Week in review: Malicious Cisco router implants, .onion becomes a special-use domain name, and the new issue of (IN)SECURE Magazine

Here’s an overview of some of last week’s most interesting news, reviews and articles:


(IN)SECURE Magazine issue 47 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 47 has been released today.

Researchers find backdoor bug in NASA rovers’ real-time OS
A critical, remotely exploitable vulnerability in VxWorks, the world’s most popular real-time operating system (RTOS), can be exploited by attackers to gain backdoor access to the systems using it.

Behind the scenes at BruCON, a European hacker conference
Setting up a local conference seems to be a popular way for infosec pros that haven’t got the time or means to travel to bring the people they want to meet and the knowledge they want to attain to their doorstep. An example of such an event is BruCON, a security and hacker conference that takes place annually in Belgium since 2009.

Intel establishes automotive security review board
To mitigate cyber-security risks associated with connected automobiles while encouraging technological progression and innovation, Intel established the Automotive Security Review Board (ASRB).

Review: Next Generation Red Teaming
Do you know the difference between penetration testing and red teaming? This book will explain it through attack case studies, and point out the things you should keep in mind if you want to engage in the latter activity.

iOS 9 partially fixes critical, easily exploitable AirDrop bug
Among the holes patched in iOS 9 is one in particular that should scare users and push them to upgrade as soon as possible: a vulnerability that can be exploited by attackers to install malicious apps on a target’s iPhone or Mac via the AirDrop filesharing feature, without the need to obtain the target’s permission (i.e. accept the AirDrop request).

Tor security improves as .onion becomes a special-use domain name
The .onion domain has been officially designated by the Internet Assigned Numbers Authority (IANA) as a special-use domain name. The move, initiated by the Internet Engineering Task Force (IETF), is meant to make the use of Tor safer.

New malware can make ATMs not give users’ card back
A new type of malware that can be used to compromise ATMs independently of who their manufacturer is, and can make the machine steal card data but also the cards themselves, has been spotted by FireEye researchers.

The Lord of the Hacktivist Rings
Cyber attacks against websites have been around for about a decade. Considering this, an important question to ask is: what makes one company considered high risk, and what puts them into what we call “The Ring of Fire?”

Malicious SYNful Cisco router implant found on more devices around the globe
After FireEye researchers published on Tuesday their discovery of 14 Cisco routers in India, Mexico, Philippines and Ukraine that have been implanted with a modified, malicious Cisco IOS image, another group of researchers has decided to scan the public IPv4 address space for other affected devices.

Do we need harsher penalties and enforced data breach detection measures?
Nearly three-quarters (73%) of consumers say the time it is taking businesses to realize that sensitive customer data has been lost is ‘unacceptable’ and as a result, there are grave concerns about the existence of breaches that have yet to be discovered.

Android 5 bug allows attackers to easily unlock password-protected devices
If you own a mobile device running any Android 5 version but the very last (v5.1.1) and you use a password to lock your device, you will want to update your OS or switch to a PIN or a pattern-based lockscreen.

Why background screening is vital for IT security
Which security controls are the most important in thwarting cyber crime against businesses? Anti-malware? Physical security? According to a recent survey, people are a main concern.

Encryption: Whose keys are they, anyway?
Until now, key management – the processing, management and storage of keys for who can decrypt and access protected information – was an often-overlooked, and yet critical element of encryption. Many organizations left that part up to their vendors or stored them inconsistently across their IT infrastructure in both hardware and software. This lack of centralized control can jeopardize the integrity of encryption. In fact, the management of the keys is more important than the encryption itself, because if something happens to the keys, entire sets of data can be stolen or lost, and there’s nothing you can do about it.

Data security for the borderless enterprise
In a world without borders, the task of locating, securing and controlling that data is particularly challenging.

Malware takes screenshots of the infected player’s virtual poker hand
Malicious spyware is targeting users of Full Tilt Poker and PokerStars online games.

D-Link accidentally leaks code-signing certs in its firmware
Malware peddlers don’t always have to steal or buy (from sellers on underground forums) legitimate and valid code-signing certificates to sign their malware with – sometimes the certificates can be found just “laying around” in open source software and code repositories.

New POS Trojan created by mixing code from older malware
A newly discovered POS Trojan is a perfect example of how easy it is for malware makers to come up with new malware – they can simply recycle code used in older malicious software.




Share this