Week in review: Investigating Android permissions, a new malware detection method, and a drastic decline in online vulnerabilities
Here’s an overview of some of last week’s most interesting news, interviews, videos and articles:
App retrieving contactless credit card details pulled from Google Play
The Near Field Communication (NFC) protocol – supported and present on the latest smartphones – can be misused to steal data, say Symantec researchers.
LulzSec duo pleads guilty to hacking charges
UK nationals Jake Davis (aka “Topiary”) and Ryan Cleary have officially admitted to being members of the infamous LulzSec hacking collective as they pleaded guilty to mounting attacks against a number of high-profile websites.
Investigating Android permissions
In this video recorded at Hack in The Box 2012 Amsterdam, Georgia Weidman – founder of Bulb Security, penetration tester, security researcher, and trainer – dissects the permissions granted to a very popular application and talks about the various implications that not only invade your privacy but can actually cost you money. She also offers tips on how to protect yourself.
Computer forensics training in Prague
In this interview, Gareth Dance, Conference Director, EMEA, SANS Institute, talks about SANS Forensics Prague 2012.
Massive botnet shut down after botmaster’s arrest
Following an investigation that lasted 10 months, Russian police authorities have managed to arrest the 22-year-old operator of one of the largest botnets known to date.
Zeus malware strain infecting 1 in 50 PCs
ThreatMetrix Labs came across a new variant of the P2P version of the Zeus Trojan. One of the main changes to this variant is the way it encrypts its configuration file – which make all automatic detection routines fail to recognize the Trojan.
MI5 describes astonishing level of cyber attacks
MI5 has admitted that it is working to counter astonishing levels of cyber-attacks on UK industry. Head of MI5, Jonathan Evans, commented that vulnerabilities on the internet are currently being “exploited aggressively not just by criminals but also states’.
OS X Mountain Lion will include automatic security updating
Apple’s OS X Mountain Lion (version 10.8) is due to be released next month, and its latest Developer Preview shows a new addition meant to keep its users secure: the automatic security check feature.
Researchers break RSA SecurID 800 token in 13 minutes
An international team of scientists that goes by the name of “Team Prosecco” claims to have devised attacks that manage to extract the secret cryptographic key from RSA’s SecurID 800 token, as well as many other similar commercial solutions.
Customized webinjects for Zeus and SpyEye Trojans on sale
Criminals are now selling customized webinjects that are priced per feature. For example, one seller offers a webinject for Zeus/SpyEye that contains the automatic transfer system (ATS).
Removing the fear factor from BYOD
BYOD is no different to any other technologies, in that organizations which keep ahead of threats with best practice will always be better prepared to combat risk, and will be more secure as a result. Here are the top five practical tips which security pros can use as a starting point to ensure better network security against some of the challenges posed by BYOD.
FBI arrests 24 carders in online sting, UGNazi leader is among them
Following a two-year undercover operation led by the FBI, a coordinated action involving law enforcement agencies from 13 countries has led to the arrest of 24 individuals involved in “carding” crimes both in the US and abroad.
Massive crime ring automates bank fraud, steals tens of millions
Two-factor authentication schemes have definitely been proven to be ineffectual as news of a massive global financial services fraud campaign that targeted well-moneyed individual and organizations exploded on the Internet.
Do passwords matter?
Paul Asadoorian, Product Evangelist for Tenable Network Security, talks about the things that really matter when it comes to passwords.
Companies routinely share sensitive information via email
PhoneFactor announced a new survey data regarding the vulnerability of company email systems. The majority of respondents reported that highly sensitive information about their corporate strategy or customer base is communicated via email. For 80% of respondents, the only thing standing between an attacker and this email communication is a username and password.
ISO 27001 implementation: How to make it easier using ISO 9001
ISO 27001 and ISO 9001 may seem like quite different standards, but when you take a closer look at both, you can find a lot of similarities. They have the same Plan-Do-Check-Act (PDCA) cycle, four mandatory procedures are the same (Internal audit, Document control, Corrective action and Preventive Action), the role of management is very similar etc.
Scientists reveal new malware detection method
Scientists from NQ Mobile’s Mobile Security Research Center, in collaboration with North Carolina State University disclosed a new way to detect mobile threats without relying on known malware samples and their signatures.
The fluctuation of compliance
When it comes to PCI compliance, it’s a fallacy that if an enterprise “ticks all the boxes’ it will be protected from attack. PCI compliant organizations can, and do, get breached. This is because compliance fluctuates. Enterprises should be monitoring compliance levels over time, continuously, as this is what is critical to maintaining a secure working environment.
Radical reduction in online vulnerabilities
WhiteHat Security reviewed serious vulnerabilities in websites during 2011, examining the severity and duration of the most critical vulnerabilities from 7,000 websites across major vertical markets.
12% of Fortune 500 infected with DNSChanger malware
IID announced that 12 percent of all Fortune 500 companies and four percent of “major” U.S. federal agencies are still infected with DNSChanger malware. These findings come less than two weeks before the July 9 deadline that requires the FBI to take down the temporary servers that enable millions of computers and routers infected with DNSChanger to still reach their intended Internet destinations.
Online behavioral tracking often violates privacy practices
Keynote Systems announced the results of an in-depth analysis of online behavioral tracking on 269 Websites across four industries – News & Media, Financial Services, Travel & Hospitality and Retail.