Week in review: The danger of terror attacks using drones, cheap web cams as permanent backdoors into networks

Here’s an overview of some of last week’s most interesting news and articles:


Wi-Fi and security are better together for SMBs
As a small to midsized business (SMB), you may be considering or already offering Wi-Fi as a service to your customers. It’s a great idea. SMBs are adding Wi-Fi access in their environments to increase customer satisfaction, build loyalty, repeat visits, and enable unique marketing opportunities. Customers appreciate and come to expect a fast, reliable secure wireless network experience.

Flaw allows malicious OpenSSH servers to steal users’ private SSH keys
Qualys researchers have discovered two vulnerabilities in the popular OpenSSH implementation of the secure shell protocol, one of which (CVE-2016-0777) could be exploited by attackers to extract users’ private cryptographic keys.

OS X’s Gatekeeper bypassed again
Do you remember when, last October, Synack director of research Patrick Wardle found a simple way to evade OS X’s Gatekeeper defense mechanism by bundling up a legitimate Apple-signed app with a malicious, unsigned one placed in the same directory, and wrapping it all up in an Apple disk image file?

User behavior analytics: The equalizer for under-staffed security teams
In a perfect world, security professionals would see a few alerts, recognize the pattern, identify the malware and the hacker, and solve the problem – all with only a few mouse clicks. However, no matter how seasoned and deep security teams are, it doesn’t work like that.

eBook: Fighting Known, Unknown, and Advanced Threats
Cyberattacks can be the downfall of an organization’s reputation. Download Kaspersky Lab’s eBook to learn more about the evolution of cyberthreats that put your business at risk, how malware is often used as a door opener to launch more sophisticated, targeted attacks, and the necessary features of a multi-layered security solution to defend your IT infrastructure today.

250 Hyatt hotels around the world hit with PoS malware
In late December, the Hyatt Hotels Corporation announced that they found malware on computers that operate the payment processing systems for Hyatt-managed locations, but offered no details about how long the compromise went on and which hotels have been affected. On Thursday, the company has finally shared specific details as they have completed the investigation.

Have I been hacked? The indicators that suggest you have
Let’s take a look at some of the top IOCs that your network has been breached by an attacker and how you can leverage them to detect irregularities in your system.

Android banking Trojan defeats voice call-based 2FA
Bankosy is a banking Trojan that has been targeting Android users for a while now, but has only recently been updated with a new capability of note: the ability to deceive voice call-based two-factor authorization (2FA) systems.

Imperfect algorithms threaten democracy
Do we want algorithms that we can’t understand or question to influence how we get to live our lives?

Most IT pros oppose government backdoor access
Close to two-thirds of global IT professionals oppose giving governments backdoor access to encrypted information systems, and 59% feel that privacy is being compromised in an effort to implement stronger cybersecurity laws.

General Motors invites hackers to report security flaws in their cars
General Motors has started a bug bounty program and has invited security researchers to report information on security vulnerabilities affecting the company’s products and services.

Juniper to kill off Dual_EC RNG in ScreenOS following new backdoor revelations
Juniper will finally(!) replace the Dual_EC pseudo-random number generator in ScreenOS with the same random number generation technology currently used in its products running Junos OS. At the same time, ScreenOS will also stop using the ANSI X9.31 number generator.

Endpoint security really can improve user experience
In order to truly prevent zero-day threats, more endpoint security is needed. Only then can enterprises protect users’ desktops before antivirus definition files can be deployed. But, you ask, at what cost to user productivity and employee satisfaction?

Drupal moves to fix flaws in update process
After IOActive researcher Fernando Arnaboldi publicly revealed three crucial vulnerabilities in Drupal’s update process last Thursday, the Drupal Security Team published a response on the Drupal Groups page.

Group using DDoS attacks to extort business gets hit by European law enforcement
The DD4BC group is exploiting the increasing popularity of pseudonymous payment mechanisms and has been responsible for several Bitcoin extortion campaigns since mid-2014.

How email in transit can be intercepted using DNS hijacking
This post looks at how an attacker can intercept and read emails sent from one email provider to another by performing a DNS MX record hijacking attack.

Google researcher finds critical flaws in Trend Micro AV solution
If you are using Trend Micro’s Maximum Security 10 solution for Windows, you might want to update it to the latest available version as soon as possible. If you don’t you’re opening yourself to the danger of getting your computer hijacked and all your passwords stolen (if you use the Password Manager component that comes with the AV).

The danger of terror attacks using drones, and possible countermeasures
You can add terrorist-controlled drones to the list of dangers we need to be scared about in the future, the Oxford Research Group announced after publishing the latest report by Remote Control.

Attackers use SQL injection to manipulate search engine rankings
Akamai has identified a sophisticated SEO campaign that uses SQL injection to attack targeted websites. Affected websites will distribute hidden HTML links that confuse search engine bots and erroneously impact page rankings.

Microsoft ends support for Windows 8, IE8 through 10: What does this mean for you?
Slowly but surely, Microsoft is pushing users towards Windows 10 and its new browser, Microsoft Edge. The way through this is by stop providing technical support and security updates for older versions of the popular OS and the Internet Explorer browser.

Fortinet says backdoor found in FortiOS is “a management authentication issue”
Fortinet, the company whose enterprise network security offerings include the popular FortiGate firewall platform, has issued a statement regarding a security issue that has been publicly revealed this weekend: a SSH backdoor in FortiOS, the OS running on many of the company’s products.

Your smartwatch can give away your payment card’s PIN code
Smartwatches can be a perfectly useful and handy wearable device for some users, but it’s good to keep in mind that using them might mean opening yourself to an additional line of attack.

CWA hackers breached US DNI Clapper’s email, broadband account
Crackas With Attitude (CWA), a group of hackers with a pro-Palestinian agenda, have hit another high-rank US intelligence chief.

Cisco kills hardcoded password bug in Wi-Fi access points
Along with fixes for a number of older vulnerabilities in Cisco IOS and IOS XE software, the Cisco IOS Software Common Industrial Protocol, and the OpenSSL package incorporated in multiple company products, Cisco Systems has pushed out security updates that plug unauthorized access and default account/static password vulnerabilities in some of its offerings.

Cheap web cams can open permanent, difficult-to-spot backdoors into networks
They might seems small and relatively insignificant, but cheap wireless web cams deployed in houses and offices (and connected to home and office networks) might just be the perfect way in for attackers. Researchers from the Vectra Threat Lab have demonstrated how easy it can be to embed a backdoor into such a web cam, with the goal of proving how IoT devices expand the attack surface of a network.

Share this