Doug Vitale Tech Blog

Latest IT news and commentary

‘Regin’ malware described as ‘groundbreaking and almost peerless’

CNN, 24 Nov 2014 – Experts don’t know where it came from, and aren’t quite sure what it does. But they do know this: a newly-uncovered cybersecurity threat isn’t your typical credit-card stealing operation. It appears to be a government spying tool, and is “groundbreaking and almost peerless.” [More]
Symantec: Regin: Top-tier espionage tool enables stealthy surveillance


Detekt: A New Malware Detection Tool That Can Expose State Surveillance

Electronic Frontier Foundation, 20 Nov 2014 – Recent years have seen a boom in the adoption of surveillance technology by governments around the world, including spyware that provides its purchasers the unchecked ability to target remote Internet users’ computers, to read their personal emails, listen in on private audio calls, record keystrokes and passwords, and remotely activate their computer’s camera or microphone. That’s why we’ve joined together to support Detekt, a new malware detection tool developed by security researcher Claudio Guarnieri. [More]


Cross-site scripting vulnerability in millions of web sites

CyberWarZone, 18 Nov 2014 – In August 2014 I found a severe cross-site scripting security vulnerability in the latest version (1.13.0) of the ‘jQuery Validation Plugin‘. This jQuery plugin which adds easy form validation functionality to a web site, is written by a core developer of the highly popular jQuery JavaScript framework. As of speaking this vulnerability still exists and hasn’t been patched. It seems that on first sight 6.000+ web sites are vulnerable. jQuery hasn’t responded to my report of this vulnerability. [More]


Internet Architecture Board: Encrypt the whole Internet

IAB, 15 Nov 2014 – The IAB now believes it is important for protocol designers, developers, and operators to make encryption the norm for Internet traffic. Encryption should be authenticated where possible, but even protocols providing confidentiality without authentication are useful in the face of pervasive surveillance as described in RFC 7258. [More]


Microsoft Security Intelligence Report for 2014 released

Microsoft, 12 Nov 2014 – Windows users who do not run updated anti-malware software are much more likely to be infected with malware. Microsoft released research this week to prove the point in the most recent version of its Security Intelligence Report. The data in the report is collected from telemetry from the Malicious Software Removal Tool which runs each month with Windows Update. [More]


Only Half of USB Devices Have an Unpatchable Flaw, But No One Knows Which Half

Wired, 12 Nov 2014 – First, the good news: that unpatchable security flaw in USB devices first brought to light over the summer affects only about half of the things you plug into your USB port. The bad news is it’s nearly impossible to sort out the secure gadgets from the insecure ones without ripping open every last thumb drive. [More]


POS Malware Continues To Evolve

Dark Reading, 11 Nov 2014 – With a little over two weeks until the holiday shopping season kicks off, a picture of the evolution of point of sale (POS) malware has come into focus with a number of recent pieces of research of late. A common theme recurring throughout is that POS malware is increasingly maturing with different packages and families refined for specific attack scenarios. Just today, researchers with Cyphort Labs released a report that dissected three families of POS malware associated with three distinct breach incidents at Target, Home Depot, and UPS over the past year–BlackPOS, FrameworkPOS, and Backoff respectively. [More]


Windows vulnerability identified as root cause in Home Depot breach

SC Magazine, 10 Nov 2014 – In a detailed account of Home Depot’s breach, the Wall Street Journal disclosed that the compromised credit cards and emails could have been stolen as a result of a Windows vulnerability in the retailer’s main network. Attackers reportedly gained credentials from a third-party vendor and then navigated through the vendor’s system and Home Depot’s secure network by exploiting the vulnerability. [More]


‘Trojan Horse’ Bug Lurking in Vital US Computers Since 2011

ABC News, 6 Nov 2014 – A destructive “Trojan Horse” malware program has penetrated the software that runs much of the nation’s critical infrastructure and is poised to cause an economic catastrophe, according to the Department of Homeland Security. National Security sources told ABC News there is evidence that the malware was inserted by hackers believed to be sponsored by the Russian government, and is a very serious threat. [More]


Crypto attack that hijacked Windows Update goes mainstream in Amazon Cloud

Ars Technica, 5 Nov 2014 – Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in 2012 to hijack Microsoft’s Windows Update mechanism. Nathaniel McHugh ran open source software known as HashClash to modify two separate images—one of them depicting funk legend James Brown and the other R&B singer/songwriter Barry White—that generate precisely the same MD5 hash, e06723d4961a0a3f950e7786f3766338. The exercise — known in cryptographic circles as a hash collision — took just 10 hours and cost only 65 cents plus tax to complete using a GPU instance on Amazon Web Service. [More]


Cybersecurity 2014: Breaches and costs rise, confidence and budgets are low

CSO, 5 Nov 2014 – In 2014, it seemed that no industry went unscathed. The data breaches this year were broad and deep. Despite it being yet another year of staggering data breaches, these breaches are costing enterprises more – and information security budgets aren’t keeping up with the threat. In some cases, they even have fallen slightly. It’s as if security teams manage to make a small foothold against cyber attacks one year, and the next year they slide back. [More]



Archive (search for keywords with site search engine)

September – October 2014
July – August 2014
May – June 2014
March – April 2014
January – February 2014
2013
November – December 2013
September – October 2013
July – August 2013
May – June 2013

Written by Doug Vitale

July 31, 2013 at 12:13 PM

%d bloggers like this: