 |
US News |
"M-Trends report: Nearly 70 percent of breached firms alerted by outside source", SC Magazine, 24 February 2015. According to a report by FireEye, many organizations (including law enforcement) lack sufficient breach detection capabilities. FireEye found that 69% of breached entities were notified by an external source, and it wasn't until over 200 days that organizations detected intrusions, on average. Attackers use a mix of innovative and tried-and-true methods to hack into VPN's, steal credentials, and more. (ID: 14-50220) See http://www.scmagazine.com/m-trends-report-nearly-70-percent-of-breached-firms-alerted-by-outside-source/article/399928/
"New Jersey Congressmen to reintroduce privacy bill", SC Magazine, 23 February 2015. Following the dramatic increase of high-profile data breaches in the recent few years, Sen. Robert Menendez (D-NJ) and Rep. Albio Sires (D-NJ) urged other lawmakers to reintroduce legislation that was intended to protect consumers from data breaches. Menedez also persuaded Federal Trade Commission (FTC) Chairwoman Edith Ramirez to ask Congress to give the FTC greater authority to penalize companies that put consumer's data at risk. (ID: 14-50221) See http://www.scmagazine.com/legislation-would-offer-bill-of-rights-as-breach-protection/article/399712/
"After Superfish-Lenovo incident, Facebook probes larger issue of SSL-sniffing adware", SC Magazine, 23 February 2015. In the wake of Lenovo's Superfish scandal, Facebook researchers investigated other applications that use the same SSL decryption library used by Superfish. They found "over a dozen" other applications that work similarly to Superfish, thereby allowing MitM attacks on SSL communications and giving hackers the ability to intercept encrypted communications like online banking. (ID: 14-50222) See http://www.scmagazine.com/superfish-lenovo-incident-sparks-broader-facebook-investigation/article/399706/
"Google Cloud Security Scanner released in beta", SC Magazine, 23 February 2015. The Google Cloud Security Scanner beta has been released by Google, who designed the tool to be used to scan for vulnerabilities in apps running in the Cloud. Unlike similar programs that use basic approaches like HTML scanning, the Cloud Security Scanner uses more advanced parsing and rendering techniques to lower rates of false-positives and increase usability. (ID: 14-50223) See http://www.scmagazine.com/google-cloud-security-scanner-nearly-wipes-out-false-positives/article/399700/
"On Patch Tuesday, Microsoft unveils fix for critical Windows flaw 'JASBUG'", SC Magazine, 10 February 2015. Microsoft patched a major vulnerability known as JASBUG, which could give an attack complete control over a system. Though the vulnerability was reported to Microsoft in January of last year, JASBUG's nature as a "fundamental design flaw" meant that Microsoft had to spend an entire year to "re-engineer core components of the operating system and to add several new features.” (ID: 14-50225) See http://www.scmagazine.com/microsoft-addressed-56-bugs-issues-fix-for-jasbug/article/397477/
"Community debates encryption's value in Anthem incident", SC Magazine, 06 February 2015. Following the breach of health insurer Anthem Inc., questions are being raised as to how much of an impact encryption really had on minimizing the impact of the attack. Technically, health ensurers are not required to encrypt protected health information; however, some believe that even if Anthem's data was encrypted, the fact that the intruder had elevated credentials would have made encryption useless. (ID: 14-50226) See http://www.scmagazine.com/anthem-breach-sparks-discourse-on-encryption/article/396989/
"BlackBerry Names New Chief Security Officer", Security Magazine, 10 February 2015. David Kleidermacher has replaced Scott Totzke as the Chief Technology Officer (CTO) at Blackberry Ltd. Blackberry hopes that Kleidermacher's experience with the Internet of Things and embedded systems will help Blackberry meet its security goals. (ID: 14-50227) See http://www.securitymagazine.com/articles/86093-blackberry-names-new-chief-security-officer
"Bank Hackers Steal Millions via Malware", The New York Times, 14 February 2015. In what experts think could be the biggest bank theft ever, cybercrime group "Carbanak" was found by Kaspersky Labs to have stolen a minimum of $300 million from over 100 financial institutions in 30 countries. The sophisticated attack utilized remote-access tools to monitor the activities of bank employees. The hackers were then able to gain access to ATM and dispense money on command, or move money between accounts. (ID: 14-50228) See http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?_r=1
"EU parliament bans the Microsoft mobile Outlook app", Cyber Defense Magazine, 17 February 2015. Due to security and privacy concerns over Microsoft's mobile Outlook app, the EU parliament has decided to ban politicians from using the app. It is feared that sensitive data from politicians could fall into the wrong hands, though Microsoft denies claims that the app is vulnerable because credentials are “double-encrypted using a server per-account unique key”. (ID: 14-50229) See http://www.cyberdefensemagazine.com/eu-parliament-bans-the-microsoft-mobile-outlook-app/
"Obama signed a new Executive Order on sharing cyber threat information", Cyber Defense Magazine, 16 February 2015. U.S. President Obama has signed an executive order that is intended to promote cyber intelligence sharing between industry and government. Throughout his term -- which has likely seen more cyber issues than any other presidency -- president Obama has had a strong focus on promoting cyber security. (ID: 14-50230) See http://www.cyberdefensemagazine.com/obama-signed-a-new-executive-order-on-sharing-cyber-threat-information/
"Dyre banking trojan tweaked to spread Upatre malware via Microsoft Outlook", Cyber Defense Magazine, 04 February 2015. The Dyre banking trojan, which became famous last summer for bypassing SSL and targeting global banks, has been re-vamped for 2015. Dyre uses Microsoft Outlook, in conjunction with Upatre malware and advanced evasion techniques, to intercept sensitive data and propagate. The University of Florida became a notable victim after hundreds of university computers were infected within hours. (ID: 14-50231) See http://www.cyberdefensemagazine.com/dyre-banking-trojan-tweaked-to-spread-upatre-malware-via-microsoft-outlook/
"Lenovo Releases Superfish Removal Tool", Infosecurity Magazine, 23 February 2015. After facing harsh criticism for shipping laptops pre-loaded with the "Superfish" adware, Lenovo has released a tool that users can use to remove the controversial software. Days before, the US-CERT warned Lenovo customers that Superfish left them vulnerable to SSL spoofing attacks. Because Superfish uses its own CA certificate, it would be very easy for a hacker to trick an affected machine into trusting fake versions of websites. (ID: 14-50232) See http://www.infosecurity-magazine.com/news/lenovo-releases-superfish-removal/
"Gemalto SIM Cards Hacked by American, British Spies—Report", Infosecurity Magazine, 20 February 2015. Dutch SIM card manufacturer Gemalto is investigating a purported breach by British and American intelligence agencies. According to Snowden documents, the NSA and GCHQ have both obtained SIM card encryption keys in order to collect telecommunications data. (ID: 14-50233) See http://www.infosecurity-magazine.com/news/gemalto-sim-cards-hacked-spies/
"Kasperky Lab Unveils ‘Equation’: the Grand Daddy of APT Groups", Infosecurity Magazine, 17 February 2015. Kaspersky Labs has brought to light what it calls the "Equation Group": a 20-year old, well-resourced cyber attack group that has a particular aptitude towards advanced encryption and obfuscation. Equation appears to primarily target governments in the Middle East and Asia, and has also used techniques that are very synonymous with the methods used by Stuxnet. (ID: 14-50234) See http://www.infosecurity-magazine.com/news/kasperky-equation-group-grand/
(ID#:14-3727)
Note:
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.