Week in review: Critical WP bug allows site hijacking, WhatsApp gets end-to-end encryption

Here’s an overview of some of last week’s most interesting news and articles:

The evolution of threat detection and Big Data
Mark Gazit is the CEO of ThetaRay, a specialist in threat detection. In this interview he talks about leveraging Big Data to secure networks, the advantages of using math-based anomaly detection as well as the evolution of threat detection in the past decade.

Malicious Tor exit node is run by MiniDuke APT actors
The malicious Tor exit node located in Russia that added malicious code to the software downloaded by users has been tied to the APT actors wielding the MiniDuke backdoor.

US State Department targeted by hackers
Around the same time the unclassified network of the Executive Office of the US President was breached, the same thing happened to some computer systems belonging to the US State Department.

Suspected WireLurker creators and distributors arrested in China
Three individuals been arrested by the Beijing Municipal Public Security Bureau in connection to the WireLurker OS X and iOS malware being served to users of Maiyadi, a popular Chinese third-party online app store.

Secure file storage and sharing with nCrypted Cloud
The Ponemon Institute recently published a report stressing the fact that organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees. nCrypted Cloud is an interesting offering that tackles this and other threats by adding a strong security layer to the data used and shared via popular cloud-based data storage providers.

Risk assessment benefits, best practices and pitfalls
Ryan Ward is CISO at Avatier. In this interview, he talks about the overlooked benefits of risk assessment, offers best practices for performing successful risk assessments, outlines the pre-requisites for becoming a risk assessment professional, and more.

Trojanized Android firmware found on inexpensive handhelds
It’s unfortunate, but true: we live in a world where even if we buy a brand new mobile phone, it’s no guarantee that it’s malware-free. Researchers from Russian AV company Dr. Web have unearthed a Trojan embedded directly in the firmware of numerous Android handhelds.

Top 5 fraud risk areas in the workplace
Limited knowledge and awareness about what constitutes confidential information is putting UK businesses at risk of falling victim to fraud if these materials are not securely destroyed.

Open Whisper Systems helps WhatsApp achieve end-to-end encryption
The immensely popular Whatsapp instant messenger has the potential to become an even more attractive option for users, as the company has partnered with Open Whisper Systems to implement the latter’s TextSecure protocol into their clients.

ITIL and ISO 20000 problem management
Remember this situation? You’re running Windows. The blue screen forces you to reboot your PC. And then it happens again. Incident Management = reboot your PC. And your service (usage of PC) is available again. Problem Management = figuring out what actually happened (why does that PC get the blue screen), and how to prevent such incidents from occurring.

New non-profit CA aims to make HTTPS use universal
To become ubiquitous, encryption must be easy to set up and easy to use, and that’s why the Electronic Frontier Foundation (EFF), Mozilla, Cisco, Akamai, IdenTrust, and researchers at the University of Michigan are working on setting up a new certificate authority.

Does cyber insurance help the CISO get a seat in the boardroom?
With increased media and consumer attention turned toward data and privacy protection, more and more companies are making strategic investments in tools and technology to protect their network infrastructure, making the security industry an approximately $80 Billion market by 2015.

Sophisticated Android-based botnet a danger to enterprise networks
A new, more sophisticated and more stealthy version of the NotCompatible Android Trojan continues to strengthen one of the most long-lived and advanced mobile botnets ever to exist (since mid-2012).

Windows Kerberos bug: How to detect signs of exploitation before the update?
Microsoft has shared more details about the critical elevation of privilege bug found in Microsoft Windows Kerberos Key Distribution Center (CVE-2014-6324) which is being exploited in “limited, targeted attacks” in the wild, and has once again urged admins and users to apply the issued patch.

The 2014 Firewall Buyers Guide
Make an informed decision on the right firewall for your business with this guide from Palo Alto Networks, which gives you the fundamentals of modern firewall technology, the ten critical business requirements your next firewall needs to address, information on how to create a vendor request for proposal (RFP), and a functional test plan to assist in your firewall selection process.

How the threat landscape is shaping the network security business
Pat Calhoun is the Senior Vice President & General Manager, Network Security, at McAfee. In this interview he talks about constructing the strategic direction for McAfee’s Network Security business, he defines the Next Generation Firewall of the future, and much more.

New Citadel variant is after your master password
A good indication that the use of password managers has become a thing is the fact that cyber crooks are now trying to slurp up users’ master password for a number of these and additional authentication solutions.

Financial services cyber trends for 2015
To help financial services companies better anticipate future threats and identify new approaches to cyber security, Booz Allen has assembled its list of Cyber Trends for 2015 and beyond. The list is based on conversations with CISOs, CIOs, CPOs chief risk officers, and other leaders in the financial services sector, as well as Booz Allen’s own extensive analysis of cutting-edge cyber issues and threats.

IE “Unicorn” bug actively exploited in the wild
Last week, in its regular Patch Tuesday, Microsoft patched a number of serious vulnerabilities, including one that is nearly two decades old, dating back to Microsoft IE 3.0. It didn’t take long for someone to make publicly available a proof-of-concept exploit for the flaw, and it took even less time for this particular exploit code to be modified and used by cyber criminals.

Examining 1 billion transactions for fraud
ThreatMetrix analyzed nearly one billion transactions and is able to provide a representative summary of activity including account creation, payment and login fraud across industries.

User behavior intelligence in the expanding supply chain
Every business now has a connected ecosystem of partners; even the Department of Defense has a chain of suppliers connected by Internet access. Unfortunately, not all of these businesses are at the same level of sophistication when it comes to their security posture.

Hikvision DVRs sporting bugs that allow device hijacking
A while back, SANS ISC CTO Johannes Ullrich discovered that cybercrooks were targeting Hikvision Digital Video Recorders (DVRs) in order to infect them with bitcoin-mining malware. They were successful because the DVRs come with a default administrative account “admin” with password “12345,” and these are often left unchanged by users. Digital Video Recorders are usually used to record surveillance footage inside and outside office buildings and private houses and, unfortunately, default accounts and passwords are not their only weak spot.

Millions of WordPress websites in danger due to easily exploitable bug
A new WordPress version has been released, and you better update to it, as it patches a critical cross-site scripting flaw that can be exploited by attackers to compromise your site.

Detekt government surveillance spyware on your computer
Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation and Privacy International have partnered to create and release a free and open source tool for detecting traces of known surveillance spyware on Windows computers.




Share this