and articles:
Bit9 hacked, its certificates stolen and used to sign malware
Bit9, a security firm that provides software reputation, application control and whitelisting services to companies in the financial, technology, government and other sectors, has announced that it has suffered a breach that resulted in three of its customers to be infected with malware.
Myanmar journalists targeted with state-sponsored Gmail attacks
The warning – first introduced last June and then repeated on occasion – is popping up both for users whose accounts may have been compromised and for those whose accounts have not but are under attack.
Social engineering: Clear and present danger
Although many companies in the information security industry prefer to tackle challenges with sophisticated hardware, the art of lying continues to be a towering risk difficult to deal with.
Unintended, malicious and evil applications of augmented reality
Products have substantial flaws, technology designers seek ways to extract money from users, and many users twist well intentioned technology in ways the designers never expected, often involving baser instincts. These realities should come as no surprise to security professionals who are usually most effective when assuming the worst in people. One sure to be abused emerging technology is augmented reality.
Malware authors revert to phishing approach to trick bank defenses
Banking malware that performs Man-in-The-Browser tricks has had much success in the past. But Trusteer has discovered that Tinba and Tilon have been recently modified to try out a simpler approach: phishing and blocking users from the actual banking page.
Comment Group hackers specialize in high-profile targeted attacks
Most of the successful compromises believed to be executed by Chinese hackers in the last two, three years have been initiated by spear-phishing emails. Security experts consider a particular group of Chinese-based hackers that offer their services for hire to be behind most of these attacks, and they seem to be experts at sniffing out information that can be used to craft these emails.
Highlights from 450 global data breach investigations
Trustwave released details form a report that highlights details and trends from 450 global data breach investigations, 2,500 penetration tests, nine million Web application attacks, two million network and vulnerability scans, five million malicious websites, 20 billion e-mails as well as research and analysis of zero-day security threats.
Flickr bug made users’ private photos public
The photos were accessible to the public for 20 days, and it was impossible to change the setting back to “private” during this period.
TDoS-as-a-service ads pop up on publicly accessible forums
In the past, aspiring cybercriminals with no coding knowledge had to find a way into invite-only underground forums or had to spend hours in chat rooms to gain the trust of potential “colleagues” in order to acquire the tools they needed to have to start their life of cybercrime. But, times have changed, and providers of malicious tools and services have obviously been forced to start offering their wares on publicly accessible forums in order to attract new customers.
Windows 8 Inside Out
When Microsoft CEO Steve Ballmer launched Windows 8, he dubbed it a re-imagined operating system. When you introduce so many new features and a different UI, you’re going to have a lot of people that will need to adjust. This is where a book like Windows 8 Inside Out comes in handy.
11 arrested in takedown of prolific ransomware gang
The Spanish Police, working closely with the European Cybercrime Centre (EC3) at Europol, have dismantled the largest and most complex cybercrime network dedicated to spreading police ransomware (Reveton).
Infosec pros don’t trust their own networks
A SafeNet survey of 230 United States security professionals, revealed that, despite continued investments in network perimeter technologies, respondents are not confident that they are employing the right technologies to secure their high-value data.
Adobe offers mitigation for Reader 0-day attack, fix is yet to come
Adobe has confirmed FireEye researchers’ findings about new Adobe Reader and Acrobat zero-day vulnerabilities being exploited in the wild and has issued a security bulletin detailing the flaws and offering mitigation advice until a patch is released.
LA Times website redirected users to exploit kit for over six weeks
It is estimated that some 325,000 visitors were exposed to the attack.
Reactions to Obama’s Executive Order on cybersecurity
On February 12, we have witnessed U.S. President Barack Obama sign an Executive Order and issue a Presidential Policy Directive aimed at improving the cybersecurity of critical infrastructure. Both documents have been lauded by some and criticized by others.
Successful ways of undermining cybercrime ecosystems
Most cybercrime is carried out by a loose confederation of independent contractors who work together when necessary through online forums and “partnerkas” that allow them to pool their resources, but these online criminal networks can be foiled, according to a new report by the Digital Citizens Alliance.
iOS flaw used to bypass iPhone’s lockscreen
The passcode lock in iPhones running iOS 6.x can be bypassed and anyone can access the photos, address book, make phone calls and send messages and emails from it, and more, by simply repeating the combination of calls and clicks demonstrated in a video by YouTube user videosdebarraquito.
Most Americans think cyber warfare is imminent
A group of 1,021 adults in the U.S. over age 18 responded to the by Tenable Network Security survey last week, amid a surge of headlines about hacking of private networks from China and an Executive Order issued by President Obama demanding new cybersafety standards for government and corporate networks.
Researchers reveal the identity of a Chinese hacker
It all started with Joe Stewart, director of malware research at Dell SecureWorks, who when investigating an unusual piece of malware and the command nodes which it contacted discovered that many of them were registered under the names “Eric Charles” and “Tawnya Grilth”.