[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
The Logjam Attack<\/p>\n
Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is fundamental to many protocols including HTTPS, SSH, IPsec, SMTPS, and protocols that rely on TLS.<\/p>\n
We have uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed: …<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b3e49b5256&e=20056c7556<\/p>\n
Trojanized PuTTY Software<\/p>\n
In late 2013\u2013early 2014, a compromised FTP client dubbed \u201cStealZilla,\u201d based off the open source FileZilla FTP client was discovered. The attackers modified a few lines of code, recompiled the program, and disbursed the trojanized version on compromised web servers. This new attack appears to involve the same actors who reused the same techniques to alter the source code of the widely used open source Telnet\/SSH client, PuTTY, and used their network of compromised web servers to serve up similar fake Putty download pages. This new campaign is like the StealZilla campaign in almost every way. This trojanized version of PuTTY harvests credentials and relays the information back to a collection server in the same way too. The operation is very quick and quiet. Login details are sent to attackers using an HTTP GET connection ONLY once.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=827e5eb34e&e=20056c7556<\/p>\n
Retailers Take 197 Days To Detect Advanced Threat, Study Says<\/p>\n
The most common method retailers used for identifying an advanced threat? “A gut feeling.” While 23 percent used forensic evidence, 21 percent used known attacker signatures, and 16 percent used threat intelligence that had been shared by others in the industry (and 2 percent said “other), a vast 38 percent simply said they had a gut feeling. The answers in finance were: 34% forensics, 23% signatures, 25 % shared intelligence, and only 20% “gut.”<\/p>\n
About 22 percent of the security budget, for both industries, was spent on “cyber kill chain activities” — efforts to disrupt an attack before it happens, ranging from the time an attacker begins its reconaissance to just before it carries out its ultimate goal (like data exfiltration).<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0127ba71f4&e=20056c7556<\/p>\n
Google Fixes Sandbox Escape in Chrome<\/p>\n
Google has patched a high-risk vulnerability in its Chrome browser that allows an attacker to escape the Chrome sandbox.<\/p>\n
That vulnerability is one of 37 bugs fixed in version 43 of Chrome. Six of those flaws are rated as high risks and Google paid out more than $38,000 in rewards to researchers who reported vulnerabilities to the company. Among the other serious vulnerabilities are cross-origin bypasses and three use-after-free vulnerabilities.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f3ad64af00&e=20056c7556<\/p>\n
Research Shows Workers Ignoring Known Cyber Risks, Surfing Adult Content and Downloading Unapproved Apps<\/p>\n
SUNNYVALE, Calif. \u2013 MAY 19, 2015 \u2013 Blue Coat Systems, Inc., a market leader in enterprise security, today revealed the results of a global research study of 1580 respondents across 11 countries that highlighted a global trend of employees ignoring cyber risks while at work. Results from the survey found that universally, workers visit inappropriate websites while at work despite typically being fully aware of the risks to their companies.<\/p>\n
\u25cf Although 65 percent of global respondents view using a new application without the IT department\u2019s consent as a serious cyber-security risk to the business, 26 percent admitted doing so.<\/p>\n
\u25cf Obvious behaviors such as opening emails from unverified senders still happen at work. Nearly one third (29 percent) of Chinese employees open email attachments from unverified senders, even though nearly three out of four (72 percent) see it as a serious risk. US businesses view the threat even more seriously (80 percent) and open less unsolicited emails (17 percent).<\/p>\n
\u25cf Although six percent of global respondents still admitted viewing adult content on work devices, China ranked as the worst offender with nearly one in five (19 percent) employees admitting to viewing adult content at work, compared to Australia and Germany, both at two percent.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3041c020db&e=20056c7556<\/p>\n
World’s first Android app for Installer Hijacking Vulnerability Installer Hijacking Defender launched<\/p>\n
BEIJING, May 19, 2015 \/PRNewswire\/ — World’s first Android app developed specifically for tackling the Installer Hijacking Vulnerability issue, Installer Hijacking Defender is officially launched today in the Google Play Store. According to 360 Security Group, the app is the only one of its kind that thoroughly scans the vulnerabilities and protects Android devices from being compromised.<\/p>\n
In March, Palo Alto Network announced their discovery of Android Installer Hijacking, a vulnerability in Android that allows an attacker to modify or replace a benign-looking Android app with malware and therefore gain full access to private data. The company successfully detected exploits against Android 4.2.x and lower but mentioned that some Android 4.3 devices might also be vulnerable. Approximately 89.4 percent of the Android population was affected as of January 2014 when the vulnerability was first discovered.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0a059f139c&e=20056c7556<\/p>\n
WITI teams up with IBM and Intel for First women in technology hackathon<\/p>\n
WITI (Women in Technology International), the leading global business organization for women in technology with more than 150,000 members worldwide, announced today that it is teaming up with IBM and Intel during the month of May for its first ever WITI Virtual Hackathon.<\/p>\n
The international \u201cCODE-A-THON\u201d offers \u201cartists\u201d ranging from developers, scientists, students, entrepreneurs, and educators the opportunity to build Internet of Things (IoT) and Wearables-based applications, software, hardware, and data visualization solutions.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=006b79d57c&e=20056c7556<\/p>\n
Communication between IT and non-IT workers in a state of crisis<\/p>\n
Results from the CIO Executive Council\u2019s \u2018Power of Effective IT Communication\u2019 benchmark survey indicate that IT teams lack the talent to communicate. This results in a state of crisis between IT and non-IT employees, which could prove disastrous in this era of unparalleled digital disruption. Half of IT leaders believe that this disparity is due, in part, to a lack of communication talent on the IT team. And this deficiency could not reveal itself at a more inopportune time: an era of unparalleled digital disruption, hallmarked by globalization and extreme market volatility. By 2020, 75 percent of the Fortune 500 will be comprised of names we have not heard of yet, according to Patrick Forth, Senior Partner and Managing Director at The Boston Consulting Group (BCG)[1].<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=7744704c66&e=20056c7556<\/p>\n
Fake bitly links used to distribute malware, spam<\/p>\n
The MalwareBytes team observed links \u2013 beginning with btly[DOT]pw \u2013 directing users to a free file sharing website where they can download and extract a file, which turns out to be a trojan. In one instance, users were instructed to disable antivirus so the file can be installed.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b4f614c6fc&e=20056c7556<\/p>\n
Beware of New Malware Bioazih, Warns CERT-IN<\/p>\n
BENGALURU: A new \u2018spear phishing\u2019 malware having the means to access systems through a Microsoft Office vulnerability has been spreading in the country, according to an advisory by the Indian Computer Emergency Response Team (CERT-IN).<\/p>\n
\u201cUpon execution of the attachment, a decoy document of contextual subjects is shown to the user which may be in any format including jpg, doc, pdf etc,\u201d the CERT-IN advisory says.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=32478488b0&e=20056c7556<\/p>\n
Robots.txt tells hackers the places you don’t want them to look<\/p>\n
Melbourne penetration tester Thiebauld Weksteen is warning system administrators that robots.txt files can give attackers valuable information on potential targets by giving them clues about directories their owners are trying to protect.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9d1889a439&e=20056c7556<\/p>\n
South Korea mandates spyware installation on teenagers’ smartphones<\/p>\n
The Republic of South Korea’s Communications Commission, a media regulator modeled after the United States’ FCC, now requires telecom companies and parents to ensure a monitoring app is installed whenever anyone under the age of 19 receives a new smartphone.<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ebb822f07b&e=20056c7556<\/p>\n
46pc Mideast firms \u2018lack incident response plans\u2019<\/p>\n
The survey, conducted by leading information security conference in the region Gisec, covered more than 150 enterprise security professionals.<\/p>\n
It also found that the rate of security incidents is very high in the region, with about 69 per cent of organisations experiencing an incident in the last 12 months – highlighting the need for greater resilience against cybersecurity threats, said leading incident response platform (IRP) provider Resilient Systems (formerly known as Co3 Systems).<\/p>\n
Link: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5352ef1c4c&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If someone forwarded this email to you and you want to be added in,
\nplease click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage2.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=c7a3878763)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: The Logjam Attack Diffie-Hellman key exchange is a popular cryptographic algorithm that allows Internet protocols to agree on a shared key and negotiate a secure connection. It is…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1079","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1079","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1079"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1079\/revisions"}],"predecessor-version":[{"id":3566,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1079\/revisions\/3566"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1079"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1079"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1079"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}