Alastair Stevenson ( V3 - March 4, 2014 )
Researchers at the security firm Team Cymru have traced a campaign that has successfully compromised 300,000 small office and home office (SOHO) routers using man-in-the-middle attacks to two UK IP addresses. The research team reported the campaign in its SOHO Pharming white paper, confirming that the majority of the victims were in Europe and Asia. “In January 2014, Team Cymru’s Enterprise Intelligence Services began investigating a SOHO pharming campaign that had overwritten router DNS [domain name system] settings in central Europe,” the paper noted.
Alastair Stevenson ( V3 - March 4, 2014 )
Egan Orion( The Inquirer - March 3, 2014 )
THE MOST INTERESTING DEVICE shown at Mobile World Congress (MWC) in Barcelona this week was the secure Blackphone developed by Silent Circle and Geeksphone. The Blackphone features anonymous search, automatic disabling of non-trusted WiFi hotspots, and private texting, calling and file transfer capabilities. It’s available to the general public, and bundles additional security features that apparently go beyond the basic messaging security provided by Blackberry to enterprise customers in its Blackberry Messaging (BBM) service. US-based aerospace and defence firm Boeing also unveiled its own Black phone - not to be confused with the Silent Circle and Geeksphone Blackphone - at MWC this week, but that appears to be restricted for sale only to government security agencies and defence industry customers, and therefore likely won’t be available to the public through mobile operators or in retail shops.
Grant Gross( ComputerWorld - February 28, 2014 )
A British man faces new charges in the U.S. for allegedly hacking into the U.S. Federal Reserve Bank’s servers and stealing names, email addresses and other personal information of the bank’s computer users. Lauri Love, already facing charges in New Jersey and Virginia, is now charged with one count of computer hacking and one count of aggravated identity theft in U.S. District Court for the Southern District of New York, said Preet Bharara, the U.S. attorney there. Love used a SQL attack to infiltrate the bank’s servers, according to a press release. In late December 2012, Love told other hackers in an IRC chat room that he had gained control of the server for the Federal Reserve Bank in Chicago, according to the indictment in New York.
Staff( VOA News - February 27, 2014 )
Brazilian hackers are threatening to disrupt the World Cup with attacks ranging from jamming websites to data theft, adding cyber warfare to the list of challenges for a competition already marred by protests, delays and overspending. In a country with rampant online crime, a challenging telecommunications infrastructure and little experience with cyber attacks, authorities are rushing to protect government websites and those of FIFA, soccer’s governing body. Furious about the 33 billion reais ($14 billion) in federal funds being spent on World Cup preparations, more than a million Brazilians took to the streets last June in a wave of mass demonstrations, calling for better public services, greater transparency, and a crackdown on corruption.
Dan Worth( V3 - February 26, 2014 )
Formula 1 team Marussia has admitted that its IT systems were infected by a Trojan during testing for the forthcoming racing season earlier this week. The incident was reported by the firm during an interview with racing website Autosport, as team principal John Booth explained. “It started off with the first disaster, which was a computer Trojan-type virus in the racks, which cost us the best part of the day,” he said. Booth did not elaborate on the nature of the attack or the specific issues it caused, but the fact it cost the team almost an entire day of testing and data suggests it was a serious incident. V3 contacted Marussia for more information but had received no reply at the time of publication. Nonetheless, the incident underlines the threats facing firms in all areas of business, from banking to motorsport, as criminals see benefits in stealing data from major organisations.
Bruce Schneier( Schneier - February 26, 2014 )
The HLR/AuC is considered to be one of the most important network elements of a 3G network. It can serve up to five million subscribers and at least one transaction with HLR/AuC is required for every single phone call or data session. This paper presents experimental results and observations that can be exploited to perform a novel distributed denial of service attack in 3G networks that targets the availability of the HLR/AuC. More specifically, first we present an experiment in which we identified and proved some zero-day vulnerabilities of the 3G network that can be exploited by malicious actors to mount various attacks. For the purpose of our experiment, we have used off-the-shelf infrastructure and software, without any specialized modification. Based on the observations of the experiment, we reveal an Advanced Persistent Threat (APT) in 3G networks that aims to flood an HLR/AuC of a mobile operator.
John P. Mello Jr.( TechNewsWorld - February 25, 2014 )
Security pros weren’t very kind to mobile applications last week. A number of firms knocked apps produced for the smartphone market for all kinds of risky behaviors that could lead to trouble not only for mobile device owners, but also for their employers. While Android has been a poster child for misbehaving apps in the past, competitor Apple’s apps aren’t as pristine as is commonly believed, suggests a report from Appthority. Ninety-one percent of the top 400 free and paid iOS apps exhibited risky behaviors, compared to 83 percent of the top 400 paid and free Android apps, according to its Winter 2014 App Reputation Report.