Week in review: First OS X ransomware, hacking Internet-connected trucks, CVE system problems

Here’s an overview of some of last week’s most interesting news, reviews, podcasts and articles:

OS X ransomware found bundled with legitimate software
Palo Alto researchers have discovered the first fully functional ransomware aimed at Mac users. Bitdefender researchers found it to be a rewrite of Linux Encoder.

RSA Conference 2016: The infosec glass house?
A couple of years late to the party, but Raj Samani, VP and CTO EMEA at Intel Security, finally made it to San Francisco with a real sense of excitement to attend what was described to him as the “Super Bowl of the Security Industry.”

Review: Breaking into Information Security
Breaking into Information Security is a practical guide for people outside and inside the information security industry. The former can find out how to put their foot in the door, and the latter can learn how to climb the ladder to a higher position within the company/industry.

Infosec pros point at problem with CVE system, offer alternative
For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). But according to a number of researchers, MITRE has lately been doing a lousy job when it comes to assigning these numbers, forcing researchers to do without them or to delay public disclosure of vulnerabilities indefinitely.

Critical bug in libotr could open users of ChatSecure, Adium, Pidgin to compromise
A vulnerability in “libotr,” the C code implementation of the Off-the-Record (OTR) protocol that is used in many secure instant messengers could be exploited by attackers to crash an app using libotr or execute remote code on the user’s machine.

Popular WordPress plugin opens backdoor, steals user credentials
If you are one of the 10,000+ users of the Custom Content Type Manager (CCTM) WordPress plugin, consider your site to be compromised and proceed to clean your installation up, Sucuri Security researchers have warned.

Hacking Internet-connected trucks and buses
Among the things one can find with Shodan, the search engine for the Internet of Things, are trucks, buses and delivery vans that have been equipped with the Telematics Gateway Unit (TGU) device and a modem to connect to the Internet.

Past, present and future of threat intelligence platforms
In this podcast recorded at RSA Conference 2016, John Czupak and Ryan Trost, CEO and CTO of ThreatQuotient respectively, clarify the meaning of threat intelligence and actionable intelligence. They discuss the motivation behind the creation of the ThreatQ threat intelligence platform and talk about how the information security industry changed in the past 15 years.

New ways to fingerprint Tor Browser users discovered
Users who want to remain anonymous online often opt for using the Tor Browser, which hides their real IP address, but there are techniques that (more or less) malicious actors can used to identify them.

Corruption: The magnitude of risk
40 percent of all compliance officers surveyed believe their company’s bribery and corruption risks will increase in 2016, according to a new report by Kroll and the Ethisphere Institute.

How cybercriminals evade detection
A new report by Damballa highlights not only how cybercriminals can stay under the radar for long periods of time, but also the need for enterprises to reassess existing security tools.

Making sense of threat intelligence data in your IT environment
In this podcast recorded at RSA Conference 2016, Mark Seward, VP Security Solutions at Anomali, talks about some of the problems that security personnel face in classifying and keeping order around their threat intelligence data, and why that’s now considered a Big Data problem.

Phishers successfully tricking payroll pros into sharing employee data
Phishers have hit a gold mine: by impersonating company executives, they are repeatedly managing to trick the aforementioned pros into sending them employees’ W-2 forms.

Hack a mobile phone’s fingerprint sensor in 15 minutes
Two researchers from Michigan State University’s biometrics group have devised a method for hacking mobile phone’s fingerprint authentication by using just a color inkjet printer, a special type of paper and ink.

Cloud computing: Security and evolution
In this podcast, recorded at RSA Conference 2016, Wolfgang Kandek, CTO at Qualys, talks about the evolution of the cloud computing architecture, the problems it solves and how we can secure it. He also offers advice for those that still haven’t moved to the cloud.

Innovation Sandbox and the modern threat landscape
In this podcast, recorded at RSA Conference 2016, Ajay Arora, CEO at Vera, and Amir Ben-Efraim, CEO at Menlo Security, discuss their participation in the Innovation Sandbox Contest and offer insight into the current information security issues shaping our industry. They talk about encryption, usability, modernization, compliance, and offer a glimpse into the future with their vision of how threats will evolve.

Biometric tech uses sound to distinguish ear cavity shape
NEC is developing a new biometric personal identification technology that uses the resonation of sound determined by the shape of human ear cavities to distinguish individuals.

Web application scanning with Htcap
Htcap is a free web application scanner that can crawl single page applications in a recursive manner by intercepting Ajax calls and DOM changes.

Dell open sources DCEPT, a honeypot tool for detecting network intrusions
Dell SecureWorks researchers have developed a tool that allows Windows system administrators to detect network intrusion attempts and pinpoint them to the original source (i.e. a compromised endpoint), and have made it available for everybody.

My reflections after visiting RSA Conference 2016
RSA Conference has long been the place where security vendors announce new products and services, and industry trends are made.




Share this