Computer Security Updates Week 5 of Mar 2013

Refer to Computer Security Updates Week 4 of Mar 2013; in which the biggest news was the Spamhaus DDoS attack. It was reported by CloudFlare in the first place, who had helped to resolved the situation. Others follow suit by offering own version of analysis and opinions. Sophos considers this incident as the biggest distributed denial of service (DDoS) ever recorded.

Spamhaus is a non-profit anti-spam organization whose mission is to maintain a database of all known spammers and illegimate Internet hosts.

For the record, Sophos reported that it was Cyberbunker, a web hosting company who took umbrage with SpamHaus. The latter then blacklisted the former who then retaliated with the DDoS attacks.

DDoS works by clogging your network's bandwidth where attackers are able to keep sending traffics such as web service requests.

The scale of the attack was unprecedented, with over 300 gigabits per second. This has never been done before and Sophos concluded that it was achieved in which attackers took advantage of misconfigured DNS servers - the Open Resolver Project reports existence of more than 21.7 million insecure/misconfigured DNS servers on the IPv4 internet today.

To mitigate the situation, CloudFlare deployed Anycast which served to effectively diluted the DDoS traffics by spreading it across CloudFlare's facilities.

Telegraph reported that Cyberbunker's Sven Kamphuis defended this accusation as a conspiracy to thwart his mission on Internet freedom. This is such an interesting happening in the industry.

For this week, here are the biggest news.

  • Kaspersky Lab identifies targeted attack against Uyghur activists in China, utilizing malware for Android devices.
  • Symantec discovers bogus Asian chat app designed to steal login information social media site targeting Pakistani.
  • EITN hosted the McAfee Intelligent Security KL forum.
  • CyberSecurity Malaysia Re-elected to the Steering Committee at 10th APCERT AGM. 
  • Imation announced latest hardware encrypted USB Flash and Hard Drives products.
  • Channel 4 reported that Yahoo!'s email system hacked by criminal spammers.

Check out computer security weekly updates.



P.J, Mar 28, 2013 - Kaspersky Lab identifies targeted attack utilizing malware for Android devices

Kaspersky Lab has detected a new targeted attack against Uyghur activists on Android-based mobile devices.

The malware is c&c-powered and it steals data from infected smartphones.

It was started at the end of March 2013 with the hacking of an email account belonging to a high-profile Tibetan activist. The attackers used this account to to send 'spear-phishing' emails to his contact list. The malicious messages targeted Mongolian, Chinese, Tibetan and Uyghur political activists, and had attached an .APK file containing a malicious program for Android devices.

Kaspersky found it to be originated from chinese-speaking programmers, judging based on analysis into the characteristics of the code and the malware's behaviour.

Symantec, Mar 28, 2013 - Bogus Asian Chat App Steals Login Information

Symantec reported that in March 2013, phishers used a fake Asian chat application on a phishing site hosted on a free web hosting site.

The phishing site spoofs a popular social networking site and is titled “Pakistani chat room - Pakistani girls & boys chatting room”.

If users take the bait, the attackers would have successfully stolen their login information.

Get more details.

EITN, Mar 27, 2013 - McAfee Intelligent Security KL

EITN hosted the McAfee Intelligent Security KL entitled 'Protect Your System with Greater Visibility and Control'.

In the forum, McAfee whose mother company is Intel, acknowledged BYOD as the latest security threats catalyst and informed that many organizations are still relying on decade old security solutions which are based on reactive - defending threats when it happened to end-points on the spot. Basically end-point is referring to the point of contact between your system with the external environment such as network interface, USB port and etc. Reactive solutions will not be effective in dealing with today's more sophisticated security threats which may not attack at the time of infection.

McAfee stressed that it is important to deal with security via means of proactive protection such as identifying rootkit before a system is booted and to perform vulnerability analysis and monitoring on continuous basis by leveraging on intelligence techniques.

McAfee recently announced new versions of Global Threat Intelligence (GTI), Endpoint Security Manager (ESM) and ePO.

Get more details.

EITN, Mar 27, 2013 - CyberSecurity Malaysia Re-elected to the Steering Committee at 10th APCERT AGM

EITN published that CyberSecurity Malaysia, the national cyber security specialist centre and an agency under the purview of the Ministry of Science, Technology and Innovation (MOSTI) has been re-elected to the Steering Committee of the Asia Pacific Computer Emergency Response Team (APCERT - www.apcert.org) at the 10th APCERT Annual General Meeting (AGM) and Conference 2013 held in Brisbane, Australia from 24 – 27 March 2013. This year, the annual event is hosted by CERT Australia. APCERT is a collaboration of 30 Computer Emergency Response Team (CERT) from 20 economies within the Asia Pacific Region since 2003.

Get more details.

OAKDALE, Minn., Mar. 26, 2013- Imation Expands Ironkey Line of Secure USB Flash and Hard Drives

Imation announced expansion of the IronKey™ secure USB product line with new hardware encrypted flash and external hard disk drives. The IronKey D80 flash drives and H80 hard drives enable users to affordably comply with storage security mandates that do not require FIPS Certification. The new products feature tamper-resistant enclosures and hardware-based 256-bit AES encryption with strong authentication to reliably keep data private and secure.

Users that require the assurance of government and military level certification or centralized device management can choose IronKey’s FIPS 140 2 Level 3 validated S250 and D250 flash drives. IronKey D80 and H80 drives are ideal choices for organizations seeking compliance with most business policies and standards and who recognize the superior security offered by hardware encryption.

Get more details.

Channel 4, Mar 21, 2013 - Yahoo!'s email system hacked by criminal spammers

Yahoo!'s email system has been hacked by criminals who have hijacked users' accounts for a global spam email campaign.

Leveraging on FBI's help, the incident was reported to have been resolved. It emerged that attackers originated from Russia.

Yahoo!, the world's third largest email provider, was hacked in January and claimed it had fixed the problem.

ESET recommended Yahoo's mail user to make use of the “Second Sign-in Verification” feature to initiate the Multi-factor authentication feature.

Get more details.

Comments

Anonymous said…
ӏ've been exploring for a little bit for any high quality articles or blog posts on this kind of house . Exploring in Yahoo I ultimately stumbled upon this website. Studying this information So i am satisfied to convey that I've а νery excellent uncanny feeling I fοund out just what I needеd.
I mоѕt certаinly will makе cеrtain to don?
t diѕregard this ѕite and give it a glancе оn
a rеlentless basis.

Also visit my blоg pοst seo dallas texas