Is it Spam? A 419 Scam Moves to Skype
Top 5 #InfoSec Reads: May 12-18

Top 5 #InfoSec Reads: May 4 - 11

Linux defect fixing, a tool that helps criminals erase evidence, a new ransomware, DropBox follows Twitter to Ireland, and a poster child for effective security legislation are this weeks top #infosec reads.

8 Linux security improvements in 8 years

Since 2007, developers have made considerable efforts to mitigate vulnerabilities in the Linux OS. Based on an Information Week review of the defect-fixing record of Linux, commercial and open source code, the effort has delivered exceptional results. Information Week reports that, "where one defect per 1,000 lines of code is considered quality, Linux in July 2014 had .55 defects per 1,000 lines. Linux also is better than most other open source projects." Much of this accomplishment can be attributed to static analysis verification, and since 2013 fixes to identified defects have accumulated faster than the number unfixed defects. There's a lesson here for commercial software and the open source community.

USBKill used to wipe clean criminal’s PCs

Criminals can now use a simple script to wipe incriminating data from their computers before they are seized to prevent law enforcement agents from conducting forensic investigations on their hard drives. The script, USBKill, thwarts a common practice of  investigators use when they discover a computer during a search and seizure: agents often insert a mouse jiggler or similar device to prevent a possibly encrypted system from logging off or shutting down. USB kill detect changes in USB ports status and immediately shuts the seized computer down. 

AlphaCrypt ransomware looks like TeslaCrypt, behaves like Cryptowall 3.0 

Ransomware is malware that installs on your computer, secretly encrypts your data, then pops up a window that threatens to destroy your data forever if you do not pay the ransom. AlphaCrypt is a recent variant that uses threat notifications like its predecessor TeslaCrypt and employs an encryption (recovery) key technique like Cryptowall 3.0 but defeats shadow volume measures and executes more stealthily. This malware is delivered as a Flash exploit and has frustrated AV detection until only recently. 

Accounts of Dropbox users living outside of NA now hosted in Ireland

First Twitter and now Dropbox have moved accounts of users who do not reside in North America to their facilities in Ireland. Why? Data stored in Ireland is not subject to the NSA court requests for data. If you're an American, Canadian or Mexican citizen, you can't opt in to the Ireland hosting. The Patriot Act is arguably the first domino in the path that's led us to this unhappy juncture, where we cannot honestly call America the Land of the Free.

Spam drops dramatically as Canada's Anti-Spam Legislation takes effect

US Congress should read Canada's Anti-Spam Legislation (CASL) and treat it as a promising model for effective cyber legislation. According to Cloudmark, spam originating from Canada has dropped 37% since CASL took effect, and the monthly volume of email in Canada has dropped 29%. Cloudmark speculates that this latter figure may be marketing email that does not satisfy the CASL's affirmative consent criterion. 

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)