Year 2014 will be a year of cybersecurity after the NSA revelations made in 2013: The headline news is that the NSA has surreptitiously “burrowed its way into nearly all the security architecture” sold by the world’s largest computer networking companies. A lot of people were shocked how NSA monitored and hacked almost everything in Internet. There will still be NSA aftershocks after new material comes out and different parties react to them (and news sources write about them). U.S. cloud services have been put into question for good reason. There will be a lot of NSA spying litigation. Those spying issues will also fuel some haktivism (it has already started to happen).
Security Professionals: Top Cyber Threat Predictions for 2014 article lists the following predictions that seem to pretty propable: Cybersecurity Regulatory Efforts Will Spark Greater Need for Harmonization, Service-Impacting Interruptions for Online Services Will Persist, We Will See an Increase in Cybercrime Activity Related to the World Cup, Rise of Regional Cloud Services, Dev-Ops Security Integration Fast Becoming Critical, Cybercrime that Leverages Unsupported Software will Increase, Increase in Social Engineering and Ransomware will Impact More People.
Ubiquitous mobile computing is all around us, which will lead to increased risks and concerns about social network privacy. Social networks have quickly become the key organizing principle of Internet communication and collaboration. Android anti-virus apps CAN’T kill nasties on sight like normal AV.
2013 was a very hacked year when there was many cases where information on millions or tens of millions of users were stolen from companies. It’s likely that we will see much more of the same in 2014, the way people use passwords and how the on-line services are built have not changed much in one year.
Gartner predicts that through 2014, improved JavaScript performance will begin to push HTML5 and the browser as a mainstream enterprise application development environment. I expect that HTML5 related security issues are increased due the fact that the technology being used more in 2014.
Over 50% of net traffic to web sited made by bots! More Than Half of Internet Traffic Is Just Bots article says that security and cloud service provider Incapsula analyzed and found out that more than 60 percent of internet traffic is computer generated, compared to less than 40 percent of traffic that is driven by human clicks. 31% of Bots Are Still Malicious. SEO link building has always a major motivation for automated link spamming, but it is decreasing due the fact that Google was able to discourage it. There are more advanced hacking and automatic vulnerability searching.
DDoS attacks are evolving from volumetric Layer 3-4 attacks to much more sophisticated and dangerous Layer 7 multi-vector threats.
There will be still many SCADA security issues in 2014. Even though traditional SCADA vulnerabilities have become easier to find, the increased connectivity brought with IoT will cause new issues. And there will still be very many controls systems openly accessible from the Internet for practically everybody who knows how to do that. There was a large number of SCADA systems found open in Internet in the beginning of 2013, and the numbers have not considerably dropped during the year. I expect that very many of those systems are still too open in the end of 2014.
The Internet is expanding into enterprise assets and consumer items such as cars and televisions. The Internet of Things (IoT) will evolve into the Web of Things, increasing the coordination between things in the real world and their counterparts on the Web. There will be many security issues to solve and as the system become more widely used more security issues on them will be found in them.
Cloud security will be talked about. Hopefully there will be some clear-up on the terminology on that area, because cloud security can mean a lot of things like the term cloud computing. Cloud security could mean how secure your cloud provider is, a service that runs on cloud filtering what comes through it (for example e-mails, web traffic), it could mean to product protecting some service running on cloud, or it could be a traditional anti-virus service that connects to cloud to advance it’s operation (for example update in real-time, verify unknown programs based on data on cloud). Research firm Gartner forecasts that cloud security sales will increase dramatically in the next few years. Cloud Security sales have increased over the past year by 2.1 billion to $ 3.1 billion in 2015.
Marketers try to put “cloud” term to security product brochures as much as they can. Cloud made from the traditional information security sound old-fashioned because companies are under pressure to move services to the cloud. Also, mobile devices and information security dispersed users to set new standards. OpenDNS ‘s CTO Dan Hubbard says that “Because of the data and equipment run in the cloud users with the cloud is the best way to protect them.” The Snowden Effect will also bring this year of PRIVATE cloud talk on table for security reasons because U.S. cloud services have been put into question for good reason.
In Finland a new Cyber Security Center started in the beginning of 2014. Security articles and warnings from it will be published at kyberturvallisuuskeskus.fi.
Late addition: Crypto-currencies like Bitcoin and similar are on the rise. Early adopters already use them already actively. Those crypto-currencies have many security related issues related to them. The values of the crypto-currencies vary quite much, and easily the value drops considerably when they get so used that different governments try to limit using them. Bitcoin is increasingly used as ramsonware payment method. Bitcoins have been stolen lately quite much (and I expect that to increase when usage increases), and those are stolen from users, on-line wallets and from exchanges. When more money is involved, more bad guys try to get into to get some of it. Sometimes bad guys do not try to steal your money, bit use resources you pay (your own PC, your server capacity, etc.) to generate money for them without you knowing about it. If you plan to use those crypto-currencies be careful to understand what you are doing with them, there is a real possibility that you can loose your money and there is no way that lost money can be recovered.
3,382 Comments
Tomi Engdahl says:
Industrial Control System Firms In Dragonfly Attack Identified
http://it.slashdot.org/story/14/07/05/2320236/industrial-control-system-firms-in-dragonfly-attack-identified
Two of the three industrial control system (ICS) software companies that were victims of the so-called “Dragonfly” malware have been identified. … Dale Peterson of the firm Digitalbond identified the vendors as MB Connect Line, a German maker of industrial routers and remote access appliances and eWon, a Belgian firm that makes virtual private network (VPN) software that is used to access industrial control devices like programmable logic controllers.
The three firms, which serve customers in industry, including owners of critical infrastructure, were the subject of a warning from the Department of Homeland Security.
Tomi Engdahl says:
Industrial Control Vendors Identified In Dragonfly Attack
https://securityledger.com/2014/07/industrial-control-vendors-identified-in-dragonfly-attack/
Writing on Tuesday, Dale Peterson of the firm Digitalbond identified the vendors as MB Connect Line, a German maker of industrial routers and remote access appliances and eWon, a Belgian firm that makes virtual private network (VPN) software that is used to access industrial control devices like programmable logic controllers.
DHS said it is analyzing malware associated with the attacks. The malicious software, dubbed “Havex” was being spread by way of so-called “watering hole” attacks that involved compromises of vendors web sites.
According to F-Secure, the individuals behind the Havex malware family have been active in the last year, but began focusing on energy firms in early 2014. Specifically, the group began implanting its Trojan horse software on software downloads available from industrial control system software vendors.
eWon said the compromise of its website occurred in January, 2014.
The company says around 250 visitors to its site may have downloaded the malicious software. Since discovering the breach, it began bundling a malware aut0 removal tool with it website downloads, in addition to strengthening the security of its web site and implementing two-factor authentication for Talk2M users.
The second firm, MB Connect Line, did not respond to requests for comment from the Security Ledger.
Writing for DigitalBond, Peterson said both the named vendors were small and not generally known in the U.S.
Peterson and Digital Bond have been encouraging customers to sever any open connections to vendors that give them “anytime” remote access to their ICS devices.
Tomi Engdahl says:
Havex Hype & Unhelpful Mystery
http://www.digitalbond.com/blog/2014/07/02/havex-hype-unhelpful-mystery/
Why hasn’t ICS-CERT or some other CERT or the security vendors issuing bulletins announced publicly the three ICS vendors that were distributing malware with their ICS software and the energy sector websites redirecting to a malware delivering site?
It’s baffling. Perhaps the security vendors have a valid profit motive for keeping it secret, but the CERT’s are largely in place to aggregate and spread this information.
Next: The Hype
For these attacks to have a significant impact on the US or other countries’ energy sector the vendors distributing the software with malware would have to a good size client list in the sector. (And we would have to make the leap that asset owners actually update software)
A profile of the compromised vendors’ customers would help understand how widespread the impact is and perhaps what specific asset owner, sector or country is being targeted. So who are the compromised vendors?
Hype Summary
A few sentences out of longer articles from Symantec and F-Secure, mixed with some selected quotes from ICSsec pundits, and combined with an absence of information on what software and sites were compromised has led to the hype in the press.
he ICS Portion of the Attack
The Havex code itself is highly interesting for the ICS community because it is only the second publicly acknowledged occurrence of an attack using the insecure by design ICS protocols as part of the attack.
While OPC can be used for monitoring and control, it rarely is in critical infrastructure or any SCADA or DCS of any size for a variety of performance and historical reasons. Perhaps that will change with OPC UA in the future, but today you see it used primarily for passing data to and from systems from different manufacturers. For example, the OPC interface is used over 50% of the time to get data in and out of the very popular OSISoft PI Server even though OSIsoft has 100′s of interfaces.
Tomi Engdahl says:
Google right to be forgotten ‘looks odd and CLUMSY’
And: ‘Hope he knows someone who’s heard of encryption’
http://www.theregister.co.uk/2014/07/04/quotw_ending_july_4/
Was Google hamming things up by letting slip the whitewashing of the rich and nefarious and making it seem like the inevitable result of the European ruling? Or were our ruling lords and masters once more trodding their great big muddy regulatory boots all over our pristine beloved free internet, trampling the poor innocent Chocolate Factory in the process? F**k knows, but it’s certainly shaping up to be something of a sticky mess.
There is an argument that in removing the blog, Google is confirming the fears of many in the industry that the “right to be forgotten” will be abused to curb freedom of expression and to suppress legitimate journalism that is in the public interest.
To be fair to Google, it opposed the European court ruling. But its implementation of it looks odd, perhaps clumsy.
Tomi Engdahl says:
Important fixes in Internet Explorer and Windows critical vulnerabilities – install Microsoft updates immediately
Microsoft has released an update six July “Patch Tuesday” pack. Two of them are marked as critical, three important and one of the relatively important.
A critical vulnerability allows an attacker to run code remotely on the machine, and it could be used, for example by attracting users for a particular site by clicking on a malicious link.
Source: http://www.tivi.fi/kaikki_uutiset/tarkeat+paikat+internet+explorerin+ja+windowsin+kriittisiin+haavoittuvuuksiin++asenna+heti/a997317
Tomi Engdahl says:
Cybercrime Scheme Uncovered in Brazil
http://www.nytimes.com/2014/07/03/technology/cybercrime-scheme-aims-at-payments-in-brazil.html?_r=2
Security researchers have uncovered what they believe is a significant cybercrime operation in Brazil that took aim at $3.75 billion in transactions by Brazilians.
It is unclear what percentage of the $3.75 billion worth of compromised transactions was actually stolen. But if even half of that value was redirected to criminals, the scope of the swindle would eclipse any other previous electronic theft.
The thieves preyed on Boleto Bancário, or Boletos, a popular Brazilian payment method that can be issued online and paid through various channels like banks and supermarkets, said researchers at the RSA Security division of the EMC Corporation.
Boletos can be used for every kind of transaction, from telephone bills and health insurance premiums to mortgages and school tuition. Over six billion were issued last year, according to Brazil’s central bank. In a country where many lack bank accounts and do not trust the postal service enough to send checks by mail, it is common to see long lines at banks as Brazilians carry their Boletos to pay their bills.
Bolware was first detected in 2012, but this is the first time that security researchers have been able to trace bolware to a single criminal ring and determine the scope of compromised transactions.
Tomi Engdahl says:
Brazilian mobile payments platform hacked
http://www.mobilecommercepress.com/brazilian-mobile-payments-platform-hacked/8512905/?utm_content=buffer8d86b&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer
Brazil’s mobile payments platform Boleto has announced that it has been hacked. The platform is the most popular of its kind in all of Brazil
Boleto notes that the hack occurred over a two year period, with some 500,000 transactions being compromised over that timeframe. An estimated $4 billion in mobile payments has been stolen as the result of the attack. It is still unclear whether or not all of the money involved in the attack has been obtained by the parties involved.
Boleto users were tricked into clicking malicious links sent via email as part of phishing ploys.
Those affected by the attack may have their money returned, but it could take a significant amount of time
Tomi Engdahl says:
Boleto malware may lose Brazil $3.75bn
http://www.bbc.com/news/technology-28145401
Researchers from an American security company have unearthed a substantial malware-based fraud ring.
The operation has infiltrated one of Brazil’s most popular payment methods, Boleto, for two years.
An estimated 495,753 Boleto transactions have been compromised, which means the hackers could have stolen up to $3.75bn (£2.18bn).
The attack has been described by US-based security company RSA, a division of data storage corporation EMC, as “a major fraud operation and a serious cybercrime threat to banks, merchants and banking customers in Brazil”.
The number of infected PCs totals 192,227 – an additional 83,506 email user credentials have also been stolen.
Known colloquially as a man-in-the-browser threat, the malware silently injects itself into users’ web browsers after hackers have initially tricked individuals into clicking malicious links in seemingly ordinary looking emails. This is similar in principle to phishing scams.
Tomi Engdahl says:
Smart LED light bulbs leak wi-fi passwords
http://www.bbc.com/news/technology-28208905
Security experts have demonstrated how easy it is to hack network-enabled LED light bulbs.
Context Security released details about how it was able to hack into the wi-fi network of one brand of network-enabled bulb, and control the lights remotely.
The LIFX light bulb, which is available to buy in the UK, has network connectivity to let people turn it on and off with their smartphones.
The firm behind the bulbs has since fixed the vulnerability.
“We were able to steal credentials for the wireless network, which in turn meant we could control the lights.”
The LIFX project started off on crowd-funding website Kickstarter. Billing itself as the “light bulb reinvented”, it brought in over 13 times its original funding target.
The master bulb receives commands from the smartphone applications and broadcasts them to all the other bulbs over a wireless mesh network
Tomi Engdahl says:
‘Rosetta Flash’ Attack Leverages JSONP Callbacks To Steal Credentials
http://it.slashdot.org/story/14/07/08/2235234/rosetta-flash-attack-leverages-jsonp-callbacks-to-steal-credentials
A new Flash and JSONP attack combination has been revealed to the public today. It has been dubbed the “Rosetta Flash” attack. JSONP callback functions normally return a JSON blob wrapped in a user-specified callback function, which the browser will then execute as JavaScript.
By combining the two, the attack demonstrates it’s possible to use a JSONP URL with the contents of the crafted Flash file as the callback function
Tomi Engdahl says:
Abusing JSONP with Rosetta Flash
http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
In this blog post I present Rosetta Flash, a tool for converting any SWF file to one composed of only alphanumeric characters in order to abuse JSONP endpoints, making a victim perform arbitrary requests to the domain with the vulnerable endpoint and exfiltrate potentially sensitive data, not limited to JSONP responses, to an attacker-controlled site. This is a CSRF bypassing Same Origin Policy.
This is a well known issue in the infosec community, but so far no public tools for generating arbitrary ASCII-only, or, even better, alphanum only, valid SWF files have been presented.
Tomi Engdahl says:
DHS Mistakenly Releases 840 Pages of Critical Infrastructure Documents
http://news.slashdot.org/story/14/07/09/1427215/dhs-mistakenly-releases-840-pages-of-critical-infrastructure-documents
The Operation Aurora attack was publicized in 2010 and impacted Google and a number of other high-profile companies. However, DHS responded to the request by releasing more than 800 pages of documents related to the ‘Aurora’ experiment conducted several years ago at the Idaho National Laboratory, where researchers demonstrated a way to damage a generator via a cyber-attack.
Tomi Engdahl says:
UK Computing Student Jailed After Failing To Hand Over Crypto Keys
http://it.slashdot.org/story/14/07/09/1850240/uk-computing-student-jailed-after-failing-to-hand-over-crypto-keys
stephendavion sends news that Christopher Wilson, a 22-year-old computer science student, has been sent to jail for six months for refusing to hand over his computer encryption passwords.
Tomi Engdahl says:
Computing student jailed after failing to hand over crypto keys
Sledgehammer once again used to crack a nut
http://www.theregister.co.uk/2014/07/08/christopher_wilson_students_refusal_to_give_up_crypto_keys_jail_sentence_ripa/
A computer science student accused of hacking offences has been jailed for six months for failing to hand over his encryption passwords, which he had been urged to do in “the interests of national security”.
Christopher Wilson, 22, of Mitford Close, Washington, Tyne and Wear, was jailed for refusing to hand over his computer passwords, a move that frustrated an investigation into claims he launched an attack on a police website.
Refusal to hand over crypto keys is a violation of section 49 of RIPA, the UK’s sometimes controversial wiretapping law.
The “refusal to hand over crypto keys” provisions were put into RIPA by legislators on the basis that the measure was needed for the investigation of terrorism and serious crimes. However, the latest case, like others before it, has involved the investigation of far less serious offences.
Tomi Engdahl says:
Crusty API opened Facebook accounts to hijacking
Dodgy endpoint earnt research 20 large
http://www.theregister.co.uk/2014/07/10/crusty_api_opened_facebook_accounts_to_hijacking/
A leftover API that Facebook forgot to kill has left accounts open to spammers and scammers, says security Stephen Sclafani. The flaw means an attacker could view other users’ messages and post status updates.
Sclafani found that a then mis-configured endpoint, since patched, allowed legacy REST API calls to be made on behalf of any Facebook fanatic provided their user ID was known.
Tomi Engdahl says:
Cloud Security Cup: USA vs. Europe (Spoiler – It’s Not a 0-0 Draw)
http://blog.skyhighnetworks.com/cloud-security-cup-usa-vs-europe-spoiler-its-not-a-0-0-draw/
Privacy: Europe 1 – US 0
Security: US 1 – Europe 0
WWJKD (What Would Jürgen Klinsmann Do)?
So, if using US providers isn’t the answer, what is? Encryption is one effective solution that is gaining traction for many cloud consumers. It’s important that your cloud provider provide encryption for data not just in transit, but at rest as well. Equally important, especially for European customers concerned with the privacy of their data hosted by US cloud providers, is encryption key management.
Tomi Engdahl says:
We need to talk about the right to be forgotten
After the European court ruling, we at Google want to encourage debate on where the public interest lies in restricting web searches
http://www.theguardian.com/commentisfree/2014/jul/10/right-to-be-forgotten-european-ruling-google-debate
The European court of justice has ‘also decided that search engines don’t qualify for ‘journalistic exception’.’
Tomi Engdahl says:
Apple iPhone a danger to China national security: state media
http://www.reuters.com/article/2014/07/11/us-apple-china-idUSKBN0FG0S520140711
Chinese state media on Friday branded Apple Inc’s (AAPL.O) iPhone a threat to national security because of the smartphone’s ability to track and time-stamp user locations.
A report by broadcaster CCTV criticized the iPhone’s “Frequent Locations” function for allowing users to be tracked and information about them revealed.
“This is extremely sensitive data,” said a researcher interviewed by the broadcaster. If the data were accessed, it could reveal an entire country’s economic situation and “even state secrets,” the researcher said.
Tomi Engdahl says:
Hacking into Internet Connected Light Bulbs
http://contextis.com/blog/hacking-internet-connected-light-bulbs/
Tomi Engdahl says:
Amazon allowed kids to spend millions on in-app purchases, FTC says
http://www.pcworld.com/article/2452920/amazon-allowed-kids-to-spend-millions-on-inapp-purchases-ftc-says.html
Amazon.com has billed parents for millions of dollars’ worth of unauthorized in-app purchases made by their children, the FTC said in a complaint filed Thursday in a U.S. court.
The FTC’s lawsuit, filed in U.S. District Court for the Western District of Washington, seeks a court order requiring Amazon.com to refund parents for unauthorized purchases made by their children. The FTC also wants the court to ban the company from billing parents and other account holders for in-app charges without their consent, the agency said in a press release.
Amazon.com keeps 30 percent of all in-app charges, the FTC said in its complaint. The Amazon case “highlights a central tenant” of consumer protection laws in the U.S., that companies should get customer permission before charging them
In March 2012, Amazon updated its in-app charge system to require an account owner to enter a password for individual in-app charges over $20. But Amazon continued to allow children to make an unlimited number of individual purchases of less than $20 without a parent’s approval, the FTC said.
Tomi Engdahl says:
U.S. Accuses Chinese Executive of Hacking to Mine Military Data
Man Charged With Industrial Espionage Targeting Boeing, Other Defense Contractors
http://online.wsj.com/news/article_email/u-s-accuses-chinese-executive-of-hacking-to-find-military-data-1405105264-lMyQjAxMTA0MDEwMjExNDIyWj
The Justice Department has charged the owner of a Chinese aviation technology company with stealing reams of information from U.S. defense contractors about key American technology—the latest in an effort to criminally prosecute what American officials allege is rampant Chinese industrial espionage.
The charges against Su Bin, a Chinese citizen living in Canada, shed new light on an alleged hacking ecosystem that officials have long said poses a threat to many U.S. companies.
Prosecutors in Los Angeles unsealed a 50-page complaint accusing Mr. Su of working with two co-conspirators in China between 2009 and 2013 to break into computers at Boeing Co. BA and other defense contractors, steal technology and pass it to entities in China, sometimes for a price.
Many hackers work as freelancers, sometimes during off hours, then try to sell stolen information to state-owned firms.
“It’s the equivalent of the [Tennessee Valley Authority] going out and hiring hackers to go spy on China,” said James Lewis, a former State Department official and a cybersecurity expert at the Center for Strategic and International Studies.
In the Boeing case, the effort appeared to be directed not by China’s central government but by Mr. Su, owner of a firm named Beijing Lode Technology Co. Ltd.Many hackers work as freelancers, sometimes during off hours, then try to sell stolen information to state-owned firms.
“It’s the equivalent of the [Tennessee Valley Authority] going out and hiring hackers to go spy on China,” said James Lewis, a former State Department official and a cybersecurity expert at the Center for Strategic and International Studies.
In the Boeing case, the effort appeared to be directed not by China’s central government but by Mr. Su, owner of a firm named Beijing Lode Technology Co. Ltd.
Tomi Engdahl says:
Apple China denies location tracking claims: we’re ‘deeply committed to protecting the privacy of all our customers’
http://9to5mac.com/2014/07/12/apple-china-denies-location-tracking-claims-were-deeply-committed-to-protecting-the-privacy-of-all-our-customers/
This past week, Chinese State TV called the iPhone a “national security concern” because of its location tracking capabilities. The iPhone’s operating system utilizes location for several applications, including Maps and Weather. iOS 7 also introduced a new feature that utilizes a customer’s location in order to provide improved traffic and route information. Now, Apple has quickly responded via a concrete and comprehensive message on its website for China. The message is advertised on the homepage, and is a direct response to the allegations from China State TV.
Tomi Engdahl says:
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots – ICO
http://www.theregister.co.uk/2014/07/15/ico_annual_report/
The UK’s data privacy watchdog is lobbying for greater powers and funding after reporting a bumper workload.
The latest annual report from the Information Commissioner’s Office (ICO) (PDF) reveals that the bureau responded to a record number of data protection and freedom of information complaints in the year to April 2014.
Despite a higher workload, the ICO has seen a reduction in funding for its freedom of information-related work.
Security vendors are somewhat split on whether the ICO should receive extra funding and greater powers.
security vendor argued that changing data privacy practices more generally rather than prosecuting those caught foul of flouting data protection rules ought to be the ICO’s main priority
Tomi Engdahl says:
Putin: Crack Tor for me and I’ll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o’ roubles for busting pro-privacy browser
http://www.theregister.co.uk/2014/07/25/putin_crack_tor_for_me_and_ill_make_you_a_millionaire/
Russia’s Interior Ministry has posted a tender seeking parties willing to “study the possibility of obtaining technical information about users (user equipment) TOR anonymous network”.
The tender appears to be open only to organisations rated to do secret work for the Russian government, but concluding that means the project has political aims may not be sensible.
Whatever the aim of the project, there’s 3,900,000 roubles – $US 111,000 or £65,500 – up for grabs.
Tomi Engdahl says:
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
http://www.theregister.co.uk/2014/07/25/four_fake_google_haxbots_hit_your_website_every_day/
One in every 24 Googlebots is a imitation spam-flinging denial of service villain that masquerades as Mountain View to sneak past web perimeter defences, according to security chaps at Incapsula.
Villains spawn the “evil twins” to hack and crack legitimate websites and form what amounted to the third most-popular type of DDoS attack to scourge the internet.
Incapsula detected 50 million unwanted visits by the fake bots which made up four percent of all legitimate Googlebot HTTPS user-agents.
Tomi Engdahl says:
Google accepts more than half of Right to be Forgotten requests
http://www.telegraph.co.uk/technology/google/10990356/Google-accepts-more-than-half-of-Right-to-be-Forgotten-requests.html
Search giant agrees to more than 50pc of Right to Be Forgotten requests outright, and ask for more information in a further 15pc
Google has received requests to block search results for 328,000 websites from 91,000 individuals.
The search giant said the French had submitted 17,500 requests relating to 58,000 websites, the Germans 16,500 relating to 57,000 and the British 12,000 relating to 44,000. Spanish, Italian and Dutch citizens submitted 8,000, 7,500 and 5,500 respectively.
Google said that it rejects more than 30pc of requests outright, and asks for more information in a further 15pc, but is currently acceding to more than half in total. That rate would mean links to 164,000 websites will not be provided via the Google search engine.
Tomi Engdahl says:
Gamers In The Internet Age Need Top Notch Protection
http://www.pocketgamer.co.uk/r/iPhone/developers_corner.asp?c=338
Gaming in the Internet age has brought a ton of great innovations, but it’s also brought a ton of dangers to privacy and our connected devices.
Whether talking about laptops or mobile devices, there are more Internet based viruses and malware out there than ever before. The really bad news is that hackers are starting to realize the potential of computer and mobile gamers when it comes to getting access to their financial information.
Internet gaming services as well as Android and iOS devices have seen an uptick in the number of people who store their personal and financial information on their gadgets for easy access. That easy access goes both ways.
Tomi Engdahl says:
‘Big Brother’ airport installs world’s first real-time passenger tracking system
Civil liberty groups criticise a new tracking device at Helsinki Airport that can monitor passengers’ footsteps, from arrival at the car park to take-off
http://www.telegraph.co.uk/travel/travelnews/10997539/Big-Brother-airport-installs-worlds-first-real-time-passenger-tracking-system.html
All mobile phones logged into the Wi-Fi network at Helsinki Airport will be monitored by an in-house tracking system that identifies passengers’ real-time movements.
The technology has been criticised by privacy advocate groups, but is said to be aimed at monitoring crowds and preventing bottlenecking at the airport, which sees around 15 million passengers a year, Bloomberg reports.
About 150 white boxes, each the size of a wireless internet router, have been placed at various points around the airport. Equipped with tracking technology from the Finland-based retail analytics company Walkbase, each device is designed to collect the “unique identifier numbers” of all mobile phones which have Wi-Fi access switched on. Users wanting access to the WiFi network will be notified of the monitoring system before they log in to the network.
Tomi Engdahl says:
Tor Warns of Attack Attempting to Deanonymize Users
http://www.securityweek.com/tor-warns-attack-attempting-deanonymize-users
The Tor Project has disclosed details of an attack which appeared to be an attempt to deanonymize users of the popular anonymity network.
According to Tor Project Leader Roger Dingledine, the attack was detected on July 4 while the organization was trying to identify attacks leveraging a method discovered by researchers at Carnegie Mellon University’s CERT.
The Tor Project has been displeased with the fact that the researchers haven’t given them full access to the research.
The protocol vulnerability exploited in the attack was patched on Wednesday with the release of Tor 0.2.4.23 and 0.2.5.6-alpha. All relay operators are advised to update their installations.
Tomi Engdahl says:
Smartphone kill switch could save US consumers $3.4B, study says
http://www.cnet.com/news/smartphone-kill-switch-could-save-consumers-3-4b-study-says/#ftag=CADf328eec
If kill switches became standard in all phones, consumers could save big on replacement phones and insurance coverage, according to a researcher from Creighton University.
Tomi Engdahl says:
This thumbdrive hacks computers. “BadUSB” exploit makes devices turn “evil”
Researchers devise stealthy attack that reprograms USB device firmware.
http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/
When creators of the state-sponsored Stuxnet worm used a USB stick to infect air-gapped computers inside Iran’s heavily fortified Natanz nuclear facility, trust in the ubiquitous storage medium suffered a devastating blow. Now, white-hat hackers have devised a feat even more seminal—an exploit that transforms keyboards, Web cams, and other types of USB-connected devices into highly programmable attack platforms that can’t be detected by today’s defenses.
Dubbed BadUSB, the hack reprograms embedded firmware to give USB devices new, covert capabilities.
Tomi Engdahl says:
Why the Security of USB Is Fundamentally Broken
http://www.epanorama.net/newepa/2014/07/31/why-the-security-of-usb-is-fundamentally-broken-threat-level-wired/
Tomi Engdahl says:
Multipath TCP Introduces Security Blind Spot
http://tech.slashdot.org/story/14/08/01/1246236/multipath-tcp-introduces-security-blind-spot
If multipath TCP is the next big thing to bring resilience and efficiency to networking, then there are some serious security issues to address before it goes mainstream.
Tomi Engdahl says:
Security chap writes recipe for Raspberry Pi honeypot network
Cunning security plan: dangle £28 ARM boxes and watch crooks take the bait
http://www.theregister.co.uk/2014/08/01/bust_comment_crew_with_this_armada_of_raspberry_pi_honeypots/
Honeypots are the perfect bait for corporate IT shops to detect hackers targeting and already within their networks and now one security bod has devised a means to build a battalion of the devices from Raspberry Pis.
University of Arizona student Nathan Yee (@nathanmyee) has published instructions for building cheap hardware honeypots that could provide corporates much needed intelligence on adversaries.
“Organisations typically focus on monitoring inbound and outbound network traffic via firewalls, yet ignore internal network traffic due to the complexity involved,” Yee explained in a post.
“By running honeypots on our internal network, we are able to detect anomalous events. We gain awareness and insight into our network when network hosts interact with a Raspberry Pi honeypot sensor.
“… activity on the Raspberry Pi is usually indicative of something roaming around our network and a possible security breach.”
Tomi Engdahl says:
14 antivirus apps found to have security problems
Vendors just don’t care, says researcher, after finding basic boo-boos in security software
http://www.theregister.co.uk/2014/07/29/antivirus_blood_splattered_as_biz_warned_audit_or_die/
Organisations should get their antivirus products security tested before deployment because the technology across the board dangerously elevates attack surfaces, COSEINC researcher Joxean Koret says.
COSEINC is a Singapore security outfit that has run a critical eye about 17 major antivirus engines and products and found dangerous local and remotely-exploitable vulnerabilities in 14.
Koret’s analysis also suggests that antivirus companies fail by requiring overly extensive privileges, not signing product updates and delivering those over insecure HTTP, running excessive old code and not conducting proper source code reviews and fuzzing.
While the core antivirus engines were mostly built with the defensive measure Address Space Layout Randomisation in place, many other functions were not including the user interfaces and libraries.
Tomi Engdahl says:
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
http://www.theregister.co.uk/2014/07/31/multipath_tcp_will_bork_your_network_probes_flummox_your_firewalls/
The burgeoning Multipath TCP (MPTCP) standard promises to speed up the internet but will also break security solutions including intrusion detection and data leak prevention, says security researcher Catherine Pearce.
MPTCP technology is an update to the core communications backbone of the internet that will allow the Transmission Control Protocol to use multiple paths and network providers to improve speed, redundancy and resource utilisation.
As El Reg hack Richard Chirgwin detailed last October, MPTCP was already used by Apple’s Siri for iOS but would not be more widely deployed in mobiles anytime soon because it broke current network designs, could lead to expensive data bills and may be torpedoed by carriers worried that firing more user data over wifi could starve bottom lines.
Tomi Engdahl says:
BitTorrent’s Chat Client Unveiled: BitTorrent Bleep Now in Invite Only Pre-Alpha
http://blog.bittorrent.com/2014/07/30/bittorrents-chat-client-unveiled-bittorrent-bleep-now-in-invite-only-pre-alpha/
The BitTorrent Bleep Pre-Alpha will be available on Windows desktop to start. Easy to use, Bleep offers freedom to communicate over text and voice, person to person.
Anything you say is Bleep-ed out to us and everyone else for that matter.
This unique approach to communicating will be a great tool for:
Friends keeping conversations amongst friends
Journalists communicating with sources without exposing their identity or their content
Members of the diplomatic corps sharing private dispatches
Businesses keeping communications confidential, safe from leaks, and safe from industrial espionage
Tomi Engdahl says:
GCHQ awards six UK university Masters degrees cyber security accreditation
Certified course status recognises a standard for cyber education
http://www.theinquirer.net/inquirer/news/2358413/gchq-awards-six-uk-university-masters-degrees-cyber-security-accreditation
THE UK GOVERNMENT COMMUNICATIONS HEADQUARTERS (GCHQ) has announced the certification of six Master’s degree programmes in cyber security as online attacks become increasingly more prevalent.
Tomi Engdahl says:
The Internet of Things Is the Hackers’ New Playground
http://recode.net/2014/07/29/the-internet-of-things-is-the-hackers-new-playground/
Excited about the promise of the shiny new Internet of Things? Good. Because hackers are too. Or at least they should be, according to a study by computing giant Hewlett-Packard.
The company’s Fortify application security unit conducted an analysis of the 10 most popular consumer Internet things on the market and found 250 different security vulnerabilities in the products, for an average of 25 faults each. Unfortunately, HP doesn’t identify each product but does describe them in broad brushstrokes: They were from the manufacturers of “TVs, webcams, home thermostats, remote power outlets, sprinkler controllers, hubs for controlling multiple devices, door locks, home alarms, scales and garage door openers.”
As a basic rule, these devices often run stripped-down versions of the Linux operating system, and so will have many of the same basic security concerns that you might expect to be in place on a server or other computer running Linux. The problem is, the people building them aren’t going to the effort to secure them the way they would a more traditional computer.
Tomi Engdahl says:
How Al-Qaeda Uses Encryption Post-Snowden (Part 2) – New Analysis in Collaboration With ReversingLabs
https://www.recordedfuture.com/al-qaeda-encryption-technology-part-2/
Tomi Engdahl says:
Dark net drugs adverts ‘double in less than a year’
Angus Crawford
http://www.bbc.com/news/technology-28242662
The number of listings offering illegal drugs for sale on the “dark net” appears to have more than doubled in less than a year, BBC News has learned.
“We still think the internet can be a wonderful tool for consumers and businesses, but we do worry good people and companies get caught up in the web spun by criminals and rogue operators,” said Adam Benson, deputy executive director of Digital Citizens Alliance.
“That will slowly erode the trust and confidence we have in the internet.”
“To us the dark net is all about anonymity and freedom,”
One of the most popular access methods for the dark net is the TorBrowser.
It allows people to use Tor, an “onion-routing” system that makes a PC’s net address untraceable.
For the 2014 survey, more than 79,000 people worldwide were questioned about their drug habits.
Some 25% of British respondents said they had accessed dark net drugs markets.
Tomi Engdahl says:
The World’s Most Hackable Cars
http://www.darkreading.com/vulnerabilities—threats/advanced-threats/the-worlds-most-hackable-cars/d/d-id/1297753?
If you drive a 2014 Jeep Cherokee, a 2014 Infiniti Q50, or a 2015 Escalade, your car not only has state-of-the-art network-connected functions and automated features, but it’s also the most likely to get hacked.
That’s what renowned researchers Charlie Miller and Chris Valasek concluded in their newest study of vulnerabilities in modern automobiles, which they will present Wednesday at Black Hat USA in Las Vegas. The researchers focused on the potential for remote attacks, where a nefarious hacker could access the car’s network from afar — breaking into its wireless-enabled radio, for instance, and issuing commands to the car’s steering or other automated driving feature.
The researchers studied in-depth the automated and networked functionality in modern vehicle models, analyzing how an attacker could potentially access a car’s Bluetooth, telematics, or on-board phone app, for example, and using that access to then control the car’s physical features, such as automated parking, steering, and braking. Some attacks would require the attacker to be within a few meters of the targeted car, but telematics-borne attacks could occur from much farther away, the researchers say.
Tomi Engdahl says:
Mozilla Dumps Info of 76,000 Developers To Public Web Server
http://beta.slashdot.org/story/205447
Mozilla warned on Friday that it had mistakenly exposed information on almost 80,000 members of its Mozilla Developer Network (MDN) as a result of a botched data sanitization process.Mozilla warned on Friday that it had mistakenly exposed information on almost 80,000 members of its Mozilla Developer Network (MDN) as a result of a botched data sanitization process.
Tomi Engdahl says:
UK Spy Agency Certifies Master’s Degrees In Cyber Security
http://beta.slashdot.org/story/205443
Itelligence agency GCHQ has just accredited six UK universities to teach Master’s degrees in online security that meet the intelligence agency’s “stringent criteria.”
Tomi Engdahl says:
Google Spots Explicit Images of a Child In Man’s Email, Tips Off Police
http://beta.slashdot.org/story/205455
A Houston man has been arrested after Google sent a tip to the National Center for Missing and Exploited Children saying the man had explicit images of a child in his email, according to Houston police.
Tomi Engdahl says:
Cryptolocker victims to get files back for free
http://www.bbc.com/news/technology-28661463
All 500,000 victims of Cryptolocker can now recover files encrypted by the malware without paying a ransom.
Thanks to security experts, an online portal has been created where victims can get the key for free.
Tomi Engdahl says:
Facebook Acquires Security Startup PrivateCore to Better Protect Its Data Centers
http://recode.net/2014/08/07/facebook-privatecore/
Facebook announced on Thursday that it has acquired PrivateCore, an online security startup specifically focused on server security. Terms of the deal were not disclosed.
The two-year-old startup will help Facebook keep its massive data centers safe from malware attacks and other forms of security breaches.
Tomi Engdahl says:
Attackers change their methods to follow the path of least resistance. The growing trend, confirmed by the latest Verizon Data Breach Investigations Report, is the preference to use compromised credentials – allowing attackers to look like welcome guests. Understanding current attack methods is the first step to making the adjustments needed for a successful security program.
Source: https://information.rapid7.com/on-demand-innovation-of-unwelcomed-imposters-eura.html
Tomi Engdahl says:
Microsoft To Drop Support For Older Versions of Internet Explorer
http://it.slashdot.org/story/14/08/07/230210/microsoft-to-drop-support-for-older-versions-of-internet-explorer
After January 12, 2016, only the most recent version of Internet Explorer available for a supported operating system will receive technical support and security updates. For example, customers using Internet Explorer 8, 9, or 10 on Windows 7 SP1 should migrate to Internet Explorer 11 to continue receiving security updates and technical support.
Tomi Engdahl says:
‘NSA proof’ keyless security system software hits Kickstarter
Promises to encrypt data, making it inaccessible to hackers without passwords
http://www.theinquirer.net/inquirer/news/2359352/nsa-proof-keyless-security-system-software-hits-kickstarter
A KEYLESS SECURITY SYSTEM that doesn’t use databases and never stores passwords has hit the Kickstarter crowdfunding website, promising to encrypt data and make it inaccessible to hackers and spies.
A startup named Venux has created an “NSA proof” security system called Venux Files, a universal file management system that provides access to many cloud-based services such as Dropbox and iCloud, making it easier for users to store, access, and manage files securely from any location.
“Your credentials are only stored in your mind,” said Venux on its Kickstarter webpage. “We guarantee with 100 percent certainty that data encrypted with Venux is inaccessible to hackers, spies, and all other unwanted surveillance.”