Week in review: Dangerous vBulletin exploit in the wild, Blackhole exploit kit creator arrested
Here’s an overview of some of last week’s most interesting news, videos, interviews and articles:
How to establish trust in the cloud
In order to enforce corporate security policies in the cloud, IT needs to know (1) who is accessing and sharing (2) what documents (3) in which cloud storage service, and (4) that the cloud provider cannot override policies established by the business or access the data itself.
Vulnerable and aggressive adware threatening millions
FireEye discovered a new mobile threat from a popular ad library that no other antivirus or security vendor has reported publicly before.
Video: How the grid will be hacked
There is a never ending stream of vulnerabilities in the mechanical and cyber systems that support the grid. So, why hasn’t there been any significant breach of the grid? This video from DerbyCon focuses on who, what, when, where, and how it will happen.
Brazil determined to stop NSA spying
Perhaps no country in the world has been as vocal about doing something about NSA’s global Internet surveillance reach as Brazil.
Most unauthorized data access goes undetected
With a focus primarily on large enterprise organizations, a Vormetric study of 700 IT security decision-makers indicates that there are major gaps between existing security processes and the technologies currently in place to address insider threats.
Blackhole exploit kit creator arrested
The news that the malware creator that goes by the online handle “Paunch” has been arrested was first tweeted by Fox IT security researcher Maarten Boone, but he couldn’t offer any details.
The Apple and WoW effect
Modern living is defined by pop culture phenomena. In the last few months alone, 4G rollouts, the release of smart watches and launch of long-awaited video games have all generated huge publicity and attention with legions of adoring fans lining up outside stores to get a hold of the latest “must-have’. But besides these visual clues, how else can we measure the success of a product launch? If online, we’re not going to see crowds rushing into stores, so the equivalent is to measure network bandwidth traffic.
Microsoft hands out $128k in bug bounties
As the date of the release of the final version of Internet Explorer 11 for Windows 8 and RT draws near, Microsoft has announced that it has paid out over $28,000 to six researchers who have successfully participated in the month-long bug bounty program for IE 11, and a $100,000 bounty to a UK researcher for finding and responsibly disclosing a Mitigation Bypass vulnerability and creating an exploit for it.
Will arrests tied to Silk Road put a damper on online drug sales?
The Silk Road shutdown and the arrest of his alleged founder and owner have resonated throughout the Deep Wed and have frightened many of its denizens – but not all. Some of the drug dealers using that black market website have easily switched to using lesser known alternative sites such as SheepMarketplace. Others have defiantly been planning to rebuild Silk Road.
Avira, AVG, WhatsApp sites defaced by Palestinian hacktivists
The websites of antivirus vendors Avira and AVG, as well as that of popular IM service WhatsApp, have been defaced by Palestinian hackers affiliated with Anonymous that go by the name “KDMS Team”.
Linux command line cheat sheet
While most people loathe the command line, it is undoubtedly the most efficient way to get things done. If you are one of those who will freak out when you are on the terminal, here’s a list of useful Linux commands that you can use to make your workflow more productive.
Top IT predictions for 2014 and beyond
Gartner has revealed its top predictions for IT organizations and IT users for 2014 and beyond. The predictions for 2014 combine several disruptive topics — Digital Industrial Revolution, Digital Business, Smart Machines and the Internet of Things — that are set to have an impact well beyond just the IT function.
What can we learn from ICS/SCADA security incidents?
ENISA released a white paper giving recommendations regarding prevention and preparedness for an agile and integrated response to cyber security attacks and incidents against Industrial Control Systems. They identified four key points for a proactive learning environment which will in turn ensure a fast response to cyber incidents and their ex-post analysis.
Dangerous vBulletin exploit in the wild
vBulletin is currently positioned 4th in the list of installed CMS sites on the Internet. Hence, the threat potential is huge. The identified vulnerability allows an attacker to abuse the vBulletin configuration mechanism in order to create a secondary administrative account.
WhatsApp encryption flaw revealed, POC code published
A Dutch researcher says that the encryption solution implemented by popular cross-platform IM service WhatsApp is flawed. He claims that the company has not thought it out as well as they should have and that users should be aware that their WhatsApp messages could be easily decrypted by attackers.
Bogus Facebook login page steals credentials, pushes malware
Symantec researchers have recently stumbled upon a phishing site that packs a double whammy: the site asks the user either to log into Facebook or to download an app in order to activate a bogus service that will supposedly let them know who visited their Facebook profile.
Mobile security trends, concerns and misperceptions
The national survey of more than 1,000 U.S. adults underscores how deeply entrenched in American’s daily lives mobile devices have become.
Police requests DNS provider to take down criminal site, CEO asks for court order
Mark Jeftovic, the CEO of Toronto-based domain registrar and managed DNS provider EasyDNS, has published a (second) letter his company received from UK’s Police Intellectual Property Crime Unit asking them to suspend access to a domain that is allegedly “making illicit financial gains for the criminals operating it.”
Google offers rewards for code improvements to open source programs
Google has announced that they plan to reward researchers who aim to “improve the security of key third-party software critical to the health of the entire Internet” with “down-to-earth, proactive improvements that go beyond merely fixing a known security bug.”
Patched IE zero-day and older flaw exploited in ongoing targeted attacks
With this month’s Patch Tuesday, Microsoft has delivered the patch for the infamous Internet Explorer zero-day (CVE-2013-3893) that has been spotted being used in attacks that date as back as three or four months ago and have been tied to the Chinese hacking group that hit Bit9 earlier this year. What has received a little less attention is that a patch for another IE zero-day actively exploited in the wild has been released simultaneously.
Facebook makes every user discoverable by name
Once again, Facebook is doing away with a feature that many users didn’t even know they could use, but a small, privacy-conscious minority is glad to have (had).
The many security problems of ATMs
As much as they are useful, ATMs are also very vulnerable to tampering and attacks from individuals looking for money.