Week in review: Carberp Trojan developers arrested, thousands of compromised Apache servers directing users to malware
Here’s an overview of some of last week’s most interesting news, videos, reviews and articles:
Hackers attacking US banks are well-funded, expert says
The Cyber fighters of Izz Ad-Din Al Qassam hacker group – also known as Qassam Cyber Fighters – are at it again. For the third time in the last half year or so, they have mounted DDoS attacks against prominent US financial institutions in order to protest the continuing online existence of a video that they feel vilifies Islam and offends Muslims.
Ransomware uses browser history to persuade users to pay up
A new ransomware variant dubbed Kovter has been spotted trying out a brand new approach for convincing targeted users of the legitimacy of its claims.
US companies in China worried about data theft
The results of a survey conducted by the American Chamber of Commerce in China which polled 325 respondents currently doing business throughout the republic has shown that a quarter of them have experienced a breach or theft of data and / or trade secrets from their China operations.
Trojan phishes for credit card info through fake Facebook page
The malware, dubbed TSPY_MINOCDO.A, is delivered on the target system either via Trojan droppers or via drive-by-download schemes on compromised sites.
Defending the Internet at scale
This talk from Shmoocon 2013 is about the next level in scalability: systems that handle 10 MILLION concurrent connections. Such systems already exist, though instead of being called “servers” they are called “devices”, like firewalls, IPS, DPI, load balancers, carrier NAT, etc.
The War Z taken offline following forum, database hack
Players of The War Z, a first-person zombie survival game, have been notified of a breach of the developer’s (Hammerpoint Interactive) forum and game databases and the theft of user data contained in them.
Blocking zero-day application exploits: A new approach for APT prevention
The recently discovered advanced persistent threat (APT) malware, Trojan.APT.BaneChant, uses multiple evasion techniques to bypass some of the newer detection approaches being utilized.
Banking Trojan disguised as innocuous Word and WinHelp files
The attack starts with fake invoice notices delivered via email.
Thousands of compromised Apache servers direct users to malware
What do the recent compromises of a number of LA Times websites and the blog of hard disk drive manufacturer Seagate have in common? According to several security researchers, all these sites are hosted on servers running Apache web server software, and have been compromised and equipped with module that is able to insert and rotate malicious iFrames on all pages of websites hosted on these servers.
My very own personal privacy training
I remember a time – and it wasn’t even that long ago – when the government, companies and organizations weren’t this hell-bent on collecting citizen, customer and user data. It’s not that they didn’t gather any, but they were not nearly as greedy for it as they are today. They obviously took to heart the saying that knowledge is power.
Two Japanese web portals hacked, user financial info compromised
On Tuesday evening, Yahoo Japan (owned by Softbank) notified the public that they have discovered malware on their servers, which was intent on extracting data about over a million users, but was luckily detected in time and blocked from exfiltrating it to remote servers.
Lookout for iPhone
As a result of all the positive stuff I have read about the product, I downloaded the iPhone version (the review is based on v2.8, uploaded March 27th, 2013) to see whether the hype is justified.
Flashback malware author unmasked?
Security reporter Brian Krebs thinks he may just have tracked down the developer of the malware.
Carberp Trojan developers arrested in Ukraine
The mastermind behind the Carberp Trojan and the developers that helped created it have apparently been arrested in Ukraine in a joint action by the Security Service of Ukraine (SBU) and the Russian Federal Security Service (FSB).
Tips for securely using free Tube Wi-Fi
GFI Software warns of potential data and device security concerns posed by using London’s public Wi-Fi service, installed across large parts of the London Underground Tube network.
iMessage encryption stumps US federal agents
A recent investigation conducted by US Drug Enforcement Administration agents has been temporarily derailed after they failed to decrypt messages the targets exchanged via Apple’s iMessage system.
10 best practices for securing data in Hadoop
Dataguise released ten security best practices for organizations considering or implementing Hadoop. By following these procedures to manage privacy risk, data management and security, professionals can prevent costly exposure of sensitive data, reduce their risk profile and better adhere to compliance mandates.