Cyber Security Institute

Wednesday, June 26, 2013

Tackling cyber threats will require regional cooperation (AP)

James Clapper, the United States’ director of national intelligence, also reports in the “US Intelligence Community’s Worldwide Threat Assessment” of March that there has been a significant increase in state actors’ use of cyber capabilities, and this could possibly lead to an increase in the probabilities of miscalculations, misunderstandings and unintended escalation. The CSIS report suggests that malicious activity in cyberspace, which could inflame existing tensions or increase misperception and miscalculation among governments of the intent and risk of cyber actions, poses the greatest cyber risk to security in Asia. Furthermore, there is no international or regional agreement on clear and harmonised definitions for what constitutes “cyber security”, “cyber attack” or “cyber defence” - lines between cyber crime, cyber espionage and cyber attack are also ambiguous.



Mobile malware attacks grow 614% in year to March - study

Attacks on mobile devices increased 614 percent between March 2012 and March 2013, compared to 155 percent growth a year earlier, according to Juniper Networks. Nearly 73 percent of malware are Fake Installers or SMS Trojans, which exploit holes in the nascent mobile payment systems. These threats either trick users or secretly send text messages to premium numbers set up by attackers to turn a quick profit.


Attackers sign malware using crypto certificate stolen from Opera Software

Hackers penetrated network servers belonging to Opera Software, stole at least one digital certificate, and then used it to distribute malware that incorrectly appeared to be published by the browser maker. “The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware,” Wednesday’s advisory stated. It is possible that a few thousand Windows users, who were using Opera between June 19 from 1.00 and 1.36 UTC, may automatically have received and installed the malicious software.”


Tuesday, June 25, 2013

Unified database security software to help prevent intrusions

Cloud-service providers, database-hosting companies, large enterprises and small service providers can deploy unified database security software to prevent intrusions and Structured Query Language (SQL) injection attacks into databases, says Israeli database security company GreenSQL founder and CTO David Maman. The company’s unified database security software parses the protocols and the syntax of connections into a database and analyses the patterns of activity to monitor and manage access to sensitive information. “GreenSQL’s Database Activity Monitoring enables management to see exactly when and which sensitive records their external consultants have been exposed to and what actions they took.”


Monday, June 24, 2013

Cyber-retaliation: How security is becoming a priority for the Middle East

Although Arabic music in the UAE is popular, with so many expats living in the country Abu Dhabi and Dubai have become mainstay slots in bands’ international tours, with artists such as the Stone Roses, Metallica, Bruno Mars, Guns n’ Roses and Kanye West having played here so far this year. In April, the analyst group IDC reported that in the Middle East, a lack of adherence to IT security policies by employees was the number one challenge faced by IT professionals, followed by the threat of increasingly sophisticated attacks. The analysts said that with the combined growth of mobile devices used in the workplace that require securing, the increasing sophistication of threats and the (albeit it slow when compared to Europe and the US) growth of cloud services, organisations in the region are beginning to change their security strategy, turning to managed security services. The amount of money spent on IT security is growing at 15 percent a year, IDC said, and in some cases, companies are spending big to protect their networks.



Saturday, June 22, 2013

Phishing attacks up 87 per cent: Report

Phishing attacks, the most common form of cyber crime, are on a rise, both in India and globally. According to a recent report by Russian cyber security firm Kaspersky Lab, 37.3 million users around the world were subjected to phishing attacks in 2012-13, up from 87 per cent a year ago. Roughly 10 per cent - 3.7 million annually or around 10,000 per day - of these attacks were targeted at India, which is the third biggest victim after Russia and the US. Kaspersky found that 87.9 per cent of attacks were launched when users were surfing the web services of Yahoo, Facebook, Google and Amazon being targeted the most by hosting fake copies of these websites.


Friday, June 21, 2013

Botnets now target enterprise apps

According to Jan Poczobutt, vice president of sales at Barracuda Networks, botnets traditionally only picked on a few computers, are initiated through a command-and-control (C&C) server and were used for spamming during distributed denial of service (DDoS) attacks. Enterprises could simply filter botnets by adding them to the spam list but today, attackers have changed the way they use botnets, Poczobutt noted, speaking to ZDNet Asia in a phone interview on Friday. For example, botnets are able to go into the applications and through a series of apps looking like user request, they can bring down entire applications, he explained.



Sunday, June 16, 2013


The Open Web Application Security Project (OWASP) have published the top 10 most dangerous vulnerabilities in web-applications for 2013. This release comes to raise awareness about application security by identifying some of the most critical risks facing organizations. Injection flaws, such as SQL, OS, and LDAP injection remains the top security vulnerability for web application. This widely used bug allows attacker’s hostile data to trick the interpreter into executing unintended commands or accessing data without proper authorization.


Friday, June 14, 2013

Varonis welcomes Bank of England’s high levels of concern on cyberattacks

“Our observations suggest that the vast number of breaches occurring on an almost daily basis indicates that businesses – just like individuals – are still struggling to get the basics right when it comes to securing their data.” — David Gibson, Varonis Vice President . “In the results of a survey we released in April of this year (, we found that 91% of people trust businesses to keep their data safe – despite PWC reported data breaches for 93% of large organisations and 87% of small businesses being seen so far this year,” he added.


Thursday, June 13, 2013

MBR-wiping malware targets German victims

A new MBR-based hack is now targeting German users, who are at risk of having their systems rendered unusable by malware being sent via spam messages. Trend Micro recently uncovered what it terms a “noteworthy backdoor” as an attached file in certain spam variants sent to German recipients. The spam sample the security firm found tells recipients they have to pay a certain debt, the details of which are contained in the attachment. Like any backdoor, it (BKDR_MATSNU.MCB) performs certain malicious commands, which include gathering machine-related information sent to its command-and-control (C&C) server. “This particular malware, on top of its ability to remotely control an affected system, is able to wipe out the Master Boot Record – a routine that had previously caused a great crisis in South Korea,” noted Lenart Bermejo, threat response tech lead at Trend Micro.



Wednesday, June 12, 2013

Gartner Says by 2019, 90 Percent of Organizations Will Have Personal Data on IT Systems They Don’t O

Gartner predicts that by 2019, 90 percent of organizations will have personal data on IT systems that they don’t own or control. And, yet in most scenarios the organization is still ultimately accountable for the personal data on its IT systems,” said Carsten Casper, research vice president at Gartner.


Tuesday, June 11, 2013

New backdoor ‘KeyBoy’ malware hits Asia with targeted attacks

Users from Vietnam, India, China, Taiwan and possibly other countries, were targeted as part of an attack campaign that uses Microsoft Word documents rigged with exploits in order to install a backdoor program that allows attackers to steal information, according to researchers from security firm Rapid7. One of the malicious documents found by Rapid7 researchers is written in Vietnamese and is about best practices for teaching and researching scientific topics. This suggests that the targets of attacks where this document was used are part of the Vietnamese academic community, Rapid7 researchers Claudio Guarnieri and Mark Schloesser said Friday in a blog post. Identified as CVE-2012-0158 and CVE-2012-1856, respectively, these vulnerabilities affect Microsoft Office 2003, 2007 and 2010, and were patched by Microsoft in 2012 as part of the MS12-027 and MS12-060 security bulletins.

Seculert uses big data security analytics to precisely identify APTs and other malware

Palo Alto (News - Alert) Networks, a provider of network security solutions, has introduced its appliance for the deployment of a private cloud solution for the detection, analysis and prevention of advanced persistent threats (APTs). The Palo Alto Networks WF-500 appliance is designed to address the needs of customers who wish to gain access to comprehensive sandbox detection and analysis capabilities of the Palo Alto Networks public cloud-based WildFire subscription offering on a customer-owned platform.



Sunday, June 09, 2013

Survey shows 79% of businesses experienced a mobile security incident in past year

The new report, The Impact of Mobile Devices on Information Security, shows that 67% of firms allow personal mobile devices to connect to their networks. 88% of devices were used for corporate email, 53% had customer data stored on them, 49% had corporate data in business apps, and 48% had network logins stored. Despite this, 63% organisations said they do not attempt to manage corporate information on employee-owned devices, and just 23% use mobile management tools or a secure container on the device. 66% of respondents said they felt that careless employees posed a greater risk than cybercriminals. Surge in personal mobile devices connecting to the corporate network - 96% of respondents say the number of personal devices connecting to their corporate networks is growing, and 45% have more than five times as many personal mobile devices as they had two years ago.



Wednesday, June 05, 2013

RSA’s Art Coviello points to Big Data approach to combat cyber security challenges

Leveraging Big Data approaches to security can help make the much-needed intelligence-driven security model – comprised of pervasive monitoring and threat intelligence sharing – a reality for organizations that face growing and sophisticated cyber-attacks. In his opening keynote at RSA Conference Asia Pacific 2013, Art Coviello, Executive Vice President of EMC Corporation and Executive Chairman of RSA, The Security Division of EMC, outlined how leveraging Big Data approaches to security can help make the much-needed intelligence-driven security model a reality for organizations in the face of growing and sophisticated cyber-attacks. While addressing the crowd at RSA Conference Asia-Pacific held in Singapore, Coviello explained that within many organizations, a lack of understanding and knowledge and unbalanced security budgets are current impediments to the adoption of an intelligence-driven security model.


Tuesday, June 04, 2013

Understanding Risk in Real-Time: Where Will Your Next Breach Come From?

Three out of four intrusions exploit weak or stolen (but otherwise legitimate) credentials, and another 13 percent result from misuse of information by privileged users, according to Verizon’s 2013 Data Breach Investigation Report. The solution is harnessing the big data in the trillions of access relationships — the ever-changing information related to who is accessing what resources for what purpose — to better understand what is really going on. As Gartner says, “[Big Data] is a class of information processing problem that, due to the volume, velocity, variety and complexity of the data, requires different approaches to support analytics to derive cost-effective, timely, business-relevant insight.” While big data has been used effectively by line of business to analyze customer purchase behavior, inventory turns, or other critical data, it also offers tremendous promise for IT security to manage business better.


Monday, June 03, 2013

Targeted attacks on the rise

There has been a significant spike in instances of the Koobface social networking worm and a dramatic increase in spam, according to the McAfee Threats Report: First Quarter 2013. McAfee Labs has also found continued increases in the number and complexity of targeted threats, including information-gathering Trojans and threats targeting systems’ master boot records (MBRs). In the company’s latest study, it found almost three times as many samples of Koobface as were seen in the previous quarter, which is a high point for the social networking worm that targets Facebook, Twitter and other social networking service users. But the increase in the number and sophistication of targeted advanced persistent threats (APTs) represented the most notable evolution in the threat landscape, as information becomes as valuable as money on the cybercrime landscape. The report found a 30 percent increase in MBR-related malware and new instances of password-stealing Trojans being repurposed to capture information on individuals and organisations beyond the financial services industry.