Computer Security Updates Week 5 of Apr 2013

Refer to Computer Security Updates Week 3 of Apr 2013; in which the biggest news was Oracle having released 128 security patches, hundreds of products affected.

For this week / last week, here are / were the biggest news.
  • Kaspersky Lab Dynamic Whitelist technology gets ‘Approved Whitelisting Service’ certificate from AV-TEST 
  • Sophos reported that suspect in the massive Spamhaus DDoS attack arrested in Spain.
  • Symantec found a trojan which doesn't run on Windows XP which has under 30% market share.
  • Reuters reported that LivingSocial cyber attack affects millions of customers.
  • Reuters reported that Romanian ethical hacker hired by Romanian cyber safety consultancy.
  • Bit9 blog explores security vulnerability issues for Android platform.
  • Fortinet reported that Server Message Block (SMB) attacks had been observed to have passed through firewalls.
  • HP introduces automated web application testing tools.

Petaling Jaya, April 26, 2013 –Kaspersky Lab Dynamic Whitelist technology gets ‘Approved Whitelisting Service’ certificate from AV-TEST

Kaspersky Lab’s Dynamic Whitelist technology has received the “Approved Whitelisting Service” certificate following independent testing by the AV-TEST research lab. Integrated into a number of the company’s security solutions, the technology is designed to protect computers with the help of a database of trusted software.

Kaspersky Lab is the first vendor to receive the certificate from independent test Lab. The experts at AV-TEST recognized the solution’s high level of reliability and efficiency.

AV-TEST invited a number of companies developing comprehensive security products and specialized Whitelist solutions to take part in the testing. However, Kaspersky Lab was the only company which agreed to participate.

Over 200,000 new samples of malicious software appear daily on the Internet. In these circumstances, it is easier and more efficient to ensure the computer's security by relying on a database of checked and "clean" programs rather than continually replenishing blacklists of malicious software. It’s clear that there will always be far more malicious programs than legitimate ones. However, the reliability of Whitelisting depends on the quality of its implementation: the extent of its database of known files, operating speed and other important parameters.

Symantec, Apr 26,2013 - Microsoft Windows XP Support Also Ending in the Malware Community!?

Symantec blog found a trojan which doesn't work on Windows XP. It is concluded that the trojan designer specifically introduced bug into the trojan so that execution on Windows XP machines would fail before the malicious code is being executed.

Real reason unknown. However, given that Windows XP still commands a large market size - with under 30% of market share; Symantec suggests that the real reason is to avoid detection. Meaning to say, the trojan was created with specific targets and the trojan author knows that the targets are non Windows XP. With under 30% of market share for Windows XP, the trojan author wouldn't want to risk early detection, until now.

As the matter of fact, on Apr 11, 2013, it was reported that Windows XP still makes up 20.39% of PCs in Malaysia.

Get more details.

Reuters, Apr 26, 2013 - LivingSocial cyber attack affects millions of customers

Reuters reported that LivingSocial, the second-largest daily deal company behind Groupon Inc, said on Friday it was hit by a cyber attack that may have affected more than 50 million customers.

The attack resulted in unauthorized access to customer data, including names, email addresses, date of birth for some users and "encrypted" passwords.

The attack hit customers in the United States, Canada, the U.K., Ireland, Australia, New Zealand, Malaysia, Southern Europe and Latin America. Customers from other regions were spared.

No details of how it happened and what had been carried out were reported.

Get more details.

Sophos, Apr 26,2013 - Suspect in massive Spamhaus DDoS attack arrested in Spain

Sophos reported that a 35-year-old man identified only as S.K. has been arrested in Barcelona, Spain in conjunction with the famous industry biggest DDoS attack on SpamHaus which happened on week 4 Mar 2013.

Yet the involvement of Sven Olaf Kamphuis is inconclusive so far; there is a high chance that S.K. is Sven Olaf Kamphuis.

Get more details.

Reuters, Apr 26, 2013 - Ethical hacker hired by Romanian cyber safety consultancy

Reuters reported that Romanian Razvan Cernaianu, who goes by the code-name TinKode, had hacked into government and corporate systems across the world and was subsequently slapped with two-year suspended prison sentence.

He had attracted attention of the FBI and NASA until his arrest in 2012.

He now has a well-paid job and is co-owner of computer network security company CyberSmartDefence.

This 'security' incident prompted Reuters to chronicles the uprising growth of the Romanian and Bulgarian IT sectors.

Get more details.

Bit9 Blog, Apr 24, 2013 - Android Security Vulnerabilities are due to two factors (open source and ??)

Security vulnerabilities on Android platform is a known fact and attacks are imminent. Many security experts saw this coming and it creates a huge business opportunity for security software vendors.

Bit9 blog explores this further and reported that the issue is associated with two factors; 1.) Android is an open source platform and 2.) wireless carriers could have deliberately imposed measures which prevent the push of patch updates to most Android device.

The author argues that Android caretaker Google would regularly release security updates. Nonetheless, when these updates arrived at the disposal of OEMs, they will need to vet through and then make customization to suit their own deployments - this is understandable.

At wireless carriers' ends, sales strategy was blamed. The author argues that it the observation that security updates had failed to reach Android devices timely could be due to the fact that they've hoped consumers would ditch old devices in favor of the latest ones with updated Android patches such as Nexus 4.

Get more details.

Fortinet Blog, Apr 24, 2013 - Cyberattack Tracker Zeroes in on Firewall Vulnerabilities

Fortinet blog reported that based on there were 27.3 million in February alone – were against the Server Message Block (SMB) - application-layer network protocol responsible for shared access to files, printers, serial ports and miscellaneous communications between nodes on a network.

It was reported that some of these attacks made it through firewalls which weren't configured properly. Out of 200 respondents of the Firewall Management Survey, 15 percent never audit their firewalls.

Attacks mainly originated from the Russian Federation and Germany, with 2.5 million and 1.3 million.

Hence, Firewall policy should be audited on yearly basis.

In retrospect, Fortinet’s partnership with Tufin includes Fortinet’s FortiManager, certified to interoperate with Tufin’s SecureTrack and SecureChange Workflow products which enable security officers to perform reliable audits and demonstrate compliance with corporate and government standards.

Get more details.

LONDON,April 23, 2013 - HP Helps Organizations Identify Vulnerabilities in Web Applications

HP today announced HP WebInspect 10.0, a unique application-security solution that replicates real-world attacks through a guided testing process, enabling organizations to develop and deliver secure web applications and web services.

HP WebInspect 10.0 includes:
  • The new Guided Scan, a unique interactive testing process based on a patent-pending Adaptive Component Recognition technique for analyzing modern complex web applications and JavaScript.
  • Enhancements to workflow recording that allow the logging of application interactions by users and the tracking of business processes tied to the application being tested.
  • Integration with leading web application firewalls and with HP TippingPoint intrusion prevention system

Get more details.


Anonymous said…
No matter if some one searches for his necessary
thing, therefore he/she wants to be available that in detail, therefore that thing is maintained over here.

Feel free to surf to my web page - simply click the next internet page