Sunday, August 16, 2015

The World this week..(Week of Aug 10th)

1.       Oracle Controversy - Mary Davidson - the CSO of Oracle took to the corporate blog to pen her thoughts on Security titled - "No, You Really Can't". The post sharply admonished enterprise customers for reverse engineering, or hiring consultants to reverse engineer, the company's proprietary software, with the aim of finding as of yet unfixed security vulnerabilities. The post was deleted few hours later but social media continues to either roll its eyes or shout in outrage or just laugh at her.

2.       Marketwire, PR Newswire, and Business Wire -- which distribute press releases for major publicly traded companies -- had its systems penetrated by a pair of Ukraine-based hackers who stole 'market-moving media releases' and used this information to profitably trade and pocket $100m.

3.       Cyber thieves broke into the IT systems of Carphone Warehouse, a large cell phone retailer in the U.K., and may have stolen personal and bank data of up to 2.4 million customers and the credit card details of up to 90,000 customers. Specifically, the division that was attacked operates the OneStopPhoneShop.com, e2save.com and Mobiles.co.uk websites, the company said in an emailed statement.

4.       Update on Android's Stagefright vulnerability - Google issued a four line Patch but that does not work. This highlights the utter shoddiness of the Android ecosystem's processes for updates with three parties involved - Google, Device manufacturer and Telcos. An expert in his tweet response to Samsung / HTC 's plan to issue monthly patches to  carriers said -  "I am giving a steak to my dog, to deliver to you. I'm sure it'll arrive." Stagefright vulnerability allows hackers to just send a text message and hack the Android device.

5.       June was "the worst month of malvertising ever" and Flash zero-day vulnerabilities are partly to blame, say experts. In the first six months of 2015, malvertising was one of the biggest threats to endpoint security, causing an estimated $525 million in damages The kind of malware dropped by malvertising on the endpoint was mostly Ransomware, Banking trojans, or Bot code that abuses endpoints for Click fraud campaigns. Malware + Advertising = Malvertising. As you may recall from the last week's blog - Yahoo was recently missued to deliver malvertising.

6.       The Darkhotel cyberespionage crew keeps adding to its bag of tricks: New evidence shows that the group seems to have latched on to some of the zero-day vulnerabilities exposed by the Hacking Team data dump last month. Known best for breaking into Wi-Fi networks in luxury hotels to target very high-profile corporate and government executives, the team has long depended on zero-day vulnerabilities to strike its targets. Darkhotel has gone through half a dozen or more - zero-days targeting Adobe Flash Player in the past year, investing considerable funds to beef up a quiver meant to hit the proverbial bullseyes. The Darkhotel APT will relentlessly spearphish specific targets in order to successfully compromise systems.

7.       Australians are paying thousands of dollars to overseas hackers to rid their computers of an unbreakable virus known as Cryptolocker. There has been a rise in the number of people falling victim to the latest version of an encryption virus which hijacks computer files and demands a ransom to restore them. The "ransomware" infects computers through programs and credible-looking emails, taking computer files and photographs hostage. It can arrive in an email disguised as an installer of the new operating system in a zip file.

8.       Hackers' arsenal was beefed last week, with a drone armed with software weapons to crack into wireless computer networks at close range, whether they be in skyscrapers or walled compounds. The drone is equipped with software tools used to perform the kind of "penetration testing" done by hackers or computer security professionals who seek vulnerabilities in computer networks. The drone is flown past physical defenses of the targeted victim.


9.       India features among the worst affected countries by Black Vine, a formidable, highly resourced attack group, which is equipped to conduct cyber espionage against targeted organizations. Black Vine typically conducts watering-hole attacks against websites that are relevant to its targets' interests and uses zero-day exploits to compromise computers (Recon, Lure, Exploit kit). If the exploits succeed, then they drop variants of Black Vine's custom-developed malware (Dropper file). These threats open a back door on the compromised computers and allow the attackers to steal information. (Call home and Data theft).


No comments:

Post a Comment