Issue No. 6, June 2014. Monthly newsletter

არსში წვდომა

Issue No. 6 | June 2014

Cyber security monthly newsletter

June 3

Russian authorities to gain access to web user data

The Federal Security Service of Russia and Roskomnadzor (the Federal Supervision Agency for Information Technologies and Communications) have elaborated a list of amendments to current legislation which will obligate Internet providers to deliver user data upon every web query to law enforcement officers, Vedomosti reports.

June 4

Certified Information Security Tools State Register N РOCC RU.0001.01БИ00

Jail time penalties for hackers increase eightfold in Russia

The Russian Government has introduced a bill to the State Duma aimed at increasing the penalty for hacking into banks to steal funds. The draft is being reviewed by the Ministry of Internal Affairs and the Bank of Russia.

June 25

No more personal data storage abroad for Russian citizens

Operators might be obligated to store citizens' personal data in Russia only, a new bill by a number of deputies introduced on 24 June to the RF State Duma says.  The bill aims to introduce amendments to the laws On Personal Data and On Information, Information Technologies and Information Protection.

June 26

Irkutsk Authorities banned from Google

According to regional sources, ministries and local authorities in the Irkutsk Oblast have been ordered to refrain from using Google.  Oblast and municipal authorities are not allowed to use Google web storage, email, search engine, and website creation software. Furthermore, collaboration on Google educational programmes and contests is also prohibited. 

Legislative news and regulatory recommendations

June 3

Benefiting from wireless network conceptual deficiencies

We are surrounded by wireless networks: millions of gadgets constantly sharing their data with the World Wide Web.  It is no secret that information runs the world these days, so the guy next to you may show intense interest in the data your smartphone is leaking.

June 4

GnuTLS proves vulnerable to dangerous attack

Linux users, barely recovered from the notorious Heartbleed bug, are now facing another severe software vulnerability.  This time, the problem has hit GnuTLS, allowing the bug to attack target servers through a vulnerable cryptographic library.  To date, library developers have already eliminated the vulnerability. However, not all official Linux distributors have done the same.

June 6

Cryptoblocker's "colleague" targets Russian-speaking Android users

The international anti-virus company ESET has warned of the advent of the Simplocker, a new Trojan ransom for Android-powered mobile devices.  Ukrainian citizens are the primary target, although the virus can be reprogrammed to strike all Russian-speaking Android users.

June 6

Google announces Gmail encryption feature

Google has launched a new Google Chrome plug-in, developed to increase email privacy by message encryption and another way to dodge NSA supervision.

June 6

Skype not as safe as it looks

According to Solutionary's May Threat Report, Skype users are under attack.  Experts are worried over the fact that the application stores personal data and conversation records in an unencrypted file on the PC, making them vulnerable to hackers.

June 10

Trojan Encoder: yet another threat to Android

Kapersky Labs have revealed new details about the propagation means and functionality of the first Trojan encoder targeted at Android.  The malware, detected by anti-virus software as Trojan-Ransom.AndroidOS.Pletor.a, crept into the web around a month ago and has already attempted over 2,000 infections in 13 countries.

June 11

Turkish backdoor disguises itself as Windows system service

Among alleged modern malware developers in Russia, there are quite a lot of former USSR-era comrades as well as Chinese speakers, a conclusion based on code analysis.  One notable example in this respect is BackDoor.Zetbo.1, which was discovered by the Doctor Web team back in May 2014. Judging by the lines in its code, the developers of this Trojan (capable of executing various commands on the infected computer) originate from Turkey.

June 11

22% of phishing incidents Facebook-related

Cybercriminals use a set of trusted methods to lure their victims into phishing scams.  As a rule, links to such pages are sent out by the criminals in emails imitating notifications from a social network. Writing messages from hacked accounts using the account’s friend list, e.g. invitations to the victim’s friends to follow a link to some engaging content, is another popular method.

June 11

Two Russian hackers arrested for racketeering by means of Find my iPhone function

In Moscow, two hackers have been arrested for using the Find my iPhone function to block others' iPhones and iPads and extort money from the unlucky users.

June 17

164,644 Evernote accounts hacked

Hackers have attacked the forum of Evernote, a popular service to create and store notes which has over 164,000 users.  The company's representatives announced that user passwords, names, dates of birth, profile data, and emails have been compromised.  Forum participants are advised to change their passwords as soon as possible.

June 19

Security flaws in Microsoft anti-virus software

A critical vulnerability allowing perpetrators to tear down protections and infect a PC by means of compromised websites has been found in a number of Microsoft anti-virus programmes.  Microsoft has confirmed this information.

June 19

Majority of Android-based devices suffer from vulnerability allowing hackers to gain kernel privileges

Postponing firmware updates means many Android devices remain vulnerable to CVE-2014-3153, identified in early June in Linux kernel. This vulnerability allows a local user to execute codes with kernel privileges.

June 20

90% of Simplocker infections hit Russia and Ukraine

ESET Lab experts in Bratislava (Slovakia) have identified new modifications to the Trojan ransom Simplocker, which attacks Android-based mobile devices.  According to ESET LiveGrid cloud technology, the Trojan was most successful in Russia and Ukraine.

June 26

Around 60% of Russians ignore basic web-safety measures

Over half of Internet users subject their accounts on social networks, email, and other web services to considerable risk, ESET reports, based on a poll of Russian users. 

Staying secure

Finance sector

June 9

5 years in jail for student who stole 7 mln rubles from cash machines

The Vladovostok Court has found a local resident guilty of grand theft and sentenced him to five years of imprisonment in a minimum security correction camp.  According to the Primorsky Krai public prosecutor's office, the culprit obtained cash from ATM machines without changing the bank card balance.

June 11

9th-grade schoolchildren hack Bank of Montreal cash machine

Two 9th-grade Canadian schoolchildren managed to hack into a cash machine security system at the Bank of Montreal, using old instructions they found on the web.

June 16

Worldwide damage incurred by cybercrime amounts to $445 bln annually

Every year, cybercrime deals $445 billion worth of damage to the world economy, according to a report by CSIS.  The report describes cybercrime as a growing industry which impairs trade, competitiveness, and innovation.

June 19

Pskov to host trial of "skimming experts" who obtained data on several hundred accounts

A criminal case has been filed with a Pskov Oblast court regarding two citizens of near-abroad states accused of unlawfully accessing computer data and information covered by bank security, the regional administration of the Ministry of Internal Affairs reported Thursday.

June 24

Targeted attack on hedge fund

According to BAE Systems Applied Intelligence, an international consultancy company, cybercriminals succeeded in stealing trade secrets in a complex attack on a U.S. hedge fund.  The damage incurred amounted to over $2 million, Paul Henninger, the head of BAE, told CNBC.

June 25

Kaspersky Labs unveils targeted attack on famous bank

Kaspersky Lab experts have discovered a targeted attack on the clients of a large European bank. According to logfiles found on a server used by the hackers, the criminals stole over half a million euros from bank accounts in under a week. 

 

Internet and telecommunications

June 1

The right to be “forgotten” by Google

Google has agreed to delete obsolete or incorrect links.  On 30 May, the company launched a service allowing users to send a request for deletion, thus complying with a mandate by the European Court.

June 2

NSA intercepts millions of web users’ photos daily

The U.S. National Security Agency daily intercepts millions of photos sent via the Internet, The New York Times reported, based on yet another batch of documents published by former NSA and CIA agent Edward Snowden.

June 2

35 duplicate cards found on crooks who tried to unlawfully siphon cash off others' balances

Moscow police have prevented several criminals from cashing out funds using fake bank cards. According to a report by MIA report published on Monday, the incident occurred at the end of last week, when the criminal attempt was reported to law enforcement bodies by the security service of a Moscow bank.

June 2

FBI adds another Russian to most wanted hackers list

The U.S. Federal Bureau of Investigation has included one more Russian citizen into the most wanted list of hackers.  According to the FBI's website announcement, the new member of the "club" is Yevgeny Bogachyov, born in 1983, who is accused of stealing funds from American citizens' accounts.

June 4

Canadian MP forgets secret NATO documents

Sheila Copps, a former member of Canada's Cabinet of Ministers from the Liberal Party, has discovered a file with documents disclosing detailed information on the country's foreign policy which was forgotten in the Ottawa Airport.

June 4

Powerful DDoS attack launched on OSCE site

According to the Organization for Security and Cooperation in Europe's press service, the organization’s official website was malfunctioning because of a powerful DDoS attack.  Dunia Miatovich, the OSCE media freedom representative, noted that "the ongoing DDoS attack is inadmissible:  it means that powers seeking to limit the freedom of speech have been set in motion."

June 4

Police catch pack of hackers red-handed, preventing multi-million-ruble theft

The K Department of the RF Ministry of Internal Affairs has put an end to the illegal activities of a hacker group suspected of multi-million-ruble thefts from individual and corporate accounts, the department's press release reports.

June 4

Ukrainian hackers upload info on 76,000 American Express cards

American Express has informed California residents that earlier this year, Ukrainian hackers published classified data from 76,608 credit cards online.  The data contains cardholders' names, card and account numbers, transaction records, and valid through dates.

June 6

Anti-cybercrime mission successfully accomplished in Kirov

Experts from the Kaspersky Lab's Cyber Incident and Analytics Department have provided professional support to the K Department of the RF Ministry of Internal Affairs, which, in cooperation with Information Security Centre under the Federal Security Service of the Russian Federation and Kirov Oblast Department of the Federal Security Service of the Russian Federation, have clamped down on a team of cybercriminals allegedly responsible for multi-million-ruble thefts from both individual and corporate settlement accounts.

June 6

U.S. Secret Service sensitive to social networks sarcasm

The U.S. Secret Service is eager to get hold of software capable of detecting sarcasm in messages posted on social platforms. Though the service is interested in software that can “understand” the actual meaning of a post, they have to teach the machine to identify sarcasm.

June 6

World's top countries want protection from NSA surveillance

After Edward Snowdon's leaks, in which we learned that the Internet has been used as a huge spying system controlled by American special services, the Internet will never be the same.  The world is literally entangled in tens of thousands of kilometres of cables that transmit large quantities of data every second.

June 10

Washington estimates total cybercrime damage at 0.5% of world GDP

In a desperate effort to become famous for something other than persistent anti-virus pre-installation requests on Windows and Android, McAfee, currently an Intel Security division, goes in for cybercrime market research.

June 11

USA accuses Chinese military of cyber espionage in space industry

CrowdStrike, a private American company dealing in Internet security issues, has accused the Chinese military of conducting large-scale hacking operations aimed at U.S. satellite and aerospace programmes, Reuters reports.

June 17

AT&T unveils data theft from two months ago

AT&T has confirmed that during a hack into its systems several months ago, three culprits stole an unknown quantity of user account data from AT&T Mobility.  The criminals acquired phone numbers, user names, and possibly bank details.

June 17

Google accused of indulging stolen personal data trade

Thieves are selling stolen credit cards numbers and other personal data via YouTube – an unexpected twist discovered by researchers at the Digital Citizens Alliance nonprofit.  Unbelievably, even Google makes a profit from such videos!

June 20

Human factor reason for information security breach in 95% of cases

The degree of human stupidity is not to be underestimated, especially when applied to information security issues where over 95% of incidents occur by human default.  IBM Managed Security Services is monitoring cyber incident statistics from around 1,000 clients in 133 countries.  The new IBM Security Services 2014 Cyber Security Intelligence Index report, based on 2013 data, showed that the overwhelming majority of incidents started with human error.

June 20

Californian colleges to pay $290,000 for data leak on 37,000 people

In June 2014, two colleges in California – California's College of the Desert and Riverside Community College District (RCCD) – sent out emails containing students' and professors' personal data by mistake.  According to Zecurion Analytics, personal information about over 37,000 people was disclosed.

June 20

U.S. Attorney General's office publish Bitcoin buyers list by accident

U.S. authorities have accidentally published a list of Bitcoin bidders arrested in line with a crackdown on Silk Road, an illegal drug-dealing platform.

June 20

EMC detects controversy over privacy on the Web

The EMC Corporation has published their Privacy Index Report, a global research report on users' attitude toward privacy on the Internet, with 15,000 respondents from 15 countries.  The research shows that the concept of privacy varies by region and type of Internet activity.

June 21

Fake Google Play copy steals South Korean data

Jimmy Su and Jinjian Zhai from FireEye have detected a fake Google Play application -  a clone of the world's largest app store - that uses a dynamic DNS-server and Gmail SSL protocol to extract personal data.

June 23

Positive Technologies comments on hacked Ukrainian mobile operators

Hype over a scandal regarding hacks of Ukrainian telecom subscribers, it seems, was unduly placed – technically, it’s much easier than the average user realizes to access private cell phone conversations.

June 23

Anonymous crashes FIFA World Cup Championship website in Brazil for several hours

On Friday, hackers from the Anonymous collective succeeded in taking the Brazilian FIFA WC 2014 official website out of service for several hours.

June 26

Google Glass can secretly identify devices' PIN numbers

Experts believe Google Glass is able to detect passwords, the New Zealand Herald reports.  A team of experts led by Professor Xinwen Fu, from the University of Massachusetts Lowell, have tested a programme that analyzes fingertip movements and shades, subsequently producing smartphone and tablet PINs.

 

Industry and services

June 3

15 years in jail for identity theft

According to Zecurion Analytics, Detrius Elliott, a Washington, D.C. hospital worker, is facing 15 years of imprisonment for stealing identities belonging to the financial guarantors of 80 patients.

June 3

ZeuS bank Trojan developer wanted

U.S. law enforcement agencies and the Ministry of Justice have announced a special operation on Gameover ZeuS botnet disablement.

June 3

Pirate Bay co-founder behind bars

Swedish authorities have arrested Peter Sunde, cofounder of The Pirate Bay torrent tracker, Reuters reports.  He is accused of systematic breach of copyright and is facing an 8-month sentence.

June 6

Deutsche Telekom to publish info on subscriber espionage 

Deutsche Telekom has announced that it will follow Vodafone's example and publish information on how special services tap mobile network subscribers, The Guardian reports.  Deutsche Telekom operates in 14 countries including the USA, Spain, and Poland.  The operator's subscribers are estimated to be 140 million strong. 

Articles

June 2

TrueCrypt software may be given new lease on life

A security expert team is eager to recover and enhance TrueCrypt, a popular data encoding software.  The developers have recently stopped supporting it, saying it was no longer safe.  However, TrueCrypt fans were reluctant to abandon their favourite programme.

June 5

Experts find way to prevent NSA from tapping iPhones

In an interview on NBC, former NSA agent Edward Snowden revealed that U.S. intelligence is able to easily connect to any mobile phone, even when powered off, RT reports.

June 5

Security expert Schneier says encoding only way to prevent tracking

Security expert Bruce Schneier, sharing his ideas in an interview to Softpedia, said he believes data encoding saves mobile gadget and PC users from mass surveillance.

June 5

New OpenSSL vulnerability: MITM attack possible (CVE-2014-0224)

Over the last few years, a number of critical vulnerabilities in cryptographic libraries have been detected.  Although some of them could have been actually used on a grand scale before the detailed information about them and patches were available, such critical vulnerabilities like Heartbleed urged developers, researchers, and ordinary users to thoroughly investigate these products' security issues.

June 8

Free SSL certificates for Open Source projects

The GlobalSign certification centre has started granting SSL certificates for Open Source projects that comply with relevant criteria, free of charge.  This is a great opportunity for projects that have not yet obtained a certificate to get one.  The certificates have unlimited license as long as the project complies with relevant requirements.

June 9

Windows XP: Hacking Apocalypse ain't gonna happen

Two months after Microsoft stopped supporting Windows XP, experts' cyber security predictions of a hacking boom exploiting vulnerabilities due to lack of OS updates has turned out to be false. 

June 10

Check Point launches ThreatCloud IntelliStore

Check Point, a global Internet security leader, has announced the launch of ThreatCloud IntelliStore, a unique data store on cyber threats which would enable entities to choose data sources for automatic cyber attack prevention.  The new offer is hinged on ThreatCloud™, Check Point's key counterattack system, the industry's largest infrastructure for large amounts of data on threats received from global sensors.

June 10

IT specialists find dangerous bug in smart TVs

Millions of smart TVs can be hacked by means of faking network data used by connected devices to transfer the screen image.  According to experts, this attack takes advantage of loopholes in a popular technology used by smart TVs to adapt the images. 

June 11

IBM patents new anti-Internet fraud technology

The IBM Corporation has recently announced its patent on a new technology to fight Internet fraud which monitors and analyses behavioral factors.  The technology is called User-browser interaction-based fraud detection system.

June 16

PC disconnected from Internet hacked

Israeli scientists have developed software that can detect electrical impulses by means of a mobile phone and install malware on a PC that is physically disconnected from the Internet.

June 18

Cisco back in PC protection business

In the early 2000s, the PC security market was dominated by a signature approach that detected mainly known threats for which corresponding signatures had been written into the protection systems (anti-viruses, host-based intrusion detection systems, etc.).  

June 18

Speedrun on 13 website vulnerabilities: Basic terms and protection

Recently I have been compiling a kind of lecture on web security and came across a OWASP 2013 vulnerability rating, but was surprised to find out that accurate information on the subject in Russian was scarce or naught. So, I wrote this article to briefly describe the main vulnerabilities, causes, and solutions.

June 19

3,000 vulnerabilities detected in SAP systems

Digital Security experts have reported the results of their seven-year SAP platform vulnerability analysis.  According to the information published on the SAP official website, 3,000 vulnerabilities have been detected.

June 19

NetApp announces new SSD-based storage system

While flash drive demand continues to grow, NetApp has presented a new storage system entirely based on flash.  The new system caters to media consumers who need high performance and fail safety.

June 21

Supermico BMC controller vulnerability allows access to control interface passwords

A vulnerability in a Baseboard Management Controller chip used in Supermicro motherboards that allows hackers to obtain passwords and access the control interface has been detected.  The problem arises due to the fact that the file containing passwords is available without authentication in a binary data block through networking port 49152.  The technique is simple: you only have to connect to 49152 port and execute GET /PSBlock, upon which the passwords are displayed without hash coding.

June 23

Alan Turing, Vinton Cerf, and Joseph Whedon

What do Alan Turing, Vinton Cerf, Joseph Whedon, Anna Akhmatova, Olympic Games, the typewriter, and a hula hoop have in common?

June 23

Symbiosis:  after infection, Trojan starts protecting system from other malware

This is half-ridiculous: According to an analysis of  Trojan.Tofsee by DrWeb, the virus’s behavior is almost normal: it sends out spam. However, this trojan has a trick of its own: after infection it starts protecting the system from other viruses and deleting existing rivals.

June 26

Scientists solve password memorization problem

New technology that can, according to its creators, solve the problem of memorizing passwords was announced in PeerJ on Tuesday.  The program is based on the human ability to recognize familiar faces. 

Learn something new: cyber security technology updates

June 5

DDoS Attacks Growing in Volume and Complexity

Amplification tactics have become the new normal, replacing botnets.

June 10

McAfee report on the Global Cost of Cybercrime

McAfee firm has published a new study titled The Estimating the Global Cost of Cybercrime which provides an evaluation of costs for illicit activities.

June 11

Gmail Bug Could Have Exposed Every User’s Address

Security tester Oren Hafif says that he found and helped fix a bug in Google's Gmail service that could have been used to extract millions of Gmail addresses, if not all of them, in a matter of days or weeks.

June 11

Pandemiya is a written-from-scratch trojan being sold in the underground

RSA Security’s FraudAction team released a report on Pandemiya, a new banking Trojan being sold in hacker forums as an alternative to the popular Zeus.

June 11

Cloud-Based POS Software – “New Target for Hackers?”

A cyber threat intelligence firm from Los Angeles, has identified new-targeted attacks on cloud-based POS software, used by grocery stores, retailers and other small businesses using web browsers like Internet Explorer, Safari, and/or Google Chrome.

June 12

Xiaomi smartphones can steal bank card data via NFC

Chinese woman accidentally discovered that its Xiaomi smartphone has the capability to steal bank card data via near field communication.

June 13

Fraud scheme in PayPal allows anyone to increase balance endlessly

Razvan Cernaianu user described a method by which PayPal users could double their amount of money related to their account endlessly.

June 16

Change in App permissions raises privacy and security issues

A review in the organization of app permissions made by Google could allow malicious apps to silently gain further permissions on the victim’s device.

June 17

How to Anonymize Everything You Do Online

Use cryptographic anonymity tools to hide your identity, on the other hand, and network eavesdroppers may not even know where to find your communications, let alone snoop on them.

June 17

Hacker Hijacks Storage Devices, Mines $620,000 in Dogecoin

Dogecoin, for those who don't spend their time indulging in Internet meta-memes, may seem like harmless nerdery. But for one enterprising hacker, it's created a small fortune---at the price of annoying a lot of systems administrators.

June 18

AT&T suffered a data breach,users urge to change passcode

The American multinational giant AT&T confirmed to have suffered a data breach last April, personal data of an unknown number of users was exposed.

June 19

LinkedIn vulnerable to MITM attack that leverages an SSL stripping could expose users data at risk

Security experts at Zimperium firm revealed that LinkedIn users could be potentially vulnerable to Man-in-the-Middle attacks leveraging an SSL stripping.

June 20

This Tool Boosts Your Privacy by Opening Your Wi-Fi to Strangers

In an age of surveillance anxiety, the notion of leaving your Wi-Fi network open and unprotected seems dangerously naive. But one group of activists says it can help you open up your wireless internet and not only maintain your privacy.

June 20

More than 32000 servers expose admin passwords in the clear

More than 32000 servers containing motherboards manufactured by Supermicro expose admin passwords in the clear, it is a godsend for hackers.

June 22

RSA – Malware proposal on the open web increasingly fearless

The RSA Research Team has discovered the offer of a complete collection of malware through open channels like social media and emails.

June 23

Watch the Global Cyber War Live Right Here

Well-organized hackers from China have been blamed for everything from crippling pro-democracy websites in Hong Kong to stealing corporate secrets from US companies in recent months. The US and China are locked in an escalating war about online spying that threatens to devastate business for companies in both countries.

June 23

Largest DDoS attack hit PopVote, Hong Kong Democracy voting site

Largest DDoS attack hit PopVote, Hong Kong Democracy voting website. Experts at CloudFlare observed a three hundred gigabits per second DDoS attack.

June 24

Researchers Find and Decode the Spy Tools Governments Use to Hijack Phones

Newly uncovered components of a digital surveillance tool used by more than 60 governments worldwide provide a rare glimpse at the extensive ways law enforcement and intelligence agencies use the tool to surreptitiously record and steal data from mobile phones.

June 24

HackingTeam, new revelations on the surveillance network

Kaspersky Lab and Citizen Lab have released the results of their analysis on the global C2 infrastructure used by the Italian firm HackingTeam.

June 24

Top website Askmen hacked and used to serve a banking trojan

Askmen.com, one of the most popular websites on the Internet (Top 1000 Alexa), is compromised to sever the banking trojan Caphaw.

June 25

Hospital Networks Are Leaking Data, Leaving Critical Devices Vulnerable

Two researchers examining the security of hospital networks have found many of them leak valuable information to the internet, leaving critical systems and equipment vulnerable to hacking. The data, which in some cases enumerates every computer and device on a hospital’s.

June 25

Cyber espionage campaign based on Havex RAT hit ICS/SCADA systems

Security Experts at F-Secure discovered a cyber espionage campaign based in the Havex malware targeting ICS/SCADA systems and vendors.

June 26

Cops Can’t Search Cell Phones Without a Warrant, Supreme Court Rules

The court released a landmark decision Wednesday morning in the case of Riley vs. California, forbidding warrantless police searches of the contents of arrestees' cell phones.

Foreigner corner

იყო თუ არა ინფორმაცია სასარგებლო?