SlideShare une entreprise Scribd logo

Security News bytes October 2013

n|u - The Open Security Community
n|u - The Open Security Community

The document contains summaries of several security news articles. The articles discuss issues like vulnerabilities in iPhone fingerprint authentication and signed Mac malware, flaws in Verizon femtocells allowing eavesdropping, a remote access tool targeting Android devices, and vulnerabilities in a Ukrainian bank's mobile app allowing account theft. The document also mentions several upcoming security events in India.

FormationTechnologieActualités & Politique
1  sur  18
Télécharger pour lire hors ligne
Security NEWS Bytes RUPAM BHATTACHARYA
iPhone Fingerprint Authentication  Fingerprint authentication is a good balance between convenience and security for a mobile device.  Your fingerprint isn't a secret; you leave it everywhere you touch.  Fingerprint to be used for AppStore purchases.  "If Apple is right that fingerprints never leave the device, that means the new iPhones will be sending some sort of authentication token to Apple servers to verify that the end user has produced a valid print,"writes Dan Goodin in Ars Technica  If attackers figure out a way to capture and replay users' valid tokens, it could lead to new ways for criminals to hijack user accounts
Signed Mac Malware Using Rightto-Left Override Trick  Right-to-left override (RLO) is a special character used in bi-directional text encoding system to mark the start of text that are to be displayed from right to left.  Here it's simply to hide the real extension.  The malware is written in Python and it uses py2app for distribution.  The malware drops and open a decoy document on execution.  Then it creates a cron job for its launch point and a hidden folder in the home directory of the infected user to store its components.  The malware then continuously takes screen shots and records audio (using a third party software called SoX) and uploads them to the command and control server. It also continuously polls the command and control server for commands to execute.  http://www.f-secure.com/weblog/archives/00002576.html
Femtocell flaw leaves Verizon subscribers' Wi-Fi and mobile wide open  Femtocells are used to boost Wi-Fi and mobile signals within a household.  Security researchers have demonstrated a flaw in femtocells using Verizon Wireless Network Extender that allows them to be used for eavesdropping on cellphone, email, and internet traffic.  Up to 30 other network carriers use systems with software that can be hacked in the same way.  A hacked device could be placed in locales such as a restaurant frequented by high-value targets, and used to monitor data traffic that comes through the femtocell. The information can be stored and relayed back to the attacker using the adapted device, and used for further infiltration later.  Verizon's update fixes the problem.  http://www.theregister.co.uk/2013/07/15/femtocell_flaw_leaves_verizon_custom ers_wifi_and_mobile_wide_open/
Remote Access Tool Takes Aim with Android APK Binder       Remote Access Tools (RAT) written in Java that are capable of running on multiple operating systems. Android OS is the latest target and is not immune to RATs. Underground economy that caters to the needs of cybercriminals has created the first tools (called “binders”) that easily allow users to repackage and Trojanize legitimate Android applications with AndroRAT, a free Android RAT. AndroRAT can monitor and make phone calls and SMS messages, get the device’s GPS coordinates, activate and use the camera and microphone and access files stored on the device. To date, Symantec has counted 23 cases of popular legitimate apps being Trojanized in the wild with AndroRAT. http://www.symantec.com/connect/blogs/remote-access-tool-takesaim-android-apk-binder
New Java feature aims to manage multiple version problems  Older releases often contain flaws -- patched in later editions -- that remain susceptible to exploitation by bad actors now.  The problem with running a new version of Java is that some apps important to a business's operation may not work with it.  Java 7 Update 40 include allowing network administrators to create a Deployment Rule Set (DRS) that defines which version of Java an app should use.  Such definitions could allow critical internal apps to use older versions of Java, while forcing external apps -- those more likely to carry infections that exploit flaws in older editions -- to use the latest version.
APPLE IMESSAGE OPEN TO MAN IN THE MIDDLE, SPOOFING ATTACKS  Apple controls the encryption key infrastructure for the system and therefore has the ability to read users’ text messages–or decrypt them and hand them over at the order of a government agency.  The researchers who looked at iMessage, known as Pod2g and GG, said that there is no evidence that Apple is in fact reading users’ iMessages, but it’s possible that the company could.  Users’ AppleID passwords also are sent in clear text to the Apple servers.  Because the iMessages go through Apple’s servers, they essentially have a man-in-the-middle position on all of the communications among those devices.  Apple does not use certificate pinning for iMessage, meaning that the system is open to a MiTM attack by outside attackers.  Courtesy – Threatpost
Microsoft Security Bulletin MS13-081 - Critical  Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution  An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.  The security update addresses these vulnerabilities by correcting the way that Windows handles specially crafted OpenType Font files and specially crafted TrueType Font (TTF) files, and by correcting the way that Windows handles objects in memory.  http://technet.microsoft.com/en-us/security/bulletin/ms13-081
Snowden: NSA whacks US in the WALLET, slurps millions of contacts books      The National Security Agency is hurting the US economy with its "dragnet" surveillance, says uber-leaker Edward Snowden. He also alleged, via The Washington Post, that the NSA has been slurping the contents of some 250 million electronic address books a year. The agency grabs this data as it passes over major internet transit points, so it does not need to slurp it from internal Google or Yahoo! servers and therefore doesn't need to make an official request for the information. There is evidence the NSA has been trying to smash internet encryption by performing man-in-the-middle attacks using compromised cryptographic certificates. http://www.theregister.co.uk/2013/10/15/snowden_nsa_snooping_hurts _our_economy/
'Thousands' of North Korea Cyber Attacks on South: Ministry Data  North Korea has staged thousands of cyber attacks against the South in recent years, causing financial losses of around $805 million, a Seoul lawmaker said citing government data.  "A lot of data related to our national infrastructure, including chemical storage facilities and information relating to personal financial dealings have been stolen," ruling party MP Chung Hee-Soo said.  The attacks included website intrusions, malware deployments and the use of virus-carrying e-mails.  "Our military's cyber warfare ability to fend off such attacks...is incomparable to the North's, which is known to be one of the world's best," Chung said.  http://www.securityweek.com/thousands-north-korea-cyber-attackssouth-ministry-data
FACEBOOK PRIVACY FEATURE GONE FOR GOOD  Earlier, users could choose who was allowed to search for their profiles by name: friends only, friends of friends, or everyone (the default option).  Late last year, the social networking giant removed the feature – called “Who can look up my Timeline by name?” – for everyone that wasn’t already using it.  October 10th, Facebook said they will begin removing it for all other users as well, completely eliminating the functionality within the next couple of weeks.  Courtesy – Threatpost
Managed security service providers face $40M liability exposures  Managed security service providers get paid by enterprise customers to stop malware or other kinds of cyberattacks, but if they fail, they face what’s often a multi-million-dollar liability.  If there’s a virus outbreak on the customer’s network, for example, there is a limited timeframe to respond to meet the legal requirements of that SLA. “We have timeframes we have to respond to, perhaps 30 seconds,” said Matthew Gyde, global general manager, security at Dimension Data.  Cisco last month announced that it also wants to expand into the managed security services arena, though the company didn’t specify what approach it will take.  “McAfee has extended their arms in good will to build a MSP program,” said Steve Duncan, vice president of security and strategy at Lumenate.
RESEARCHERS NAB $28K IN MICROSOFT BUG BOUNTY PROGRAM  As part of its first-ever bounty program, Microsoft has paid out $28,000 to a small group of researchers who identified and reported vulnerabilities in Internet Explorer 11.  The IE 11 bounty program only ran for one month during the summer, but it attracted a number of submissions from well-known researchers.  Microsoft’s program–outside of the IE 11 reward–is mainly geared toward paying for innovative attack techniques. The company is offering as much as $100,000 for offensive techniques that are capable of bypassing the latest exploit mitigation technologies on the newest version of Windows.
Hacker cracks Vodafone Germany  A hack on a Vodafone Germany server has exposed the personal details – including banking information – of two million of its customers.  Hackers accessed names, addresses, bank account numbers and dates of birth.  It's unclear when the breach took place, but it appears to have involved a successful compromise of an internal server on Vodafone's network.  This case concerns only Vodafone Germany, other countries are not affected,
REVAMPED YAHOO BUG BOUNTY PROGRAM ON THE WAY—T-SHIRTS NOT INCLUDED  Yahoo found itself in the throes of a mini scandal this week over two $12.50 Yahoo company store discount codes handed out to one researcher in thanks for turning in a pair of cross-site scripting bugs.  “If Yahoo cannot afford to spend money on its corporate security, it should at least try to attract security researchers by other means,” Kolochenko, High-Tech Bridge CEO said. “Otherwise, none of Yahoo’s customers can ever feel safe.”  Martinez acknowledged Kolochenko’s distress in previewing the upcoming revised policy, that he said will reward individuals who identify “new, unique and/or high-risk issues” with payouts in the range of $150 to $15,000.  Previously, Martinez had personally acknowledged submissions with a Yahoo T-shirt—which he said he personally paid for—as well as a personal letter to the researcher certifying the find.
PRIVATBANK MOBILE APP VULNERABLE TO ACCOUNT THEFT      Privat24, the mobile banking application for Ukraine’s largest commercial bank, contains an insufficient validation vulnerability in its iOS, Android, and Windows phone apps that could give an attacker the ability to steal money from user accounts after bypassing its two-factor authentication protection. Once the application is installed and verified with the initial OTP to a particular device, users can access the application without overcoming that barrier of entry again. An attacker would need a second attack, perhaps using malware or some sort of phishing scheme, to ascertain a user’s account password before being able to compromise the application and potentially steal money. PrivatBank confirmed the problem. Courtesy – Threatpost
GOOGLE TO PAY REWARDS FOR PATCHES TO OPEN SOURCE PROJECTS  Google, one of the first companies to offer a significant bug bounty program, is extending its rewards to researchers and developers who contribute patches to a variety of open source projects and have an effect on the security of the project.  The new rewards will range from $500 to $3,133.70  In order to qualify for a reward from Google, the patch submission from the developer has to have a “demonstrable, significant, and proactive impact on the security” of a given component.  Courtesy – Threatpost
Security Events  SANS Bangalore 2013 - 14–26 October 2013  ISACA India Conference 2013 - 27–29 November 2013 - Chennai, India  IFSEC India 2013 - 5-7 December 2013 at India Expo Centre, Greater Noida, New Delhi (NCR)  Nullcon Goa 2014 –   CFP Opens: 01st September 2013 1st round of Speaker list Online: 10th October 2013 CFP Closing Date: 20th November 2013 Final speakers List online: 01th December 2013 Training Dates: 12th-13th February 2014 Conference Dates: 14st-15nd February 2014 Secutech India 2014 - February 27-28 - March 01, 2014 – Mumbai

Recommandé

Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)
AP DealFlow
 
Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threat
Ali J
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec Technology and Consulting
 
HinDroid
HinDroidHinDroid
HinDroid
HinDroid
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware
SytelReplyUK
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
Roen Branham
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
Anjoum .
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
Anatoliy Tkachev
 

Recommandé

Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)Comilion introduction presentation 26102012 (1)
Comilion introduction presentation 26102012 (1)
AP DealFlow
 
Pocket virus threat
Pocket virus threatPocket virus threat
Pocket virus threat
Ali J
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec Technology and Consulting
 
HinDroid
HinDroidHinDroid
HinDroid
HinDroid
 
10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware
SytelReplyUK
 
Grift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a rideGrift horse money stealing trojan takes 10m android users for a ride
Grift horse money stealing trojan takes 10m android users for a ride
Roen Branham
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
Anjoum .
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
Anatoliy Tkachev
 
Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
Комсс Файквэе
 
Trojan horseofbyod2
Trojan horseofbyod2Trojan horseofbyod2
Trojan horseofbyod2
Stephanie Vanroelen
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devices
ijmnct
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
ijmnct
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
Martin Holovský
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
Kavita Rastogi
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android application
IAEME Publication
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
Microsoft Asia
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
Lookout
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Report
cheinyeanlim
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revista
the_ro0t
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
Roen Branham
 
Android mobile platform security and malware survey
Android mobile platform security and malware surveyAndroid mobile platform security and malware survey
Android mobile platform security and malware survey
eSAT Journals
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_report
Isnur Rochmad
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
Tharaka Mahadewa
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Tyler Shields
 
Anomaly Detection using String Analysis for Android Malware Detection - CISIS...
Anomaly Detection using String Analysis for Android Malware Detection - CISIS...Anomaly Detection using String Analysis for Android Malware Detection - CISIS...
Anomaly Detection using String Analysis for Android Malware Detection - CISIS...
Carlos Laorden
 
14 cyber threats
14 cyber threats14 cyber threats
14 cyber threats
mahesh43211
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOS
Innovation Network Technologies: InNet
 
P01761113118
P01761113118P01761113118
P01761113118
IOSR Journals
 
Mvc music store tutorial - v3.0 (1)
Mvc music store tutorial - v3.0 (1)Mvc music store tutorial - v3.0 (1)
Mvc music store tutorial - v3.0 (1)
novia80
 
Chapter 11 Summary
Chapter 11 SummaryChapter 11 Summary
Chapter 11 Summary
livvy milner
 

Contenu connexe

Tendances

Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devices
ijmnct
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
ijmnct
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android application
IAEME Publication
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
Microsoft Asia
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
Lookout
 
Android mobile platform security and malware survey
Android mobile platform security and malware surveyAndroid mobile platform security and malware survey
Android mobile platform security and malware survey
eSAT Journals
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_report
Isnur Rochmad
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
Tharaka Mahadewa
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
Tyler Shields
 

Tendances (20)

Rp threat-predictions-2013
Rp threat-predictions-2013Rp threat-predictions-2013
Rp threat-predictions-2013
 
Trojan horseofbyod2
Trojan horseofbyod2Trojan horseofbyod2
Trojan horseofbyod2
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devices
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
 
Mobile Malware
Mobile MalwareMobile Malware
Mobile Malware
 
Report on Mobile security
Report on Mobile securityReport on Mobile security
Report on Mobile security
 
Implementing security on android application
Implementing security on android applicationImplementing security on android application
Implementing security on android application
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
 
2015 Cybersecurity Predictions
2015 Cybersecurity Predictions2015 Cybersecurity Predictions
2015 Cybersecurity Predictions
 
Symantec Website Security Threat Report
Symantec Website Security Threat ReportSymantec Website Security Threat Report
Symantec Website Security Threat Report
 
Mobile security hakin9_Revista
Mobile security hakin9_RevistaMobile security hakin9_Revista
Mobile security hakin9_Revista
 
Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021 Security weekly september 28 october 4, 2021
Security weekly september 28 october 4, 2021
 
Android mobile platform security and malware survey
Android mobile platform security and malware surveyAndroid mobile platform security and malware survey
Android mobile platform security and malware survey
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_report
 
Article on Mobile Security
Article on Mobile SecurityArticle on Mobile Security
Article on Mobile Security
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
 
Anomaly Detection using String Analysis for Android Malware Detection - CISIS...
Anomaly Detection using String Analysis for Android Malware Detection - CISIS...Anomaly Detection using String Analysis for Android Malware Detection - CISIS...
Anomaly Detection using String Analysis for Android Malware Detection - CISIS...
 
14 cyber threats
14 cyber threats14 cyber threats
14 cyber threats
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOS
 
P01761113118
P01761113118P01761113118
P01761113118
 

En vedette

Educación parvularia.
Educación parvularia.Educación parvularia.
Educación parvularia.
solcifuentesr
 
Google Dorks
Google DorksGoogle Dorks
Google Dorks
Andrea D'Ubaldo
 
Educacion parvularia aspectos generales
Educacion parvularia aspectos generalesEducacion parvularia aspectos generales
Educacion parvularia aspectos generales
jenisfritz
 

En vedette (20)

Mvc music store tutorial - v3.0 (1)
Mvc music store tutorial - v3.0 (1)Mvc music store tutorial - v3.0 (1)
Mvc music store tutorial - v3.0 (1)
 
Chapter 11 Summary
Chapter 11 SummaryChapter 11 Summary
Chapter 11 Summary
 
A XSSmas carol
A XSSmas carolA XSSmas carol
A XSSmas carol
 
Building Testable PHP Applications
Building Testable PHP ApplicationsBuilding Testable PHP Applications
Building Testable PHP Applications
 
Pr 4 portafolio de presentación cz@r mdez
Pr 4 portafolio de presentación cz@r mdezPr 4 portafolio de presentación cz@r mdez
Pr 4 portafolio de presentación cz@r mdez
 
Beautiful Java EE - PrettyFaces
Beautiful Java EE - PrettyFacesBeautiful Java EE - PrettyFaces
Beautiful Java EE - PrettyFaces
 
Humility: Ascending by Descending
Humility: Ascending by DescendingHumility: Ascending by Descending
Humility: Ascending by Descending
 
password (facebook)
password (facebook) password (facebook)
password (facebook)
 
Google Dorks
Google DorksGoogle Dorks
Google Dorks
 
Web scripting in MadCap Flare
Web scripting in MadCap FlareWeb scripting in MadCap Flare
Web scripting in MadCap Flare
 
Hacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav BishtHacking in shadows By - Raghav Bisht
Hacking in shadows By - Raghav Bisht
 
Google Dorks and SQL Injection
Google Dorks and SQL InjectionGoogle Dorks and SQL Injection
Google Dorks and SQL Injection
 
Educación parvularia.
Educación parvularia.Educación parvularia.
Educación parvularia.
 
2. Microclimate
2. Microclimate2. Microclimate
2. Microclimate
 
Microsoft Office Package: Practical Questions
Microsoft Office Package: Practical QuestionsMicrosoft Office Package: Practical Questions
Microsoft Office Package: Practical Questions
 
Sample Mobile Apps PRD
Sample Mobile Apps PRDSample Mobile Apps PRD
Sample Mobile Apps PRD
 
Web Services PHP Tutorial
Web Services PHP TutorialWeb Services PHP Tutorial
Web Services PHP Tutorial
 
Google Dorks
Google DorksGoogle Dorks
Google Dorks
 
Educacion parvularia aspectos generales
Educacion parvularia aspectos generalesEducacion parvularia aspectos generales
Educacion parvularia aspectos generales
 
[취업특강] IT분야에서 행복하게 일하기 - SW 개발자를 중심으로
[취업특강] IT분야에서 행복하게 일하기 - SW 개발자를 중심으로[취업특강] IT분야에서 행복하게 일하기 - SW 개발자를 중심으로
[취업특강] IT분야에서 행복하게 일하기 - SW 개발자를 중심으로
 

Similaire à Security News bytes October 2013

HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
IJCNCJournal
 
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayadaKnown Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
namblasec
 
Microsoft warns of potential attacks
Microsoft warns of potential attacksMicrosoft warns of potential attacks
Microsoft warns of potential attacks
John Davis
 
Review on mobile threats and detection techniques
Review on mobile threats and detection techniquesReview on mobile threats and detection techniques
Review on mobile threats and detection techniques
ijdpsjournal
 
185
185185
185
vivatechijri
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet
IJECEIAES
 

Similaire à Security News bytes October 2013 (20)

Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytes
 
A Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile MalwareA Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile Malware
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
We explain the security flaw that's freaking out the internet
We explain the security flaw that's freaking out the internetWe explain the security flaw that's freaking out the internet
We explain the security flaw that's freaking out the internet
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
 
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayadaKnown Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
 
Secureview 2q 2011
Secureview 2q 2011Secureview 2q 2011
Secureview 2q 2011
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
CS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptxCS_UNIT 2(P3).pptx
CS_UNIT 2(P3).pptx
 
cyber attacks in May , breaches in May
cyber attacks in May , breaches in Maycyber attacks in May , breaches in May
cyber attacks in May , breaches in May
 
L017326972
L017326972L017326972
L017326972
 
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
Face expressions, facial features, kinect sensor, face tracking SDK, neural n...
 
Microsoft warns of potential attacks
Microsoft warns of potential attacksMicrosoft warns of potential attacks
Microsoft warns of potential attacks
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paper
 
Review on mobile threats and detection techniques
Review on mobile threats and detection techniquesReview on mobile threats and detection techniques
Review on mobile threats and detection techniques
 
185
185185
185
 
Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet Invesitigation of Malware and Forensic Tools on Internet
Invesitigation of Malware and Forensic Tools on Internet
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52
 
When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.When developer's api simplify user mode rootkits developing.
When developer's api simplify user mode rootkits developing.
 

Plus de n|u - The Open Security Community

Plus de n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Dernier

Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 

Dernier (20)

ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701ComPTIA Overview | Comptia Security+ Book SY0-701
ComPTIA Overview | Comptia Security+ Book SY0-701
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...General Principles of Intellectual Property: Concepts of Intellectual Proper...
General Principles of Intellectual Property: Concepts of Intellectual Proper...
 
Sociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning ExhibitSociology 101 Demonstration of Learning Exhibit
Sociology 101 Demonstration of Learning Exhibit
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Micro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdfMicro-Scholarship, What it is, How can it help me.pdf
Micro-Scholarship, What it is, How can it help me.pdf
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.ICT role in 21st century education and it's challenges.
ICT role in 21st century education and it's challenges.
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural ResourcesEnergy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
Energy Resources. ( B. Pharmacy, 1st Year, Sem-II) Natural Resources
 
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
2024-NATIONAL-LEARNING-CAMP-AND-OTHER.pptx
 
Asian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptxAsian American Pacific Islander Month DDSD 2024.pptx
Asian American Pacific Islander Month DDSD 2024.pptx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 

Security News bytes October 2013

  • 2. iPhone Fingerprint Authentication  Fingerprint authentication is a good balance between convenience and security for a mobile device.  Your fingerprint isn't a secret; you leave it everywhere you touch.  Fingerprint to be used for AppStore purchases.  "If Apple is right that fingerprints never leave the device, that means the new iPhones will be sending some sort of authentication token to Apple servers to verify that the end user has produced a valid print,"writes Dan Goodin in Ars Technica  If attackers figure out a way to capture and replay users' valid tokens, it could lead to new ways for criminals to hijack user accounts
  • 3. Signed Mac Malware Using Rightto-Left Override Trick  Right-to-left override (RLO) is a special character used in bi-directional text encoding system to mark the start of text that are to be displayed from right to left.  Here it's simply to hide the real extension.  The malware is written in Python and it uses py2app for distribution.  The malware drops and open a decoy document on execution.  Then it creates a cron job for its launch point and a hidden folder in the home directory of the infected user to store its components.  The malware then continuously takes screen shots and records audio (using a third party software called SoX) and uploads them to the command and control server. It also continuously polls the command and control server for commands to execute.  http://www.f-secure.com/weblog/archives/00002576.html
  • 4. Femtocell flaw leaves Verizon subscribers' Wi-Fi and mobile wide open  Femtocells are used to boost Wi-Fi and mobile signals within a household.  Security researchers have demonstrated a flaw in femtocells using Verizon Wireless Network Extender that allows them to be used for eavesdropping on cellphone, email, and internet traffic.  Up to 30 other network carriers use systems with software that can be hacked in the same way.  A hacked device could be placed in locales such as a restaurant frequented by high-value targets, and used to monitor data traffic that comes through the femtocell. The information can be stored and relayed back to the attacker using the adapted device, and used for further infiltration later.  Verizon's update fixes the problem.  http://www.theregister.co.uk/2013/07/15/femtocell_flaw_leaves_verizon_custom ers_wifi_and_mobile_wide_open/
  • 5. Remote Access Tool Takes Aim with Android APK Binder       Remote Access Tools (RAT) written in Java that are capable of running on multiple operating systems. Android OS is the latest target and is not immune to RATs. Underground economy that caters to the needs of cybercriminals has created the first tools (called “binders”) that easily allow users to repackage and Trojanize legitimate Android applications with AndroRAT, a free Android RAT. AndroRAT can monitor and make phone calls and SMS messages, get the device’s GPS coordinates, activate and use the camera and microphone and access files stored on the device. To date, Symantec has counted 23 cases of popular legitimate apps being Trojanized in the wild with AndroRAT. http://www.symantec.com/connect/blogs/remote-access-tool-takesaim-android-apk-binder
  • 6. New Java feature aims to manage multiple version problems  Older releases often contain flaws -- patched in later editions -- that remain susceptible to exploitation by bad actors now.  The problem with running a new version of Java is that some apps important to a business's operation may not work with it.  Java 7 Update 40 include allowing network administrators to create a Deployment Rule Set (DRS) that defines which version of Java an app should use.  Such definitions could allow critical internal apps to use older versions of Java, while forcing external apps -- those more likely to carry infections that exploit flaws in older editions -- to use the latest version.
  • 7. APPLE IMESSAGE OPEN TO MAN IN THE MIDDLE, SPOOFING ATTACKS  Apple controls the encryption key infrastructure for the system and therefore has the ability to read users’ text messages–or decrypt them and hand them over at the order of a government agency.  The researchers who looked at iMessage, known as Pod2g and GG, said that there is no evidence that Apple is in fact reading users’ iMessages, but it’s possible that the company could.  Users’ AppleID passwords also are sent in clear text to the Apple servers.  Because the iMessages go through Apple’s servers, they essentially have a man-in-the-middle position on all of the communications among those devices.  Apple does not use certificate pinning for iMessage, meaning that the system is open to a MiTM attack by outside attackers.  Courtesy – Threatpost
  • 8. Microsoft Security Bulletin MS13-081 - Critical  Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution  An attacker who successfully exploited these vulnerabilities could take complete control of an affected system.  The security update addresses these vulnerabilities by correcting the way that Windows handles specially crafted OpenType Font files and specially crafted TrueType Font (TTF) files, and by correcting the way that Windows handles objects in memory.  http://technet.microsoft.com/en-us/security/bulletin/ms13-081
  • 9. Snowden: NSA whacks US in the WALLET, slurps millions of contacts books      The National Security Agency is hurting the US economy with its "dragnet" surveillance, says uber-leaker Edward Snowden. He also alleged, via The Washington Post, that the NSA has been slurping the contents of some 250 million electronic address books a year. The agency grabs this data as it passes over major internet transit points, so it does not need to slurp it from internal Google or Yahoo! servers and therefore doesn't need to make an official request for the information. There is evidence the NSA has been trying to smash internet encryption by performing man-in-the-middle attacks using compromised cryptographic certificates. http://www.theregister.co.uk/2013/10/15/snowden_nsa_snooping_hurts _our_economy/
  • 10. 'Thousands' of North Korea Cyber Attacks on South: Ministry Data  North Korea has staged thousands of cyber attacks against the South in recent years, causing financial losses of around $805 million, a Seoul lawmaker said citing government data.  "A lot of data related to our national infrastructure, including chemical storage facilities and information relating to personal financial dealings have been stolen," ruling party MP Chung Hee-Soo said.  The attacks included website intrusions, malware deployments and the use of virus-carrying e-mails.  "Our military's cyber warfare ability to fend off such attacks...is incomparable to the North's, which is known to be one of the world's best," Chung said.  http://www.securityweek.com/thousands-north-korea-cyber-attackssouth-ministry-data
  • 11. FACEBOOK PRIVACY FEATURE GONE FOR GOOD  Earlier, users could choose who was allowed to search for their profiles by name: friends only, friends of friends, or everyone (the default option).  Late last year, the social networking giant removed the feature – called “Who can look up my Timeline by name?” – for everyone that wasn’t already using it.  October 10th, Facebook said they will begin removing it for all other users as well, completely eliminating the functionality within the next couple of weeks.  Courtesy – Threatpost
  • 12. Managed security service providers face $40M liability exposures  Managed security service providers get paid by enterprise customers to stop malware or other kinds of cyberattacks, but if they fail, they face what’s often a multi-million-dollar liability.  If there’s a virus outbreak on the customer’s network, for example, there is a limited timeframe to respond to meet the legal requirements of that SLA. “We have timeframes we have to respond to, perhaps 30 seconds,” said Matthew Gyde, global general manager, security at Dimension Data.  Cisco last month announced that it also wants to expand into the managed security services arena, though the company didn’t specify what approach it will take.  “McAfee has extended their arms in good will to build a MSP program,” said Steve Duncan, vice president of security and strategy at Lumenate.
  • 13. RESEARCHERS NAB $28K IN MICROSOFT BUG BOUNTY PROGRAM  As part of its first-ever bounty program, Microsoft has paid out $28,000 to a small group of researchers who identified and reported vulnerabilities in Internet Explorer 11.  The IE 11 bounty program only ran for one month during the summer, but it attracted a number of submissions from well-known researchers.  Microsoft’s program–outside of the IE 11 reward–is mainly geared toward paying for innovative attack techniques. The company is offering as much as $100,000 for offensive techniques that are capable of bypassing the latest exploit mitigation technologies on the newest version of Windows.
  • 14. Hacker cracks Vodafone Germany  A hack on a Vodafone Germany server has exposed the personal details – including banking information – of two million of its customers.  Hackers accessed names, addresses, bank account numbers and dates of birth.  It's unclear when the breach took place, but it appears to have involved a successful compromise of an internal server on Vodafone's network.  This case concerns only Vodafone Germany, other countries are not affected,
  • 15. REVAMPED YAHOO BUG BOUNTY PROGRAM ON THE WAY—T-SHIRTS NOT INCLUDED  Yahoo found itself in the throes of a mini scandal this week over two $12.50 Yahoo company store discount codes handed out to one researcher in thanks for turning in a pair of cross-site scripting bugs.  “If Yahoo cannot afford to spend money on its corporate security, it should at least try to attract security researchers by other means,” Kolochenko, High-Tech Bridge CEO said. “Otherwise, none of Yahoo’s customers can ever feel safe.”  Martinez acknowledged Kolochenko’s distress in previewing the upcoming revised policy, that he said will reward individuals who identify “new, unique and/or high-risk issues” with payouts in the range of $150 to $15,000.  Previously, Martinez had personally acknowledged submissions with a Yahoo T-shirt—which he said he personally paid for—as well as a personal letter to the researcher certifying the find.
  • 16. PRIVATBANK MOBILE APP VULNERABLE TO ACCOUNT THEFT      Privat24, the mobile banking application for Ukraine’s largest commercial bank, contains an insufficient validation vulnerability in its iOS, Android, and Windows phone apps that could give an attacker the ability to steal money from user accounts after bypassing its two-factor authentication protection. Once the application is installed and verified with the initial OTP to a particular device, users can access the application without overcoming that barrier of entry again. An attacker would need a second attack, perhaps using malware or some sort of phishing scheme, to ascertain a user’s account password before being able to compromise the application and potentially steal money. PrivatBank confirmed the problem. Courtesy – Threatpost
  • 17. GOOGLE TO PAY REWARDS FOR PATCHES TO OPEN SOURCE PROJECTS  Google, one of the first companies to offer a significant bug bounty program, is extending its rewards to researchers and developers who contribute patches to a variety of open source projects and have an effect on the security of the project.  The new rewards will range from $500 to $3,133.70  In order to qualify for a reward from Google, the patch submission from the developer has to have a “demonstrable, significant, and proactive impact on the security” of a given component.  Courtesy – Threatpost
  • 18. Security Events  SANS Bangalore 2013 - 14–26 October 2013  ISACA India Conference 2013 - 27–29 November 2013 - Chennai, India  IFSEC India 2013 - 5-7 December 2013 at India Expo Centre, Greater Noida, New Delhi (NCR)  Nullcon Goa 2014 –   CFP Opens: 01st September 2013 1st round of Speaker list Online: 10th October 2013 CFP Closing Date: 20th November 2013 Final speakers List online: 01th December 2013 Training Dates: 12th-13th February 2014 Conference Dates: 14st-15nd February 2014 Secutech India 2014 - February 27-28 - March 01, 2014 – Mumbai