« Top 5 #InfoSec Reads: April 19-24 | Main | Is it Spam? A 419 Scam Moves to Skype »

Wednesday, 06 May 2015

Top 5 #InfoSec Reads: April 26 - May 3

An upsurge in botnet-based attacks, Android closes security gap on iOS, Facebook faces down the EU nations, Raspberry Pi gets a new OS, and yet another embarrassing surveillance revelation are this week's top 5 #infosec reads.

botnet attacks on the rise; PoS systems still at risk of threats

A Dell SecureWorks report, Banking Botnets Persist Despite Takedowns, finds that despite global anticrime efforts to takedown botnets (Gameover Zeus ,  Operation Tovar, Shylock), botnet based attacks against point of sale systems remain a persistent and serious threat. Perhaps more seriously, botnet attackers are casting a wider net against financials, targeting more than 1,400 financial institutions across more than 80 countries. Dell SecureWorks notes an increase in the use of the initial downloaders ("droppers") known as Kegotip, Chanitor, Upatre, and Lerspeng and increased activity from the Dyre, Gozi/Vawtrak, and Bugat v5 botnets. If you must bank online from a Windows system, dedicate an old laptop for banking purposes only. For a $50 investment, you can bank from a Linux build on a Raspberry Pi. Both are small investments with big risk mitigation returns.

Why Android 5.0 doesn't measure up to iOS 8 security

Lisa Phifer packs a lot of important takeaways for corporate mobile device administrators in this article. Apple's single biggest advantage over Android? Tight curation of App Store, which greatly reduces the malware threat. Does Android for Work close the gap between iOS and Android? A bit: Google's added means for admins to prevent sideloading and restrict apps on company-owned or administered Android devices. Data protection measures? Both Google and Apple are improving, but Lisa points out that Apple's big advantage here is legacy, "Every iPhone and iPad manufactured since 2009 supports hardware-based AES-256 bit encryption, which the end user cannot disable. Android 5.0 supports hardware-based AES-128 bit encryption, but many devices running Android don't support encryption."

Facebook threatens Europe with fewer features due to fragmented regulation

Multi-national online services complain constantly about regulatory excesses but as this article notes, Facebook, et. al., must contend with per country fragmented and inconsistent sets of requirements. FB's chief of public policy perhaps speaks for most multi-nationals when he argues that operating as a pan-European business should be done subject to one coherent set of pan-European rules instead of having to "comply with 28 independently shifting national variants." The EU apparently acknowledges and intends to address the issue as part of its Digital Agenda for 2020 (2020... really): the EU's Single Digital Market hopes to define a consistent business environment across member states.  

 Windows 10 for IoT

I love the Raspberry Pi. I have two on my network. One serves as a name resolver, a privacy/content proxy, and firewall log server. The other runs an intrusion detection system. What I don't have yet is a Pi for experimenting with Internet of Things applications. After reading this article and watching the video of Microsoft's Pi-powered B15 robot, I'm eager to make time, purchase a Pi 2, and install the Windows 10 IoT Core Insider Preview. 

German prosecutor to investigate state spy agency’s partnership with the NSA

Let's briefly recap.

September 2013:  Der Spiegel reports that NSA is monitoring smart phones.

October 2013: Der Spiegel reports that NSA is monitoring Chancellor Merkel's smart phone, that the Chancellor placed a "strongly worded phone call to US President Barak Obama" regarding the alleged monitoring: 62% of Germans approve of Merkel's comments on spying allegations, where she asserts, "Spying between friends, that's just not done".  

June 2014: The Guardian reports that Germany opens inquiry into claims NSA tapped Angela Merkel's phone.

April 2015The Verge reports that German intelligence helped the NSA spy on European politicians and defense contractors.

May 2015:  The Verge reports that German prosecutor to investigate state spy agency’s partnership with the NSA.

Takeaway? "Spying between friends" seems to be trending.

Posted at 09:00 AM in Top Infosec Reads |

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.

Find me on Mastodon and Facebook

Spotlight Posts

  • FTC's proposed Trade Regulation Rule on Impersonation of Government and Businesses is important for #infosec
    M3AAWG comments on the FTC's proposed rule Trade Regulation Rule on Impersonation of Government and Businesses is available. I was one of the contributors to the comment. In the comment, M3AAWG "suggests additional regulatory solutions and best practices to complement the goals of this rule, such as clarifying the scope of the rule to include the use of domain names in impersonation schemes and the use of technologies that enable impersonation" and the important role that Whois plays in investigating impersonation and fraud. Several reports that my Interisle colleagues and I published are cited in the comment, along with the...
  • Cybercrime Information Center reports sharp increases in phishing attacks, unique domains reported in August-October 2022 time period
    A recent ebb in domain names reported for phishing created some euphoria in the domain industry. With phishing activity, as with tides, ebbs are invariably followed by flows. In their August- October 2022 Quarterly Phishing Activity, the Cybercrime Information Center observed a 40% increase in phishing attacks and a nearly 20% increase in unique domain names reported for phishing.
  • Cybercrime Information Center's YouTube Channel
    My colleagues and I at Interisle have created a YouTube channel to complement the quarterly reporting and studies of cybercrime we host at the Cybercrime Information Center. Our goal is to share, in a few minutes, the findings and insights from our research in a format that's easily accessible and shareable, informative, and entertaining. The inaugural videos provide 2-5 minute summaries of our annual Phishing and Malware Landscape studies. We'll continue to produce videos of our annual studies. If you like what you see, leave us a comment.
  • Malware Landscape 2022: unabated malware growth, continued exploitation of IoT devices
    My colleagues at Interisle and I have published a study, Malware Landscape 2022: A Study of the Scope and Distribution of Malware. The study, which analyzed 2.5 million records of distinct malware events from May 2021 to April 2022 collected by the Cybercrime Information Center, explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.
  • New TLDs are coming #Dangerclose.
    A Domain Name Wire post, Time to pay attention to the next round of new TLDs, begins with an ominous: They’re coming. Eventually. While not as dramatic or enduring as Arnold Schwarzenegger's "I'll be back", the reporter cites policy activity at ICANN as evidence that new TLDs are coming. Eventually. In a September 2019 post, and in response to the ICANN memorandum, Readiness to Support Future Rounds of New gTLDs, I asked, Has enough been done to study and rectify the concentration of security threats in the new TLD space? In that post, I quoted correspondence from ICANN's security advisory...

Search

My Photo

Categories