Week in review: New C++ bugs, preventing insider threats, and gamifying threat detection

Here’s an overview of some of last week’s most interesting news, podcasts and articles:

Redefining security visualization with Hollywood UI design
Most security interfaces today leave a lot to be desired, and many security pros are gaming enthusiasts, accustomed to a sharp and engaging virtual world. ProtectWise CEO Scott Chasin and CTO Gene Stevens wanted to give them a helpful security tool with an interactive visual dashboard that looks straight out of Call of Duty.

Researchers get $100k for detecting emerging class of C++ bugs
They have also created CAVER, a runtime bad-casting detection tool, and have successfully used it to test software such as Chrome and Firefox.

Cisco spots attackers hijacking its networking gear by modifying firmware
Cisco has issued an official warning about in-the-wild attacks that resulted in attackers gaining and potentially keeping administrative access to a Cisco IOS device indefinitely.

Fraudsters steal nearly $47 million from Ubiquiti Networks
The incident involved employee impersonation and fraudulent requests from an outside entity targeting the Company’s finance department.

HTC phone stores fingerprints in easily accessible plaintext
Unlike passwords, fingerprints can’t be changed, and once compromised, they remain compromised forever.

Defending the enterprise in an increasingly complex environment
Standard defence mechanisms set in place by IT teams might have been effective until now, but as more technologies carve their way in the enterprise, the larger the attack surface grows.

Angler EK exploits recently patched IE bug to deliver ransomware
At the moment, Angler exploit kit is using the IE exploit to fling Cryptowall ransomware at unsuspecting victims. It can do so successfully because the vulnerability allows the attacker to gain the same user rights as the current user.

IoT devices: The good, the bad and the ugly
Cognosec has revealed critical security flaws in ZigBee, one of the most popular wireless communication standards used by Internet of Things (IoT) devices today.

Darkhotel spying crew boosts attacks with Hacking Team exploit
Not known to have been a client of Hacking Team, the Darkhotel group grabbed the files once they became publicly available.

Severe deserialization vulnerabilities found in Android and third-party Android SDKs
The bug (CVE-2015-3825) can be used to turn malicious apps with no privileges into “super” apps that will allow cyber attackers to thoroughly “own” the victim’s device.

How to prevent insider threats in your organization
Time and again, organizations of all sizes and in all industries fall victim to insider threats: disgruntled, malicious insiders – employees, former employees, contractors or business associates – who want to hurt the company or make money, or, more often, bumbling or indifferent employees who accidentally put sensitive company information at risk.

Kali Linux 2.0 released: New 4.0 kernel, improved hardware and wireless driver coverage
Kali Linux 2.0 comes with a 4.0 kernel, now based on Debian Jessie. It features improved hardware and wireless driver coverage, support for a variety of Desktop Environments (gnome, kde, xfce, mate, e17, lxde, i3wm), and much more.

Insider trading ring hacked into newswire services, raked in $100M based on stolen info
The US Securities and Exchange Commission announced civil fraud charges against 32 defendants for taking part in a scheme to profit from stolen nonpublic information about corporate earnings announcements.

Researchers hack Corvette via SMS to plugged-in tracking dongle
A team of researchers from the University of California, San Diego, have managed to hack a Corvette via specially crafted SMS messages sent to a tracking dongle (i.e. a telematic control unit) plugged into the car’s On-Board Diagnostics port (OBD-II) port.

Script injection vulnerability discovered in Salesforce
Elastica discovered an injection vulnerability in Salesforce which opened the door for attackers to use a trusted Salesforce application as a platform to conduct phishing attacks to steal end-users’ login credentials and hijack accounts.

Revisiting takedown wins: Are users in the developing world getting left behind?
We have all seen the headlines: another botnet dismantled, and we can all rest easy that the threat that has been plaguing us for all those years is now no longer an issue. After the headlines, however, the hardest task begins – a task that garners no headlines and really typifies the challenge that all of us within the information security industry face.

Risk Fabric: Automated predictive security analytics platform
In this podcast recorded at Black Hat USA 2015, Anil Nandigam, Senior Director Product Marketing at Bay Dynamics, talks about Risk Fabric, an automated predictive security analytics platform that works with existing enterprise security systems to protect organizations from threats.

Google’s Android Stagefright patch is flawed
The security update released by Google last week does not provide a complete defense against attackers taking advantage of the recently unearthed Stagefright Android vulnerability, Exodus Intelligence researchers have found.

Cloud security: Integrated global CDN with DDoS mitigation and WAF
In this podcast recorded at Black Hat USA 2015, John McIlwain, Director of Product Management will discuss CDNetworks’ newly launched Cloud Security solution – CDN fully integrated with intelligent, next generation, behavioral WAF technology and DDoS mitigation.

Researcher hacks house arrest tracking system
Tracking ankle bracelets that some criminals are forced to wear after being senteced to home detention can be hacked, allowing them to exit the house and go wherever they want without the police being none the wiser.

Dealing with a difficult data legacy
Customer call recording and storage is now standard practice across a variety of industries, as well as a Financial Conduct Authority (FCA) requirement in many cases. But these ‘legacy’ call recordings regularly contain sensitive payment and personal data that must be (but often isn’t) properly safeguarded.

Getting better results from threat intelligence analysis and management
In this podcast recorded at Black Hat USA 2015, Allan Thomson, CTO at LookingGlass, discusses the changing threat landscape, the quality, relevance, and usability of threat intelligence data, as well as the ScoutVision 5 solution.




Share this