In the News (2014 - Issue 3)
- The Limits of Packet Capture, Information Security Buzz, 21 July 2014. Packet capture data can be invaluable in digital forensics, but it is important to remember that it has its shortcomings. There are many scenarios where packet capture does not provide complete data, or is insufficient at accomplishing what it is often intended to do. (ID#: 14-50032) See http://www.informationsecuritybuzz.com/limits-packet-capture/
- Sestus Warns Users to Be Careful of Business Centre Networks, Information Security Buzz, 22 July 2014. With the summer travel season at its peak, the U.S. Secret Service warned the hospitality industry of the cyber threat posed by public PCs and networks. Cyber criminals can introduce malware onto these systems that can sniff for passwords other personal, sensitive information. (ID#: 14-50033) See http://www.informationsecuritybuzz.com/sestus-warns-users-careful-business-centre-networks/
- We Are Better Protected When We Work Together, Information Security Buzz, 21 July 2014. The cyber threats of today require advanced technologies and sophisticated methods to thwart, but at the end of the day, threat sharing is one of the greatest tools against such threats. Working together can help identify patterns in cyber attacks and disrupt the activities of cyber criminals. (ID#: 14-50034) See http://www.informationsecuritybuzz.com/better-protected-work-together/
- Google Hires A Star-Studded Team Of Hackers To Fix The Internet, Forbes, 15 July 2014. In response to recent vulnerabilities like the Heartbleed bug, Google has put together a team of accomplished hackers to scour the internet for bugs and security flaws. Google's Chris Evans, who is heading recruitment for the so called "Project Zero", believes security flaws are a threat to humans rights and industry. (ID#: 14-50035) See http://www.forbes.com/sites/jaymcgregor/2014/07/15/google-hires-a-star-studded-team-of-hackers-to-fix-the-internet/?ss=Security
- Attackers abusing Internet Explorer to enumerate software and detect security products, AlienVault, 25 July 2014 (Blog post). A discussion and analysis of the techniques and code snippets used by hackers to exploit Internet Explorer flaws to detect software on a victim’s computer. (ID#: 14-50036) See http://www.alienvault.com/open-threat-exchange/blog/attackers-abusing-internet-explorer-to-enumerate-software-and-detect-securi/
- Survey confirms AETs are real and dangerous threats, TechRepublic, 23 July 2014. The combination of Advanced Persistent Threats (APTs) and Advanced Evasion Techniques (AETs) allows hackers remain undetected while communicating with remote malware. According to a McAfee report, AET technology is widely misunderstood and not measures to defeat them are inadequate. (ID#: 14-50037) See http://www.techrepublic.com/article/survey-confirms-aets-are-real-and-dangerous-threats/#ftag=RSS56d97e7
- Stealing unencrypted SSH-agent keys from memory, NetSPI Blog, 21 July 2014 (Blog post). The use of software like SSH-agent to manage SSH keys on numerous computers can be handy and save time, but it can allow hackers to extract a decrypted SSH key from memory by using a few advanced techniques. (ID#: 14-50038) See https://www.netspi.com/blog/entryid/235/stealing-unencrypted-ssh-agent-keys-from-memory
- What is memory safety?, Programming Languages Enthusiast, 21 July 2014 (Blog post). An attempt to define and examine memory safety, specifically in the C programming language. Buffer overflows, dynamic memory errors, out-of-memory errors, and misuse of pointers can cause instabilities and vulnerabilities in programs. (ID#: 14-50039) See http://www.pl-enthusiast.net/2014/07/21/memory-safety/
- Organizations Slow at Patching Heartbleed in VMware Deployments: Report, SecurityWeek, 25 July 2014. Despite VMwareís releast of patches to address the Heartbleed vulnerability, a substantial number of organizations are vulnerable to Heartbleed attacks. The number of vulnerable systems decreased dramatically in the weeks following the disclosure of the infamous bug, but it might take years before all of them have been patched. (ID#: 14-50040) See http://www.securityweek.com/organizations-slow-patching-heartbleed-vmware-deployments-report
- Fake Googlebots Increasingly Serve as Tools for DDoS, SecurityWeek, 24 July 2014. Bots are used by Google to help index the web and provide search results, but fake Googlebots are being used for malicious purposes. These impostors can be used for acquiring marketing data, hacking, spamming, and even executing layer 7 DDoS attacks, in an increasing trend. (ID#: 14-50041) See http://www.securityweek.com/fake-googlebots-increasingly-serve-tools-ddos-incapsula
- UK Travel Company Fined After Card Data Hack, SecurityWeek, 25 July 2014. Think W3 Ltd., a UK-based travel company, was fined £150,000 after a lapse in security compromised payment card details of over 1.1 million customers. The hackers were able to SQL injection on a login page for an internal system, enabling them to acquire administrative access and thus obtain data held on the server. (ID#: 14-50042) See http://www.securityweek.com/uk-travel-company-fined-after-card-data-hack
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.