Previous month:
February 2014
Next month:
April 2014

March 2014

Top 5 #infosec reads: March 24-28, 2014

By Matt Piscitello

Phishing for flight MH370, XP end of life renews opportunities for attackers, massively infected LINUX servers, limits on phone records access, and better best practices for Internet firewalls are among this week's top #infosec reads.

APT Attacks use 'news of doomed flight MH370'

The saying goes, "No honor among thieves," and it rings equally true of cybercriminals as well. FireEye researchers have tracked at least six spear phishing attacks deployed via email promising news about the missing plane between March 9-18. If you're just trying to keep up with the news, don't feel too bad, because an "Asia-Pacific government" and a "prominent US-based think tank" fell for it, too.

Hackers preparing zero-day assault on Windows XP

As the 13-year old operating system prepares to go end-of-life next week, Microsoft and security experts urge businesses and consumers alike to update to a operating system. Some enterprises have taken the initiative and upgraded to Windows 7 or Windows 8, but those others who don't leave themselves open to phishing attacks, ransomware, and computer worms that XP will be particularly vulnerable to once Microsoft ends its support of the OS.

Linux Security Spell is Broken

As anyone worth their salt in network security will tell you, and just has likely been telling you, no operating system is 100% immune to threats in cyberspace. News has broken of massively infected Linux servers as hackers check, "successfully compromise Linux," off their bucket list. ESET identified Operation Windigo, a Trojan that has breached 25,000 unix servers worldwide.

President Obama proposes limiting NSA access to phone calls

The new proposal dictates that US government agencies will require permission from the Foreign Intelligence Surveillance Court in order to review phone records that it believes may have connections to terrorism. The Electronic Frontier Foundation has likewise urged Obama and the US Congress to escalate the judicial review to limit surveillance worldwide, but the current iteration of the bill only regulates surveillance done on US citizens. 

Firewall Best Practices - Egress Traffic Filtering

A slight amount of bias, true, but as the most visited post at The Security Skeptic since it was published in 2003, I can’t not recommend the revised version. Dave looks at today’s threat landscape and explains how you should adjust your Internet firewall filters accordingly.


Top 5 #InfoSec Reads March 17 - March 21

by Matt Piscitello

Anonymous DDoS’s Russia, Target’s IT learns not to ignore intrusion alerts the hard way, ESET discovers a Linux backdoor in the wild,  Phisher’s cancer scare sets all time low and cybergang KVM gets convicted are this week’s #infosec top reads.

Anonymous group in DDoS Kremlin attack

After a cyber attack took Russian government websites offline briefly, hacktivists among Anonymous came forward on Facebook to claimi they had masterminded the attack and crudely inferring that there's more to come. Is this and a trending sequence of events following Russia's forced takeover of Crimeathat an indication that the Russia-Ukraine conflict has gone cyber? Is this how future wars will be fought in cyberspace? 

Target failed to act on malware alerts and signs of breach

A more thorough check on the alerts reported from a malware detection tool deployed by Target’s IT could have prevented the breach that put millions of customers at risk of identity theft at the start of 2014. The highly sophisticated and highly expensive technology was deployed last year, but when the breach was first detected, IT teams in India and Minneapolis failed to take action.

Linux Backdoor Discovered

There's no technology on this earth that is entirely immune to a breach in security, and despite opinions otherwise, Linux is no exception. Operation Windigo is a Linux-capable backdoor Trojan that has infected several hundred thousand computers worldwide. Claims that the sky is falling are, like claims that Linux OS was totally secure, silly.

Phishing email says you have cancer

An attack launched on March 13 distributed emails telling people that a blood sample suggests they might have cancer. Masquerading as a message from the National Institute for Health and Care Excellence, the phishing attack launches a Trojan once the understandably distressed recipients click the phony test results attached to the email. 

Cyber gang behind £1.25m 'KVM' bank fraud convicted

Three men were tried and two were found guilty of cyber crime, making for a combined total of thirteen men who have all been convicted. Called 'KVM' for using a keyboard, video, mouse switch device to remotely access bank accounts, they stole millions from several different banks until they were caught in September of last year. Security experts noted that the convictions are a lesson in taking measures against, "the social engineering aspect of cyber attacks that many organizations ignore."