Week in review: Becoming a malware analyst, South Korean cyberattacks, Apple implements two-step verification for iCloud accounts

Here’s an overview of some of last week’s most interesting news, videos, podcasts, reviews and articles:

Becoming a malware analyst
If you’re considering a future in malware research, this article might just tip you towards it, as malware analysts share their experiences and thoughts.

Massive casino scam pulled off via CCTV system compromise
A high-rolling player has been thrown out of a casino in Australia after having successful executed a scam that involved compromising of the gambling establishment’s CCTV system, using it to gain insight into the other players’ hands, and ultimately winning a little over $34 million.

Data breaches in higher education
TeamSHATTER reports on data breaches in the higher education vertical throughout the United States.

Who is attacking industrial control systems?
Review the results of a recent report by a Trend Micro researcher who set up honeypot architecture emulating a number of of SCADA and ICS devices and featuring typical vulnerabilities found on similar systems.

Unified identity services across data center, mobile and cloud
Tom Kemp is co-founder and CEO of Centrify Corporation, and in this podcast recorded at RSA Conference 2013, he talks about unified identity services, as well as a partnership with Samsung.

Andrew Auernheimer gets prison sentence for AT&T iPad “hack”
Andrew “weev” Auernheimer, security researcher and member of Goatse Security, has been handed a 41-month-long prison sentence for harvesting and publishing emails and AT&T authentication IDs of 114,000 early-adopters of Apple’s iPad in 2010.

Beware of fake Candy Crush apps on Google Play
Whenever a mobile game becomes hugely popular, it also becomes a great way for scammers and malware peddlers to lure users into unknowingly installing malicious apps on their devices.

Security firm publishes details about Java issue, asks for second opinion
Making good on their promise, Security Exploration has published technical details about a Java issue that they consider to be a security vulnerability, but Oracle has categorized as demonstrating “allowed behavior”.

Internal name SSL certificates could be exploited for MitM atacks
The Certificate Authority practice of issuing “Internal Name” certificates for private domains which are currently non-resolvable by the Domain Name System could be misused by attackers once new generic top-level domains (gTLDs) are introduced this year, warns the ICANN Security and Stability Advisory Committee (SSAC).

Massive Chameleon botnet steals $6M per month from advertisers
Dubbed Chameleon, the botnet numbers over 120,000 hosts located in the US, running Microsoft Windows and accessing the Web through a Flash-enabled Trident-based browser that executes JavaScript.

Making a case for security optimism
In this podcast recorded at RSA Conference 2013, Jeff Jones, Director at Microsoft Trustworthy Computing, takes a broad view of the industry and talks about making a case for security optimism.

Xbox Live accounts hack performed by attackers that hit Krebs and Honan?
Microsoft has confirmed that a number of Xbox Live accounts of their current and former employees have been compromised by attackers using “several stringed social engineering techniques”, but has denied that it stores or in any way utilizes users’ Social Security Numbers.

Chinese military hacker unit cleaning up its tracks
When the computer forensic and incident response firm Mandiant publicly released their report on the Chinese military hacking unit dubbed APT1, they predicted that the group will be changing their attack techniques and their general behavior.

Hacktivists leak info on undercover Montreal police officers
The names, phone numbers and job titles of thousands of police officers and other employees of the Montreal police department (Service de police de la Ville de Montreal, or SPVM) have been made public in a Pastebin post signed by “The People.”

Client-Side Attacks and Defense
It is natural for attackers to choose to strike where defenses are poorest. Servers and networks have become well-defended, so attackers are going for the users and their computers and devices. Client-side attacks are many and varied, and this books addresses them all.

Researcher ropes poorly protected devices into botnet to map the Internet
A fascinating but technically illegal experiment conducted by an anonymous researcher has witnessed over 420,000 Internet-connected devices being roped into a botnet that functioned as a distributed port scanner aimed at mapping IPv4 address usage across the Internet.

Unraveling the South Korean cyberattacks
Wednesday’s news that the networks of several South Korean broadcasting organizations and banks have been partially or entirely crippled by coordinated attacks has raised a lot of questions, the main of which is “who is behind the attacks?”

Researcher points out critical Samsung Android phone vulnerabilities
Tired of waiting for Samsung to fix a string of critical flaws in their smartphones running Android, Italian security researcher Roberto Paleari has decided to inform the public about the seriousness of the matter and maybe make the company pick up the pace.

Strategies of a world-class computer security incident response team
In this talk from Shmoocon 2013, Carson Zimmerman offers some observations on what it takes to do Computer Network Defense well in the modern IT enterprise. He presents ten fundamental qualities of an effective CSIRT that cut across elements of people, process, and technology.

Piracy and IP theft trouble software publishers
As a result of not implementing the right licensing models and security as a foundational pillar of their business, software developers are finding that they are losing revenue, seeing diminishing profitability and increasing the risk to their brand and overall reputation.

On US, China, cyber espionage, and cyber war
The accusations and recriminations lobbed back and forth between the United States and China regarding alleged state-sponsored cyber espionage attacks have become almost a daily occurrence for a while now.

Apple adds two-step verification option to iCloud accounts
The option is currently available only to users based in the US, UK, Australia, Ireland, and New Zealand, and is definitely an improvement over the previous additional protection mechanism that included security questions.

More about

Don't miss