Week in review: Flash, IE 0-days exploited in the wild, vulnerable routers, and the new issue of (IN)SECURE Magazine

Here’s an overview of some of last week’s most interesting news, reviews, articles and interviews:

(IN)SECURE Magazine issue 41 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 41 has been released today.

Exploring the complexity of modern cyber attacks
James Holley is an Executive Director at Ernst & Young LLP. In this interview he discusses the complexity of modern cyber attacks, the challenges involved in maintaining a growing security architecture, cyber attack drills, and much more.

Kickstarter suffers data breach
If you ever supported a Kickstarter project, you know by now that the popular crowdfunding platform has experience a data breach and that some of your information was compromised.

SEA hacks Forbes, steals and leaks 1M user records
Business news site Forbes and its registered users are the latest victims of the Syrian Electronic Army (SEA) hacker collective, which proved that they have broken into the company’s network and took off with a database containing over 1 million user and some Forbes’ staffers records.

Geographical passwords as a solution to the password problem
Security researchers and companies that are working on alternatives to the flawed password system have though of many different schemes, and the latest is passwords based on geographic coordinates.

Linksys announces firmware fix to neutralize “The Moon” worm
As Linksys (i.e. parent company Belkin) announced they were aware of “TheMoon” malware targeting its older routers and that they are working on a firmware fix, more details about the worm in question have been shared by researchers.

Removing admin rights mitigates 92% of critical Microsoft vulnerabilities
If malware infects a user with admin rights, it can cause incredible damage locally, as well as on a wider network. Additionally, employees with admin rights have access to install, modify and delete software and files as well as change system settings.

Half a million Belkin WeMo users are wide open to attackers
IOActive has uncovered multiple vulnerabilities in Belkin WeMo Home Automation devices that could affect over half a million users. Belkin’s WeMo uses Wi-Fi and the mobile Internet to control home electronics anywhere in the world directly from the users’ smartphone.

New detection system spots zero-day malware
A group of researchers has created a new infection detection system that can help Internet service providers and large enterprises – or anyone running large-scale networks – spot malware attacks that antivirus and blacklisting solutions can’t.

Epidemic of cyber attacks compromising healthcare organizations
A new SANS-Norse report reveals many findings and salient conclusions.

Lessons learned from blocking 100 million cyber attacks
Using real-life data from the 100m+ malicious hack attempts FireHost blocked in the last 12 months, they produced a Superfecta report which contains a quarter-by-quarter guide to the biggest cybercrime trends and incidents in 2013, including expert analysis from both FireHost’s IT security teams and partners.

70% Android devices vulnerable to released remote access exploit
The recent release of a Metasploit module that allows attackers to remotely access (“get shell”) on most Android-running devices has again raised a very good question: “How can we force carriers and sellers to deliver security updates to users in a timely manner?”

800M exposed records make 2013 record year for data breaches
Despite oft repeated claims that the insider threat is the one organizations should be looking out for, the numbers and statistics related to 2013 data breaches show that risk is much smaller than the one related to attacks coming from the outside.

Malicious mobile apps on Google Play up 400 percent
RiskIQ announced research findings on the presence of malicious apps contained in the Google Play store. The company found that malicious apps have grown 388 percent from 2011 to 2013, while the number of malicious apps removed annually by Google has dropped from 60% in 2011 to 23% in 2013.

Two hacker groups used same IE 0-day exploit in recent attacks
The recently spotted watering hole attacks aimed at the visitors of the official website of the US Veterans of Foreign Wars and of a bogus website mimicking that of the French aerospace association GIFAS might not be, after all, the work of the same threat actors.

Microsoft issues Fix it for critical IE 0-day exploited in attacks
The vulnerability is easily triggered, and requires the targets to simply visit a specially crafted website hosting the exploit, or websites that accept or host user-provided content or advertisements that could exploit the vulnerability. It’s only a matter of luring users to such a site.

Nearly 310,000 affected in University of Maryland breach
University of Maryland is the latest higher learning institution to have suffered a data breach of considerable scope and proportions, as nearly 310,000 records of staff and students have been copied and exfiltrated from its networks.

Major vulnerability in Tinder dating app allowed user tracking
Include Security unveiled new research showing that users of the popular online dating app Tinder were at significant risk due to a vulnerability they discovered in the geo-location feature of the application. This vulnerability allowed Tinder users to track each another’s exact location for much of 2013.

Security vulnerabilities found in 80% of best-selling SOHO wireless routers
Tripwire has analyzed the security provided by the most popular wireless routers used in many small and home offices and found that 80 percent of Amazon’s top 25 best-selling SOHO wireless router models have security vulnerabilities.

Review: Cloud Essentials
A part of the popular Sybex Essentials series, this book tackles the basics of cloud computing, the pros and cons of public, private and hybrid clouds, talks about the different service models, strategies on cloud adoption, and touches on cloud security, privacy and compliance.

Security awareness training: Why it matters
Dr. Peter Lokhorst is Managing Director of InfoSecure BV, which is currently in seven countries and provides awareness training programs to international clients including Procter & Gamble, European Central Bank, Deutsche Telecom and Bayer.
In this interview he discusses the value of security awareness programs, the challenges involved in teaching employees, and provides advice to CISOs interested in introducing security awareness training into their organization.

Adobe fixes Flash 0-day
Adobe released their second out-of-band update for Adobe Flash this month. APSB14-07 fixes three vulnerabilities in Adobe Flash, including CVE-2014-0502 which is being used in the wild to attack users through malicious webpages.




Share this