Article
Issue No. 6 | June 2014
Cyber security monthly newsletter
June 3
Russian authorities to gain access to web user data
The Federal Security Service of Russia and Roskomnadzor (the Federal Supervision Agency for Information Technologies and Communications) have elaborated a list of amendments to current legislation which will obligate Internet providers to deliver user data upon every web query to law enforcement officers, Vedomosti reports.
June 4
Certified Information Security Tools State Register N РOCC RU.0001.01БИ00
Jail time penalties for hackers increase eightfold in Russia
The Russian Government has introduced a bill to the State Duma aimed at increasing the penalty for hacking into banks to steal funds. The draft is being reviewed by the Ministry of Internal Affairs and the Bank of Russia.
June 25
No more personal data storage abroad for Russian citizens
Operators might be obligated to store citizens' personal data in Russia only, a new bill by a number of deputies introduced on 24 June to the RF State Duma says. The bill aims to introduce amendments to the laws On Personal Data and On Information, Information Technologies and Information Protection.
June 26
Irkutsk Authorities banned from Google
According to regional sources, ministries and local authorities in the Irkutsk Oblast have been ordered to refrain from using Google. Oblast and municipal authorities are not allowed to use Google web storage, email, search engine, and website creation software. Furthermore, collaboration on Google educational programmes and contests is also prohibited.
Legislative news and regulatory recommendations
June 3
Benefiting from wireless network conceptual deficiencies
We are surrounded by wireless networks: millions of gadgets constantly sharing their data with the World Wide Web. It is no secret that information runs the world these days, so the guy next to you may show intense interest in the data your smartphone is leaking.
June 4
GnuTLS proves vulnerable to dangerous attack
Linux users, barely recovered from the notorious Heartbleed bug, are now facing another severe software vulnerability. This time, the problem has hit GnuTLS, allowing the bug to attack target servers through a vulnerable cryptographic library. To date, library developers have already eliminated the vulnerability. However, not all official Linux distributors have done the same.
June 6
Cryptoblocker's "colleague" targets Russian-speaking Android users
The international anti-virus company ESET has warned of the advent of the Simplocker, a new Trojan ransom for Android-powered mobile devices. Ukrainian citizens are the primary target, although the virus can be reprogrammed to strike all Russian-speaking Android users.
June 6
Google announces Gmail encryption feature
Google has launched a new Google Chrome plug-in, developed to increase email privacy by message encryption and another way to dodge NSA supervision.
June 6
According to Solutionary's May Threat Report, Skype users are under attack. Experts are worried over the fact that the application stores personal data and conversation records in an unencrypted file on the PC, making them vulnerable to hackers.
June 10
Trojan Encoder: yet another threat to Android
Kapersky Labs have revealed new details about the propagation means and functionality of the first Trojan encoder targeted at Android. The malware, detected by anti-virus software as Trojan-Ransom.AndroidOS.Pletor.a, crept into the web around a month ago and has already attempted over 2,000 infections in 13 countries.
June 11
Turkish backdoor disguises itself as Windows system service
Among alleged modern malware developers in Russia, there are quite a lot of former USSR-era comrades as well as Chinese speakers, a conclusion based on code analysis. One notable example in this respect is BackDoor.Zetbo.1, which was discovered by the Doctor Web team back in May 2014. Judging by the lines in its code, the developers of this Trojan (capable of executing various commands on the infected computer) originate from Turkey.
June 11
22% of phishing incidents Facebook-related
Cybercriminals use a set of trusted methods to lure their victims into phishing scams. As a rule, links to such pages are sent out by the criminals in emails imitating notifications from a social network. Writing messages from hacked accounts using the account’s friend list, e.g. invitations to the victim’s friends to follow a link to some engaging content, is another popular method.
June 11
Two Russian hackers arrested for racketeering by means of Find my iPhone function
In Moscow, two hackers have been arrested for using the Find my iPhone function to block others' iPhones and iPads and extort money from the unlucky users.
June 17
164,644 Evernote accounts hacked
Hackers have attacked the forum of Evernote, a popular service to create and store notes which has over 164,000 users. The company's representatives announced that user passwords, names, dates of birth, profile data, and emails have been compromised. Forum participants are advised to change their passwords as soon as possible.
June 19
Security flaws in Microsoft anti-virus software
A critical vulnerability allowing perpetrators to tear down protections and infect a PC by means of compromised websites has been found in a number of Microsoft anti-virus programmes. Microsoft has confirmed this information.
June 19
Postponing firmware updates means many Android devices remain vulnerable to CVE-2014-3153, identified in early June in Linux kernel. This vulnerability allows a local user to execute codes with kernel privileges.
June 20
90% of Simplocker infections hit Russia and Ukraine
ESET Lab experts in Bratislava (Slovakia) have identified new modifications to the Trojan ransom Simplocker, which attacks Android-based mobile devices. According to ESET LiveGrid cloud technology, the Trojan was most successful in Russia and Ukraine.
June 26
Around 60% of Russians ignore basic web-safety measures
Over half of Internet users subject their accounts on social networks, email, and other web services to considerable risk, ESET reports, based on a poll of Russian users.
Staying secure
Finance sector
June 9
5 years in jail for student who stole 7 mln rubles from cash machines
The Vladovostok Court has found a local resident guilty of grand theft and sentenced him to five years of imprisonment in a minimum security correction camp. According to the Primorsky Krai public prosecutor's office, the culprit obtained cash from ATM machines without changing the bank card balance.
June 11
9th-grade schoolchildren hack Bank of Montreal cash machine
Two 9th-grade Canadian schoolchildren managed to hack into a cash machine security system at the Bank of Montreal, using old instructions they found on the web.
June 16
Worldwide damage incurred by cybercrime amounts to $445 bln annually
Every year, cybercrime deals $445 billion worth of damage to the world economy, according to a report by CSIS. The report describes cybercrime as a growing industry which impairs trade, competitiveness, and innovation.
June 19
Pskov to host trial of "skimming experts" who obtained data on several hundred accounts
A criminal case has been filed with a Pskov Oblast court regarding two citizens of near-abroad states accused of unlawfully accessing computer data and information covered by bank security, the regional administration of the Ministry of Internal Affairs reported Thursday.
June 24
According to BAE Systems Applied Intelligence, an international consultancy company, cybercriminals succeeded in stealing trade secrets in a complex attack on a U.S. hedge fund. The damage incurred amounted to over $2 million, Paul Henninger, the head of BAE, told CNBC.
June 25
Kaspersky Labs unveils targeted attack on famous bank
Kaspersky Lab experts have discovered a targeted attack on the clients of a large European bank. According to logfiles found on a server used by the hackers, the criminals stole over half a million euros from bank accounts in under a week.
Internet and telecommunications
June 1
The right to be “forgotten” by Google
Google has agreed to delete obsolete or incorrect links. On 30 May, the company launched a service allowing users to send a request for deletion, thus complying with a mandate by the European Court.
June 2
NSA intercepts millions of web users’ photos daily
The U.S. National Security Agency daily intercepts millions of photos sent via the Internet, The New York Times reported, based on yet another batch of documents published by former NSA and CIA agent Edward Snowden.
June 2
35 duplicate cards found on crooks who tried to unlawfully siphon cash off others' balances
Moscow police have prevented several criminals from cashing out funds using fake bank cards. According to a report by MIA report published on Monday, the incident occurred at the end of last week, when the criminal attempt was reported to law enforcement bodies by the security service of a Moscow bank.
June 2
FBI adds another Russian to most wanted hackers list
The U.S. Federal Bureau of Investigation has included one more Russian citizen into the most wanted list of hackers. According to the FBI's website announcement, the new member of the "club" is Yevgeny Bogachyov, born in 1983, who is accused of stealing funds from American citizens' accounts.
June 4
Canadian MP forgets secret NATO documents
Sheila Copps, a former member of Canada's Cabinet of Ministers from the Liberal Party, has discovered a file with documents disclosing detailed information on the country's foreign policy which was forgotten in the Ottawa Airport.
June 4
Powerful DDoS attack launched on OSCE site
According to the Organization for Security and Cooperation in Europe's press service, the organization’s official website was malfunctioning because of a powerful DDoS attack. Dunia Miatovich, the OSCE media freedom representative, noted that "the ongoing DDoS attack is inadmissible: it means that powers seeking to limit the freedom of speech have been set in motion."
June 4
Police catch pack of hackers red-handed, preventing multi-million-ruble theft
The K Department of the RF Ministry of Internal Affairs has put an end to the illegal activities of a hacker group suspected of multi-million-ruble thefts from individual and corporate accounts, the department's press release reports.
June 4
Ukrainian hackers upload info on 76,000 American Express cards
American Express has informed California residents that earlier this year, Ukrainian hackers published classified data from 76,608 credit cards online. The data contains cardholders' names, card and account numbers, transaction records, and valid through dates.
June 6
Anti-cybercrime mission successfully accomplished in Kirov
Experts from the Kaspersky Lab's Cyber Incident and Analytics Department have provided professional support to the K Department of the RF Ministry of Internal Affairs, which, in cooperation with Information Security Centre under the Federal Security Service of the Russian Federation and Kirov Oblast Department of the Federal Security Service of the Russian Federation, have clamped down on a team of cybercriminals allegedly responsible for multi-million-ruble thefts from both individual and corporate settlement accounts.
June 6
U.S. Secret Service sensitive to social networks sarcasm
The U.S. Secret Service is eager to get hold of software capable of detecting sarcasm in messages posted on social platforms. Though the service is interested in software that can “understand” the actual meaning of a post, they have to teach the machine to identify sarcasm.
June 6
World's top countries want protection from NSA surveillance
After Edward Snowdon's leaks, in which we learned that the Internet has been used as a huge spying system controlled by American special services, the Internet will never be the same. The world is literally entangled in tens of thousands of kilometres of cables that transmit large quantities of data every second.
June 10
Washington estimates total cybercrime damage at 0.5% of world GDP
In a desperate effort to become famous for something other than persistent anti-virus pre-installation requests on Windows and Android, McAfee, currently an Intel Security division, goes in for cybercrime market research.
June 11
USA accuses Chinese military of cyber espionage in space industry
CrowdStrike, a private American company dealing in Internet security issues, has accused the Chinese military of conducting large-scale hacking operations aimed at U.S. satellite and aerospace programmes, Reuters reports.
June 17
AT&T unveils data theft from two months ago
AT&T has confirmed that during a hack into its systems several months ago, three culprits stole an unknown quantity of user account data from AT&T Mobility. The criminals acquired phone numbers, user names, and possibly bank details.
June 17
Google accused of indulging stolen personal data trade
Thieves are selling stolen credit cards numbers and other personal data via YouTube – an unexpected twist discovered by researchers at the Digital Citizens Alliance nonprofit. Unbelievably, even Google makes a profit from such videos!
June 20
Human factor reason for information security breach in 95% of cases
The degree of human stupidity is not to be underestimated, especially when applied to information security issues where over 95% of incidents occur by human default. IBM Managed Security Services is monitoring cyber incident statistics from around 1,000 clients in 133 countries. The new IBM Security Services 2014 Cyber Security Intelligence Index report, based on 2013 data, showed that the overwhelming majority of incidents started with human error.
June 20
Californian colleges to pay $290,000 for data leak on 37,000 people
In June 2014, two colleges in California – California's College of the Desert and Riverside Community College District (RCCD) – sent out emails containing students' and professors' personal data by mistake. According to Zecurion Analytics, personal information about over 37,000 people was disclosed.
June 20
U.S. Attorney General's office publish Bitcoin buyers list by accident
U.S. authorities have accidentally published a list of Bitcoin bidders arrested in line with a crackdown on Silk Road, an illegal drug-dealing platform.
June 20
EMC detects controversy over privacy on the Web
The EMC Corporation has published their Privacy Index Report, a global research report on users' attitude toward privacy on the Internet, with 15,000 respondents from 15 countries. The research shows that the concept of privacy varies by region and type of Internet activity.
June 21
Fake Google Play copy steals South Korean data
Jimmy Su and Jinjian Zhai from FireEye have detected a fake Google Play application - a clone of the world's largest app store - that uses a dynamic DNS-server and Gmail SSL protocol to extract personal data.
June 23
Positive Technologies comments on hacked Ukrainian mobile operators
Hype over a scandal regarding hacks of Ukrainian telecom subscribers, it seems, was unduly placed – technically, it’s much easier than the average user realizes to access private cell phone conversations.
June 23
Anonymous crashes FIFA World Cup Championship website in Brazil for several hours
On Friday, hackers from the Anonymous collective succeeded in taking the Brazilian FIFA WC 2014 official website out of service for several hours.
June 26
Google Glass can secretly identify devices' PIN numbers
Experts believe Google Glass is able to detect passwords, the New Zealand Herald reports. A team of experts led by Professor Xinwen Fu, from the University of Massachusetts Lowell, have tested a programme that analyzes fingertip movements and shades, subsequently producing smartphone and tablet PINs.
Industry and services
June 3
15 years in jail for identity theft
According to Zecurion Analytics, Detrius Elliott, a Washington, D.C. hospital worker, is facing 15 years of imprisonment for stealing identities belonging to the financial guarantors of 80 patients.
June 3
ZeuS bank Trojan developer wanted
U.S. law enforcement agencies and the Ministry of Justice have announced a special operation on Gameover ZeuS botnet disablement.
June 3
Pirate Bay co-founder behind bars
Swedish authorities have arrested Peter Sunde, cofounder of The Pirate Bay torrent tracker, Reuters reports. He is accused of systematic breach of copyright and is facing an 8-month sentence.
June 6
Deutsche Telekom to publish info on subscriber espionage
Deutsche Telekom has announced that it will follow Vodafone's example and publish information on how special services tap mobile network subscribers, The Guardian reports. Deutsche Telekom operates in 14 countries including the USA, Spain, and Poland. The operator's subscribers are estimated to be 140 million strong.
Articles
June 2
TrueCrypt software may be given new lease on life
A security expert team is eager to recover and enhance TrueCrypt, a popular data encoding software. The developers have recently stopped supporting it, saying it was no longer safe. However, TrueCrypt fans were reluctant to abandon their favourite programme.
June 5
Experts find way to prevent NSA from tapping iPhones
In an interview on NBC, former NSA agent Edward Snowden revealed that U.S. intelligence is able to easily connect to any mobile phone, even when powered off, RT reports.
June 5
Security expert Schneier says encoding only way to prevent tracking
Security expert Bruce Schneier, sharing his ideas in an interview to Softpedia, said he believes data encoding saves mobile gadget and PC users from mass surveillance.
June 5
New OpenSSL vulnerability: MITM attack possible (CVE-2014-0224)
Over the last few years, a number of critical vulnerabilities in cryptographic libraries have been detected. Although some of them could have been actually used on a grand scale before the detailed information about them and patches were available, such critical vulnerabilities like Heartbleed urged developers, researchers, and ordinary users to thoroughly investigate these products' security issues.
June 8
Free SSL certificates for Open Source projects
The GlobalSign certification centre has started granting SSL certificates for Open Source projects that comply with relevant criteria, free of charge. This is a great opportunity for projects that have not yet obtained a certificate to get one. The certificates have unlimited license as long as the project complies with relevant requirements.
June 9
Windows XP: Hacking Apocalypse ain't gonna happen
Two months after Microsoft stopped supporting Windows XP, experts' cyber security predictions of a hacking boom exploiting vulnerabilities due to lack of OS updates has turned out to be false.
June 10
Check Point launches ThreatCloud IntelliStore
Check Point, a global Internet security leader, has announced the launch of ThreatCloud IntelliStore, a unique data store on cyber threats which would enable entities to choose data sources for automatic cyber attack prevention. The new offer is hinged on ThreatCloud™, Check Point's key counterattack system, the industry's largest infrastructure for large amounts of data on threats received from global sensors.
June 10
IT specialists find dangerous bug in smart TVs
Millions of smart TVs can be hacked by means of faking network data used by connected devices to transfer the screen image. According to experts, this attack takes advantage of loopholes in a popular technology used by smart TVs to adapt the images.
June 11
IBM patents new anti-Internet fraud technology
The IBM Corporation has recently announced its patent on a new technology to fight Internet fraud which monitors and analyses behavioral factors. The technology is called User-browser interaction-based fraud detection system.
June 16
PC disconnected from Internet hacked
Israeli scientists have developed software that can detect electrical impulses by means of a mobile phone and install malware on a PC that is physically disconnected from the Internet.
June 18
Cisco back in PC protection business
In the early 2000s, the PC security market was dominated by a signature approach that detected mainly known threats for which corresponding signatures had been written into the protection systems (anti-viruses, host-based intrusion detection systems, etc.).
June 18
Speedrun on 13 website vulnerabilities: Basic terms and protection
Recently I have been compiling a kind of lecture on web security and came across a OWASP 2013 vulnerability rating, but was surprised to find out that accurate information on the subject in Russian was scarce or naught. So, I wrote this article to briefly describe the main vulnerabilities, causes, and solutions.
June 19
3,000 vulnerabilities detected in SAP systems
Digital Security experts have reported the results of their seven-year SAP platform vulnerability analysis. According to the information published on the SAP official website, 3,000 vulnerabilities have been detected.
June 19
NetApp announces new SSD-based storage system
While flash drive demand continues to grow, NetApp has presented a new storage system entirely based on flash. The new system caters to media consumers who need high performance and fail safety.
June 21
Supermico BMC controller vulnerability allows access to control interface passwords
A vulnerability in a Baseboard Management Controller chip used in Supermicro motherboards that allows hackers to obtain passwords and access the control interface has been detected. The problem arises due to the fact that the file containing passwords is available without authentication in a binary data block through networking port 49152. The technique is simple: you only have to connect to 49152 port and execute GET /PSBlock, upon which the passwords are displayed without hash coding.
June 23
Alan Turing, Vinton Cerf, and Joseph Whedon
What do Alan Turing, Vinton Cerf, Joseph Whedon, Anna Akhmatova, Olympic Games, the typewriter, and a hula hoop have in common?
June 23
Symbiosis: after infection, Trojan starts protecting system from other malware
This is half-ridiculous: According to an analysis of Trojan.Tofsee by DrWeb, the virus’s behavior is almost normal: it sends out spam. However, this trojan has a trick of its own: after infection it starts protecting the system from other viruses and deleting existing rivals.
June 26
Scientists solve password memorization problem
New technology that can, according to its creators, solve the problem of memorizing passwords was announced in PeerJ on Tuesday. The program is based on the human ability to recognize familiar faces.
Learn something new: cyber security technology updates
June 5
DDoS Attacks Growing in Volume and Complexity
Amplification tactics have become the new normal, replacing botnets.
June 10
McAfee report on the Global Cost of Cybercrime
McAfee firm has published a new study titled The Estimating the Global Cost of Cybercrime which provides an evaluation of costs for illicit activities.
June 11
Gmail Bug Could Have Exposed Every User’s Address
Security tester Oren Hafif says that he found and helped fix a bug in Google's Gmail service that could have been used to extract millions of Gmail addresses, if not all of them, in a matter of days or weeks.
June 11
Pandemiya is a written-from-scratch trojan being sold in the underground
RSA Security’s FraudAction team released a report on Pandemiya, a new banking Trojan being sold in hacker forums as an alternative to the popular Zeus.
June 11
Cloud-Based POS Software – “New Target for Hackers?”
A cyber threat intelligence firm from Los Angeles, has identified new-targeted attacks on cloud-based POS software, used by grocery stores, retailers and other small businesses using web browsers like Internet Explorer, Safari, and/or Google Chrome.
June 12
Xiaomi smartphones can steal bank card data via NFC
Chinese woman accidentally discovered that its Xiaomi smartphone has the capability to steal bank card data via near field communication.
June 13
Fraud scheme in PayPal allows anyone to increase balance endlessly
Razvan Cernaianu user described a method by which PayPal users could double their amount of money related to their account endlessly.
June 16
Change in App permissions raises privacy and security issues
A review in the organization of app permissions made by Google could allow malicious apps to silently gain further permissions on the victim’s device.
June 17
How to Anonymize Everything You Do Online
Use cryptographic anonymity tools to hide your identity, on the other hand, and network eavesdroppers may not even know where to find your communications, let alone snoop on them.
June 17
Hacker Hijacks Storage Devices, Mines $620,000 in Dogecoin
Dogecoin, for those who don't spend their time indulging in Internet meta-memes, may seem like harmless nerdery. But for one enterprising hacker, it's created a small fortune---at the price of annoying a lot of systems administrators.
June 18
AT&T suffered a data breach,users urge to change passcode
The American multinational giant AT&T confirmed to have suffered a data breach last April, personal data of an unknown number of users was exposed.
June 19
LinkedIn vulnerable to MITM attack that leverages an SSL stripping could expose users data at risk
Security experts at Zimperium firm revealed that LinkedIn users could be potentially vulnerable to Man-in-the-Middle attacks leveraging an SSL stripping.
June 20
This Tool Boosts Your Privacy by Opening Your Wi-Fi to Strangers
In an age of surveillance anxiety, the notion of leaving your Wi-Fi network open and unprotected seems dangerously naive. But one group of activists says it can help you open up your wireless internet and not only maintain your privacy.
June 20
More than 32000 servers expose admin passwords in the clear
More than 32000 servers containing motherboards manufactured by Supermicro expose admin passwords in the clear, it is a godsend for hackers.
June 22
RSA – Malware proposal on the open web increasingly fearless
The RSA Research Team has discovered the offer of a complete collection of malware through open channels like social media and emails.
June 23
Watch the Global Cyber War Live Right Here
Well-organized hackers from China have been blamed for everything from crippling pro-democracy websites in Hong Kong to stealing corporate secrets from US companies in recent months. The US and China are locked in an escalating war about online spying that threatens to devastate business for companies in both countries.
June 23
Largest DDoS attack hit PopVote, Hong Kong Democracy voting site
Largest DDoS attack hit PopVote, Hong Kong Democracy voting website. Experts at CloudFlare observed a three hundred gigabits per second DDoS attack.
June 24
Researchers Find and Decode the Spy Tools Governments Use to Hijack Phones
Newly uncovered components of a digital surveillance tool used by more than 60 governments worldwide provide a rare glimpse at the extensive ways law enforcement and intelligence agencies use the tool to surreptitiously record and steal data from mobile phones.
June 24
HackingTeam, new revelations on the surveillance network
Kaspersky Lab and Citizen Lab have released the results of their analysis on the global C2 infrastructure used by the Italian firm HackingTeam.
June 24
Top website Askmen hacked and used to serve a banking trojan
Askmen.com, one of the most popular websites on the Internet (Top 1000 Alexa), is compromised to sever the banking trojan Caphaw.
June 25
Hospital Networks Are Leaking Data, Leaving Critical Devices Vulnerable
Two researchers examining the security of hospital networks have found many of them leak valuable information to the internet, leaving critical systems and equipment vulnerable to hacking. The data, which in some cases enumerates every computer and device on a hospital’s.
June 25
Cyber espionage campaign based on Havex RAT hit ICS/SCADA systems
Security Experts at F-Secure discovered a cyber espionage campaign based in the Havex malware targeting ICS/SCADA systems and vendors.
June 26
Cops Can’t Search Cell Phones Without a Warrant, Supreme Court Rules
The court released a landmark decision Wednesday morning in the case of Riley vs. California, forbidding warrantless police searches of the contents of arrestees' cell phones.