Week in review: Currency rounding attacks, Trustworthy Computing Initiative anniversary, and how to foil targeted attacks
Here’s an overview of some of last week’s most interesting news, podcasts, reviews and articles:
Most unusual laptop recovery stories
From the good, the bad, and the downright dangerous, here are the “Best Of” recovery stories.
5 reasons to enforce email monitoring
Managing storage continues to be one of the most significant challenges for email management, but the right tools can change this from a daily headache to an easy win. Email monitoring gives administrators those tools; providing detailed information on how email is being used, both internally and externally.
Stratfor hack exposes UK, US and NATO officials to danger, phishing
Cyber-security expert John Bumgarner has rifled through the information leaked by Anonymous, and he has ascertained that thousand of emails and passwords belonging to UK, US and NATO officials were made public.
DotA 2 and Diablo III beta testing crack files carry malware
Gamers are known for their impatience when it comes to trying out updates and new packs for popular games, and cyber crooks are always ready to take advantage of that.
Exploit code for recent ASP.NET DoS flaw made public
The ASP.NET DoS flaw that has recently been revealed at the Chaos Communication Congress in Berlin has been patched by Microsoft in almost record time, but users who have not already implemented the patch should definitely hop to it as the proof-of-concept exploit code for the vulnerability has been made public.
Police system compromised due to parental spying
The Patras program, used by the German Federal Police for surveillance and tracking of suspects and their vehicles via GPS, has recently been suspended for a while and its servers taken offline due to a breach that was made possible by a most bizarre chain of events.
Is your online bank vulnerable to currency rounding attacks?
In the 12+ years of doing penetration tests against various critical environments, we’ve seen numerous online banking servers and found all sorts of vulnerabilities in them, including bugs that allowed users to take money from other users’ accounts, make unlimited overdrafts on their own accounts, transfer negative amounts to other accounts (effectively sucking other users’ money from these accounts) and even – frightening as it may sound – create unlimited amounts of money out of thin air.
Spam emails link to QR codes
It was just a matter of time, and now it’s happening. The Websense ThreatSeeker Network has started spotting spam messages that lead to URLs that use embedded QR codes.
Android Trojan masquerades as phone optimizer app
F-Secure researchers have recently spotted ads for such a market beings served on an Android-related site, and having followed it, they discovered that it hosts a number of malicious sites that push bogus/malicious apps. One of those poses as a “Phone Optimizer” app that supposedly reveals hidden functions.
Google admits profiting from ads for illegal sites
You should know by now that the fact that Google is serving you an advertisement does not mean that it’s safe to click on it. Time and time again examples of malware being pushed via Google’s AdWords program have been detected by researchers.
Easy ways to protect your privacy and data
Defence Intelligence has created the following seven computer security resolutions to help people protect their privacy, their data, and their wallets.
Hacks of Chinese sites either inside jobs or faked
Last week’s news that hacks of a number of high-profile sites resulted in the compromise of personal and financial information of over 100 million Chinese Internet users has been revealed as inaccurate.
Preventing Good People From Doing Bad Things
As the number of known security breaches seemingly rises exponentially with every passing day, business managers and the general public are becoming increasingly aware of a fact that has been very well known to IT professionals for quite some time now: the majority of breaches are caused by insiders (i.e. employees). Whether they do so intentionally or not it’s beside the point – what’s important is that they are able to. So how can an organization stop that from happening?
Phishing emails from spoofed US-CERT addresses
According to the organization, the email was sent to employees of many private sector organizations and of federal, state, and local governments.
The anatomy of the Gameover Zeus variant
The “Gameover” malware is a relatively new, “private” version of ZeuS. Support for the distributed command and control (C2) tools, integrated into the ZeuS botnet, were implemented at the request of one of the “private” clients of the ZeuS author.
Scammy “Pink Facebook” offer
You might be bored with Facebook’s standard blue look and ask yourself why the social network doesn’t allow for a change of color, but please don’t make the mistake of falling for the offers – supposedly endorsed by your friends – for turning your Facebook pink, red or black.
How to foil targeted attacks
In this podcast recorded at RSA Conference Europe 2011, Bradley Anstis, VP of Technical Strategy at M86 Security, talks about how most technologies used so far to prevent targeted attacks are beginning to falter and about the need for proactive defensive technologies.
Volume and sophistication of attacks to increase
Based on activity levels observed in the second half of 2011, the growing pace, volume and sophistication of attacks suggest consumers, small businesses and corporations will need to grow increasingly vigilant over the next year.
Reactions from the security community to the Trustworthy Computing Initiative
This past week, Microsoft celebrated 10 years of its Trustworthy Computing Initiative (TwC). One of the most well-known outcomes of Trustworthy Computing is the Microsoft Security Development Lifecycle (SDL), which also incorporates privacy development practices. Many companies, including Adobe and Cisco, have adopted security development lifecycles modeled after Microsoft’s SDL.
Chinese using malware to attack US DoD smart card security
AlienVault found evidence of Chinese-originated attacks against the US government agencies including the US Department of Defense (DoD), which use a new strain of the Sykipot malware to compromise DoD smart cards.