BF-SIRT Newsletter 2015-13

Welcome to another edition of the newsletter! This week we cover stories such as how 15,435 vulnerabilities across 3,870 applications were recorded in 2014 and a hunt down malware lane on the Deep Web.

In other news, it is expected that monetizing medical data is becoming the next revenue stream for hackers, and a brief story on how cybercriminals trick their victims.

Top 5 Security links
15,435 vulnerabilities across 3,870 applications were recorded in 2014
Hunting Down Malware on the Deep Web
New BIOS Implant, Vulnerability Discovery Tool to Debut at CanSecWest
Operation Woolen-Goldfish: When Kittens Go Phishing
NYPD union website hacked

Top 5 Business Intelligence links
Monetizing medical data is becoming the next revenue stream for hackers
Hacking Humans: How Cybercriminals Trick Their Victims
Chinese Military Acknowledges Cyber Warfare Units
South Korea claims North hacked nuclear data
Kreditech Investigates Insider Breach

Demand for Information Security skills keep rising

A few days ago, InterQuest released an interesting report on how they are seeing the demand for skills in information security keep rising and rising.

They’ve predicted that for 2015, there will be an increasing demand for the development of the information security profession on a political, economic and organisational level. InterQuest are also noting that the security industry must change its model from being reactive to threats, to being proactive about developing to meet the security demands of organisations today.

InterQuest goes on to give an example of their own growth after putting resources into a security division of their company;
“Just over two years ago, InterQuest established a small information security recruitment division aimed at helping users of our specialist recruitment practices – analytics, digital and web technologies – connect with talent to support their information security requirements. This once small division has grown and been the source of significant investment by the Group, as it responds to the upswing in demand and professionally represents candidates in a market largely misunderstood by more generic recruiters.”

With the latest breaches that has happened, it’s no surprise that “Network and Information Security” is now on top 7 on sought after skills, and is set to climb higher and higher;
“The string of high profile breaches confirms that the information security industry has a significant task on its hands, a task which has become mission critical for many organisations and a source of growing urgency.
The information security industry has evolved predominantly in reaction to threats rather than proactively developing the profession leading to a generational gap. The Information Systems Securities Association (ISSA) estimates there are between 300,000 and 1,000,000 vacant cyber security positions. Further, LinkedIn recently released a list of the 25 most in demand skills. The list is based on hiring and recruiting activity, analysing the skills and experience data of over 330 million LinkedIn member profiles. “Network and information security” skills are 7th on the UK list and set to soar higher as demand increases further.”

The full story can be found at http://www.interquestgroup.com/corporate/blog/information-security-the-impact-of-the-breach-in-skills.

BF-SIRT Newsletter 2015-12

Welcome to another edition of the newsletter! This week we cover stories such as how Dark Web’s ‘Evolution Market’ Vanishes and of course the dreaded OpenSSL Security Advisory [19 Mar 2015] – and those using the EXPORT cipher and/or are running 1.0.2 should make sure they correct their systems as soon as possible.

In other news, health insurer Premera Blue Cross said on Tuesday it was a victim of a cyberattack that may have exposed medical data and financial information of 11 million customers, and a report showing how 71 percent of organizations were successfully attacked in 2014. To top that off, there’s also a study from insurance brokerage AON on how much said breach will cost your company.

Top 5 Security links
New BIOS Implant, Vulnerability Discovery Tool to Debut at CanSecWest
Apple iOS Hardware Assisted Screenlock Bruteforce
OpenSSL Security Advisory [19 Mar 2015]
‘AntiDetect’ Helps Thieves Hide Digital Fingerprints
Dark Web’s ‘Evolution Market’ Vanishes

Top 5 Business Intelligence links
Report: 71 percent of orgs were successfully attacked in 2014
This is how much a data breach will cost your company
Premera Blue Cross breached, medical information exposed
Security Pros Say the Pressure is On
Yeti still Crouching in the Forest

BF-SIRT Newsletter 2015-11

Welcome to another edition of the newsletter! This week we cover stories such as how google engineers created the Rowhammer Hardware Exploit and how two people have been indicted for stealing 1 billion email addresses in historic breach. We also cover things such as how CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS, and the ever growing market of using ad bidding networks to deliver ransomware.

Amongst the Windows Updates this month were a fix for FREAK, and it also turned out that the vulnerability STUXNET used previously and was thought to have been patched since 2010 actually wasn’t, so Microsoft updated this patch as well.

Top 5 Security links
Self-deleting malware targets home routers to gather information
Equation APT Group Attack Platform A Study in Stealth
Rowhammer Hardware Exploit Poses Threat to DRAM Memory in Many Laptops, PCs
UK: 57 arrested for cyber crime, including US DoD hacker
Two indicted for stealing 1 billion email addresses in historic breach

Top 5 Business Intelligence links
Mind-reading DNS security analysis offers early warning for APT attacks
Massive cyber-attack: what businesses can learn from major data breaches
CloudFlare Aims to Defeat Massive DDoS Attacks with Virtual DNS
Panda antivirus labels itself as malware
Cyber crooks take advantage of ad bidding networks to deliver ransomware

Basefarm posts
Patch Tuesday March 2015

Patch Tuesday March 2015

Another month, another patch Tuesday!

On this, the third Patch Tuesday of 2015, Microsoft pushed 14 update bundles to address at least 43 separate vulnerabilities in Internet Explorer, Exchange, Office and a host of other components.

Microsoft has released a large amount of updates (14 bundles which address at least 43 separate vulnerabilities) for Internet Explorer, Exchange, Office and Windows.

As some of these vulnerabilities are listed as critical and could allow elevation of privilege, denial of service, remote code execution, or security feature bypass that allows an attacker to take control of the affected system. It is advised to upgrade as soon as possible.

UPDATE 12/3/2015:
Adobe also released and update for Adobe Flash Player now. This update is rated as a 1 on Adobe’s Severity rating; “This update resolves vulnerabilities being targeted, or which have a higher risk of being targeted, by exploit(s) in the wild for a given product version and platform. Adobe recommends administrators install the update as soon as possible. (for example, within 72 hours).”

More information:
Microsoft
Adobe

BF-SIRT Newsletter 2015-10

Welcome to another edition of the newsletter! This week we cover stories such as “Inside a Retail Hack: Lateral Movement & Credential-Harvesting” and how FBI put out a $3M Bounty for ZeuS Trojan Author. On the radar we also have the latest SSL vulnerability, FREAK, and how “Iran hacks America where it hurts: Las Vegas casinos”

Top 5 Security links
Anthem Breach Evidence Points to China, Security Researchers Say
Inside a Retail Hack: Lateral Movement & Credential-Harvesting
Exploit Kits and CryptoWall 3.0
FBI: $3M Bounty for ZeuS Trojan Author
Domain Shadowing Latest Angler Exploit Kit Evasion Technique

Top 5 Business Intelligence links
FREAK – another serious flaw in the web’s encryption
Iran hacks America where it hurts: Las Vegas casinos
Pharming Attack Targets Home Router DNS Settings
Global experiment exposes the dangers of using Wi-Fi hotspots
Hospital Sues Bank of America Over Million-Dollar Cyberheist