BF-SIRT Newsletter 2015-26

The newsletter takes a “summer holiday” from this week, and will return on week 34 (22nd of August).
The top stories from this week consist of stories such as how a Swedish man has been sentenced for the powerful Blackshades malware, and a story about finding Hacking Services and More in the Deep Web.

Amongst the top stories you can also find how hackers had access to US security clearance data for a year, as well as 10 Basic Cybersecurity Measures: Best Practices to Reduce Exploitable Weaknesses and Attacks.

Top 5 Security links
Swedish man sentenced for powerful Blackshades malware
Finding Hacking Services and More in the Deep Web
“Free” Proxies Aren’t Necessarily Free
Killer ChAraCter HOSES almost all versions of Reader, Windows
Over $18 million lost to Cryptowall just in the US

Top 5 Business Intelligence links
Hackers had access to US security clearance data for a year
10 Basic Cybersecurity Measures: Best Practices to Reduce Exploitable Weaknesses and Attacks
Targeted attacks rise, cyber attackers spreading through networks, report says
US is the world’s botnet mothership, says Level 3
The downfall of a major cybercrime ring exploiting banking Trojans

BF-SIRT Newsletter 2015-25

The top stories from this week consist of stories such as how LastPass got breached, as well as how a trojan uses steganography to hide itself in image files.

Amongst the top stories you can also find how a keyboard app bug puts millions of Samsung mobile users at risk, as well as some information on Spearphishing and how to stop it: Some lessons from AusCERT.

Top 5 Security links
LastPass breached, hashed master passwords compromised
Trojan uses steganography to hide itself in image files
49 Arrested in ‘Operation Triangle’ Phishing Campaign
Cryptowall 3.0 Infections Spike from Angler EK, Malicious Spam Campaigns
US Navy wants 0-day intelligence to develop weaponware

Top 5 Business Intelligence links
Keyboard app bug puts millions of Samsung mobile users at risk, researcher claims
Spearphishing and how to stop it: Some lessons from AusCERT
Instilling a culture of cyber security
FBI investigates St Louis Cardinals over Houston Astros hacking
Lessons Learned From The Ramnit Botnet Takedown

BF-SIRT Newsletter 2015-24

The top stories from this week consist of stories such as how the Stepson of Stuxnet stalked Kaspersky for months and how Russia’s to blame for pro-ISIS megahack on French TV network.

Amongst the top stories you can also find a study that shows how Cyber criminals’ ROI exceeds 1000 percent and that Private cloud is NOT dead – and for one good reason: Control of data.

Top 5 Security links
Stepson of Stuxnet stalked Kaspersky for months, tapped Iran nuke talks
Russia’s to blame for pro-ISIS megahack on French TV network
49 suspected members of cybercriminal group arrested in Europe
Banking Malware Vawtrak Spotted Using Tor2Web
Duqu spy group also targeted telecommunications companies

Top 5 Business Intelligence links
Study: Cyber criminals’ ROI exceeds 1000 percent
Private cloud is NOT dead – and for one good reason: Control of data
Most vulnerabilities on enterprise networks are two years old
Insider vs. Outsider Threats: Identify and Prevent
Stuxnet still a threat to critical infrastructure

Basefarm SIRT posts
Patch Tuesday June 2015

Patch Tuesday June 2015

Another month, another patch Tuesday!
Microsoft and Adobe has both released a large amount of updates. Adobe fixed 13 security issues in Flash Player that could lead to serious attacks, including remote code execution and information disclosure, while Microsoft pushed out fixes for at least three dozen flaws in Windows and associated software.

You can find links to the updates below:
Microsoft
Adobe

BF-SIRT Newsletter 2015-23

The top stories from this week consist of stories such as how We stand on the brink of global cyber war, according to Schneier, and how SourceForge hijacks popular accounts to distribute 3rd-party software.

Amongst the top stories you can also find why the Hola browser extension should be uninstalled, and how Patch-crazy Aust Govt fought off EVERY hacker since 2013.

Top 5 Security links
We stand on the brink of global cyber war, warns encryption guru
SourceForge hijacks popular accounts to distribute 3rd-party software
Hola browser extension should be uninstalled, researchers say
Ruskies behind German govt cyber attack — report
Study: New malware strains up in 2014, along with DDoS attacks

Top 5 Business Intelligence links
Patch-crazy Aust Govt fought off EVERY hacker since 2013
How your employees put your organization at risk
IT-savvy US congressmen to Feds: End your crypto-backdoor crusade
U.S. and Japan to Cooperate on Cybersecurity, Information Sharing
The NSA reportedly tried — but failed — to use a Stuxnet variant against North Korea

BF-SIRT Newsletter 2015-22

The top stories from this week consist of stories such as how a new iOS Bug can shut down iPhones and Apple Watches simply by receiving a text message, tweet or anything else that is delivered to the notification system, and how a study reveales how 86 percent of websites contain at least one ‘serious’ vulnerability.

Amongst the top stories you can also find how the total cost of average data breach reaches is now $3.8 million, and how a full Adult Friend Finder database is being sold for for $17,000 after a breach.

Top 5 Security links
New iOS Bug Crashing iPhones Simply by Receiving a Text Message [Includes Fix]
Study: 86 percent of websites contain at least one ‘serious’ vulnerability
Bank-heist malware’s servers phone home to Russian spookhaus
Hackers steal 80000 EURO from Belgium Metal Company
Forget passwords; Japanese users can buy online with their Eyeballs

Top 5 Business Intelligence links
Total cost of average data breach reaches $3.8 million
Full Adult Friend Finder database offered for $17,000
Recent Breaches a Boon to Extortionists
POS Malware Nitlove Seen Spreading Through Spam Campaign
Account recovery via secret questions is a bad idea

BF-SIRT Newsletter 2015-21

The top stories from the last two weeks consist of stories such as how Feds Say That Banned Researcher Commandeered Plane and Hacking Starbucks for unlimited coffee
Amongst the top stories you can also find how Russia and China seal cyber non-hack pact and how Panda Security has uncovered an ongoing attack against Oil Tankers
Patch Tuesday has also come up, and you can read about that in our blog post

Top 5 Security links
Feds Say That Banned Researcher Commandeered Plane
Hacking Starbucks for unlimited coffee
Who’s Scanning Your Network? (A: Everyone)
Security Firm Redefines APT: African Phishing Threat
High-level, state-sponsored Naikon hackers exposed

Top 5 Business Intelligence links
Russia and China seal cyber non-hack pact
Panda Security Uncovers Ongoing Attack Against Oil Tankers
Apple, Google urge Obama to reject encryption back doors
mSpy Denies Breach, Even as Customers Confirm It
Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign

Basefarm SIRT Posts
Patch Tuesday April 2015

Patch Tuesday May 2015

Another month, another patch Tuesday!
Microsoft and Adobe has both released a large amount of updates (Microsoft update fixes 46 flaws in Windows, Internet Explorer, Office and other Microsoft products), and some of these will enable malicious code execution if abused.

Also, this week’s newsletter will be postponed for next week due to holidays in Sweden.

You can find links to the updates below:
Microsoft
Adobe

BF-SIRT Newsletter 2015-19

This week you can read about how US hospitals will treat medical device malware with AC power probes, and that 90% of Java black hats migrate to footling Flash

In other news, you can read about how the Tesla attack started with a single phone call, and you could also see a day in the life of a stolen healthcare record.

Top 5 Security links
Actively exploited WordPress bug puts millions of sites at risk
Netflix open-sources security incident management tool
OpenSSL Past, Present and Future
US hospitals to treat medical device malware with AC power probes
90% of Java black hats migrate to footling Flash

Top 5 Business Intelligence links
Tesla attack started with a single phone call
Police breaks up cybergang that stole over $15 million from banks
Crimeware infects one-third of computers worldwide
What’s Your Security Maturity Level?
A Day in the Life of a Stolen Healthcare Record

Shortcut towards a secure site

Criminal activities and hacks are increasing on the internet, and companies have to increase the levels of security in routines and habits when it comes to passwords and online behavior.

Most of us know the dangers of this, but it seems we are not able to improve in this area.

Phishing attacks trick people daily into revealing their passwords, and users on unsecured networks can have their passwords sniffed. Malicious spyware can capture passwords and send them over the network to attackers. Identity theft is one of the fastest growing white-collar crimes in the world.

Going after user details is still easier than hacking the actual perimeters This is by far the preferred method of breaking and entering. Verizon (backed by all other major companies in this field) states in its latest study that stolen credentials are used in over 50% of attacks or hacks on websites.

 

Source: Verizon Data Breach Investigation Report 2015

The same study shows that in the financial services market, over 95% of the incidents follow the process: Phish customer -> get credentials -> abuse web application -> empty account

Facts:

  • Easy passwords can be cracked – and we use them all the time;
  • Sharing of passwords make it impossible to know who did what;
  • Same accounts and passwords are used at multiple places;
  • Passwords that need to be continuously changed are not user-friendly enough – so we don’t bother;
  • Hackers are using user names and passwords to steal data;
  • Random passwords cannot be remembered.

What is the recommendation?

Security experts worldwide suggest the usage of a strong, two-factor authentication to protect organizations assets. The same is also recommended by various compliances/certifications like PCI-DSS, HIPAA, SAS 70, ISO 27001 and others.

The strongest and closest to fool-proof safety against identity theft is Two Factor Authentication. And, it is also one of the remedies that could be labelled low-hanging in terms of return on investment.

The table shows the means (functions) one can implement to secure the service (critical security controls), and in percentage how much this can contribute towards an optimal solution security-wise (100%). We see that patching web services also rate as a highly effective means to a secure solution.

Source: Verizon Data Breach Investigation Report 2015

The two main benefits of Two Factor Authentication are that you get protected access to your solution and know who has accessed it and you also protect your end customers or members by offering Two Factor Authentication to them.

Why Multi Factor Authentication (MFA) from Basefarm

  • Fast implementation – we set it up for you so you will be up-and-running very fast with little effort;
  • Save time – we can manage and administrate your solution for you;
  • Cost effective – as a service OPEX only;
  • Stable and secure solution – with SLA from Basefarm.

Read more about our Multi Factor Authentication solutions.