Threat Geek

1.      Mobile Malware: Protect Yourself Against Evolving Threats

When it comes to mobile security threats targeting our smartphones and tablets, unlike in biology, evolution isn't a good thing. Instead of "survival of the fittest" think "drug-resistant bacteria," because threats adapt to our ability to block and treat them faster than we can develop new palliatives.

2.      Yale warns 43,000 about 10-month-long data breach

Yale University has notified about 43,000 faculty, staff, students and alumni that their names and Social Security numbers were publicly available via Google search for about 10 months. All of the victims were affiliated with Yale in 1999, and are being offered identity theft insurance and free credit monitoring services for two years, the university said in a statement last week.

3.      When hackers become The Man

At DefCon III in 1995, the young crowd of 470 spent their time jamming a local radio station broadcast and playing Hacker Jeopardy at midnight when they couldn't drink at the bar. "Free Kevin" stickers were plastered everywhere protesting the jailing of fugitive hacker Kevin Mitnick, and a 14-year-old ran away from home to attend the event. (I know because I was there.)

4.      5 Top Trends Redefining CSO Priorities

The CSO carries a heavy load, as the person responsible for overall direction of security functions associated with IT applications, communications, and computing services and security within the enterprise. Part of what makes the role of the CSO so challenging is that trends introduce change, and the changes are cumulative. Few of the old security concerns go away; yet emerging technology trends introduce new risks while amplifying traditional concerns in novel and unexpected ways. Over the years computer viruses have evolved from sometimes amusing nuisances to more sophisticated hacking attacks that have become technically advanced, persistent, well-funded, and motivated by profit or strategic advantage.

5.      MyBART Hack by Anonymous Could Have Been Worse

The disclosure of 2,000 usernames and passwords by the hacking collective Anonymous against a San Francisco transportation website could have been more damaging, according to a doctoral candidate at the University of Cambridge. Joseph Bonneau, who is working on a thesis on password security, analyzed the disclosed passwords and found that more than 1,300 were randomly generated when users signed up for accounts at myBART, a marketing site for Bay Area Rapid Transit (BART).

The ThreatGeek Top 5 is a weekly post that identifies relevant industry news and stories. Check in to stay up to date with the latest happenings throughout the industry.

1.      SpyEye source code leaks could fuel new wave of attacks

The source code of the notorious SpyEye toolkit has been leaked, fueling speculation that one of the largest criminal malware families could become an even bigger threat. SpyEye, which surfaced in late 2009 and immediately started to compete against users of the Zeus banking malware toolkits, targets account credentials and other sensitive data. Leaking the SpyEye source code gives security researchers valuable information about the malware and the techniques of the code writers, but it also opens the door for other cybercriminals to create new variants and attack techniques. 

2.      Chrome improves anti-malware blocking score by 340%

Google's Chrome blocked four times more malicious sites and malware than a year ago, but Firefox 4 was much less effective at warning users of danger than Mozilla's browser last year, according to a report released Monday. Both were thrashed by Microsoft's Internet Explorer 9 (IE9), however, which easily retained its crown, said NSS Labs in a reprise of a 2010 study of browser anti-malware technologies.

3.      Anonymous Breaches San Francisco’s Public Transport Site

The hacking collective Anonymous released personal data on Sunday belonging to more than 2,000 public transport customers in the San Francisco area in retaliation for the Bay Area Rapid Transit (BART) system's shutdown of mobile phone service on Thursday night.

4.      Shady RAT Hid Malware In Digital Images

The attackers behind the "Operation Shady RAT" targeted cyber-espionage hacks hid some of their activities behind digital images. They used steganography, a relatively rarely deployed technique for hiding malicious code or data behind image files or other innocuous-looking files. In its analysis of Operation Shady RAT, Symantec found rigged images--everything from images of a pastoral waterside scene to a suggestive photo of a woman in a hat--that were masking commands ordering the infected machines to phone home to the command-and-control (C&C) server.

5.      Can the Obama Administration fix your identity management problems?

Can the Obama administration fix your identity management problems? Too many passwords and usernames for websites, and what level of assurance is there in the identity of the individual anyway? How can anyone prove their age online? Back in April, when it was announced, the White House took on these tough questions with its "National Strategy for Trusted Identities in Cyberspace" initiative, now known as NSTIC.

The ThreatGeek Top 5 is a weekly post that identifies relevant industry news and stories. Check in to stay up to date with the latest happenings throughout the industry.

1.      Anatomy Of A Mac APT Attack

You've heard it all before: If you're a Mac, then you're immune from most of the latest security threats. That has led some organizations worried about cyberespionage-type attacks to consider ditching their target-prone Windows machines for their Mac iOS counterparts, according to a team of researchers who spoke at Black Hat USA last week in Las Vegas.

2.      The danger of misconstruing the most serious security threats

Unlike in politics, it’s rather important in the world of cybersecurity that words and labels mean something specific. Routinely mislabeling hacking and other incidents of computer mischief could lead to overreactions to garden-variety illicit activity or a tendency to downplay the need for a new kind of response to truly dangerous threats.

3.      Citigroup Hit Again by Security Breach

The company's Japanese credit card unit reported in a message to its user base that personal information of about 92,400 customers "has allegedly been obtained and sold to a third party illegally." Multinational financial service provider Citigroup appears to be snake-bitten by security problems, and not just through Web hacking.

4.      Hackers attack zero-day flaw in WordPress themes

Malicious hackers have pounced on a zero-day vulnerability in a widely used image-resizing utility that ships with themes for the popular WordPress blogging platform. The timthumb utility, used to handle cropping, zooming and resizing web images, is used by millions of blogs running certain themes and because it writes files into a directory during the image-resizing process, it can be used to launch web attacks.

5.      Microsoft patches 1990s-era ‘Ping of Death’

Microsoft today issued 13 security updates that patched 22 vulnerabilities in Internet Explorer, Windows, Office and other software, including one that harked back two decades to something dubbed "Ping of Death." Of Tuesday's 13 updates, called "bulletins" by Microsoft, two were labeled "critical" -- the most-serious rating in the company's four-step score -- nine were marked "important," the next-most-dangerous category, and two were pegged as "moderate."

The ThreatGeek Top 5 is a weekly post that identifies relevant industry news and stories. Check in to stay up to date with the latest happenings throughout the industry.

Today, Rob Elkind solved our Decode This contest at the 2011 BlackHat USA Conference and won $1,000. Congratulations, Rob! You can still play, see here for full rules of the contest. The last hint will be announced at 4pm PDT today.

1.      Advanced Persistent Treats force IT to Rethink Security Priorities

The biggest business challenge today, in the minds of many information security officers, is the stealthy online infiltration by attackers to steal valuable proprietary information. The reality, they say, is that these so-called "advanced persistent threats" are so rampant and unrelenting they are forcing IT to rethink network security.

2.      How to Survive Black Hat and Defcon Without Getting Hacked -- Maybe

Among the thousands of security experts at the Black Hat, Defcon and Security BSides conferences next week in Las Vegas, some will surely test whether they can break into nearby laptops, phones, networks -- even RFID-enabled room keys and credit cards. Based on hacks in previous years, conference veterans realize the possibility of being owned, and some who blog have issued tips for how to use electronic devices safely and lock them down.

3.      Cyber Threat Resembles Pre-9/11 Terror Threat: Black Hat

Today's threat of cyber attacks is analogous to that from terrorists in the mid-1990s, Cofer Black, chairman of Total Intelligence Solutions and director of the CIA's counterterrorist center on 9/11, said in a keynote at Black Hat, a UBM TechWeb event, on Wednesday. When al Qaeda was in the rise in the mid-1990s, and even until the 9/11 attacks, Black said, terrorist threats were not well understood and were new to the country's top decision makers. "They didn't understand it. They had no personal experience with it," he said. "The decision-makers of today are in the same boat [with cyber]. They hear it, but they don't understand it."

4.      Take cyberthreats seriously, says counterterrorism expert

LAS VEGAS --Warnings about emerging cyberthreats shouldn't be treated with the same skepticism that many government officials showed toward the alarms sounded prior to the Sept. 11, 2001, terrorist attacks, warned a leading counterterrorism at the BlackHat security conference here Wednesday. Though many security experts agree that future conflicts will likely be fought in cyberspace, military and government officials have shown a hesitancy to act until they see a validation of the threats, said Cofer Black, former director of the CIA's Counterterrorism Center.

5.      Shady Rat Attacks Hit 70 Organizations, 14 Countries

Operation Shady Rat, a massive cyber-espionage campaign, has been under way for five years against national governments, global companies, nonprofits, and others, says McAfee. A massive advanced persistent threat (APT)-type attack campaign has been ongoing worldwide for five years that has stolen intellectual property from 70 government agencies, international corporations, nonprofits, and others in 14 countries, according to a new published report in Vanity Fair.

The ThreatGeek Top 5 is a weekly post that identifies relevant industry news and stories. Check in to stay up to date with the latest happenings throughout the industry.