Issue No. 5 | May 2014
Cyber security monthly newsletter
The bill proposes cessation of the current total electronic communication harvesting practiced by the American secret services. It was passed by the Judiciary Committee under the House of Representatives of the U.S. Congress by a vote of 32-0.
The Ministry of Communications and Mass Media of the Russian Federation has submitted a draft law stipulating provision of “cloud” services to Russian authorities. The draft contains a list of amendments to the enacted FZ-149 On Information, Information Technologies and Information Protection. The bulk of the document is dedicated to a set of mandatory standards for “cloud” operators working with Russian clients.
The Bank of Russia recommends that banks establish bank-to-bank communication channels when contracting with other lending institutions, according to a letter by Georgy Luntovsky, the institution’s deputy chairman, posted on its official website.
The letter also says that the interaction is necessary for Russia-wide transfers to avoid the operational and payment clearing centres commonly used in international payment systems.
The bank also advises "supporting said channels in a ready-to-use state."
Legislative news and regulatory recommendations
A pack of hackers have engaged in a series of recurring attacks to fake well-known companies or trademarks, arousing interest and gaining the trust of certain categories of users. The cheats mostly use these tactics for stealing confidential information, phishing, promoting dubious services, and propagating malware apps.
Kaspersky Labs have detected a peculiar mobile worm aimed at the Sipnet Internet phone call service provider. Unlike other similar malware, this one starts SMS-spamming soon after launching without any command from the hacker’s server.
On Monday Avast, a Czech anti-virus vendor, announced that over the last 45 days it has recorded an increase in ransom infections encoding user data. Avast reported that around 200 mln devices using Windows, Mac, and Android have been infected by ransom malware produced, it seems, by one and the same team of culprits.
ESET, an international anti-virus company, has warned of a rash of Trojans disguised as .jpg files in email messages. The attack is aimed at East European users. The Trojan attacks the PC when the unhappy victim tries to open the file attached to an email, taking it for a jpeg image. In fact it is an .exe file in disguise, containing a malicious code.
Kaspersky Lab experts have detected a fake version of Kaspersky anti-virus for mobile devices. The phony Kaspersky application, which just shows pacifying messages without actually eliminating threats, appeared in the Windows Phone Store and Google Play.
All the latest browser versions support HTML5; consequently, the industry is more than ready to accept and adjust to the new technology. HTML5 is designed to simplify the process of including and processing graphic and multi-media content on the web without using third-party plugins or API. This article will talk about the new types of attack that HTML5 has introduced.
File viruses are not common malware - hence Win32.Sector, which created a vast botnet, is of special interest to information security experts. Doctor Web analysts have studied this virus and managed to estimate the current infection scale.
PayPal payment system clients are now phishing targets. Experts attribute perpetrators' surge in activity with the recent hack into eBay. Protect your login and password.
According to BusinessWire, eBay, an auction site and global online retailer, has fallen prey to hackers as the resource's servers shuddered under a massive attack on the user password database. The admins recommend changing your eBay password.
Avast has announced that its own Internet forum has been hacked and 400,000 registered users could be stripped of their personal data. According to Vincent Steckler, Avast Software’s CEO, the company today caters to around 200 million people, whereas 400,000 comprises only 0.2 percent of its database.
A number of Russian banks blocked or restricted the functionality of cards for clients who used them to purchase tickets via the Russian Railways website. This information was reported to Banki.ru by several lending institutions.
Potential Belgian victims received fake emails from a Belgian bank with a request to provide some personally identifiable information. The Netherlands-based culprits then contacted the victims directly via phone in order to obtain more detailed personal and private information. The information collected was later used to access and milk cash from the bank accounts.
According to Europol, the EU's police, Belgian banks and their clients have suffered million-euro losses.
ETH Zurich (Eidgenössische Technische Hochschule Zürich) experts have developed a special film which, when damaged, oozes extremely hot foam to ward off malicious hands. This technique is supposed to counteract vandalism and cash machine burglary.
A worker from Hale & Hearty, a New York-based company dealing in fast food delivery, has been copying clients' credit card data by means of a skimmer. She got the device from a friend of hers who, according to the police, headed a criminal gang of 11, nbcnewyork.com reports.
InfoWatch, Russian corporate information internal security market leader, has published its first report dedicated to information security levels at SMB companies. In 2013, the number of compromised client and staff entries at small and medium businesses exceeded 129 million. Whereas globally, SMB demonstrated a little under 40 percent of total leakage registered, in Russia the companies were accountable for 61 percent, i.e. almost two thirds.
In early summer, the Bank of Russia is planning to publish a new standard on information security in the RF banking system. The regulator is hoping to gain control over the mixed industry of finance application developers and dramatically decrease data leakage risks and electronic fraud. Banki.ru got hold of some details of the upcoming guidelines.
The Chinese authorities are pondering a threat imposed by high-performance IBM servers on the nation's financial security, Bloomberg reports with a link to reliable sources.
Internet and telecommunications
Matthias Ungethüm affirmed he has managed to hack the official website of the National Security Agency. The computer genius made the announcement today on MDR.
Yassine Gharib, a 26-year old Moroccan, got arrested in Thailand for allegedly hacking into Swiss clients' bank accounts and stealing money. He and his friends stole over $20 million.
The Anti-Phishing Working Group consortium has published its Global Phishing Survey results for the second half of 2013. Over half of the 681 entities have fallen prey to hackers from July to December of the previous year.
Upon governmental request, Apple will procure and hand over not only identification information, but also personal photographs, contacts, conversation history, documents, and other information to the government, according to the company's new policy of collaboration with U.S. authorities and law enforcement structures.
Info on over a million Orange clients has been stolen in the second leak from the French mobile operator over the last three months. The names, phone numbers, birth dates, and email addresses of over 1.3 million people were stolen during the April cyber attack on Orange's servers. Today, Orange says it will reinforce its security policy regarding client data.
Texas police arrested a man suspected of stealing data from Target clients in the country's second largest hacking attack ever, local media reported.
Former U.S. Navy officer Nicholas Paul Knight is accused of hacking 30 government systems, including the U.S. Navy, Harvard University, and the Department of Homeland Security.
It is now mandatory for Google to comply with the EU Data Protection Law and to make adjustments to its search engine, after a ruling by the European Union Court protecting the right to privacy.
Belgium's Federal Public Service Economy has reportedly suffered a data leak, its spokesmen report. The prime suspect is a foreign intelligence agency. No definite information on the attackers has been obtained so far; however, among the suspects are Russia, the NSA, and independent hacker groups.
740 million confidential files were stolen and unlawfully reviewed by cybercriminals in 2013, a year that has become the worst ever in this respect. The news was revealed in a study conducted by Zurich Insurance Group in collaboration with analytics agency Atlantic Council.
EU and U.S. law enforcement bodies have announced a special operation to arrest clients, operators, and developers of a remote access tool, or backdoor, known as Blackshades RAT (ESET: Win32/VB.NXB, Microsoft: Worm:Win32/Ainslot, Symantec: W32.Shadesrat).
Cisco CEO John Chambers has asked U.S. President Barack Obama to keep his secret service in check, as their activities discredit products by Cisco and other American manufacturers.
Last winter we told you about a report by Mandiant (now part of FireEye) on the Chinese APT1 group, aka Comment Crew. The name was acquired by a group of hackers from the so-called Unit 61398 of the People's Liberation Army, which conducted cyber espionage operations in other countries.
Trend Micro has published an overview of cyber security threats in Q1 2014 entitled Cybercrime Hits the Unexpected. According to the report, perpetrators keep finding new ways and new targets to lead successful money-stealing attacks.
Ex-leader of LulzSec hacker group Hector Monsegur, facing a long time behind bars for orchestrating cyber attacks and stealing bank card info, has agreed to collaborate with the American government. The hacker has so far helped prevent at least 300 hacker attacks on government networks.
Industry and services
Websense and Ponemon Institute have published a report entitled Exposing the Cybersecurity Cracks: A Global Perspective. The research, aided by 5,000 cybersecurity experts from 15 countries, showed that current cybersecurity threats are virtually insurmountable for most companies.
The annual Cost of Data Breach research has shown that this year, companies have suffered 15 percent more damage from info leaks compared to the previous year. The study was conducted by the Ponemon Institute and funded by IBM.
While cyber threats continue to evolve, companies need to learn to understand the origins of new exploits and how they might affect corporate networking. Companies need to have all available information on potential cyber threats at their fingertips to develop a corresponding security system capable of withstanding the onslaught.
Cyber security experts have detected a global network of 1,500 POS infected by specialized malware. The network, established by hackers in 36 countries, includes machines for other operations in retail.
Roskomnadzor (the Federal Supervision Agency for Information Technologies and Communications) has started testing an automatic online-editions monitoring system, Vadim Ampelonsky, the agency's official representative, reported.
IBM has presented new software for security systems and consulting services to help companies protect their critical data from advanced persistent threats, zero day attacks, and breaches through pervasive behavioral analytics and deep research expertise.
The Armed Forces of the Russian Federation have organized an Information Operations Corps. The group’s primary objective is to protect the Army's command, communication, and control system from cyberterrorism and to encode relevant data against would-be aggressors, ITAR-TASS reports, citing an RF Ministry of Defense source.
For system data collection and analysis, Linux uses a whole set of utilities. Every system component is diagnosed by a specific tool.
Hitachi has developed Finger Vein, a scanning device planned for application to modern systems. Itcard S.A., a maintenance service company for Polish banks in cooperation with Japanese engineers, will be implementing this innovative equipment all over the country.
Kaspersky Lab has granted the public access to unique statistics data portraying the current status of the cyberworld and its dwellers. The company has collected statistics from all over the globe on its new site http://kaspersky-cyberstat.com/rus/. Now you can learn about what others do on the Web, what devices they use, and what threats they face. All info is updated in real time, enabling the user to watch the surrounding world evolve.
A team from the European Organization for Nuclear Research (CERN) has developed ProtonMail, a mail service claiming to be one of the most protected of its kind. All content undergoes end-to-end encryption, and ProtonMail servers are located in Switzerland, which is famous for its personal data protection laws. The service creators believe ProtonMail has the potential to surpass the recently closed Lavabit used by Edward Snowden.
Ange Albertini, a reverse engineering expert from Corkami, was asked jokingly whether he could generate a JPEG picture that, having been AES-encrypted, could be converted back to a valid JPEG. Ange, in all seriousness, accepted the challenge, did some research and published a presentation with guidelines on how to do perform the task in various formats.
Learn something new: cyber security technology updates
Think the IT department has a handle over the security landscape within a company? Think again: new research has revealed that devices in a typical company’s network are generating a staggering aggregate average of 10,000 security events per day, with the most active generating around 150,000 events per day.
Hackers have been stealing Google account passwords in a new and better crafted phishing attack that is hard to catch with traditional heuristic detection, warns Bitdefender. A particularity in how Google Chrome displays data using Uniform Resource Identifiers (URIs) makes Chrome users most vulnerable, however the phishing attack also targets Mozilla Firefox users.
Online piracy of TV and films continues to thrive, but new research suggests that people looking for free entertainment often get free malware as part of the deal.
The Egyptian security researcher Ahmed Aboul-Ela has discovered a vulnerability which allowed deleting comments of any user in all Yahoo sites.
Cyber attacks could pose a potentially huge risk to US critical infrastructure, state-sponsored hackers and cyber criminals are increasing their activity.
CYBERPOL the International Cyber-Security Organization (ICSO) is looking into the ID theft of personalities on social websites online that offers very little, if any protection of your identity being used by third parties.
Google has launched a new desktop version of its popular VirusTotal Uploader tool for Mac OS X in a bid to encourage malware fighters to make the Apple ecosystem more secure.
Spotify company is investigating unauthorized access to its systems and internal company data. Android users urge to update the app and change the password.