Mar 14, 2011

Week in review: Poisoned Japan earthquake search results, open source exploit kit and new issue of (IN)SECURE Magazine

Here's an overview of some of last week's most interesting news and articles:


















The importance of metadata to prevent data leaks
A new IDC report highlights how the widespread use of collaborative content technologies is fueling the aggressive growth of unstructured and semi-structured data. While collaboration produces highly valuable information, it also introduces significant risk due to increasingly complex and dynamic access control requirements.

French government networks breached in search for G20 files
It seems that France is the latest country whose government computer networks have been targeted by malicious individuals with likely ties to the Chinese government. The targeted computers - more than 150 of them - belong to the Ministry of Finance, and the files the attackers were searching for are documents regarding to the G20 summit held in Paris in February.

Tough questions about botnets
ENISA published a comprehensive study on the botnet threat and how to address it. The report looks at the reliability of botnet size estimates and makes recommendations for all groups involved in the fight against botnets. Alongside the main report the agency sets out the top 10 key issues for policymakers.

Security concerns around "backdoor" mobile devices
Employee owned, ‘backdoor’ mobile devices entering the corporate network highlight ongoing security challenges with enterprise mobility, according to Mformation. According to their survey, 76% of CIOs say employee-owned mobile devices are creating security headaches. 78% don’t even know what devices are connected to the corporate network.

(IN)SECURE Magazine issue 29 released
(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics.

Student charged with operating grade fixing scheme
At first glance, 19-year-old Tyler Coyner might seem like an unlikely criminal. A school's salutatorian (a student that has the second-highest marks at graduation) with a 4.54 grade point average, his dream was to become a hedge fund trader after finishing an Ivy league school.

Evaluate the effectiveness of your cyber armor
When evaluating our effectiveness in dealing with cyber defense, we have two layers of uncertainty and risk: how effectively are we protecting critical information, and what are the adversaries actually getting and how might they use it against us?

SANS Secure Europe training
Gareth Dance is the Manager EMEA for the SANS Institute. In this interview he discusses the SANS Secure Europe Amsterdam 2011 training event and offers insight into what exactly you can expect if you decide to expand your information security knowledge this May.

Will IPv6 render blacklisting obsolete?
We are all aware that IP addresses have almost run out. Security experts are debating the pros and cons, but the sad fact is the migration towards IPv6 is inevitable. Now it remains only to adapt as fast as we can and solve the problems that will arise as soon as it's humanly possible. Among those problems that need a fast solution - or, at least, an interim solution that will help hold back most of the problem - is that of spam blocking.

How can the author of an anonymous e-mail be identified?
It is not that difficult for computer forensic investigators to identify the machine from which the e-mail was sent, but if that machine is used by a number of users, how can they be sure which of them did it?

AV industry fails to cover the basics
NSS Labs released two test reports of endpoint protection products which reveal new shortcomings in these widely deployed products. They cover multi-vector attacks (malware delivered from the web, email, network file sharing and USB flash drives), memory-only attacks, and anti-evasion techniques.

SANS gets ready for Amsterdam
SANS Secure Europe, one of the region’s largest infosec training events is returning to Amsterdam’s Radisson Blu Hotel from 9th-21st May with 2 weeks of technical, hands-on and in-depth information security courses across a wide range of disciplines. SANS is offering a 250 Euro discount to students who register for the event by the 30th of March 2011.

Tips for healthcare organizations to improve their security profile
Based upon extensive work in both healthcare IT and information security, CDW Healthcare has identified preliminary steps for healthcare organizations focused on improving their security profile.

The fundamental failure of endpoint security
According to Stefan Frei, Research Analyst Director with Secunia, it's not the vulnerabilities in Microsoft's products we should worry about, but those in third-party software.

Free, open source exploit kit offered online
Among the various exploit kits for sale out there it seems there is one that aspiring cyber crooks can use for free.

Should antivirus vendors block state malware?
The question was raised by security firm F-Secure after the news that documents found in the recently raided Headquarters of the Egyptian State Security revealed that its Investigation Department had received offers for a spying software framework and tools by a German company.

Google Android security tool found repackaged with malware
In a what should actually not be a wholly unexpected turn of events, the Android Market security update - pushed to Android users whose devices where affected by one or more "trojanized" applications found on the official Android marketplace - has itself been repackaged with a Trojan and is being offered on some third-party Chinese marketplaces.

Japan earthquake search results already poisoned
A search for the “most recent earthquake in Japan” will yield many search results that take users to pages where they are offered fake AV solutions.

Most sites are exposed to at least one vulnerability each day
The average website has serious vulnerabilities more than nine months of the year and data leakage has over taken cross site scripting as the most common website vulnerability, according to WhiteHat Security.

No comments:

Post a Comment