Week in review: Massive DDoS attack targets Spamhaus, Amazon S3 buckets leaking, and cyber espionage deterrence

Here’s an overview of some of last week’s most interesting news, podcasts, videos and articles:

What do users look for in a security solution?
Users are aware of the dangers in the Internet and most of them are already using a security solution, say the results of AV-Comparatives’ annual survey that polled 4,715 computer users from around the world.

Employees deliberately ignore security rules
A recent survey from Lieberman Software reveals that more than 80% of IT security professionals believe that corporate employees deliberately ignore security rules issued by the IT department.

Digital cameras easily turned into spying devices, researchers prove
Newer cameras increasingly sport built-in Wi-Fi capabilities or allow users to add SD cards to achieve them in order to be able to upload and share photos and videos as soon as they take them. But, as proven by security researchers with German-based IT consulting firm ERNW, these capabilities also have security flaws that can be easily exploited for turning these cameras into spying devices.

Hacking for good: Kickstart a documentary about hackers in Uganda
Hackers For Charity is a non-profit that provides food, equipment and computer education to the world’s poorest citizens. Their aim is to teach people IT skills they can use to support themselves and their families.

The data backup and disaster recovery market
Mike Coney is the President and CEO of Unitrends, talks about their product line as well as the company expansion in Europe. Unitrends is used by IT professionals for backup of their virtual and physical servers and for performing disaster recovery to remote locations or to private or public cloud.

Chinese university tied to “APT1” army cyber unit
Collaboration between academic researchers and those employed by intelligence agencies is practically non existent in the U.S., but it seems that Chinese researchers have no qualms about working together and such ties are not frowned upon.

Real-time apps and FTP are preferred malware targets
Palo Alto Networks published an analysis of new and evasive malware in live enterprise networks. Their findings show that traditional antivirus solutions are not identifying the vast majority of malware infecting networks via real-time applications such as web browsing.

Stuxnet attack was illegal under international law, experts say
The Tallinn Manual on the International Law Applicable to Cyber Warfare – the recently released tentative rulebook on what actions should and should not be considered or allowed during cyber conflicts involving states – has raised a lot of interest in security circles.

Activists now targeted with trojanized backdoor apps
Attackers seem to have finally recognized the fact that many users often access their emails via their mobile phones, as Kaspersky Lab researchers have recently spotted Uyghur-themed emails delivering a malicious program for Android.

UK sets up cyber attack information exchange center
In an effort to help its private and public sector companies combat the cyber attacks and cyber espionage efforts directed their way, the UK government has launched a new “cyber partnership” that will provide them with practical information about ongoing attacks.

Most IT admins considering quitting due to stress
The number of IT professionals considering leaving their job due to workplace stress has jumped from 69% last year to 73%, underlining the increasingly challenging business landscape in the UK and the growing emphasis being placed on IT to help businesses grow, thrive and compete.

Thousands of Amazon S3 buckets left open exposing private data
Cloud hosting and cloud storage is all the rage, but there are still some common pitfalls that many organizations overlook. In this article Will Vandevanter, Security Researcher at Rapid7, walks through an issue that seems to be coming up a lot – exposed Amazon S3 buckets.

Researcher sets up honeypot to counterattack, identifies attackers
Security researcher Alexey Sintsov, who is also a co-founder the first Defcon community group in Russia, has effectively protected himself from legal repercussions by making attackers pick up the malware themselves from a clearly forbidden zone (protected by a password / invite code) of the honeypot he set up on the group’s website.

Massive DDoS attack targets Spamhaus
The international non-profit organization, which tracks spam-related activity and provides a blacklist of IP blocks used by known spamming outfits that is used by the majority of anti-spam filters out there, has apparently been targeted by Dutch hosting provider Cyberbunker and/or its spamming customers.

Computer forensic examiners are from Mars, attorneys are from Venus
The outcome of high stakes investigations and litigation can often depend on the evidence uncovered through computer forensic investigation. That fact highlights the critical nature of the forensic examiner-attorney relationship at the heart of forensic investigation.

Malware analysis: Collaboration, automation and training
In this video from Shmoocon 2013, Richard Harman teaches you how to set up a virtualized analysis environment that is suitable for solo analysis, training a classroom of students, passing an analysis VM between analysts, and a self-service analysis “session” playback of previous analysis sessions.

Ideas for deterring cyber espionage attacks
There has been much talk about whether the cyber espionage attacks should be considered acts of war, and about what can be done to prevent them. Retaliation being hard to justify because of the difficulties surrounding correct attack attribution in cyberspace, many experts have been mentioning the need for effective attack deterrence – whether the attacks have been linked to particular states or not.

A look at how consumers safeguard their devices
While consumers who have lost a smartphone or had one stolen in the past are significantly more likely to be taking basic protective measures with their current device, nearly one-third have still not learned their lesson.

The Phoenix Project: A Novel About IT, DevOps, and Helping Your Business Win
This book is about doing IT work in a challenging, fast-paced environment with shrinking budgets, inadequate equipment, and (sometimes) corrupt databases.

Backdoor Trojan picks up commands from Evernote account
The backdoor – dubbed Vernot – can perform all the usual things malware of this kind does: it harvests system information and sends it to a remote server (or even possibly to the same Evernote account it picks its commands from), and can download, execute, and rename files.

8 in 10 companies suffered web-borne attacks
The vast majority of organizations that allow employees to freely access the Web are experiencing high rates of malware threats, including phishing attacks, spyware, keyloggers and hacked passwords, according to Webroot.

Microsoft releases privacy and security guide for policy makers
Microsoft released the third volume of its popular policymaker booklet, Building Global Trust Online, which includes considerations and guidance for a number of new safety-related topics, including combating human trafficking, online bullying and botnets.

US starts gradually removing Chinese IT equipment from federal systems
A new law concerning funds given to U.S. federal agencies has been signed by President Obama, and it says that Departments of Commerce and Justice, NASA, and the National Science Foundation must consult with the FBI on whether they can acquire an information technology system “produced, manufactured or assembled by one or more entities that are owned, directed or subsidized by the People’s Republic of China.”

SCADA security
Amol Sarwate is the Director of Vulnerability Labs at Qualys. In this video, recorded at RSA Conference 2013, Sarwate introduces SCADA security.

Spammers bypass spam filters with Google Translate links
Spam filters work by evaluating (among other things) the reputation and the destination of links included in emails, so spammers are attempting to bypass the filters by making the first “jump” to a instinctively trustable Google domain, and then to a poorly maintained URL shortener.

More about

Don't miss