Here are some of the technology stories that caught our eye today:
BlackBerry issued a security advisory to customers yesterday concerning a bug in the Z10 smartphone that may allow unauthorized access to the device over Wi-Fi.
According to security researchers, the increase in SSL internet traffic will negatively impact firewall performance, as firewalls have to decrypt and re-encrypt data with more complex encryption.
Google is testing a new way to provide Internet access to isolated, poor, and underserved areas by using high-altitude balloons to beam data to antennas on the ground.
Adobe has released their Creative Cloud to the general public, one month after announcing that the Creative Suite software would now be offered via the cloud.
June 17, Softpedia – (International) Spammers use black hat SEO to inject jailbreak scams into Google News. Researchers from F-Secure discovered a spam campaign utilizing search engine optimization (SEO) techniques to inject links to phone jailbreak scams into Google News threads related to iOS. Source: http://news.softpedia.com/news/Spammers-Use-Black-Hat-SEO-to-Inject-Jailbreak-Scams-into-Google-News-361441.shtml
June 15, Softpedia – (International) Trojan uses fake Adobe certificate to evade detection. Symantec researchers found that the Backdoor.Trojan malware utilizes a fake digital certificate claiming to be from Adobe in an effort to trick users into running it. The trojan itself can perform various information-stealing tasks. Source: http://news.softpedia.com/news/Trojan-Uses-Fake-Adobe-Certificate-to-Evade-Being-Detected-361261.shtml
June 14, SC Magazine – (International) Bad Pigs removed from Google Play after 10k users download bogus app. Google removed from its Google Play store a malicious app that imitated a legitimate game and was installed more than 10,000 times. Source: http://www.scmagazine.com//bad-pigs-removed-from-google-play-after-10k-users-download-bogus-app/article/298850/
Here are some of the technology stories that caught our eye today:
George V. Hulme of CSO speaks provides seven tips for defending against the increased number of DDoS attacks. Among them are freely sharing information on attacks and developing flexible defense techniques.
At Interop Tokyo last week, Juniper’s PTX3000 Packet Transport Router and EX9208 Ethernet Switch won Best of Show Special prize, Carrier/Service Provider Networking and Best of Show Grand Prix in the ShowNet Product category, respectively.
McAfee released a study today showing that a majority of companies are vulnerable to attacks because they can’t quickly or properly analyze or store real-time attack data.
Citrix’s Meika Darville, Tammy Richards, and Junelle Swan, were recognized by UBM Tech Channel’s CRN as 2013 Women of the Channel for their achievements and impact on technology and the IT channel.
June 14, Softpedia – (International) RARSTONE RAT used in targeted attacks against Asian organizations. Trend Micro researchers identified a cybercrime campaign dubbed Naikon that uses the RARSTONE remote access trojan (RAT) to take control of targets’ computers. The campaign has been seen targeting media, energy, and government organizations in Asia and spreads through spearphishing. Source: http://news.softpedia.com/news/RARSTONE-RAT-Used-in-Targeted-Attacks-Against-Asian-Organizations-360843.shtml
June 14, Softpedia – (International) Flash Player clickjacking flaw allows hackers to hijack your webcam. A researcher discovered a vulnerability in Adobe’s Flash Player that can be exploited to access a user’s webcam and microphone if the user is using the Mac version of Chrome, Linux, Chromium, and possibly other configurations. Source: http://news.softpedia.com/news/Flash-Player-Clickjacking-Flaw-Allows-Hackers-to-Hijack-Your-Webcam-360980.shtml
June 14, Softpedia – (International) AnonGhost claims to have hacked Mozilla emails, company responds. Mozilla reported that 50 email addresses were published by hackers associated with the AnonGhost group but that 16-character strings published with them were activation codes for Mozilla blogging software and not passwords as the hackers claimed. Source: http://news.softpedia.com/news/Anon-Ghost-Claims-to-Have-Hacked-Mozilla-Emails-Company-Responds-360887.shtml
June 13, Softpedia – (International) Kilim trojan hijacks social media accounts with rogue browser extensions. Microsoft researchers found that the Kilim trojan uses malicious Chrome browser extensions to hijack targets’ social media accounts. Source: http://news.softpedia.com/news/Kilim-Trojan-Hijacks-Social-Media-Accounts-with-Rogue-Browser-Extensions-360678.shtml
June 13, Threatpost – (International) iOS 7 beta bug enables lockscreen bypass. An iPhone user published a demonstration of a method to bypass the lockscreen on phones running the beta version of Apple’s iOS 7 mobile operating system. Source: https://threatpost.com/ios-7-beta-bug-enables-lockscreen-bypass/
June 13, Threatpost – (International) Zeus money mule recruiting scam targets job seekers. Attackers involved in a Zeus trojan campaign configured their variant of the banking malware to redirect users trying to access CareerBuilder to a fake jobs Web site in an attempt to recruit them as money mules for the fraud operation. Source: https://threatpost.com/zeus-money-mule-recruiting-scam-targets-job-seekers/
Here are some of the technology stories that caught our eye today:
Microsoft has released a mobile version of Word, Excel, and PowerPoint for the Apple iPhone. The products are available for users with an Office 365 subscription.
The Food and Drug Administration is tightening the standards for a wide range of medical devices, from fetal monitors to pacemakers, as security analysts have found how easy it is to hack into them.
In light of the PRISM debate, Caroline Craig of InfoWorld believes that the Internet, social media, and cloud computing should change the way people look at privacy and the Fourth Amendment.
After joining with the FBI and other companies to take down the Citadel botnet last week, security researchers are criticizing Microsoft for also taking down their servers that were collecting information on the botnet.
June 12, Softpedia – (International) Chinese bootkit Guntior abuses Windows Help Center. Researchers at Sophos analyzed a recent version of the Guntior bootkit’s dropper and found that it utilizes a legitimate Windows executable file from Windows Help Center. Source: http://news.softpedia.com/news/Chinese-Bootkit-Guntior-Abuses-Windows-Help-Center-360472.shtml
June 12, Softpedia – (International) Open redirect vulnerability identified in Facebook. A researcher from illSecure.com revealed a low-risk open redirect vulnerability in Facebook. Source: http://news.softpedia.com/news/Open-Redirect-Vulnerability-Identified-in-Facebook-Video-360583.shtml
Edward Snowden, the self-proclaimed source of U.S. government’s classified information, was not a high ranking official, or a top level CIA operative. He was a contracted IT systems administrator, who received a high-level security clearance only because he was responsible for maintaining systems that held classified information. The security clearance, and the administrative accounts that he was granted gave him full access to look at the data on these systems, but according to public reports he was not part of any specific team that needed access to the data. Therein lies the problem: delegation of authority was not set up to limit data access to users who really need to see the data and restrict Edward Snowden who only needed to manage the systems it resided on.
Not every environment houses top secret classified government information, but there is almost definitely some intellectual property or financial information that only a select few in your organization really need to have access to. Administrators have historically been granted keys to the castle in order to keep systems up and running, and are rarely restricted at the data level. Here are a few steps you can take to prevent your most valued assets from being leaked or stolen:
- Separation of duties – All users, regardless of role, should have the least amount of network privileges that still allows them to perform their job functions. Most data leakage or unauthorized access comes from within. People are curious, and if they are able to access one file share, they may try to access another just to see that they can. Accidental behavior can lead to loss. Users who need administrative rights to perform tasks should be assigned a separate administrative account. Activity on this account (logon/logoff, resource access, etc.) should be audited.
- One-time use passwords – The best method for monitoring administrative accounts is putting in a system that generates a one-time use password, so that whenever someone needs to perform an administrative task, they request a new one-time use password that expires after use.
- Application security – You should have separate authentication for applications that host critical data. Although convenient, Active Directory credential pass-through puts your data at risk.
- Rights management and auditing – Restrict access to data based on user’s role and make sure that both your structured and unstructured data have systems that monitor usage. Unstructured data refers to files stored on network file shares that are not indexed in a database or by some other application. Monitoring file access behavior can help in preventing unwanted access and identifying irregular activity.
Organizations should deliver regular end-user security awareness training to reinforce corporate policies and to help employees work safer in their environment. Companies place fiduciary duty on the roles of IT Administrators, but the recent actions of Edward Snowden show they should be looking to change the locks.
