July 24, 2012

Week in review: Grum botnet shutdown, Android malware, and Madi Trojan targeting the Middle East

Posted on 23 July 2012.
Here's an overview of some of last week's most interesting news, articles and reviews:
Venetian mask
How to make smart grids
To prepare for a successful roll-out of smart grids, a new ENISA study proposes 10 security recommendations for the public and private sector out of almost 100 findings.
Yahoo! closes security hole that led to huge password breach
Yahoo! has patched the security hole that allowed hackers to access some 450,000 email addresses and passwords associated with Yahoo! Contributor Network and ultimately publish them.
Introducing Windows Server 2012
Windows Server 2012, currently available as a Release Candidate, brings forward hundreds of new features and enhancements including cloud computing, networking, storage, virtualization, and more. The aim of this book is to offer a foundation for working with this complex operating system.
IPv6 and click fraud
The good news: To accommodate the ever-increasing demand for IP Addresses around the world, every network will eventually transition to IPv6 from IPv4. The bad news: Spammers are already spoofing IPv6 addresses because it is easy for them to bypass mail spam filters and launch phishing attacks on a new protocol.
Scareware targets users infected with industrial espionage worm
ACAD/Medre.A's geographically limited eruption probably means that not a lot of people have heard or worried about it. Still, those who have and are searching for tools to remove it might be in for another nasty surprise, as ESET researchers have unearthed a website seemingly offering one such tool.
Android gets safer with full ASLR implementation
The release of Jelly Bean (v 4.1+), the latest version of Google's Android, was a big step for the company security-wise, as the hugely popular mobile operating system now sports properly implemented address space layout randomization.
Anonymous hacks oil giants, leaks employees' passwords
In support of Greenpeace's efforts to stop companies drilling for oil in the Arctic, Anonymous has leaked around 1,000 email addresses belonging to five of the biggest multinational oil companies and its corresponding passwords (both in clear text and hashed).

Google will block Chrome add-ons from third-party sites
Google has instituted a new rule that should keep Chrome users safe from malicious add-ons: starting with version 21.0.1180.41 (currently in beta), the browser will block all third-party extensions, apps, and user scripts that are not hosted on the Chrome Web Store.
Cyber espionage campaign in the Middle East
Madi is a computer network infiltration campaign that involves a malicious Trojan which is delivered via social engineering schemes to carefully selected targets.
Fake Facebook photo tag notification leads to malware
Beware of fake Facebook emails telling you that you've been tagged in a photo, as you could easily end up infected with malware.
MPs call for cyber war on Britain's cyber enemies
Britain's security and intelligence agencies have been urged by MPs to engage in cyber attacks against enemy states in a report released by The Intelligence and Security Committee (ISC).
Most companies block cloud services
While 80 percent of companies do not allow their employees to use cloud based file synchronization services, 70 percent of companies would use these services if they were as robust as internal tools, according to Varonis.
Firefox gains Google encrypted search by default
The new release includes some welcome new and changed security features such as default Google encrypted search, an improved site identity manager to prevent spoofing of an SSL connection with favicons, and the ability to configure the browser not to load plugins without user interaction.
Spam for Dropbox users raises speculations about breach
European Dropbox users have been inundated with spam advertising gambling websites, prompting speculations about a possible breach of the company's systems.
Android malware is booming
Trend Micro's January prediction that some 11,000 pieces of Android malware will be detected by June this year has proved completely inaccurate, as the number of malicious applications in the wild for Google's mobile OS has exploded and now reaches over 25,000.
When employees leave so does your data
One in three (32%) employees have taken or forwarded confidential information out of the office on more than one occasion, according to Iron Mountain.
Spear phishing targets one in two organizations
Proofpoint announced findings from a survey of security IT enterprise decision makers, about email and information security trends.
Compromised online accounts for sale
The recently unearthed website of a service specializing in selling access to compromised email and social networking accounts of Russian and Ukrainian users offers a fascinating glimpse into just how much one such account is worth to spammers.
World's third largest botnet receives mortal blow
Grum, a botnet responsible for 17.4 percent of the world's spam emails, finally seems to be dead.
Pinterest starts blocking hacked accounts, investigates
Account hacking has become a considerable problem for Pinterest users in the last few weeks, and that the website reacted by temporarily locking accounts behaving suspiciously
Learning passwords you can use but not remember
How can you make sure that you'll never share your password with anyone, even under threat of bodily harm, or other illegal and illegal type of coercion? The answer is simple: don't actually know your password.
Read more:
http://www.net-security.org/secworld.php?id=13295
Enhanced by Zemanta