Computer Security Updates Week 2 of Sep 2013

Refer to Computer Security Updates Week 1 of Sep 2013; the biggest news was a report by Reuters about the hacking of New York Times, Twitter by Syrian group.

For this week / last week, here are / were the biggest news.
  • Bank Rakyat phishing site surfaces-
  • Sophos Mobile Control delivers immediate support for the Apple iOS 7.
  • Kaspersky Lab wins AV-Test Innovation Award for securing online financial transactions.
  • Reuters: Sourcefire achieves strong partner ecosystem growth across APAC Region.
  • FireEye targets IPO between $12-$14 per share.
  • Reuters: U.S tapped into networks of Google, Petrobras, others.
  • McAfee delivers updates 2014 Core PC security products.
  • Kaspersky Lab: First ever case of mobile Trojan spreading via ‘alien’ botnets.
  • Reuters: Security camera maker penalized for bugs - not so good news for software makers.

KL, Sep 11, 2013 - Bank Rakyat Phishing Site Surfaces -

The phishing site points to instead of

Kuala Lumpur - Sep 11, 2013 – Sophos Mobile Control Delivers Immediate Support for the Apple iOS 7

Hot on the heels of Apple’s announcement of the iPhone 5S and iPhone 5C, Sophos today announced that Sophos Mobile Control delivers immediate support for Apple’s latest mobile operating system, iOS 7. Sophos Mobile Control is ideal for SMEs looking for a simple, secure way to enable employees to use mobile devices such as iPhone, iPad, Android and Windows Phones, to get work done.

In addition to delivering iOS 7 support, Sophos announced an update for customers to manage the new business-focused features of Apple’s latest version from the easy-to-use Sophos web-based console, deployed either on-premise or as Software as a Service (SaaS).

Get more details.

PETALING JAYA, SEPTEMBER 10, 2013 - Kaspersky Lab wins AV-Test Innovation Award for securing online financial transactions

Kaspersky Lab is pleased to announce it has received a coveted AV-Test Innovation Award for its protection of online financial transactions.

The experts at AV-Test were unanimous in recognizing the overall effectiveness of Kaspersky Lab’s ability to protect financial transactions performed online. The award is primarily down to Kaspersky Lab’s Safe Money technology. Already available in Kaspersky Internet Security and Kaspersky PURE, the technology is about to be released as a stand-alone solution for banks, enabling them to protect their clients from targeted attacks.

Kaspersky Lab products and Kaspersky Internet Security in particular regularly receive top marks from AV-Test. The most recent results were published in August following a six-month period of testing in which Kaspersky Internet Security was recognized as one of just three security solutions (out of a total of 24) capable of providing the highest level of protection and usability.

In the same month, Kaspersky Internet Security demonstrated excellent results in a separate assessment by AV-Test, blocking 100% of attacks that exploited vulnerabilities in legitimate software.

AV-Test is not the only organization to recognize the quality of Kaspersky Lab products: they regularly receive top awards from reputable organizations such as MRG Effitas, AV-Comparatives, Dennis Technology Labs, and others.

Get more details.

Kuala Lumpur – Sep 10, 2013 – Sourcefire Achieves Strong Partner Ecosystem Growth Across Asia Pacific Region

Sourcefire, a leader in intelligent cyber security solutions, today announced increased momentum of partners and distributors across the Asia Pacific (APAC) region that have selected Sourcefire as a partner of choice for customers seeking threat-centric security solutions.

Sourcefire’s success in both Malaysia and the Asia Pacific underscores the company’s commitment to its more than 600 partners worldwide that help customers achieve protection across the full attack continuum – before, during and after a threat. These partners offer Sourcefire’s leading security solutions including FirePOWER™, a network-based platform for Next-Generation Intrusion Prevention Systems (NGIPS) and Next-Generation Firewall (NGFW) solutions. Partners also offer the company’s Advanced Malware Protection solutions to address malware across the extended network, which also includes mobile, virtual and endpoint.

Get more details.

Reuters - Sep 9, 2013 - FireEye Targets IPO between $12-$14 per share

Reuters reported that Cybersecurity company FireEye targets IPO between $12-$14 per share.

The last time I have heard major announcement from them was in May 2013 when Bit9 announced collaboration with FireEye for the creation of Bit9 Connector.

Bit9 Connector is a result of integration between Bit9's endpoint security solution, FireEye's Malware Analysis solution and Palo Alto's Malware alerts solution - best of breed.

Get more details.

Reuters - Sep 9, 2013 - U.S tapped into networks of Google, Petrobras, others

Reuters reported that according to a leaked U.S documents, evidence suggests that the U.S NSA spied on the presidents of Brazil and Mexico, as well as Google, Petrobras and others.

It was reported that the evidence consists of slides which guide new agents on spying techniques.

Get more details.

SANTA CLARA, Calif./SINGAPORE—09 Sept. 2013 – McAfee Delivers Updates 2014 Core PC Security Products

McAfee today announced its new 2014 line of core PC security suites delivering increased power and performance with a lighter and faster footprint resulting in an improved user experience.

The line includes McAfee AntiVirus Plus 2014, McAfee Internet Security 2014 and McAfee Total Protection 2014. The enhancements to PC protection are also utilized in a recently released version of McAfee LiveSafeTM service, the first-of-its-kind cross-device solution that comprehensively protects consumers’ data, identity and all of their PCs, Macs, smartphones and tablets.

With enhancements to its recently upgraded malware scanning engine – McAfee AM Core – first introduced with the 2013 line, McAfee’s 2014 PC products offer increased detection capabilities to protect against today’s most advanced threats with the following features:
  • New engine provides fast and efficient scanning and real-time intelligence to help dynamically defend against the latest digital dangers
  • Specific product components have been reengineered to improve scanning speed by reducing the size of threat signature files and better CPU utilization
  • McAfee’s core PC security products have also recently received effectiveness certification by third party testing lab, AV-Test, as well as advanced certification from AV Comparatives in its real-world protection test
Get more details.

PETALING JAYA, SEPTEMBER 6, 2013 - First ever case of mobile Trojan spreading via ‘alien’ botnets

Over the last three months Kaspersky analysts have been investigating how the Obad.a Trojan, a malicious app for Android, is distributed. It transpires that the criminals behind the Trojan have adopted a new technique to spread their malware. For the first time in the history of mobile cybercrime, a Trojan is being spread using botnets controlled by other criminal groups. It also became clear that Obad.a is mostly found in CIS countries. In total, 83% of attempted infections were recorded in Russia, while it was also detected on mobile devices in Ukraine, Belarus, Uzbekistan and Kazakhstan.

The most interesting distribution model saw various versions of Obad.a spread with Trojan- SMS.AndroidOS.Opfake.a. This double infection attempt starts with a text message to users, urging them to download a recently received text message. If the victim clicks the link, a file containing Opfake.a is automatically downloaded onto the smartphone or tablet.

The malicious file can only be installed if the user then launches it; should that happen, the Trojan sends further messages to all the contacts on the newly infected device. Clicking the link in these messages downloads Obad.a. It’s a well-organized system: one Russian mobile network provider reported more than 600 messages containing these links within just five hours, pointing to a mass distribution. In most cases the malware was spread using devices that were already infected.

Get more details.

Reuters - Sep 4, 2013 - Security Camera Maker Penalized for bugs

Reuters reported that TRENDnet had failed to, in Jan 2012, protect the best interests of the customers when a hacker compromised the SecurView camera software and leaked out live feeds of the cameras - the hacker even published how the hacking was carried out and resulted in more hacking.

It emerged that U.S. Federal Trade Commission found the company responsible and is ordered to address all security risks, assist customers with apply updates and also to obtain indepedent assessment of their products every year for 20 years.

I told you, now they are going after product markets for security breach - more headaches for product managers!

Get more details.