ITsecurity
twitter facebook rss

ITsecurity Daily News: 08/21/2014

Posted by on August 21, 2014.

The ITsecurity daily security briefing: Thursday, August 21, 2014.
If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com.

News Papers/Reports WebThings Events M&A Alerts

line

News

“El Machete” details
A new targeted attack.

El_Machete_1

“‘Machete’ is a targeted attack campaign with Spanish speaking roots. We believe this campaign started in 2010 and was renewed with an improved infrastructure in 2012. The operation may be still ‘active’.”
Kaspersky Lab:
http://securelist.com/blog/research/66108/el-machete/

Attack traffic originating in Vegas spiked during Black Hat/DefCon
And during NCAAP.

Click for full size

Attack traffic originating in Las Vegas, recorded by Imperva

The attendees are very different: civil rights activists to the former and black hats to the latter. Were NCAAP laptops infected and calling home, while Black Hat laptops were trying to infect others? Who knows? But the figures must be telling us something.
Imperva:
http://blog.imperva.com/2014/08/what-happens-in-vegas.html

Private bailiffs tracked down driver by combination of ANPR and DVLA
“The notion that councils are now using CCTV to locate drivers’, whose details will then be passed onto bailiffs is incredibly disconcerting. The potential for misuse is high and the ability to combine it with information such as drivers’ records on the DVLA database allows for the potential of individuals to be tracked and monitored. In this instance as the technology is being used by a private company, therefore exempted from Freedom of Information law, it raises important questions over how transparent their practices are.”
Big Brother Watch:
http://www.bigbrotherwatch.org.uk/home/2014/08/traffic-enforcement-zealous-heavy-handed.html

Reveton police malware ups the ante with a password stealer
“The authors upped the ante of the despised malware from a LockScreen-only version to a dangerously powerful password and credentials stealer by adding the last version of Pony Stealer.  This addition affects more than 110 applications and turns your computer to a botnet client.”
Avast!
http://blog.avast.com/2014/08/19/reveton-ransomware-has-dangerously-evolved/

The UPS Store, Inc. Notifies Customers Of Potential Data Compromise and Incident Resolution
“The UPS Store, Inc., among many other U.S. retailers, recently received a government bulletin regarding a broad-based malware intrusion not identified by current anti-virus software. Upon receiving the bulletin, The UPS Store retained an IT security firm and conducted a review of its systems and the systems of its franchised center locations. The UPS Store discovered malware identified in the bulletin on systems at 51 locations in 24 states (about 1%) of 4,470 franchised center locations throughout the United States.”
The UPS Store:
http://www.pressroom.ups.com/Press+Releases/Current+Press+Releases/The+UPS+Store%2C+Inc.+Notifies+Customers+Of+Potential+Data+Compromise+and+Incident+Resolution

Opera’s Mini browser to be installed on Microsoft phones
“We have signed a strategic licensing deal with Microsoft. We are basically taking over the browser building department in Nokia,” Opera Chief Executive Lars Boilsesen said. “This means that Opera Mini will become the default browser for Microsoft’s feature phone product lines and the Asha phones product lines.”
Reuters:
http://www.reuters.com/article/2014/08/21/us-microsoft-opera-idUSKBN0GL0HL20140821

European satellite navigation: Galileo launches two more satellites
“The improved positioning and timing information supplied by Galileo will have positive implications for many services and users in Europe. Products that people use daily, for example in-car navigation devices and mobile phones will benefit from the extra accuracy provided by Galileo. Galileo’s satellite navigation data will also benefit critical services for citizens and users, for example it will make road and rail transport systems safer and improve our responses to emergency situations.”
European Commission:
http://europa.eu/rapid/press-release_IP-14-935_en.htm?locale=en

Counterfeit U.S. Cash Floods Crime Forums
“One can find almost anything for sale online, particularly in some of the darker corners of the Web and on the myriad cybercrime forums. These sites sell everything from stolen credit cards and identities to hot merchandise, but until very recently one illicit good I had never seen for sale on the forums was counterfeit U.S. currency. That changed in the past month…”
Brian Krebs:
http://krebsonsecurity.com/2014/08/counterfeit-u-s-cash-floods-crime-forums/

China taps South Korea for ideas in Qualcomm antitrust case
“Chinese antitrust officials have met with their South Korean counterparts to discuss violations by U.S. chipmaker Qualcomm Inc (QCOM.O), sources said, as Beijing reaches out to regulators overseas to complete a case that could result in record fines at home.”
Reuters:
http://www.reuters.com/article/2014/08/21/us-china-antitrust-qualcomm-idUSKBN0GL0RL20140821

SSL Vulnerabilities: Who listens when Android applications talk?
“The FireEye Mobile Security Team analyzed Google Play’s most downloaded Android applications and found that a significant portion of them are susceptible to MITM attacks. These popular apps allow an attacker to intercept data exchanged between the Android device and a remote server. We notified the developers, who acknowledged the reported vulnerabilities and addressed them in subsequent versions of their applications.”
FireEye:
http://www.fireeye.com/blog/technical/2014/08/ssl-vulnerabilities-who-listens-when-android-applications-talk.html

line

Whitepapers and Reports

ASM: A Programmable Interface for Extending Android Security
Due to be presented at Usenix tomorrow: “This paper seeks to promote OS security extensibility in the Android OS. We propose the Android Security Modules (ASM) framework, which provides a programmable interface for defining new reference monitors for Android… If adopted by Google, we envision ASM enabling in-the-field security enhancement of Android devices without requiring root access, a significant limitation of existing bring-your-own-device solutions.”
North Carolina State University & TU Darmstadt:
http://www.enck.org/pubs/heuser-sec14.pdf

Hacking as a Service: How Much Does it Cost to Hack an Account?
“There exists an underground marketplace to buy and sell malware, exploit kits, botnets, credit card information, software zero-days (where no patch is available) for popular operating systems or software packages, or services such as attacking and defacing a website, or performing DDoS attacks.  So how does this all work?”
Symantec:
http://www.symantec.com/connect/blogs/hacking-service-how-much-does-it-cost-hack-account

line

Webcasts and Webinars

Healthcare IT Debate: Data Security vs. Healthcare Technology
ITG Debates presents a debate between FireEye and Eko Devices on the topic “Is data security just as important as cutting-edge healthcare technology.”
Aug 27 2014 7:00 pm (BST)
BrightTalk:
https://www.brighttalk.com/webcast/10119/118501

line

Events

line

Mergers and Acquisitions

line

Alerts


Share This:
Facebooktwittergoogle_plusredditpinterestlinkedinmail

Leave a Reply

Your email address will not be published. Required fields are marked *

Submitted in: News | Tags: , , , , , , , , , , , , ,