Posted by Kevin on September 19, 2014.
The ITsecurity daily security briefing: Friday, September 19, 2014.
If you find this security briefing useful, please spread the word via social media. If you have any comments or recommendations, please email kevtownsend at gmail dot com.
Vupen has a competitor – Kevin Mitnick
Vupen is the long-standing leader in the sale of 0-day exploits. Now it has a competitor: Mitnick Security Consulting:
Mitnick Security Consulting:
Salesforce Dyre Variant – Research & Analysis
Adallom has looked deeper at the Dyre (Dyreza) malware that was subject to the SalesForce warning a couple of weeks ago (see here). At that time, researchers felt that Dyre was branching out from its traditional banking targets. Adallom’s findings suggest that it isn’t, and that the SalesForce targeting was almost incidental. “Most significant about this list are the kind of targets the perpetrators are going for. There are many banks herein, but if we look into the specific URLs being targeted, we can see a direct correlation to commercial banking. This makes us believe that this is not the “steal-money-from-the-average-joe” kind of attack – these guys are going for the big guns. Check out the two Wells Fargo URLs: wellsoffice.wellsfargo.com and chsec.wellsfargo.com – both related to their CEO portal, which services large enterprises. The login URLs for personal accounts and small business accounts are notably absent.”
Android follows Apple’s encryption move
Apple announced Wednesday that a new encryption facility would protect iOS content from from forensic examination. Now Android has quickly followed. “Now Google is designing the activation procedures for new Android devices so that encryption happens automatically; only somebody who enters a device’s password will be able to see the pictures, videos and communications stored on those smartphones.” But while Apple’s deployment of new features can be immediate and total, the nature of the Android market “results in what experts call ‘fragmentation’ – meaning there are hundreds of different versions of Android worldwide, many several years old, making it difficult to keep them current with the latest security features.”
Home Depot now free of malware
Home Depot announced yesterday “that the malware used in its recent breach has been eliminated from its U.S. and Canadian networks. The company also has completed a major payment security project that provides enhanced encryption of payment data at point of sale in the company’s U.S. stores, offering significant new protection for customers. Roll-out of enhanced encryption to Canadian stores will be complete by early 2015. Canadian stores are already enabled with EMV ‘Chip and PIN’ technology.”
The company added, “There is no evidence that debit PIN numbers were compromised or that the breach has impacted stores in Mexico or customers who shopped online at HomeDepot.com or HomeDepot.ca.” Also, “Home Depot’s new encryption technology, provided by Voltage Security, Inc., has been tested and validated by two independent IT security firms.”
What if Scotland had said Yes? Learn more from the CosmicDuke guys
F-Secure found a Scottish Independence lure being used by CosmicDuke leveraging “timely, political topics to deceive the recipient into opening the malicious document.” The text of the lure is taken straight from an AP article published earlier this week: “If Scottish voters this week say Yes to independence, not only will they tear up the map of Great Britain, they’ll shake the twin pillars of Western Europe’s postwar prosperity and security – the European Union and the U.S.-led NATO defense alliance.”
F-Secure comments: “It is obvious that the attackers are keeping abreast of the latest political news, and they are very agile: they have the capability and capacity to rapidly utilize the information to increase the odds of social engineering.”
In the event, Scotland said No. I find it hard to understand. How can anyone not vote for the independence of their own country? Damn the consequences, logic and economics – this should be pure emotion.
Will a federal United Kingdom make acceptance of a federal Europe more likely?
Although Scotland said no to outright independence, it has already been promised greater ‘freedoms’. The effect can be described either as a more devolved UK – or even a ‘federal’ UK. Other regions will undoubtedly follow – Wales almost certainly (Northern Ireland less so for fear of being swallowed up by its neighbouring republic); but even, dare I hope, Devon & Cornwall regional government devolved from the Westminster mafia. But the big danger in greater regional control is, paradoxically, greater centralization into Brussels. BlogActiv comments, “One positive result of the referendum about the independence of Scotland can be seen already now: the central government in London starts finally to think about a more ‘federated’ United Kingdom, but nobody of the political class is using this term ‘federal’, because this word was misused as ‘centralization’ in the context of transferring national competences and powers to the European level.”
How the Internet of Things (IoT) Is Changing the Cybersecurity Landscape
IBM’s Security Intelligence discusses the Internet of Things: “Currently, more things are connected to the Internet than people, according to an infographic from Cisco. It goes on to say that 25 billion devices are expected to be connected by 2015 and 50 billion are slated to connect by 2020. In this quickly evolving world, all the things that connect to the Internet are exponentially expanding the attack surface for hackers and enemies. A recent study released by Hewlett Packard showed that 70 percent of IoT devices contain serious vulnerabilities. There is undeniable evidence that our dependence on interconnected technology is defeating our ability to secure it.”
Enterprise Content Mobility – Move from Chaos to Strategy
“Do you have content chaos when it comes to your mobile workforce? Who decides what content can be accessed on mobile devices and what solutions are approved for use? Join us to learn how to develop and implement a strategy for secure mobile content access and tame the chaos.”
Wednesday, October 1, 2014; 11AM PT / 2PM ET
Accellion with Forrester Research:
Is Dealing With Malware Like Finding Needles in Your Enterprise Haystack?
“Learn how you can use MobileIron’s platform, integrated with Veracode’s App Reputation Service, to detect and respond to malicious or risky apps on your employees’ phones, and create a program to manage these risks efficiently.”
Thursday, September 25, 2014; 11:30 am EDT
Veracode and MobileIron:
VB2014 – Seattle
If you don’t know what this is about (really?), there’s a FAQ here and you can find the program here.
24-26 September 2014 in Seattle, WA, USA.
Submitted in: News |