[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
Gunpoder Android Malware Hides Malicious Behaviors in Adware
A stream of new Android malware infections is sounding a harsh tone on two fronts: hackers are making free and open source applications their own; and legacy security software needs to step up detection of adware behaving maliciously.
The Gunpoder malware is spreading via third-party Android app stores hiding in a Nintendo Entertainment System (NES) video game emulator that is freely available online. The attackers are seeding the emulator with an aggressive ad library called Airpush, and hiding malicious behaviors such as the collection of device and user data and communication with an attackerâs server in the library knowing that security technologies will detect it as adware and mark it benign.
Researchers at Palo Alto Networks today said that three variants of Gunpoder are in circulation, and victims in 13 countries have been infected. The malware is crimeware, and the attackersâ objective is profit by running up premium SMS charges, as well as charging the victims for access to the app and its cheat feature.
The malware also spreads via SMS to contacts on the phone, propagating in a worm-like manner.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=5c698a77b1&e=20056c7556
ownCloud Encryption 2.0 Raises the Bar for Enterprise File Sync and Share Security and Performance
LEXINGTON, Mass.–(BUSINESS WIRE)–ownCloud, Inc., the company behind the worldâs most popular open source enterprise file sync and share (EFSS) software, today announced a new modular framework for encryption that will enable previously unheard of flexibility for organizations with complex and changing encryption requirements. Encryption 2.0 from ownCloud is a part of ownCloud 8.1, the latest version of the companyâs flagship enterprise file sync and share (EFSS) solution. Encryption 2.0 features a new set of encryption capabilities that redefines EFSS security, making it easier and more secure for organizations tasked with protecting sensitive information to seamlessly collaborate and share files. Additionally, the new release includes enhancements that will enable up to a 4X performance for uploads and downloads, as well as improved scalability through efficient handling of massive parallel requests, enabling support for 50% more users per ownCloud server instance.
ownCloud Encryption 2.0 is a groundbreaking new approach to encryption that will allow customers to manage their own encryption keys in their enterprise key store. It will also allow customers to adopt their desired encryption standard, and even write a server app to meet their unique encryption requirements. ownCloud is the only enterprise file sync and share company to provide this level of modular encryption, which can be delivered as an app for quick and easy integration into customersâ existing infrastructure.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8e04067e04&e=20056c7556
Security Pros Shine Light on Shadowy Cyberspy Ring
The group, which Symantec dubbed “Morpho” and Kaspersky Lab calls “Wild Neutron,” has hit multibillion-dollar corporations in the Internet, software, pharmaceutical and commodities sectors in at least 11 countries.
It’s believed to have been behind attacks on Twitter, Apple, Microsoft and Facebook in 2013.
The victims also include bitcoin companies, the Ansar Al-Mujahideen English jihadist forum, and spyware developer FlexiSpy, which muddies the waters as to the gang’s intentions.
The group used the OSX.Pintsized backdoor to attack Mac OS X and the Backdoor.Jiripbot for Windows systems, said Symantec.
The group uses a verification certificate stolen from Acer — which is now being revoked — and an unknown Flash Player exploit to launch its attacks, according to Kaspersky Lab.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=99e2a119ec&e=20056c7556
Kali Linux 2.0 to launch at DEFCON 23
Kali Linux developers say the first revamp of the platform since it was reborn in 2013 will be showcased at the DEF CON hacking confab.
“Thereâs a lot of new features and interesting new aspects to this updated version, however weâll keep our mouths shut until weâre done with the release.â
The platform sports a redesigned and streamlined user interface, new menus, and the latest penetration testing tools.
It also sports native Ruby 2.0 to help speed loading of the Metasploit hacking box, weekly updating of core tools, and desktop notifications and screencasting.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=32e4a5c360&e=20056c7556
Cybercriminals start using Flash zero-day exploit leaked from Hacking Team
It took just a day for cybercriminals to start using a new and yet-to-be-patched Flash Player exploit that was leaked from a surveillance software developer.
Adobe Systems confirmed the vulnerability, which received the identifier CVE-2015-5119, and is planning to release a patch for it later today. However, cybercriminals have already jumped on the opportunity to use it to infect computers with malware on a large scale.
According to a researcher known online as Kafeine, the leaked Hacking Team exploit has already been integrated into three commercial exploit kits: Angler, Neutrino and Nuclear Pack.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=8e565183d9&e=20056c7556
Study: Execs Think Cloud Needs More Than Conventional Security
The majority of executives think security measures in place in the enterprise today wonât be enough to protect applications and solutions that are moving to the cloud, according to a recent survey.
The studyâconducted by IDG Research and sponsored by cloud-security firm CloudPassageâfound that most of 100 respondents in executive-level positions with intimate knowledge of their companyâs security systems and needs believe more has to be done to ensure systems remain secure as the cloud increasingly is adopted.
Eighty percent of those surveyed said that to some extent conventional network security solutions donât work well in cloud environments, and 76 percent agreed that their organizations donât have adequate visibility into attacks when they use traditional security in cloud infrastructure environments.
Respondents expect IT services increasingly will be deployed in some type of cloudâwhether it be public, private or hybridâin the next 18 months. They said 57 percent of IT services are on premise today, but this number will reduce to 42 percent in this time period and be deployed on some type of cloudâ13 percent on hybrid clouds, 20 percent on the public cloud and 25 percent on some type of private cloud system.
Respondents expect IT services increasingly will be deployed in some type of cloudâwhether it be public, private or hybridâin the next 18 months. They said 57 percent of IT services are on premise today, but this number will reduce to 42 percent in this time period and be deployed on some type of cloudâ13 percent on hybrid clouds, 20 percent on the public cloud and 25 percent on some type of private cloud system.
This increase in cloud use will demand better security, respondents believe. Thatâs because the transition to cloud computing has made maintaining visibility into security and vulnerability more difficult, according to 45 percent of respondents with 9 percent of those characterizing it as âextremely difficult.â
Moreover, despite much wishful thinking to the contrary in the enterprise, security still remains top of the list of barriers that are stalling this move to the cloud, according to the survey. Sixty-six percent of respondents said security concerns are at the top of the barrier-to-adoption list, while 37 percent said they are concerned about the ability to meet compliance requirements when moving services and solutions to the cloud.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=1d60e893a9&e=20056c7556
Profiling and Investigating Abnormally Malicious Chinese Autonomous Systems With WEBINT
CHINANET AS 23650 in Jiiangsu province is part of a highly modern TIER 4 network owned by China Telecom, claimed to be the worldâs largest. We compare CHINANET AS 23650 to other autonomous systems part of CHINANET as well as additional independent autonomous systems.
By comparison, AS 23650 is abnormally malicious over time, with some co-occurring activities in adjacent CHINANET infrastructure. We identify the likely location of the problematic activity.
We find indications that third-party hosters with less than great reputation, such as MangoNet, are selling capacity on CHINANET, and hence potentially polluting the CHINANET infrastructure.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ea5fceca64&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If someone forwarded this email to you and you want to be added in,
please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage2.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=96e4235b4a)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)