Week in review: Logjam bug, trojanized PuTTY, and the importance of encryption and key management

Here’s an overview of some of last week’s most interesting news, podcasts, interviews and articles:


European Internet users urged to protect themselves against Facebook tracking
In the wake of the revelations about Facebook’s tracking of users who do not own a Facebook account, the Belgian Privacy Commission has issued a set of recommendations for both Facebook, website owners and end users.

Strengthening trust in a highly connected world
Just as the connectivity of our world is transforming the way we live and work, this new understanding of security is impacting the very core of how organizations operate.

Global black markets and the underground economy
Adam Tyler is the Chief Innovative Officer at CSID. In this interview he discusses global black markets, what type of information is most valuable for cybercriminals, modern malware, and much more.

Rombertik’s disk wiping mechanism is aimed at pirates, not researchers
Rombertik, the information-stealing malware that was recently analyzed by Cisco researchers and which apparently tries to prevent researchers from doing so by rewriting the computer’s Master Boot Record, is actually a newer version of an underground crimeware kit known as Carbon FormGrabber (or Carbon Grabber), Symantec researchers have found.

Trojanized, info-stealing PuTTY version lurking online
This particular malicious version of PuTTY has already been spotted in the wild in 2013, but it wasn’t broadly distributed.

Penn State engineering network is taken offline following two cyberattacks
The computer network of Pennsylvania State University’s College of Engineering has been temporarily disconnected from the Internet in the wake of two “highly sophisticated cyberattacks,” Penn State president Eric Barron has confirmed.

The cybersecurity domino effect
Most of the C-level professionals surveyed readily acknowledge that a coordinated assault launched by sophisticated cybercriminals would wreak ongoing havoc on business operations, cause considerable harm to a brand, and potentially affect related companies, even entire industries.

New UK law says GCHQ agents cannot be prosecuted for hacking
In a job posting published last week, the Government Communications Headquarters (GCHQ) openly announced its intention to recruit “committed and responsible individuals who have the potential to carry out computer network operations to keep the UK safe.”

There’s no security without trust
Trust is the cornerstone of security, because without trust there can be no security.

How much money do cyber crooks collect via crypto ransomware?
FireEye researchers have calculated that the cybercriminals wielding TeslaCrypt and AlphaCrypt have managed to extort $76,522 from 163 victims in only two months.

Hackers breached subsea cable operator Pacnet’s corporate IT network
It’s interesting to note that the compromise happened prior to Telstra, Australia’s largest telecom and media company, finalizing its acquisition of Pacnet on on 16 April 2015.

Bug in NetUSB code opens networking devices to remote code execution
Researchers from SEC Consult have published details of a critical kernel stack buffer overflow vulnerability in NetUSB, a software component that provides “USB over IP” functionality and is included in most recent firmware versions of many TP-Link, Netgear, Trendnet, and Zyxel networking devices.

Newly disclosed Logjam bug might be how the NSA broke VPNs
Another vulnerability courtesy of 1990s-era US export restrictions on cryptography has been discovered, and researchers believe it might be how the NSA managed to regularly break their targets’ encrypted connections.

The importance of encryption and key management for security practitioners
In this podcast recorded at RSA Conference 2015, Tsion Gonen, Chief Strategy Officer at Gemalto, talks about how if you’re going to do encryption, make sure you do it right. Encryption done wrong is worse than nothing.

Personal info of 1.1M customers stolen in CareFirst breach
CareFirst, a Blue Cross Blue Shield plan, has announced that they have suffered a breach in which the attackers gained access to one of their databases.

Keeping passwords safe from cracking
A group of researchers from Purdue University in Indiana have come up with an effective and easy-to-implement solution for protecting passwords from attackers.

Malware upsurge threatens millions of POS devices
The most sophisticated attacks are highly targeted, deploying hard-to-detect, customized malware, and requiring substantial lateral movement within a compromised network for effective detection.

The importance of good threat intelligence
Threat intelligence is a bit of a buzzword in the security industry, and our equipment vendors, partners and other specialist security research teams all have their own feeds that we can consume; but what makes good threat intelligence data?

Hacker leaks sensitive info of millions of Adult FriendFinder users
Information of over 3.5 million users of dating site Adult FriendFinder has been stolen and leaked online, and is being used by spammers, scammers and phishers.

Android factory reset not enough to keep data secure
If you sell or gift your old Android phone to someone, is it enough to do a factory reset to wipe all your sensitive data? And if your Android gets stolen, how sure are you that your anti-theft solution will do a good job wiping it and/or locking the device?

Account recovery via secret questions is a bad idea
Secret questions offer far lower security than user-chosen passwords, and should never be used as the only way to reclaim access to a lost account, Google researchers have confirmed.

mSpy finally admits they’ve been hacked
After having first denied that they suffered a breach and had their customer’s data stolen and leaked on the Dark Web, mobile spyware maker mSpy has finally admitted that the incident happened, but they claim that only 80,000 customers (and not 400,000) have been affected.

More about

Don't miss