Week in review: Feds clone TorMail server, first Android bootkit, SpyEye creator pleads guilty

Here’s an overview of some of last week’s most interesting news, interviews, articles and reviews:

Which e-commerce sites do more to protect your password?
A Dashlane roundup assesses the password policies of the top 100 e-commerce sites in the US by examining 24 different password criteria that they have identified as important to online security, and awarding or docking points depending upon whether a site meets a criterion or not.

Knox: Mac file encryption and backup
You may be aware of the fact that OS X comes with Disk Utility, a tool that enables you to create encrypted disk images. In case you’re wondering why you’d pay for a third-party application to perform something that’s already available in your OS, read on.

Microsoft reveals law enforcement documents were stolen in latest hack
With a short blog post, Microsoft has announced on Friday that unknown hackers might have accessed and exfiltrated information regarding law enforcement information requests from a number of compromised employee email accounts.

Feds arrest Bitcoin Foundation vice chairman and Bitcoin exchanger
The US Department of Justice has announced the arrest of and the unsealing of criminal charges in Manhattan federal court against Robert Faiella (also known as “BTCKing”), an underground Bitcoin exchanger, and Charlie Shrem, the Chief Executive Officer and Compliance Officer of a Bitcoin exchange company, for engaging in a scheme to sell over $1 million in Bitcoins to users of “Silk Road.”

Fully functional trojanized FileZilla client steals FTP logins
Trojanized versions of the hugely popular FileZilla FTP client are being offered to unsuspecting users via hacked websites with fake content.

Android bootkit infects 350,000 devices
The first ever Android Trojan with bootkit capabilities has been discovered and analysed by Dr.Web researchers, who warn that the malware is already operating on some 350,000 mobile devices around the world.

Blackholing effect reduces cyber attack risk to regulated data
FireHost announced trends for the attacks it blocked from its clients’ web applications in Q4 2013. Security experts have noted that the company’s most recent Superfecta data on attempted cyberattacks could provide evidence of a “blackholing’ effect.

Feds cloned TorMail server with future investigations in mind
TorMail users engaged in illegal activities might have felt more than a twinge of anxiety when it was confirmed last summer that the FBI took control of Freedom Hosting’s servers. In any case, a recently published court filing will likely make them very afraid.

Java-based malware hits Windows, Mac and Linux
The Trojan is written wholly in Java, and exploits an unspecified vulnerability (CVE-2013-2465) in the JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier.

Smartphone spying: How can users protect themselves?
Smartphone users need to realise that their mobile phone is less of a phone and more of a mobile computer, in which applications can collect data from other applications installed on the same device. Some, such as browsers, can also access browsing history information from other machines belonging to the same user as well.

CISSP practice exam and study guide
The ExamForce ISC2 CISSP practice exam provides their triple testing mode to instantly set a baseline of your knowledge and focus your study where you need it most. It contains 650+ questions, multiple-choice answers and detailed explanations.

SpyEye creator pleads guilty
Aleksandr Andreevich Panin, a Russian national also known as “Gribodemon” and “Harderman,” has pleaded guilty to conspiracy to commit wire and bank fraud for his role as the primary developer and distributor of the SpyEye banking Trojan.

Many Android apps can track your location, access photos
An alarming proportion of Android applications can find and open private photographs on smartphones, track users’ locations, divulge e-mail addresses over the internet and leak address books and phone logs, according to an analysis of 836,021 Play Store Android applications.

VPN bypass attack possible also on Android KitKat
Security researchers at Ben Gurion University in Israel are on a roll when it comes to discovering Android security flaws, and they revealed the existence of a critical flaw in the latest mobile OS version.

Check Point discovers critical vulnerability in MediaWiki
Check Point found a critical vulnerability in the MediaWiki project Web platform, a popular open source Web platform used to create and maintain ‘wiki’ Web sites. The MediaWiki platform includes Wikipedia.org, with over 94 million unique visitors per month.

“Honey Encryption” overwhelms attackers with fake results
Former RSA chief scientist Ari Juels is working on an innovative approach at encryption that could make cyber crooks’ like a lot more difficult.

How to recover deleted or corrupted digital currency
The popularity of Bitcoin and other digital / cryptographic currency cannot be denied. Different users like using it for different reasons, but many agree that the question of keeping their stash safe is something that occasionally keeps them up at night.

Researchers uncover months-old POS malware botnet
RSA researchers have recently discovered the entire server infrastructure used in a global PoS malware operation that targets retailers in the US, Russia, Canada and Australia, and have managed to access part of it.

Data mining the future with security predictions
It has become somewhat of a tradition for information security vendors to pull out their crystal balls at the end of each year and do their best to predict interesting developments and threats for the coming months. It is also becoming a tradition for the security community to greet those predictions with emotions ranging from skepticism to sarcasm but in doing so we may actually miss out on an opportunity to better anticipate developing risks. That said, we need to watch out for hidden agendas embedded in those predictions of course.

GitHub sets up bug bounty program
Rewards will range from $100 up to $5000, and the actual amounts are to be decided by the team on a case to case basis, and by taking in consideration a number of factors.

Reactions to the Yahoo Mail hack
Unknown attackers have attempted to access a number of Yahoo Mail accounts and urged users to change their passwords even if they haven’t been affected. Here are some of the comments we received.

Canadian spy agency used free airport WiFi to track travelers
A new report based on documents provided by NSA whistleblower Edward Snowden will make Canadians question whether the country’s electronic spy agency does, as it claims, work inside the limits set by the law.

PoC mobile malware records swipes on touch screen smartphones
A security researcher has developed proof-of-concept malware capable of capturing screenshots and finger swipes on mobile devices, and is set to demonstrate his creation at the RSA Conference in San Francisco in February.

More about

Don't miss