Week in review: The evolution of the CISO, a simple Gatekeeper bypass, and Stagefright 2.0

Here’s an overview of some of last week’s most interesting news and articles:


Leaked Hacking Team emails show Saudi Arabia wanted to buy the company
Emails stolen in the Hacking Team breach and leaked online by the still unknown attackers continue to be analyzed, and offer insight into the inner workings and controversial relationships the infamous Italian spyware maker engaged in.

Yahoo open-sources Gryffin, a large scale web security scanning platform
The developers’ goal was to create a security scanner that will be able to both discover as much of the application footprint as possible (crawl phase), and to test the various parts of it for specific vulnerabilities (scan phase).

Mobile ad network exploited to launch JavaScript-based DDoS attack
A type of DDoS attack that has until now been mostly theoretical has become reality: CloudFlare engineers have spotted a browser-based Layer 7 flood hitting one of its customers with as many as 275,000 HTTP requests per second.

Is your network suffering from the trombone effect?
This occurs in a network architecture that forces a distributed organization to use a single, secure exit point to the Internet, and vice versa.

Oysters tablet comes preinstalled with Trojanized Android firmware
Keeping your mobile device free of malware requires intentional care, but sometimes even that is not enough. As Dr. Web researchers recently pointed out, a device you buy from a manufacturer or one of its resellers can already be compromised.

The evolution of the CISO in today’s digital economy
As the digital economy becomes ever more connected and encompasses all industries, we’re reaching a point where every company today is a technology company. At the same time, while the title of the CISO will still exist in the years ahead, the skills required to attain and retain the title are changing quickly and current CISOs need to learn new skills beyond what they’ve historically focused on to succeed.

Do security flaws with life-threatening implications need alternative disclosure?
If security researchers get no response from manufacturers when disclosing vulnerabilities with life-threatening implications, the majority of IT security professionals (64%) believe that the information should then be made public, according to AlienVault.

XOR DDoS botnet launching attacks from compromised Linux machines
Attackers have developed a botnet capable of 150+ Gbps DDoS attack campaigns using XOR DDoS, a Trojan malware used to hijack Linux systems.

Too many vulnerable medical systems can be found online
Researchers Scott Erven and Mark Collao used Shodan, a search engine for Internet-connected devices, to discover medical devices that might be exposed to attack.

Hilton, Trump hotel chains hit by PoS malware
Payment card data of visitors of a number of Hilton and Trump hotels in the US have been compromised, and some of it is being already used by crooks to rack up fraudulent charges.

Scammers use Google AdWords, fake Windows BSOD to steal money from users
Faced with the infamous Windows Blue Screen of Death (BSOD), many unexperienced computer users’ first reaction is panic. If that screen contains a toll free number ostensibly manned by Microsoft technicians who are there to help users overcome this problem, many are probably tempted to pick up the phone.

500 million users at risk of compromise via unpatched WinRAR bug
A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers to compromise a machine on which the software is installed.

Fake PayPal app is going after German users’ banking credentials
An email spam run impersonating PayPal is actively targeting German Android users and trying to trick them into downloading what is ostensibly the official PayPal app, but is actually a banking Trojan.

The barriers to cybersecurity research, and how to remove them
Earlier this year, a considerable number of computer scientists and lawyers, from academia, civil society, and industry, congregated at UC Berkeley School of Law to take part of a workshop aimed at discussing legal barriers and other deterrents to cybersecurity research, and to propose concrete answers to those problems.

Compromising Macs with simple Gatekeeper bypass
Patrick Wardle, director of research at security firm Synack, has discovered a worryingly simple way to bypass OS X’s Gatekeeper defense mechanism: just bundle up a legitimate Apple-signed app with a malicious, unsigned one placed in the same directory, and wrap it all up in an Apple disk image file.

7 key global DDoS trends revealed
The global research reveals more activity around targeted, smaller assaults aimed at distracting firms’ IT departments while malware is installed to steal valuable corporate data.

Stagefright 2.0: A billion Android devices could be compromised
Most Android users are, once again, in danger of having their devices compromised by simply previewing specially crafted MP3 or MP4 files.

Unexpectedly benevolent malware improves security of routers, IoT devices
At this point in time, the existence of a botnet comprising of tens of thousands of compromised routers and other IoT devices is not news. Nevertheless, this latest one mapped by researchers is a special one, as it seems that its herder does not have malicious intentions. Quite the opposite, in fact. Armed with a piece of code that the researchers dubbed Wifatch, the individual behind this scheme aims to secure the devices against compromise by malware and other bot herders.

Exposing fraud behavior patterns associated with compromised identities
Timeliness of detection and diversity of data sources are critical factors in countering attempts to compromise consumer identities.

Personal info of 15 million T-Mobile USA customers stolen in Experian breach
Personal information of some 15 million T-Mobile US customers and applicants has been stolen by hackers who managed to breach several Experian servers. The credit agency performs credit checks for T-Mobile USA, and houses the data they need to do that.

Unsurprisingly, companies are not protecting personal information
According to a global survey of privacy and risk professionals, more than half of the 780 respondents say consumers should not feel confident that companies are adequately protecting their information.

More about

Don't miss