Week in review: ScreenOS backdoor, Twitter warns about state-sponsored attacks, and MacKeeper data breach

Here’s an overview of some of last week’s most interesting news and articles:

Critical ScreenOS bugs allow undetectable decryption of VPN connections, device hijacking
During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen devices and to decrypt VPN connections.

2015 Cost of Cyber Crime Study
Discover the most salient findings of this enterprise security and intelligence study and learn what you can do to protect your organization.

Microsoft will stop trusting certificates from 20 Certificate Authorities
What does this mean for customers who got their certificates from those CAs?

Twitter users warned about being targeted by state-sponsored attacks
Among known recipients of the message are Coldhak, a Winnipeg-based nonprofit; Coldhak director Colin Childs; privacy and security researcher Runa Sandvik; activists and cryptoparty organizer Cassie Traun; security researcher Noris Fabio; Tech writer and programmer David Robinson; and banker and mathematics student Jens Kubieziel (also the author of a book about anonymity on the Internet).

Comcast users hit with malvertising, malware and tech support scam all in one go
The intended victims are the customers of Comcast, the largest home ISP in the United States. They are targeted via a malicious advert that has been showing on Comcast’s Xfinity search page.

Is Hadoop secure enough for the enterprise?
Its proliferation has led Hadoop to be scrutinised for its security capability – largely a mischaracterisation. Hadoop is successfully used today in security-conscious environments worldwide, such as healthcare, financial services and the government.

How to eliminate encryption silos
Working in the encryption business, you’ll quickly learn that there are a number of problems that organizations can run into while deploying the technology.

RSA Conference 2016: Connect to protect
RSA Conference, the premiere series of global events, once again sets the stage for the world to talk – and challenge – information security trends during the annual U.S. event Feb. 29-March 4, 2016, in San Francisco.

Are your competitors organizing DDoS attacks against you?
According to recent research from Kaspersky Lab and B2B International, nearly half (48 per cent) of the companies surveyed believe they know the identity and motivation of those behind recent DDoS attacks against them, with many naming competitors as key culprits.

Driving an industry towards secure code
The German government made an unprecedented move by issuing requirements for all new vehicles’ software to be made accessible to country regulators to ensure that emissions loopholes aren’t exploited. While the government should be congratulated for taking this step, why not use this new requirement to address the much bigger, looming problem: vehicle software insecurity.

Mobile banking threats among the leading malicious financial programs
For the first time ever, mobile financial threats rank among the top ten malicious programs designed to steal money. Another alarming trend is the rapid spread of ransomware, which was detected by Kaspersky Lab in 200 countries and territories in this year alone.

Vuvuzela: An untraceable messaging system aimed at thwarting powerful adversaries
A group of scientists from the MIT Computer Science and Artificial Intelligence Laboratory (CSAIL) believe they have created an effective and scalable text-messaging system that can guarantee user anonymity.

Asian company is the newest APT threat
An unnamed South Asian software development consultancy that creates software for employee monitoring is also an APT player and, according to CloudSek CTO Rahul Sasi, it appears to be conducting widespread intellectual property theft for economic gain.

New EU rules on data protection put the citizen back in the driving seat
New EU data protection legislation, informally agreed on Tuesday and backed by Civil Liberties MEPs on Thursday morning, will create a uniform set of rules across the EU fit for the digital era. It should also improve legal certainty and boost trust in the digital single market for citizens and businesses alike. Clear and affirmative consent to data processing, the right to be forgotten and strong fines for firms breaking the rules are some of the new features.

13 million MacKeeper users exposed in data breach
The company pushing MacKeeper, the security and utility software suite for Macs many consider to be scareware, has confirmed that the database containing passwords and personal information of its 13 million users was accessible to anyone who knew what to look for.

Critical Joomla RCE bug actively exploited, patch immediately!
The flaw (CVE-2015-8562) is present in Joomla versions 1.5.0 through 3.4.5, and is so severe that even though some older versions of the software have reached end of life and are no longer being developed or supported by the Joomla project, a patch has been provided for them.

New threats will demand new approaches such as micro-segmentation and quantum encryption
Leading security professionals around the world will adopt a new mindset in 2016, embracing advanced approaches such as micro-segmentation to counter increasingly sophisticated attacks by cyber criminals, according to security experts at Unisys.

Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in their default configuration.

Vision for a new generation of experimental cybersecurity research
How do cybersecurity experts discover how to properly defend a system or build a network that’s secure? As in other domains of science, this process involves hypothesis, experimentation, and analysis — or at least it should. In reality, cybersecurity research can happen in an ad hoc fashion, often in crisis mode in the wake of an attack. However, a set of researchers has imagined a different approach, one in which experts can test their theories and peers can review their work in realistic but contained environments — not unlike the laboratories found in other fields of science.

Blockchain transactions create risks for financial services
Looking at trust among cryptocurrencies, Intel Security has undertaken an analysis of Bitcoin to determine the likely risk to transactions made with this increasingly popular method of payment.

Linux machines can be “owned” by hitting backspace 28 times
An integer underflow vulnerability found in Grub2, a bootloader used by most Linux and some embedded systems, can be easily triggered and exploited to bypass any kind of authentication set up on the device.

Infosec pros are moving beyond traditional passwords
Businesses nationwide are increasing their cybersecurity budgets and exploring alternative authentication techniques to passwords.

Human error reduces security offered by encryption apps
Crypto phones – whether they are hardware devices or mobile apps – are a great way to assure that your VoIP communications remain private, but the security and privacy they offer is dependent on whether the users don’t make mistakes while using them.

Rackspace CSO on security: It’s time to go back to the fundamentals
We no longer need to spend time discussing the sophistication and persistence of the threat; the risk associated with IoT and mobile devices, the devolution of the perimeter; the need for deterrence over prevention and the value of security versus compliance. By now, these should be well-understood concepts and issues. Although less sexy, it is time to get back to the fundamentals.

More about

Don't miss