admini – Page 63 – CyberSecurity Institute

Attackers sign malware using crypto certificate stolen from Opera Software

Posted on June 26, 2013December 30, 2021 by admini

Hackers penetrated network servers belonging to Opera Software, stole at least one digital certificate, and then used it to distribute malware that incorrectly appeared to be published by the browser maker. “The attackers were able to obtain at least one old and expired Opera code signing certificate, which they have used to sign some malware,” Wednesday’s advisory stated. It is possible that a few thousand Windows users, who were using Opera between June 19 from 1.00 and 1.36 UTC, may automatically have received and installed the malicious software.”

Missing details include when the attackers first gained access to the servers, precisely when the stolen digital certificate expired, and whether there’s reason to believe other certificates may also have been obtained. It would also be useful to know how hackers got access to an official Opera digital certificate, which is supposed to cryptographically prove that the software that bears its seal could only have come from the company.

The Opera post urged users to “update to the latest version of Opera as soon as it is available, keep computer software up to date, and to use a reputable antivirus product on their computer.”

At some point soon, though, officials should provide a more thorough account of what happened, who was affected, and what steps have been taken to prevent similar attacks from succeeding in the future.

Link: http://arstechnica.com/security/2013/06/attackers-sign-malware-using-crypto-certificate-stolen-from-opera-software/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+arstechnica%2Findex+%28Ars+Technica+-+All+content%29

Mobile malware attacks grow 614% in year to March – study

Posted on June 26, 2013December 30, 2021 by admini

The Juniper Networks Mobile Threats Centre (MTC) identified more than 500 third-party “alternative” app stores globally where our researchers found mobile malware. They are also quite popular for device users who “jailbreak” or root their phones, and are looking for pirated or unsanctioned apps. Of these alternative app stores, three out of five are in China or Russia, markets infamous for malware.

The Juniper Networks Mobile Threats Centre (MTC) is studying the types of permissions users are required to give to apps in order to install them. Building on that research, Juniper found was an increase in the number of permissions required with free applications much more likely to ask for large amounts of information.

Link: http://www.telecompaper.com/news/mobile-malware-attacks-grow-614-in-year-to-march-study–951813

Unified database security software to help prevent intrusions

Posted on June 26, 2013December 30, 2021 by admini

GreenSQL offers a free version of its database security system from its website, with clients receiving the masking, performance management and auditing functions as part of its full service, Maman notes.

The company’s unified database security system was developed, initially, as an open-source project to protect open-source MySQL databases in 2006, with the first release in 2007 of the basic database security solution, he says. In less than three years time, the program was downloaded more than 100 000 times and Maman then founded the company with partners in 2009, which developed the GreenSQL database security system – built anew based on the team’s knowledge of database security in the open-source community.

“The system provides complete compliance with regulations, such as the public company accounting reform Sarbanes-Oxley Act, the administrative simplification standard Health Insurance Portability and Accountability Act and the Payment Card Industry Data Security Standard,” concludes Maman.

* Unified database security software parses the protocols and the syntax of connections into a database to analyse the patterns of activity to monitor and manage access to sensitive information.

* Database Activity Monitoring enables management to see exactly when and which sensitive records their external consultants have been exposed to and what actions they took.

Link: http://www.engineeringnews.co.za/article/protocol-and-syntax-parsing-into-database-provides-security-performance-and-access-management-2013-06-07

Tackling cyber threats will require regional cooperation (AP)

Posted on June 26, 2013December 30, 2021 by admini

James Clapper, the United States’ director of national intelligence, also reports in the “US Intelligence Community’s Worldwide Threat Assessment” of March that there has been a significant increase in state actors’ use of cyber capabilities, and this could possibly lead to an increase in the probabilities of miscalculations, misunderstandings and unintended escalation. The CSIS report suggests that malicious activity in cyberspace, which could inflame existing tensions or increase misperception and miscalculation among governments of the intent and risk of cyber actions, poses the greatest cyber risk to security in Asia. Furthermore, there is no international or regional agreement on clear and harmonised definitions for what constitutes “cyber security”, “cyber attack” or “cyber defence” – lines between cyber crime, cyber espionage and cyber attack are also ambiguous.

In light of these developments, and in addressing non-traditional security issues, the ASEAN Political-Security Community seeks to promote the renunciation of aggression and of the threat or use of force or other actions in any manner inconsistent with international law.

Confidence-building measures and preventative diplomacy, such as exchanges among defence and military officials, can also be enhanced to ensure escalation does not occur between ASEAN member states or between ASEAN member states and third countries.

A joint EU-US Working Group on Cyber Ssecurity and Cyber Crime was created in November 2010, and the European Parliament Committee on Foreign Affairs report of 2012 calls for accelerating cooperation and exchange of information on how to tackle cyber security issues with third countries, such as its proposals to engage the BRICS countries. The Asia-Europe Meeting (ASEM), whose partners include the ASEAN Plus Three, 27 EU members and the European Commission, can also be engaged to explore these issues of common concern in an open and informal fashion in order to complement bilateral and multilateral cooperation efforts.

Cooperation in tackling cross-border cyber threats should also be included within the ASEM 2012-2014 work programme and placed on the agenda of the 10th ASEM summit, which is due to be held in 2014.

In the future, ASEAN member states should agree a common position on shared norms for responsible state behaviour in cyberspace and the applicability of international law for the use of advanced cyber capabilities and techniques.

Link: http://www.nationmultimedia.com/opinion/Tackling-cyber-threats-will-require-regional-coope-30209055.html

Cyber-retaliation: How security is becoming a priority for the Middle East

Posted on June 25, 2013December 30, 2021 by admini

In mid-May, Saudi Arabia admitted that some of its government websites had come under a sustained denial of service attack, with a group called Saudi Anonymous using Twitter to not just claim responsibility but also provide a running commentary of its actions and targets in both Arabic and English, finally declaring on 18 May that: “Today is our last day on #OpSaudi, moi.gov.sa [Ministry of Interior] will be our last target.”

But while the attacks on Virgin Radio and Saudi government sites are a malicious inconvenience, the big threat now is around the major industries of the Middle East.

But it also brought home to organisations in the Middle East that cyberattacks were a real threat, it highlighted the importance of strong security systems and caused some internal soul searching. If Iran’s nuclear facilities can be hit, then could the same happen to the region’s oil and gas facilities, so important to the economies of the oil-exporting nations, or the power and water desalination plants?

One of the world’s most valuable companies, at an estimated $10 trillion, and the world’s biggest oil producer, pumping about 12.5 million barrels a day from its fields, Aramco was hit by a malware attack that infected 30,000 computers.

Now, security experts elsewhere are warning that the instances of attacks emanating from the Middle East is rising fast, with around 10 US utility companies the target of attempts to take over plant processes (sound familiar?).

Link: http://www.zdnet.com/cyber-retaliation-how-security-is-becoming-a-priority-for-the-middle-east-7000017197/

Phishing attacks up 87 per cent: Report

Posted on June 23, 2013December 30, 2021 by admini

“The more popular a website is, the more frequently malicious users copy it and, as a result, there is a higher probability that a user will run into a fake version as he surfs the web,” says the report.

In its report, Kaspersky also pointed out that 12 per cent of the phishing attacks are carried out through emails. In the same month, cyber criminals hacked into the current account of industrial conglomerate RPG Group of companies and stole Rs 2.4 crore. The report says the US tops the list of countries from which the maximum number of hostile phishing attacks emerge – 18.67 per cent of all attacks.

Link: http://businesstoday.intoday.in/story/phishing-attacks-up-87-per-cent/1/196061.html