Computer Security Updates Week 1 of Apr 2014

Refer to Computer Security Updates Week 4 of Mar 2014; the biggest news was HP Awarded $32.4 Million Cybersecurity Contract by U.S. Department of Homeland Security.

For this week / last week, here are / were the biggest news.
  • Esset blog - Apr 6, 2014 - Microsoft rewards 5-year-old for Xbox live security flaw discover
  • PR - Apr 4, 2014 -  Kaspersky Lab Launches Real-Time Worldwide Interactive Cyberthreat Map
  • Esset blog - Apr 4, 2014 - Microsoft reported outlook zero-day flaw
  • PR - Apr 2, 2014 - Kaspersky: Every Third Phishing Attack Aimed at Stealing Money
  • PR - Apr 1, 2014 - McAfee: Businesses Hold False Sense of Security
  • FireEye Blog - Mar 31, 2014 - Android.MisoSMS is back with new features
  • PR - Mar 28, 2014 - Cybersecurity Malaysia & BAE Systems signed MOU to develop a framework for collaboration
  • PR - Mar 26, 2014 - Barracuda Unveils Threatglass, Online Malware Detection Tool
  • PR - Mar 20, 2014 - Symantec Announces CEO Transition
  • Symantec: Mar 19, 2014 - IoT Worm Used to Mine Cryptocurrency




Esset blog - Apr 6, 2014 - Microsoft rewards 5-year-old for Xbox live security flaw discover

Reported by Esset blog that Microsoft confirmed that a 5-year-old had discovered a security flaw on Xbox’s Live Service.

The boy, Kristoffer von Hassel, found that if he entered a wrong password, followed by blank spaces to fill up the entire password field as the second authentication attempt, he was through.

He was rewarded with free games, a free subscription and an official thanks from the company

http://www.welivesecurity.com/2014/04/05/the-future-of-security-microsoft-rewards-5-year-old-who-found-critical-password-flaw/

PR - Apr 4, 2014 - Kaspersky Lab Launches Real-Time Worldwide Interactive Cyberthreat Map

Kaspersky Lab has launched an interactive cyberthreat map that visualizes cyber security incidents occurring worldwide in real time. The types of threats displayed include malicious objects detected during on-access and on-demand scans, email and web antivirus detections, as well as objects identified by vulnerability and intrusion detection sub-systems.

Details.

Cyberthreat Real-Time Map


Esset blog - Apr 4, 2014 - Microsoft reported outlook zero-day flaw

Reported by Esset blog that Microsoft confirmed a zero-day flaw which subject users to threats by previewing emails in Rich Text Format.

The flaw affected a limited version of Microsoft Word which Microsoft Outlook uses to open RTF email message.

http://www.welivesecurity.com/2014/04/04/patch-tuesday/

PR - Apr 2, 2014 - Kaspersky: Every Third Phishing Attack Aimed at Stealing Money

According to the data collected for Kaspersky Lab’s study ‘Financial cyber threats in 2013’, cybercriminals are trying harder than ever to acquire confidential user information and steal money from bank accounts by creating fake sites mimicking financial organizations. In 2013, 31.45% of phishing attacks were trading on the names of leading banks, online stores and e-payment systems, up 8.5 percentage points from the previous year.

Out of 31.45% of phishing attacks which are financially consists of 22.20% which targeted banks, 6.51% targeted E-shops and 2.74% targeted payment systems

Details.

PR - Apr 1, 2014 - McAfee: Businesses Hold False Sense of Security

Today, McAfee announced the findings of its report that examines the controversy and confusion surrounding Advanced Evasion Techniques (AETs), and the role that they play in Advanced Persistent Threats (APTs).

Commissioned by McAfee, the Vanson Bourne study surveyed 800 CIOs and security managers from the United States, United Kingdom, Germany, France, Australia, Brazil, and South Africa, and showed that there are misunderstandings, misinterpretation, and ineffective safeguards in use by the security experts charged with protecting sensitive data.

Some key findings from the report:

  • 22 percent of security professionals admit their network was breached, and nearly 40 percent of those breached believe that AETs played a key role
  • On average, those who experienced a breach in the last 12 months reported a cost to their organization of upwards of $1 million
  • There are an estimated 800 million known AETs, but less than one percent can be detected by other vendor’s firewalls
  • About 40 percent of IT decision-makers do not believe they have methods to detect and track AETs
  • Nearly 70 percent of respondents said the biggest challenge when trying to implement technology against AETs is convincing the board they are a real and serious threat

Details and Infographics.

FireEye Blog - Mar 31, 2014 - Android.MisoSMS is back with new features

Android.MisoSMS, a malware was first detected last December.

It steals SMS and forward them to servers in China. The latest rendition was found to include encryption and new form of CnC communications - the new variant also abandons SMTP email as the transport method. It now handles all CnC communication natively in C++, making it harder for an analyst to analyze the malware by disassembling its ARM code.

The new version presents itself as “Gplay Dsc” to the user.

http://www.fireeye.com/blog/technical/malware-research/2014/03/android-misosms-its-back-now-with-xtea.html

PR - Mar 28, 2014 - Cybersecurity Malaysia & BAE Systems signed MOU to develop a framework for collaboration

As an extension of BAE Systems' commitment to the Malaysian market, the company signed a Memorandum of Understanding (MoU) with CyberSecurity Malaysia, the country's national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI). This partnership aims to find potential areas of collaboration between the two parties to enhance Malaysia's capacity and capability in the field of cyber security.

CEO of CyberSecurity Malaysia, Dr. Amirudin Abdul Wahab;the Managing Director of BAE Systems Applied Intelligence, Mr. Martin Sutherland

BAE Systems is a global supplier of cyber security products, solutions and services. It has invested in the development of several key technologies and capabilities which it believes would be appropriate in addressing the needs of Malaysia in realising its cyber vision, the most recent of which is the establishment of its Global Delivery Center in Kuala Lumpur.

Details.

PR - Mar 26, 2014 - Barracuda Unveils Threatglass, Online Malware Detection Tool

Barracuda Networks, Inc., a leading provider of cloud-connected security and storage solutions, announced the launch of Threatglass.com, an online malware detection tool designed specially for users to share, browse and analyse malware infected sites.

Threatglass was originally developed for Barracuda and is now being shared with the cyber security community, for both casual users and the research community to provide an effective way to document and better understand this ongoing problem.

Details.

PR - Mar 20, 2014 - Symantec Announces CEO Transition

Symantec Corp. today announced that its board of directors has appointed board member Michael Brown as interim president and chief executive officer, effective immediately. This appointment follows the termination of Steve Bennett as the company's president and chief executive officer and his resignation from Symantec's board of directors. A special committee of the board will immediately begin the search for a permanent CEO with the assistance of a leading executive search firm.

Details.

Symantec: Mar 19, 2014 - IoT Worm Used to Mine Cryptocurrency

Last November, Symantec found an Internet of Things (IoT) worm named Linux.Darlloz. The worm targets computers running Intel x86 architectures. Not only that, but the worm also focuses on devices running the ARM, MIPS and PowerPC architectures, which are usually found on routers and set-top boxes. Since the initial discovery of Linux.Darlloz, Symantec have found a new variant of the worm in mid-January.

According to Symantec’s analysis, the author of the worm continuously updates the code and adds new features, particularly focusing on making money with the worm.

In addition, Symantec discovered the current purpose of the worm is to mine cryptocurrencies. Once a computer running Intel architecture is infected with the new variant, the worm installs cpuminer, an open source coin mining software. The worm then starts mining Mincoins or Dogecoins on infected computers.

By the end of February 2014, the attacker mined 42,438 Dogecoins (approximately US$46 at the time of writing) and 282 Mincoins (approximately US$150 at the time of writing). These amounts are relatively low for the average cybercrime activity so, we expect the attacker to continue to evolve their threat for increased monetization.

http://www.symantec.com/connect/blogs/iot-worm-used-mine-cryptocurrency

Comments