Week in review: Cryptolocker copycat, CyanogenMod’s built-in SMS encryption, NSA uses Google cookies to track suspects
Here’s an overview of some of last week’s most interesting news and articles:
The DDoS debate: Multi-layered versus single solution
There is a DDoS debate in the cybersecurity industry about which solution is more effective – multi-layer or single. However, the argument is really more complex and must consider traditional defenses versus dedicated DDoS defenses, multi-provider (device or service) versus single provider (device or service), and layered defense in-depth versus single defender.
FBI used spying malware to track down terror suspect
Court documents related to a recent FBI investigation have revealed that the agency has been permitted to try to compromise with spying malware the computer of a potential terrorist in order to discover his identity and location.
DARPA’s games crowdsource discovery of software flaws
The Defense Advanced Research Projects Agency (DARPA) has developed a series of games aimed at discovering whether large numbers of non-expert users can perform formal software code verification faster and cheaper than trained experts would.
Popular holiday-themed phishing attacks
Which tactics should you train your employees look out for?
CyanogenMod introduces built-in SMS encryption
CyanogenMod developers have announced the fruit of several months of labor headed by Open Whisper Systems’ Moxie Marlinspike: a seamless implementation of TextSecure, the latter firm’s well-known and trusted SMS encryption solution.
FreeBSD ditches suspect hardware-based crypto
Buried in the “Security” section of a report on the FreeBSD Developer Summit held in September in Malta is a small but important note about the FreeBSD developers’ decision to stop using two hardware random number generators (RNGs).
US phone carriers and wireless surveillance of Americans
As part of his ongoing investigation into wireless surveillance of Americans by law enforcement, US Senator Edward J. Markey released responses from eight major wireless carriers that reveals expanded use of wireless surveillance of Americans, including more than one million requests for the personal mobile phone data of Americans in 2012 by law enforcement.
Disqus security flaw used to deanonymize online commenters
The flaw has been exploited by the non-profit organization Resarchgruppen at the behest of Swedish evening tabloid newspaper Expressen, and the goal was to discover the identities of the most prolific commenters on Sweden’s largest “hate speech sites” Avpixlat, Free Times, Exposed and Realist.
Android malware places secret calls to premium rate numbers
A mobile malware family dubbed MouaBad by Lookout researchers has lately been plaguing Chinese users with older versions (3.1 and earlier) of Android.
Free eBook – Self-Service Linux: Mastering the Art of Problem Determination
In Self-Service Linux, two IBM Linux experts introduce a four-step methodology for identifying and resolving every type of Linux-related system or application problem: errors, crashes, hangs, performance slowdowns, unexpected behavior, and unexpected outputs. You’ll learn exactly how to use Linux’s key troubleshooting tools to solve problems on your own – and how to make effective use of the Linux community’s knowledge.
NSA uses Google cookies to track and target suspects
Newly published documents from Edward Snowden’s trove show that the NSA and its British counterpart GCHQ use Google’s “preferences” cookies to follow suspects as they move around the Internet, and target them for later exploitation.
RAT-wielding attacker compromises poker player’s laptop
The laptop of a high-profile Finnish poker player has been found to contain spying malware after the device was stolen from and then returned to his room in a 5-star hotel in Barcelona.
How cyber squatters and phishers target antivirus vendors
llegal online activities such as phishing and typosquatting are growing at an alarming rate. To understand the issue in detail High-Tech Bridge analyzed 946 domains that may visually look like a legitimate domain (for example replacement of “t” character by “l” character, or mutated domain names such as “kasperski.com” or “mcaffee.com”) or that contain typos (e.g. “symanrec.com” or “dymantec.com”).
Flaw in Nvidia’s rendering software allows hijacking of “computer farms”
A vulnerability in Nvidia mental ray, an extremely popular 3D-rendering software that is often used on “render farms”, could allow attackers to take control of said farms, and use their massive computational power for their own nefarious purposes.
Flawed Android app devkit puts users in danger of MitM attacks
Not all SDKs are the same – in fact, many are borderline malicious, seeking and taking advantage of permissions that have nothing to do with those needed by the app to do its work. Among these is Widdit.
64-bit Zeus Trojan version found and analyzed
Infamous banking Trojan Zeus can now be used to steal information via 64-bit versions of web browsers, and has the capability of connecting to its C&C server via the Tor anonymity network, Kaspersky Lab researchers have shared.
Facebook users hit with phishing and malware combo attack
It all starts with a message from a Facebook friend, claiming that the user or one of his relatives or friends has had his car stolen. The user is asking for help: “Do you know / recognize the thieves? Here are the pics [TUMBLR LINK REMOVED].”
Top 100 Android apps hacked in 2013
One hundred percent of the Top 100 paid Android apps and 56 percent of the Top 100 paid Apple iOS apps have been hacked.
Security implications of Google’s decision to display images in Gmail by default
This Thursday, Google announced that it will, once again, be displaying attached images in emails sent to Gmail users by default. The images will now be served through Google’s own secure proxy servers and not their original external host servers, allowing Google to check every image before displaying it, and block those that contain known malware.
Easy-to-remember, difficult-to-crack passwords via visual cues
A group of researchers from Carnegie Mellon University’s School of Computer Science believe they might have solved the problem of choosing and, above all, remembering complex and diverse passwords that are simultaneously difficult to crack by attackers.
Cryptolocker copycat targets US, European users
A Cryptolocker copycat has been spotted targeting users in the US, Europe and Russia, but it looks that this new ransomware is less deadly that the original that inspired its creation.