Computer Security Updates Week 3 of Feb 2014

Refer to Computer Security Updates Week 5 of Jan 2014; the biggest news was Symantec Introduced unique new technologies in Malaysia to fight evolving targeted attacks.

For this week / last week, here are / were the biggest news.
  • FireEye - Feb 13, 2014 - FireEye: Operation ShowMan Explained
  • Bit9 - Feb 13, 2014 - Bit9 and Carbon Black have merged
  • PR - KL, Feb 12, 2014 -Sophos Unleashes New Approach in Data Protection Delivering Encryption without Compromise
  • PR - Redmond,Wash.,Feb 12, 2014 - Microsoft joins global allies in quest to fight cybercrime
  • Computerworld - Feb 11, 2014 - CloudFlare attacked with huge DDoS
  • FireEye - Feb 10, 2014 - FireEye introduces new updates for MVX-based security platform
  • PR - KL, Feb 10, 2014 - Sophos Acquires Cyberoam Technologies
  • USA Today - San Francisco, Feb 10, 2014 - Paypal President's credit Card hacked
  • TheStar Online - KL, Feb 8, 2014 - Malaysian cops bust Internet scammers ring
  • PR - KL, Feb 7, 2014 - Kaspersky: list of malicious Android apps hits 10 million
  • PR - KL, Feb 7, 2014 - KuppingerCole: CyberArk the Gold Standard in Privileged Account Security
  • PR - KL, Feb 5, 2014 - Study Reveals Majority of Adults Share Intimate Details Via Unsecured Digital Devices
  • PR - KL, Feb 5, 2014 - Silver Peak Counters Eavesdropping on Corporate Networks with Accelerated IPSec
  • PR - KL, Feb 5, 2014 - Sophos: USA Stays Top of Spampionsip’s Dirty Dozen Nations
  • PR - KL, Feb 4, 2014 - Prolexic: DDoS Attacks to to Influence Stock Prices and Limit Trading Real
  • PR-  KL, Feb 4, 2014 - WatchGuard Extends Supports of Visibility Tool to Microsoft’s Hyper-V Platform
  • PR - PALO ALTO, Calif., Feb 3, 2014 - HP Identifies Top Enterprise Security Threats



FireEye - Feb 13, 2014 - FireEye: Operation ShowMan Explained

FireEye through its blog, reported that on Feb 11, the zero-day exploit (CVE-2014-0322) for IE 10 was leveraged by attackers to attack the U.S. Veterans of Foreign Wars’ website (vfw[.]org).

As reported, once the web site is compromised, an iframe was embedded into the website's HTML code which then loaded the attacker's page in the background - a Flash object.

http://www.fireeye.com/blog/technical/cyber-exploits/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html

Bit9 - Feb 13, 2014 - Bit9 and Carbon Black have merged

Bit9 through its blog announced that it has merged with Carbon Black.

The merge allows both Bit9 and Carbon Black customer to benefit with a single solution which caters for endpoint and server security: prevention, detection AND response.

Bit9 hopes this merge will allow them to gain leadership position in the Endpoint Threat Detection and Response (ETDR) space by introducing ETDR+P, where the P equals “prevention.”

https://blog.bit9.com/2014/02/13/a-new-era-in-endpoint-and-server-security-prevention-detection-response/

PR - KL, Feb 12, 2014 -Sophos Unleashes New Approach in Data Protection Delivering Encryption without Compromise

Sophos announced today a groundbreaking approach to data protection with the latest release of Sophos SafeGuard Encryption 6.1. Enabling wide-scale adoption, Sophos is addressing the two biggest issues in encryption - performance and usability - by leveraging native operating system (OS) encryption for better performance, and delivering multi-platform management across all devices and Cloud environments. Sophos is the only vendor to offer native device encryption, cloud, mobile, removable and file share encryption in one centrally managed solution, providing unmatched security, performance, and an intuitive user experience.

Details.

PR - Redmond,Wash.,Feb 12, 2014 - Microsoft joins global allies in quest to fight cybercrime

Microsoft announced partnerships with Organization of American States, Europol and FIS as part of their collaborative initiative in fighting cybercrime.

MOUs were signed during Microsoft's first annual Cybercrime Enforcement Summit.

The agreements establish a framework for cooperation.

http://www.microsoft.com/en-us/news/press/2014/feb14/02-12cybercrimepr.aspx

Computerworld - Feb 11, 2014 - CloudFlare attacked with huge DDoS

Computerworld reported that CloudFlare, who was instrumental in thwarting the biggest DDoS recorded in 2013 - the attack on Spamhaus - had recently been attacked with what appeared to be the biggest DDoS ever reported - bigger than the attack on Spamhaus.

According to the report, the volume of the attack came close to just a little below 400Gbps.

Attacker leveraged on NTP (Network Time Protocol) to bombard the servers.

At present time, CloudFlare hasn't updated anything onto its blog yet.

http://www.computerworld.com/s/article/9246230/Attackers_use_NTP_reflection_in_huge_DDoS_attack



FireEye - Feb 10, 2014 - FireEye introduces new updates for MVX-based security platform

FireEye through its blog, announced updates for the MVX-based security platform - The newly enhanced platform incorporates endpoint protection and managed security services from recently acquired Mandiant, as well as new analytics and intrusion prevention capabilities.

The advantage of this update is to allow customers one security solution to detect, contain, resolve, and prevent threats

http://www.fireeye.com/blog/corporate/2014/02/introducing-the-new-fireeye-security-platform-one-solution-to-detect-contain-resolve-and-prevent-threats.html

PR - KL, Feb 10, 2014 - Sophos Acquires Cyberoam Technologies

Sophos has demonstrated focus on growing its presence in network security; taking its portfolio to the Cloud, and becoming a ‘channel first’ organization. Sophos entered the network security market when it acquired Astaro in 2011. Since then, Sophos has rapidly gained market share and won new customers and partners in this market with over 35% growth in each of the last 4 years.

The acquisition of Cyberoam will build on this strong platform and strengthen Sophos’ network security product portfolio and expertise in engineering, customer service, channel sales and marketing, provide complementary technologies and products and add further depth to Sophos sales and channel presence worldwide, especially in the Middle East, Asia and Africa.

Cyberoam secures organizations worldwide at the network gateway and is recognized for building innovative, high performance UTM and next generation firewall (NGFW) solutions. Sophos and Cyberoam will combine their world-class products and technologies to accelerate growth in the network security market worldwide.

Both companies share a common hardware and software architecture having both developed integrated security applications on hardened Linux operating systems (OS) built on optimized Intel compatible server systems. This will ease the future integration of functionality from each platform, accelerate new solution development and enable the rapid pursuit of expanded opportunities in high-growth adjacent markets including next generation firewall, advanced threat protection, secure Wi-Fi, mobile device management and security and cloud-based security services.

Details.

USA Today - San Francisco, Feb 10, 2014 - Paypal President's credit Card hacked

It was reported that the credit card belonging to Paypal president David Marcus were compromised; card details stolen and as a result, a cloned card was created to finance fraudulent shopping spree.

Apparently, the card was skimmed by a skimming device fixed to the Point of Sales device.

http://www.usatoday.com/story/tech/2014/02/10/paypal-ceo-credit-card-hacked/5367979/



TheStar Online - KL, Feb 8, 2014 - Cops bust Internet scammers ring

TheStar Online reported that police have arrested 6 people in Malaysia in connection with a multi-million ringgit Internet parcel scam or better known as advance-fee fraud.

It involves the victim paying an advanced fee in order to benefit from a larger sum promised as part of the whole deal.

http://www.thestar.com.my/News/Nation/2014/02/08/Cops-bust-Internet-scammers-Msian-woman-a-partner-in-love-and-crime-with-Nigerians/



PR - KL, Feb 7, 2014 - KuppingerCole: CyberArk the Gold Standard in Privileged Account Security

CyberArk, the company securing the heart of the enterprise, was named the overall market leader in Privileged Account Security in a new report issued by leading analyst firm KuppingerCole. In the report, “Privilege Management Leadership Compass,” the independent analyst firm cited that CyberArk earned the Overall Leadership position over the other 11 vendors analysed due to a combination of market, product, and innovation leadership, and that it’s the “one to beat in Privilege Management.”

Details.

PR - KL, Feb 7, 2014 - Kaspersky: list of malicious Android apps hits 10 million

By late January 2014 Kaspersky Lab had accumulated about 200,000 unique samples of mobile malware, up 34% from November 2013 – two months earlier over 148,000 samples had been recorded. Cyber-scammers are continuing to focus their attention on Android mobiles: our report found that in January the number of malicious Android apps out there topped the 10 million mark.

On January 30, 2014, the official Google Play market offered 1,103,104 applications. Alternative, unofficial stores have many more – and these are more likely to be malicious. Kaspersky Lab has now logged 10 million dubious apps, as cybercriminals use also legitimate Android software to carry their malicious code.

Details.

PR - KL, Feb 5, 2014 - Silver Peak Counters Eavesdropping on Corporate Networks with Accelerated IPSec

Silver Peak, the leader in accelerating data over distance, today announced it has combined the best of site-to-site VPN security and WAN optimisation to deliver Accelerated IPSec. Silver Peak combines these capabilities to provide customers with the most cost-effective approach to securing and accelerating data in transit between data centres, remote offices and the cloud. This saves customers time and money by eliminating the need to purchase separate IPSec VPN and WAN optimisation products.

Details.

PR - KL, Feb 5, 2014 - USA Stays Top of Spampionsip’s Dirty Dozen Nations

Sophos has announced the Dirty Dozen top spam-sending nations as it publishes the final “Spampionship League Tables” of 2013. It ranks the countries in order of top spam-senders.

U.S produced the most spams by volume in Q4 2013

The US came in first place yet again, completing a clean sweep of top finishes throughout 2013. China and India were also both in the top six in every quarter. In the Top 70 list, Malaysia makes it onto the ‘by volume’ list, but not the ‘per capita’ list. Malaysia is 44th on the ‘by volume’ list with 0.29%.

Details.

PR - KL, Feb 5, 2014 - Study Reveals Majority of Adults Share Intimate Details Via Unsecured Digital Devices

McAfee’s 2014 “Love, Relationships & Technology” survey reveals 96% of respondents trust their significant other not to share the risqué content they’re sending; however 9% have had sexy pics, flicks and messages leaked online. This potentially can be a result of only 69% of consumers protecting their smartphones or tablets and 46% sharing the passwords or passcodes to these devices. While 69% of Americans are securing their mobile devices, 2 out of 3 individuals are interested in purchasing biometric security embedded capabilities once it becomes available.

Other highlights from the survey include:
  • 1 in 3 US Adults film sexual content on their mobile devices
  • 25% of respondents have taken their partner’s mobile device to see other content stored on it, including messages and photos
  • 74% of men protect their mobile devices with a password or passcode in comparison to 65% of women
  • 1 in 10 individuals have sent racy or sexual content to a total stranger

Details.

PR - KL, Feb 4, 2014 - Prolexic: DDoS Attacks to to Influence Stock Prices and Limit Trading Real

today shared an analysis of nearly a dozen global DDoS attacks that indicates cyber attackers are using DDoS attacks in an attempt to influence market values and interfere with exchange platforms.

The public image of a global business or financial service is closely associated with its cyber presence. Taking a publicly traded firm or exchange platform offline – and spreading rumors that raise questions about its ability to conduct business online – can create false or misleading appearances. This is a hallmark of market manipulation. Overall, PLXsert found a direct relationship between DDoS cyber-attacks and a temporary change in the valuation of a company.

Details.

PR - KL, Feb 4, 2014 - WatchGuard Extends Supports of Visibility Tool to Microsoft’s Hyper-V Platform

WatchGuard® Technologies, a leader in integrated security platforms, today announced it is enhancing its real-time network security visibility solution, WatchGuard Dimension™, which has already helped the company grow net billings worldwide by 23 percent in Q4, when compared to the fourth quarter of 2012 – a new company record. The new enhancements extend Dimension’s capabilities to support Microsoft’s Hyper-V virtualization platform, in addition to VMware, and also increase scalability, availability and visibility.

Mr. Scott Robertson, VP of APAC, WatchGuard Technologies

While WatchGuard continued to see strong global growth with small and medium-sized distributed enterprise customers, these innovations helped the company achieved a 41 percent increase in high-end platform sales as the UTM value proposition continues to penetrate into the larger enterprise space. In Malaysia, the company recently reported a year-on-year growth of 28.6 percent and has plans to expand its portfolio offering to larger corporations. At current, SMEs contribute 60 percent of WatchGuard’s revenue in Malaysia.

Details.

PR - PALO ALTO, Calif., Feb 3, 2014 - HP Identifies Top Enterprise Security Threats

Based on the Cyber Risk Report 2013, HP identified top enterprise security threats:
  • No clear definition of malware analysis - different vendors classify malware differently and may result in discrepancies in malware detection.
  • 64% of mobile apps studied use encryption improperly
  • Sandbox bypass vulnerabilities were the most prevalent and damaging for Java users.

Details.

Comments