[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
The Logjam Attack
Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.
We have uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed: …
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b3e49b5256&e=20056c7556
Trojanized PuTTY Software
In late 2013âearly 2014, a compromised FTP client dubbed âStealZilla,â based off the open source FileZilla FTP client was discovered. The attackers modified a few lines of code, recompiled the program, and disbursed the trojanized version on compromised web servers. This new attack appears to involve the same actors who reused the same techniques to alter the source code of the widely used open source Telnet/SSH client, PuTTY, and used their network of compromised web servers to serve up similar fake Putty download pages. This new campaign is like the StealZilla campaign in almost every way. This trojanized version of PuTTY harvests credentials and relays the information back to a collection server in the same way too. The operation is very quick and quiet. Login details are sent to attackers using an HTTP GET connection ONLY once.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=827e5eb34e&e=20056c7556
Retailers Take 197 Days To Detect Advanced Threat, Study Says
The most common method retailers used for identifying an advanced threat? “A gut feeling.” While 23 percent used forensic evidence, 21 percent used known attacker signatures, and 16 percent used threat intelligence that had been shared by others in the industry (and 2 percent said “other), a vast 38 percent simply said they had a gut feeling. The answers in finance were: 34% forensics, 23% signatures, 25 % shared intelligence, and only 20% “gut.”
About 22 percent of the security budget, for both industries, was spent on “cyber kill chain activities” — efforts to disrupt an attack before it happens, ranging from the time an attacker begins its reconaissance to just before it carries out its ultimate goal (like data exfiltration).
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0127ba71f4&e=20056c7556
Google Fixes Sandbox Escape in Chrome
Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox.
That vulnerability is one of 37 bugs fixed in version 43 of Chrome. Six of those flaws are rated as high risks and Google paid out more than $38,000 in rewards to researchers who reported vulnerabilities to the company. Among the other serious vulnerabilities are cross-origin bypasses and three use-after-free vulnerabilities.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=f3ad64af00&e=20056c7556
Research Shows Workers Ignoring Known Cyber Risks, Surfing Adult Content and Downloading Unapproved Apps
SUNNYVALE, Calif. â MAY 19, 2015 â Blue Coat Systems, Inc., a market leader in enterprise security, today revealed the results of a global research study of 1580 respondents across 11 countries that highlighted a global trend of employees ignoring cyber risks while at work. Results from the survey found that universally, workers visit inappropriate websites while at work despite typically being fully aware of the risks to their companies.
â Although 65 percent of global respondents view using a new application without the IT departmentâs consent as a serious cyber-security risk to the business, 26 percent admitted doing so.
â Obvious behaviors such as opening emails from unverified senders still happen at work. Nearly one third (29 percent) of Chinese employees open email attachments from unverified senders, even though nearly three out of four (72 percent) see it as a serious risk. US businesses view the threat even more seriously (80 percent) and open less unsolicited emails (17 percent).
â Although six percent of global respondents still admitted viewing adult content on work devices, China ranked as the worst offender with nearly one in five (19 percent) employees admitting to viewing adult content at work, compared to Australia and Germany, both at two percent.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3041c020db&e=20056c7556
World’s first Android app for Installer Hijacking Vulnerability Installer Hijacking Defender launched
BEIJING, May 19, 2015 /PRNewswire/ — World’s first Android app developed specifically for tackling the Installer Hijacking Vulnerability issue, Installer Hijacking Defender is officially launched today in the Google Play Store. According to 360 Security Group, the app is the only one of its kind that thoroughly scans the vulnerabilities and protects Android devices from being compromised.
In March, Palo Alto Network announced their discovery of Android Installer Hijacking, a vulnerability in Android that allows an attacker to modify or replace a benign-looking Android app with malware and therefore gain full access to private data. The company successfully detected exploits against Android 4.2.x and lower but mentioned that some Android 4.3 devices might also be vulnerable. Approximately 89.4 percent of the Android population was affected as of January 2014 when the vulnerability was first discovered.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0a059f139c&e=20056c7556
WITI teams up with IBM and Intel for First women in technology hackathon
WITI (Women in Technology International), the leading global business organization for women in technology with more than 150,000 members worldwide, announced today that it is teaming up with IBM and Intel during the month of May for its first ever WITI Virtual Hackathon.
The international âCODE-A-THONâ offers âartistsâ ranging from developers, scientists, students, entrepreneurs, and educators the opportunity to build Internet of Things (IoT) and Wearables-based applications, software, hardware, and data visualization solutions.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=006b79d57c&e=20056c7556
Communication between IT and non-IT workers in a state of crisis
Results from the CIO Executive Councilâs âPower of Effective IT Communicationâ benchmark survey indicate that IT teams lack the talent to communicate. This results in a state of crisis between IT and non-IT employees, which could prove disastrous in this era of unparalleled digital disruption. Half of IT leaders believe that this disparity is due, in part, to a lack of communication talent on the IT team. And this deficiency could not reveal itself at a more inopportune time: an era of unparalleled digital disruption, hallmarked by globalization and extreme market volatility. By 2020, 75 percent of the Fortune 500 will be comprised of names we have not heard of yet, according to Patrick Forth, Senior Partner and Managing Director at The Boston Consulting Group (BCG)[1].
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=7744704c66&e=20056c7556
Fake bitly links used to distribute malware, spam
The MalwareBytes team observed links â beginning with btly[DOT]pw â directing users to a free file sharing website where they can download and extract a file, which turns out to be a trojan. In one instance, users were instructed to disable antivirus so the file can be installed.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b4f614c6fc&e=20056c7556
Beware of New Malware Bioazih, Warns CERT-IN
BENGALURU: A new âspear phishingâ malware having the means to access systems through a Microsoft Office vulnerability has been spreading in the country, according to an advisory by the Indian Computer Emergency Response Team (CERT-IN).
âUpon execution of the attachment, a decoy document of contextual subjects is shown to the user which may be in any format including jpg, doc, pdf etc,â the CERT-IN advisory says.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=32478488b0&e=20056c7556
Robots.txt tells hackers the places you don’t want them to look
Melbourne penetration tester Thiebauld Weksteen is warning system administrators that robots.txt files can give attackers valuable information on potential targets by giving them clues about directories their owners are trying to protect.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=9d1889a439&e=20056c7556
South Korea mandates spyware installation on teenagers’ smartphones
The Republic of South Korea’s Communications Commission, a media regulator modeled after the United States’ FCC, now requires telecom companies and parents to ensure a monitoring app is installed whenever anyone under the age of 19 receives a new smartphone.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ebb822f07b&e=20056c7556
46pc Mideast firms âlack incident response plansâ
The survey, conducted by leading information security conference in the region Gisec, covered more than 150 enterprise security professionals.
It also found that the rate of security incidents is very high in the region, with about 69 per cent of organisations experiencing an incident in the last 12 months – highlighting the need for greater resilience against cybersecurity threats, said leading incident response platform (IRP) provider Resilient Systems (formerly known as Co3 Systems).
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5352ef1c4c&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage2.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=c7a3878763)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)