Week in review: Undetectable hardware Trojans, Chinese hackers for hire, and latest IE 0-day insight
Here’s an overview of some of last week’s most interesting news and articles:
NSA impersonated Google in MitM attacks
After all the recent revelations about the NSA and their surveillance and encryption-foiling activities, would it surprise you to know that the agency or its British counterpart GCHQ also impersonated Google, Yahoo and Microsoft in Man-in-the-Middle attacks aimed at intercepting user communications?
FBI confirms they were behind Freedom Hosting’s takeover
An FBI agent testifying at the court hearing where the subject of bail for Freedom Hosting owner Eric Eoin Marques was discussed has confirmed that the FBI has, indeed, had a hand in taking over the host’s servers and setting pages hosted on them to serve de-anonymizing malware to visitors.
Free eBook: First Aid Kit for Sys Admins
Have you faced any of these situations: malware infection, cracked passwords, defaced website, compromised DNS, licensing violations, stolen hardware and other issues which can cause cardiac arrest? Keep calm, we have a First Aid Kit to help you get things fixed, fast! Download your free eBook and get a step-by-step guide and tools to help you succeed in these operations.
What CISOs must learn from Bitcoin and a research team at Georgia Tech
It has been an eventful time in the mobile world with two recent breaking stories revealing vulnerabilities in the security infrastructure for Android and iOS respectively. While vastly different in their nature, both point to a fundamental lesson that CISOs in an increasingly mobile world cannot ignore – when it comes to encryption, read the fine print.
Fake “new voicemail” notification targets Android WhatsApp users
Malware peddlers have decided to bank on the popularity of the WhatsApp cross-platform IM app for smartphones in order to get users to install malicious apps on their devices.
GFI LanGuard 2014 released
The newest version now features vulnerability assessment for mobile devices, including tablets and smartphones, running the mobile operating systems iOS, Android and Windows Mobile, as well as support for Linux and more than 20 additional third-party patches.
Researchers create undetectable layout-level hardware Trojans
The fact that most of computer hardware is produced outside the US and Europe has long presented a worry for the governments of those countries and for the companies and corporations based in them. They are especially concerned about the security of integrated circuits used in military devices, industrial control systems, medical and other critical devices, and are aware that the possibility of hardware Trojans being integrated in them during the manufacturing process is not at all far-fetched.
Too long passwords can DoS some servers
The discovery of a vulnerability in popular open source web application framework Django has recently demonstrated that using a long password is not always the best thing to do.
Tips for educational organizations on how to defend against online threats
The kids are back to school and hopefully they’re heeding the right advice on how to stay safe in an educational environment, but students aren’t the only ones who should be concerned about security now that classes are in session. Educational organizations and school districts also need to ensure they’re following the right strategy to protect students, staff and data, from malware and other threats.
Chinese hackers for hire tied to Bit9 and Aurora attacks
The existence, the modus operandi and details of successful campaigns of another Chinese hacking group have been revealed by Symantec researchers, who have managed to tie to several high-profile compromises in the last few years, most notably that of Bit9.
10,000+ to compete at world’s biggest hacking competition
The Brooklyn campus of the Polytechnic Institute of New York University (NYU-Poly) will be the nerve center this week for the world’s biggest hacking competition, as more than 10,000 participants from across the world compete in the preliminary round to find the best student teams for the tenth annual NYU-Poly Cyber Security Awareness Week.
Rootkit freezes computers’ hard disk to respawn itself
Researchers from Vietnamese security firm Bkav have recently spotted and analyzed a new piece of malware that uses an unexpected self-protection mechanism: it “freezes” the hard disk of the infected machine.
What keeps IT pros up at night?
The survey reflects responses from 272 IT decision makers including security managers, and network and systems engineers across a number of industries including healthcare, government, financial services and retail, among others.
The legal implications of BYOD
The legality of the common practice of remotely wiping or tracking an employee’s mobile device while asking workers to sign waivers giving their consent for such a policy remains highly ambiguous, as there is little to no case law in this area.
Beware of 419 scam emails delivered via CNN’s “Email This” feature
Email spammers often try to take advantage of current news and to impersonate legitimate news sites (usually CNN) in order to bypass spam filters and convince recipients to click on a malicious link or open a malicious attachment.
Latest IE 0-day insight: Background, severity and solutions
This recently discovered Internet Explorer zero day vulnerability is bad. Users and administrators should take immediate action to mitigate the risk.
Researchers discover ties between TDSS and ZeroAccess rootkit families
A lot has been said and written about the long-lasting TDSS (or TDL) and the considerably newer ZeroAccess (or Sirefef) rootkits, and the similarities between the two have been noticed before, but Trend Micro researchers have discovered something that might indicate direct ties exist between the two malware families.
Belgacom was breached by Britain’s GCHQ
Earlier last week, the primarily state owned Belgacom – the largest telecom in Belgium, with customers such as the European Commission, Council and Parliament – has made public the fact that their internal computer system have been breached by an “unknown third party”. On Friday, the German Der Spiegel reported about perusing documents leaked by NSA whistleblower Edward Snowden, among which was a presentation that indicates Britain’s GCHQ intelligence service is the perpetrator of the attack.
Clever email campaign delivers deadly ransomware to orgs
Dubbed CryptoLocker, the ransomware is cleverly delivered to employees of various organization via emails purportedly sent by disgruntled customers complaining about a service or product.