Week in review: Spoofing boarding pass QR codes, blocking USB-based threats

Here’s an overview of some of last week’s most interesting news, reviews and articles:

Malware hidden in digitally signed executables can bypass AV protection
Researchers have shown that it’s possible to hide malicious code in digitally signed executables without invalidating the certificate, and execute this code – all without triggering AV solutions.

CRIME, TIME, BREACH and HEIST: A brief history of compression oracle attacks on HTTPS
When presenting results that build on previous research, it occasionally happens that other people may have found the same results.

Breathing new life into SSL VPNs: Making the most of the security benefits
With a little outside-the-box thinking, an SSL VPN can augment your security strategies, reduce risk and even improve user experience.

USBFILTER: Packet-level firewall for blocking USB-based threats
USBFILTER provides packet-level access control for USB devices.

Review: Cyber Guerilla
The book is based on Che Guevara’s famous Guerrilla Warfare guidebook for guerrilla fighters around the world.

Beware of browser hijacker that comes bundled with legitimate software
Lavians, a “small software vendor team,” is packaging its offerings with a variant of browser-hijacking malware Bing.vc.

Multi-layered phishing mitigation
In this podcast recorded at Black Hat USA 2016, Eyal Benishti, CEO at IRONSCALES, talks about their multi-layered phishing mitigation solution, which brings together human intelligence and machine learning in a way that allows automated phishing incident response.

How the EFF was pushed to rethink its Secure Messaging Scorecard
As good as the idea behind Electronic Frontier Foundation’s Secure Messaging Scorecard is, its initial version left much to be desired.

Security startup confessions: How to tackle outsourcing
Kai Roer, a co-founder of a European security startup, shares his experiences with outsourcing.

Hundreds of millions of cars can be easily unlocked by attackers
Researchers say their findings could explain unsolved insurance cases of theft from allegedly locked vehicles.

FlockFlock: File access enforcement for macOS
FlockFlock is an open source tool for macOS aimed at protecting your files. This versatile piece of software, created by iOS security expert Jonathan Zdziarski, can ensure that the applications you’re using are respecting your privacy and it can tell you if your system has been compromised.

Financial malware attacks increase as malware creators join forces
Kaspersky Lab blocked 1,132,031 financial malware attacks on users, a rise of 15.6 percent compared to the previous quarter, according to the results of the company’s IT threat evolution report for Q2. One of the reasons for the rise appears to be the collaboration between the authors of two leading banking Trojans: Gozi Trojan and Nymaim Trojan.

Remote Butler attack: APT groups’ dream come true
Microsoft security researchers have come up with an extension of the “Evil Maid” attack that allows attackers to bypass local Windows authentication to defeat full disk encryption: “Remote Butler”.

Spoofing boarding pass QR codes with simple app
Przemek Jaroszewski, the head of Poland’s CERT, says anyone can bypass the security of the automated entrances of airlines’ airport lounges by using a specially crafted mobile app that spoofs boarding pass QR codes. He created one for himself, and successfully tried it out on a number of European airports.

Top-level cyber espionage group uncovered after years of stealthy attacks
According to the researchers, evidence of ProjectSauron’s activity can be found as far back as 2011, and as near as early 2016.

Over 300 new cyber threats pop up on underground markets each week
The threats include information on newly developed malware and exploits that have not yet been deployed in a cyber-attack – information that could be very useful for cyber defenders.

There’s a way to use encrypted data without knowing what it holds
Microsoft researchers have devised a way for third parties to make use the vast amount of encrypted data stored in the cloud by companies and individuals, without them actually having access to it or learning anything about it (except for what can be deduced from the result).

Oracle-owned MICROS PoS systems vendor breached
MICROS, the point-of-sale payment systems vendor owned by Oracle, has suffered a data breach, and there are indicators that point to the infamous Carbanak (aka Anunak) cybercriminal gang being the culprit.

Bringing security into IT and application infrastructures
In this podcast recorded at Black Hat USA 2016, Chris Carlson, VP of Product Management, Cloud Agent Platform at Qualys, talks about a new trend in bringing security into IT and application infrastructures, as well as working with the DevOps team for increased security.

In limiting open source efforts, the government takes a costly gamble
Governments around the world are beginning to take the view that as their software is funded by the public, it belongs to the public and should be open for public use and are starting to define codified policies for its release.

My data, my problem
Being open and honest about data incidents is critical. Whilst the headlines may focus on the numbers of lost customers, the effect on each customer can be longer term than a single quarter.

New vulnerabilities affect over 900 million Android devices, enable complete control of devices
QuadRooter is a set of four vulnerabilities affecting Android devices that are built on the Qualcomm chipset, a supplier of 80% of the chipsets in the Android ecosystem.

It’s time to replace firewalls in industrial network environments
Waterfall Security Solutions announced the expansion of its stronger-than-firewall solution portfolio for industrial control systems and critical infrastructure sites.




Share this