Refer to Computer Security Updates Week 3 of July 2014.
For this week / last week, here are / were the biggest news.
Kaspersky - Aug 8, 2014 - The Epic Snake: Unraveling the mysteries of the Turla cyber-espionage campaign
Turla, also known as Snake or Uroburos is one of the most sophisticated ongoing cyber-espionage campaigns.
The “Epic” project has been used since at least 2012, with the highest volume of activity observed in January-February 2014. Most recently, Kaspersky Lab detected this attack against one of its users on August 5, 2014.
Targets of “Epic” belong to the following categories: government entities (Ministry of Interior, Ministry of Trade and Commerce, Ministry of Foreign/External affairs, intelligence agencies), embassies, military, research and education organizations and pharmaceutical companies.
Epic Turla attackers use zero-day exploits, social engineering and watering hole techniques attacks to infect victims.
Details.
CyberArk - Aug 7 , 2014 -Russian cyber gang steals 1.2bn usernames and passwords
A Russian group has reportedly hacked 1.2 billion usernames and passwords, belonging to over 500 million email addresses, according to a report by Hold Security. The firm claims that the information was stolen through more than 420,000 websites, and that the perpetrators ‘didn’t just target large companies; instead they targeted every site that their victims visited.’ The list of affected websites is said to include ‘leaders in virtually all industries across the world, as well as a magnitude of small or even personal websites.’
According to Andrey Dulkin, senior director of cyber innovation, CyberArk;it will result in three main threats: first, personal and sensitive information has been put at risk and can be used by criminals, second, the lost credentials could result in identity theft, third, and potentially the most significant for businesses, attackers can impersonate legitimate users to gain access to organisational assets and confidential information.
Details.
Symantec - Aug 6, 2014 -Russian Hack – The Death of Passwords?
Following today’s news that a Russian crime ring has amassed the largest known collection of stolen Internet credentials, the limitations of passwords are being thrust into the spotlight.
http://www.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-more-than-a-billion-stolen-internet-credentials.html
Our threat intelligence experts at Symantec have researched and written extensively on this topic and are available to speak with you to provide their perspective on the future of passwords, specifically:
PR - Malaysia - Jul 31, 2014 - API Gateway from CA Technologies Receives Common Criteria Certification
CA Technologies today announced its CA Layer 7 API Gateway (formerly Layer7 SecureSpan SOA Gateway) has met the rigorous requirements of Common Criteria (CC), an independent security certification recognized by governments in more than 26 countries, including Malaysia.
This evaluation certifies the CA Layer 7 API Gateway for policy management and access control Protection Profiles. It is the first API Gateway certified for the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Service Management (PP_ESM).
The CA Layer 7 API Gateway provides a SOA, XML, API and information sharing solution that is now certified to meet the top defense and intelligence community requirements for security, management and control capabilities in on-premises and cloud-based Web service deployments.
Details.
PR - Malaysia - Jul 31, 2014 - Protecting Critical Data in the Financial Sector
Last year almost USD8 billion was lost via data leakage in the financial industry. Could these leaks and the resulting losses have been prevented?
InfoWatch, one of the leading global Data Leakage Protection (DLP) solution providers is of the opinion that the leaks could have been detected early and minimized quickly, if not predicted and prevented all together.
The company which has partner networks in Russia, the Middle East, India, Malaysia, Western Europe, and Brazil, will be hosting a webinar on protecting critical data in the financial sector on August 12th at 3:00pm. The webinar will be hosted by InfoWatch, Business Development Director, Mr. Andrey Sokurenko.
Details.
PR - Malaysia - Jul 31, 2014 - Koler ‘police’ mobile ransomware now targets PCs as well as Android, features exploit Kit
Kaspersky Lab has detected a hidden part of the malicious campaign which introduced Koler ‘police’ mobile ransomware for Android devices to the world in April 2014. This part includes some browser-based ransomware and an exploit kit. Since July 23 the mobile component of the campaign has been disrupted, as the command and control server started sending ‘Uninstall’ commands to mobile victims, effectively deleting the malicious application. However, the rest of the malicious components for PC users – including the exploit kit – are still active. Kaspersky Lab is keeping an eye on the malware, which was first described by a security researcher named Kaffeine.
Those behind the attacks employed an unusual scheme to scan victims’ systems and offer customized ransomware depending on location and device type – mobile or PC. The redirection infrastructure is the next step, after a victim visits any of at least 48 malicious porno websites used by Koler’s operators. The use of a pornographic network for this ransomware is no coincidence: victims are more likely to feel guilty about browsing such content and pay the alleged fine from the ‘authorities’.
Details.
PR - SG - Jul 29, 2014 - Global Survey: NSA, Retail Breaches Influenced Corporate Security Strategies the Most
Sixty eight per cent of businesses stated that the NSA breach by Edward Snowden and the number of retail/point of sale (PoS) system breaches in the past year were the most impactful in terms of changing security strategies to protect against the latest threats. The findings are part of CyberArk’s 8th Annual Global Advanced Threat Landscape survey – developed through interviews with 373 C-level and IT security executives across North America, Europe and the Asia-Pacific
Details.
PR - Malaysia - Jul 25, 2014 - Barracuda Backup Achieves VMware Ready™ Status
Barracuda Networks, Inc., a leading provider of cloud-connected security and storage solutions, announces that after a detailed validation, Barracuda Backup has achieved VMware Ready™ status, VMware’s highest level of endorsement.
By using Barracuda Backup with VMware vSphere 5.0.x, enterprises can reduce downtime by quickly booting critical VMs in the Barracuda Cloud should their primary servers or storage fail. This combination delivers low-cost, rapid recovery directly from de-duplicated backups without any special configuration.
Barracuda Backup is now available on the VMware Solution Exchange (VSX) at https://solutionexchange.vmware.com/store/products/barracuda-backup.
Details.
For this week / last week, here are / were the biggest news.
- Kaspersky - Aug 8, 2014 - The Epic Snake: Unraveling the mysteries of the Turla cyber-espionage campaign
- CyberArk - Aug 7 , 2014 -Russian cyber gang steals 1.2bn usernames and passwords
- Symantec - Aug 6, 2014 -Russian Hack – The Death of Passwords?
- PR - Malaysia - Jul 31, 2014 - API Gateway from CA Technologies Receives Common Criteria Certification
- PR - Malaysia - Jul 31, 2014 - Protecting Critical Data in the Financial Sector
- PR - Malaysia - Jul 31, 2014 - Koler ‘police’ mobile ransomware now targets PCs as well as Android, features exploit Kit
- PR - SG - Jul 29, 2014 - Global Survey: NSA, Retail Breaches Influenced Corporate Security Strategies the Most
- PR - Malaysia - Jul 25, 2014 - Barracuda Backup Achieves VMware Ready™ Status
Kaspersky - Aug 8, 2014 - The Epic Snake: Unraveling the mysteries of the Turla cyber-espionage campaign
Turla, also known as Snake or Uroburos is one of the most sophisticated ongoing cyber-espionage campaigns.
The “Epic” project has been used since at least 2012, with the highest volume of activity observed in January-February 2014. Most recently, Kaspersky Lab detected this attack against one of its users on August 5, 2014.
Targets of “Epic” belong to the following categories: government entities (Ministry of Interior, Ministry of Trade and Commerce, Ministry of Foreign/External affairs, intelligence agencies), embassies, military, research and education organizations and pharmaceutical companies.
Epic Turla attackers use zero-day exploits, social engineering and watering hole techniques attacks to infect victims.
Details.
CyberArk - Aug 7 , 2014 -Russian cyber gang steals 1.2bn usernames and passwords
A Russian group has reportedly hacked 1.2 billion usernames and passwords, belonging to over 500 million email addresses, according to a report by Hold Security. The firm claims that the information was stolen through more than 420,000 websites, and that the perpetrators ‘didn’t just target large companies; instead they targeted every site that their victims visited.’ The list of affected websites is said to include ‘leaders in virtually all industries across the world, as well as a magnitude of small or even personal websites.’
According to Andrey Dulkin, senior director of cyber innovation, CyberArk;it will result in three main threats: first, personal and sensitive information has been put at risk and can be used by criminals, second, the lost credentials could result in identity theft, third, and potentially the most significant for businesses, attackers can impersonate legitimate users to gain access to organisational assets and confidential information.
Details.
Symantec - Aug 6, 2014 -Russian Hack – The Death of Passwords?
Following today’s news that a Russian crime ring has amassed the largest known collection of stolen Internet credentials, the limitations of passwords are being thrust into the spotlight.
http://www.nytimes.com/2014/08/06/technology/russian-gang-said-to-amass-more-than-a-billion-stolen-internet-credentials.html
Our threat intelligence experts at Symantec have researched and written extensively on this topic and are available to speak with you to provide their perspective on the future of passwords, specifically:
- Mobile: the password killer? – there’s an urgent need for corporations to consider password-less authentication, as passwords are insecure and become hard to use on mobile phones. Mobile just may be the agent of change for both enterprises and consumers.
- BYOA and Biometrics – Get ready for “Bring Your Own Authenticator” to work. The rise of the mobile phone as an always-on connected device with embedded biometrics is making password-less authentication solutions that are more convenient and more secure than passwords a reality.
- What’s next – a future without passwords and the rise of seamless and transparent two-factor authentication. In fact, Symantec is working on a secure technology that’s intuitive and allows users to access a corporate portal without a password.
PR - Malaysia - Jul 31, 2014 - API Gateway from CA Technologies Receives Common Criteria Certification
CA Technologies today announced its CA Layer 7 API Gateway (formerly Layer7 SecureSpan SOA Gateway) has met the rigorous requirements of Common Criteria (CC), an independent security certification recognized by governments in more than 26 countries, including Malaysia.
This evaluation certifies the CA Layer 7 API Gateway for policy management and access control Protection Profiles. It is the first API Gateway certified for the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Service Management (PP_ESM).
The CA Layer 7 API Gateway provides a SOA, XML, API and information sharing solution that is now certified to meet the top defense and intelligence community requirements for security, management and control capabilities in on-premises and cloud-based Web service deployments.
Details.
PR - Malaysia - Jul 31, 2014 - Protecting Critical Data in the Financial Sector
Last year almost USD8 billion was lost via data leakage in the financial industry. Could these leaks and the resulting losses have been prevented?
InfoWatch, one of the leading global Data Leakage Protection (DLP) solution providers is of the opinion that the leaks could have been detected early and minimized quickly, if not predicted and prevented all together.
 |
| InfoWatch, Business Development Director, Mr. Andrey Sokurenko |
The company which has partner networks in Russia, the Middle East, India, Malaysia, Western Europe, and Brazil, will be hosting a webinar on protecting critical data in the financial sector on August 12th at 3:00pm. The webinar will be hosted by InfoWatch, Business Development Director, Mr. Andrey Sokurenko.
Details.
PR - Malaysia - Jul 31, 2014 - Koler ‘police’ mobile ransomware now targets PCs as well as Android, features exploit Kit
Kaspersky Lab has detected a hidden part of the malicious campaign which introduced Koler ‘police’ mobile ransomware for Android devices to the world in April 2014. This part includes some browser-based ransomware and an exploit kit. Since July 23 the mobile component of the campaign has been disrupted, as the command and control server started sending ‘Uninstall’ commands to mobile victims, effectively deleting the malicious application. However, the rest of the malicious components for PC users – including the exploit kit – are still active. Kaspersky Lab is keeping an eye on the malware, which was first described by a security researcher named Kaffeine.
Those behind the attacks employed an unusual scheme to scan victims’ systems and offer customized ransomware depending on location and device type – mobile or PC. The redirection infrastructure is the next step, after a victim visits any of at least 48 malicious porno websites used by Koler’s operators. The use of a pornographic network for this ransomware is no coincidence: victims are more likely to feel guilty about browsing such content and pay the alleged fine from the ‘authorities’.
Details.
PR - SG - Jul 29, 2014 - Global Survey: NSA, Retail Breaches Influenced Corporate Security Strategies the Most
Sixty eight per cent of businesses stated that the NSA breach by Edward Snowden and the number of retail/point of sale (PoS) system breaches in the past year were the most impactful in terms of changing security strategies to protect against the latest threats. The findings are part of CyberArk’s 8th Annual Global Advanced Threat Landscape survey – developed through interviews with 373 C-level and IT security executives across North America, Europe and the Asia-Pacific
Details.
PR - Malaysia - Jul 25, 2014 - Barracuda Backup Achieves VMware Ready™ Status
Barracuda Networks, Inc., a leading provider of cloud-connected security and storage solutions, announces that after a detailed validation, Barracuda Backup has achieved VMware Ready™ status, VMware’s highest level of endorsement.
By using Barracuda Backup with VMware vSphere 5.0.x, enterprises can reduce downtime by quickly booting critical VMs in the Barracuda Cloud should their primary servers or storage fail. This combination delivers low-cost, rapid recovery directly from de-duplicated backups without any special configuration.
Barracuda Backup is now available on the VMware Solution Exchange (VSX) at https://solutionexchange.vmware.com/store/products/barracuda-backup.
Details.
Comments