Posted by Kevin on August 19, 2014.
The ITsecurity daily security briefing: Tuesday, August 19, 2014.
If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com.
Government Control Over Internet Governance
A new proposal that ICANN would need two-thirds majority vote to defy GAC instructions “would grant governments enormous power over ICANN, coming close to an effective veto… In effect, governments would be given near-complete veto power over ICANN board decisions.”
Symantec to slim Norton line to single security suite
“For the first time since 1991, there won’t be a new version of Norton Antivirus on the shelves this fall. Symantec will rebrand its consumer security suites next month by eliminating several similarly named products. The new Norton Security, which debuts September 23, will replace Norton AntiVirus, Norton Internet Security, Norton 360, Norton 360 Multi-Device, and Norton 360 Premier Edition.”
Sophistication of malware in Syria is increasing
The Global Research & Analysis Team (GReAT) at Kaspersky Lab has discovered new malware attacks in Syria, using some techniques to hide and operate malware, in addition to proficient social engineering tricks to deliver malware by tricking and tempting victims to open and launch malicious files. The malware files were found on activist sites and social networking forums,
Russian lawmaker’s son denied bail
Roman Seleznev was denied bail on Friday. “The arrest of Roman Seleznev, the 30-year-old son of a deputy in Russia’s lower house of parliament, has increased tensions between the two countries, already at their worst since the end of the Cold War over the Ukraine crisis.”
Vulnerabilities found in Dendroid mobile Trojan
Dendroid Android RAT source code leaked and analysed – what it does, how it works etc. Includes several of its own vulnerabilities. “It’s clear that Dendroid is not on par with Zeus or other advanced Trojans. That being said, it would be very surprising if the Dendroid leak does not lead to more widespread use of the Android-based malware and its future variants.”
New EU Justice Commissioner responds to ‘right to be forgotten’ debacle
“Just as work on the data protection reform has picked up speed and urgency, detractors are attempting to throw a new spanner in the works. They are trying to use the recent ruling by the European Court of Justice on the right to be forgotten to undermine our reform. They have got it wrong. And I will not let them abuse this crucial ruling to stop us from opening the digital single market for our companies and putting in place stronger protection for our citizens.”
Martine Reicherts (speech):
Risks from Within: Learning from the Amtrak Data Breach
“A recent report published by Amtrak’s Office of the Inspector General revealed that an employee of the passenger rail company had been selling passenger data for two decades. The buyer of this data was none other than the Drug Enforcement Agency, which paid the employee $854,460 over the period. Iowa’s senior senator, Check Grassley, sent a letter to the DEA raising serious concerns over the incident.”
Conspiracy theories may not be just paranoia
Anonymous has posted a list of US patents that suggests that ‘conspiracy theories’ such as mind control and chemtrails are not just theories. Example: ‘
4395600 – Auditory Subliminal Message System and Method (Subliminal Brainwash via Music or Other Sound)’; and ‘4686605 – Method and apparatus for altering a region in the earth’s atmosphere, ionosphere, and/or magnetosphere’. There are many more.
Community Health says data stolen in cyber attack from China
“Community Health Systems Inc (CYH.N), one of the biggest U.S. hospital groups, said on Monday it was the victim of a cyber attack from China, resulting in the theft of Social Security numbers and other personal data belonging to 4.5 million patients.”
How to Find and Remove the Attacker that Has Already Passed Through Your Traditional Defenses
A free whitepaper that is designed to promote Seculert product, but nevertheless contains useful information on APT threats and methods.
New attack binds malware in parallel to software downloads
Threatpost explains new research (Software Distribution Malware Infection Vector). “Researchers from Ruhr University in Bochum, Germany, have developed a proof-of-concept attack in which they are able to inject malicious code into a download that runs in parallel to the original application, without modifying the code.” The attack is best against open source software that doesn’t normally include verification checks in the download process.
Tor Browser Research Report Released
“As part of our work with the Open Technology Fund, we recently worked with the Tor Project to see how Tor Browser stands up in terms of modern exploit mitigations, and what could be done to make it harder to develop exploits for.”
Samsung buys U.S. air conditioner firm Quietside in ‘smart home’ push
Samsung Electronics Co Ltd said on Tuesday it had acquired U.S. air conditioner distributor Quietside LLC as part of its push to strengthen its “smart home” business.
Open Redirect Vulnerability: usa.visa.com
An open redirect vulnerability that would have made phishing attacks more successful has been fixed by VISA. It was disclosed to VISA on 7 June; and fixed on 31 July.
New TorrentLocker Ransomware Uses CryptoLocker and CryptoWall Components
“An active phishing campaign that is probably targeting Australian users has been spotted by security researchers to drop a new type of ransomware, which contains elements from CryptoLocker and CryptoWall but with a totally different underlying code.”