A.I. Talking Points : Security Week Review

Welcome back, after a short period of absence (but I posted anyway ) I’m back with the Weekly (more or less) Talking Points.
For the ones does not know what Talking Points is is just a short review of the salient news on Security of the last week. just to have a refresh and a short resume and being quickly updated. This is of course related to the long list of article I refer every weeks on PostOffice2 and sometimes to post on my other technical blog PostOffice.
Since it is a long time I’m not writing here is not easy to tell what happened since the last Talking Point Update (well you know vacation ) so I will do a general recap of the things that impressed me more.

A Summer review (with an eye on the last issues!)

While the world was moving summer hackers didn’t stop to enjoy their virtual environment so a lot of things happened under the sun.
Following security landscape has been quite interesting and amusing, I’ve learned new words (like Typosquatting ), discovered that an hacking group can start a fight vs.BART and I’m not referring to Bart Simpson.
Also found out that a botnet can strike from the sky. At the same time I saw a lot of things related to government Cyber activities, again Cina, US and Iran has been part of the play. But at least we should mention the recent hack to Russian Embassy website in London.

Cyber Acktivism vs CyberCrime vs. Cyber Espionage vs. Medical Equipment vs. xxxxxx

Has become clear and clear this summer that there are a lot of player under the cybersky moved by the most different reasons but sharing, most of the time, the same techniques.
So we have experienced a continuous rising of cyber acktivism, where Anonymous and Lulzsec are just 2 of the most notorious unstructured hacking group of activists who filled the news.
At the same times we discovered also that a growing cybercrime activity is hitting the new technology medias: from the “classic” attack on Social Network and Web 2.0 tools (from Facebook to twitter and so on) to the new Mobile computing world, where Android Tablets and Ipad are every day more under pressure by botnet and other bad stuffs.
Mapping cyber activities on a map is an interesting activity too, we will discover that rumors of cyber war and cyber espionage are widening, cyber warfare is not more something we read in books or science fiction movies. And sometimes the player are big corporations, sound like just a SF drama, isn’t it?

Scaring things, some returns and breaking security pillars

Above all there are a few things that disturbed me more.
First was  to realize that IT is so pervasive in our lives that even stuffs I would have hardly considered “IT security risky” needs to be put under security perspective. Have you ever thoughts of hacking a pacemaker or an insulin pump? No wonder that next predicted target are our always more cyber equipped cars.
Second things that disturbed me is that  two of the main pillars in security have suffered terrible strikes. I’m referring of course to the RSA hack witch consequences are still to be completely understood, and the recent diginotar affair that exposed once again the risks related to the certificate authority hack and relative certificate use.
Again and again people is using our feelings to scam us, and the recent Steve Jobs death scam or the ground zero twitter scam occurred yesterday made me very upset. I understand, of course, that those are the reasons and techniques of Social Engineering but I found that playing this way is very disturbing (ok I’m naïve, I agree).
Have you ever read “Sometimes they come back?”. would be a perfect title for the recent botnet news, form bitcoin to stuxnet everything turns back, even firesheep has been updated.

Well as you’ve seen lot of things happened during the quite days of summer, but now is time to get back to work and believe me I can easily predict a lot of new stuffs will come along with the rain and cold weather. so stay in touch and I’ll keep you updated.
thanks for following
Antonio Ierano

Related articles

• Cyber-Scammers Exploit Typing Errors to Intercept Email, Phish Details (portadiferro2.blogspot.com)
• Hacker gets 6-year sentence for ‘sextortion’ case (portadiferro2.blogspot.com)
• Anonymous vs BART (Simpson?) (portadiferro.blogspot.com)
• Demonstrators Fail to Appear at Anonymous’s Latest #OpBART … (portadiferro2.blogspot.com)
• Anonymous BART Protest Shuts Down Several Underground Stations (portadiferro2.blogspot.com)
• Talking Points – Security week review (portadiferro2.blogspot.com)
• SpyEye Hacking Tool Now Accessible To The Criminal Masses (portadiferro2.blogspot.com)
• The Growth of Cyber Terror (portadiferro2.blogspot.com)
• Botnets And Google Dorks: A New Recipe For Hacking (portadiferro2.blogspot.com)
• Cyber crime ‘costs £27bn a year’ (premierlinedirect.co.uk)
• Cyber war between Jester and Anonymous hackers in operation payback (portadiferro2.blogspot.com)
• Who is bart simpsons enemy (wiki.answers.com)
• Biggest-ever criminal botnet links computers in more than 172 countries (portadiferro2.blogspot.com)
• Talking Points – Security week review (portadiferro2.blogspot.com)
• Naval Academy Expands on Cyber Security (portadiferro2.blogspot.com)
• Amid social networking security issues, companies block Web 2.0 apps (portadiferro2.blogspot.com)
• Chinese Government Beefs-up Anti Cyber Hacking Laws (portadiferro2.blogspot.com)
• Expect More Botnets like the one that downed Twitter (portadiferro2.blogspot.com)
• There is no Geneva Convention online (portadiferro2.blogspot.com)
• What SMBs Can Learn from Operation Shady RAT (portadiferro2.blogspot.com)
• Canadian Hacker Arrested for Creating Zombie Botnet (portadiferro2.blogspot.com)
• Missile and submarine secrets ‘may have been stolen’ in cyber attack on … (portadiferro2.blogspot.com)
• Clarke: Outdated cyber defense leaves US open to attack (portadiferro2.blogspot.com)
• Japan’s defence industry hit by its first cyber attack (portadiferro2.blogspot.com)
• Cyber Bandits Attack Mexican Government Sites, Closing Down Defense Websites (portadiferro2.blogspot.com)
• Aussie war alliance extends to cyberspace (portadiferro2.blogspot.com)
• Cyber-espionage hits defence companies (portadiferro2.blogspot.com)

• Google Hacking: How Hackers Automate Google Hacking with Botnets (portadiferro2.blogspot.com)
• US, China bicker over Cyber terrorism (portadiferro2.blogspot.com)
• (Cyber) Rebels with a cause (portadiferro2.blogspot.com)
• Corporate America Top Threat (portadiferro2.blogspot.com)
• Comedic Mayhem: LulzSec’s Pranks Highlight Cyber Security Flaws (portadiferro2.blogspot.com)
• What SMBs Can Learn from Operation Shady RAT (portadiferro2.blogspot.com)
• Canadian Hacker Arrested for Creating Zombie Botnet (portadiferro2.blogspot.com)
• Missile and submarine secrets ‘may have been stolen’ in cyber attack on … (portadiferro2.blogspot.com)
• Clarke: Outdated cyber defense leaves US open to attack (portadiferro2.blogspot.com)
• Japan’s defence industry hit by its first cyber attack (portadiferro2.blogspot.com)
• Cyber Bandits Attack Mexican Government Sites, Closing Down Defense Websites (portadiferro2.blogspot.com)
• Aussie war alliance extends to cyberspace (portadiferro2.blogspot.com)
• Cyber-espionage hits defence companies (portadiferro2.blogspot.com)

Talking Points - Security week review

 

Talking Points

Security week review

The end of an era? Or, may be, just the beginning?

Good morning my friends as we all all aware Lulzsec closed its operation after 50 days of astonishing activities.

Is that really the end? or just the beginning?

While a group seems to fade, another one revamp, Anonymous taken the Lulzec legacy and both Operation Payback and AntiSec seems to strikes again and again. Brazil, USA, Italy, Spain Greece, Americas and Europe, Asia and Africa seems there is no border for Cyber Aktivists and Cyberwarfare.

So if LulzSec closed operations (but it is really what happened?) nothing has really changed in the CyberSpace.

Cybercrime is here to stay!

But if the Age of Lulzsec turns to be History we finally find again on our news the good old Cyber-crime. May be someone was thinking that the only problem was Cyber terrorism, but, come on, you still think that cyber-criminal are not a constant presence in our world? if so Think twice 🙂

It comes out that researcher found the biggest botnet ever TDL-4; so my friend, the bad guys are still there.

And was not only botnet to generate headache in our IT departments, A recent Cisco Report showed how Phishers and spammers are shifting their activities from mass distribution to more specific and more remunerative targeted attacks.

Mixing Mail, as a main vector, and malware, mostly deployed with a “drive by download” methodology starting from the Mail itself, those targeted attacks are becoming more insidious and more evil.

But anyone can be fooled, if RSA did you think you’re better?

Again on Social Networks

But those targeted attacks are delivered not only by ususal E-mail but also using the newest communication media, like social networks and portals. So if google deleted 93000 fake advertisements the King, Facebook, is always the preferred target. Malware campaign using the Facebook messages are spreading all days long. and do no think you do not need protection, there have been reported infected apps as well. Speaking of which we cannot avoid to remember that application world is still a very difficult area for security, so not only Facebook suffer security issues, but I have to say also mobile applications developed for the always more used so called smartphone and smart devices (tablets).

Mobile or not Mobile, this is the question….

it is not the fact Google is still fighting to clean up android market, but the use we do of mobile devices is spreading concerns among experts. we use it for work and access sensitive data, we use it for leisure and access personal data. those devices are full of useful information for cybercrooks and can be also used as a trojan horse to reach our networks from the inside. And do not even think that someone is immune, both major OS have dangerous flaws, and “he’s worse than me” apologeting does not stop the bad guys.

As i read once: “the good news is that there is only the 0.01% of chances to be targeted, the bad is that I’m in those 0.01%”

Lot of reports so also on mobile security, that does not means we do not have to use them, but just we have to learn how to use them.

besides I’m doing a little survey here to understand how we feel about mobile, you’re more than welcome to partecipate 🙂

June ending a new month start

It has been a long roller coaster ride this month, that certified a lot of changes in our perceptin of what is moving outside there.

We started to learn that Acktivism and hackers are back, Data are the preferred target for cybercrooks, cyber criminality work for money and live for money, any device can be source of risk, and the jailbreaking and hacking are not just geek activities but things we have to face every day.

So let’s us remember the June month protagonists.

Special mention to:

Anonymous and LulzSec

but we should remember the other guys with colored names like The Jester, Web ninjas, Chinga la migra …. 

The Hacks to remember

Some of the Hacks this month signed deeply the perception of what our world is becoming so let start mention

Google Mail Hack: China Vs a Private company, Mail always important (even more), Politicians and public officials using a private account to exchange private info…wow a lot of amazing stuffs here

Sony: From PSN to Picture, how to not do security, not to understand what it is happening, and how not to assume responsibility for it’s own mistakes, looks like life (or a soap opera)

Citi: yes we’ve been hacked, credit card data stolen but we do not tell to anyone, may be if nobody knows nothing happened… seems the Citi group justification. alas it comes out…

IMF: Damn it, i was trying to ask a 12 billion dollar loan for myself, geez if the most important financial entity can be hacked we should really be cautious. can you imagine what kind of sensitive data they handle? and just to wonder, you do knows hacker started the journey with spear phishing?

Acer: This case we can honestly ask Why the”Pakistan cyber army” group needed to attack them?

Sega: Why games company? may be because of their database are full of interesting data, like usernames, email, passwords, credit cards numbers (wait, that was Sony PSN).. Sega has not been the only one of course, seems games company are a preferred target. Funny enough, LulzSec deny any involvement and promise revenge against Sega Hackers.

Arizona Deparment of Public Safety: LulzSec, Anonimous? Both? can you feel the irony of the Antisec operations here?

Infragard, CIA, FBI: yes the more the better, also what should be the temple of  security can be hacked by some motivated teenagers…. we should really think about it, what would happen when well motivated professionals play the game?

…

i could continue of course but then you would think I’m here to scare you, well partially right 🙂

All this should make us think: if the security landscape is changed why our security activities are still the same?

all for this week

have a great time and enjoy your weekend

cheers

Antonio

Image via Wikipedia

Talking Points

Plenty of stuffs this week, as usual, we cannot start without talking about the

Royal Wedding

Today is the day, the royal wedding is coming and everyone is so excited that can’t stop himself from opening any email, link, search result or whatever related to the biggest event in human history .
Ok may be a little too much but for sure the royal wedding event is moving tons of gadget, interest and cybercriminal activities online but how could not expect something like this, where media are so deeply involved?
as a matter of fact several security vendors issued a warning about the spam and malware related activities around William and Kate’s day.
Not sure this will be the biggest event in human history (but believe me I heard on TV that this will be the biggest event in the century…so I’m not the only one exaggerating a little bit ) but this week showed also other interesting events that captured my attention.

Did your mom tell you that playing video-games is dangerous?

“Don’t play too much, turn off that console …” used to tell me my savvy mom. I never understood the reason but now I know that she was right (as moms always use to be). And now I know also the bad symptoms’ associated in gaming: lost of identity, credit card number sharing, password stealing…. what? o yes you’re right I’m talking about Sony PlayStation network  hack and the relative consequences.
Is not just the 77 million identities stolen that were interesting,  but for the 3 or 4 of you that follow this blog, is the progression and growing of this kind of activities in the last period of time. have you seen how many hacks I’ve reported from news lately? Cyber security is becoming a serious issue, and is incredibly odd that lot of people just do not realize how a layered and different approach is needed to address the new internet\cloud threat landscape.
Do we need security? yes a new and better one, a connected world require a new approach to security that has to shift the usual techniques into something new (bad guys already did!).

FBI – Federal Botnet Intruders?

At least FBI realized how botnets are a serious issue and started to pursue an holy war against them. Is still early to say we will have results, but the aggressive method used by FBI to take control coreflood is something new and opens also some concerns, is anything allowed in order to fight back cybercrime?
This is not a secondary question because the same techniques could be used not only by criminals but also by states to attack an enemy. At least those are claims that have been raised lately.

Iran under cyberattack (again)

or at least this is what they claim related to a new malware spread that, according to their statements, has been build to address specifically their nuclear projects. Although I have no evidences this sound familiar…remember stuxnet?
So the cyber landscape is growing and the need to protect from malware and other cyber threats is quite evident. but security is not only malware protection but also management, uptime, performance,  data protection and so on.

The falling clouds of Amazon

The recent outage of Amazon cloud services showed how difficult is to build up a secure and resilient infrastructure. At least two factor were interesting: the timeframe of the outage was incredibly big, and the fact Amazon declared some of the data were lost and they were not able to recover them.
So even Amazon need a better network infrastructure, and new (and better) procedures. The key is, we still have to work on our networks, just good enough is not enough .

All for today Issue, but just to remind us that the cyber world is not everything let’s send our wishes to the Tornado victims the south of United States of America.

Have a great weekend

cheers

Antonio