CTO Insights: Internet of Things — Whose Data Is It, Anyway?
Everywhere you look, it seems to be that everything is becoming “smart”. On my wrist, I frequently wear a smart watch that monitors how many steps I take, what my heart rate is, and so on. At home, a smart thermostat can be controlled via an app, or even be programmed based on my own behavior. […] more…Exploring CVE-2015-1701 — A Win32k Elevation of Privilege Vulnerability Used in Targeted Attacks
Our analysis of the win32k.sys vulnerability used in a recent targeted attack reveals that it opens up an easy way to bypass the sandbox, making it a bigger threat than originally thought. As mentioned in Microsoft security bulletin MS15-051, CVE-2015-1701 is an elevation of privilege vulnerability that exists when the Win32k.sys kernel-mode driver improperly handles […] more…Anatomy of a LOGJAM – another TLS vulnerability, and what to do about it
We’ve had BEAST, Lucky Thirteen, BREACH, BEAST, POODLE, Heartbleed and FREAK…now, it’s LOGJAM. Paul Ducklin explains, and tells you what you can do about it. more…Netgear and ZyXEL confirm NetUSB flaw, are working on fixes
Networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected by a recently disclosed vulnerability in a USB device-sharing service called NetUSB. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year. The vulnerability, tracked as CVE-2015-3036, […] more…Fraudsters can have rights, too
We have recently come across a method of getting personal information that was interesting from the technical point of view. Our customer received an email saying that someone had used his Live ID to distribute unsolicited email, so his account would be blocked. The email suggested that, to prevent the account from being blocked, the […] more…How Evil Hackers Can Cause Chaos At Horribly Vulnerable Car Parks
There’s been growing interest in car hacking in recent years, inspired by researchers showing off exploits in real vehicles, tinkering with Teslas, and uncovering glaring vulnerabilities in third party kit. But criminal hackers could vex drivers in other ways, such as compromising internet-connected, easily hackable parking management systems, according to Spanish researcher Jose Guasch. Tags: […] more…Mobile Certificates and Developer Accounts: Who is Faking It?
Companies risk losing all their customers if they continue neglecting their app store presence. While malicious mobile apps do bring serious security concerns to the fore, (70% of top free apps have fake and mostly malicious versions in app stores) companies and developers also face another challenge in the form of copycats. For a company […] more…The Naikon APT
Our recent report, “The Chronicles of the Hellsing APT: the Empire Strikes Back” began with an introduction to the Naikon APT, describing it as “One of the most active APTs in Asia, especially around the South China Sea”. Naikon was mentioned because of its role in what turned out to be a unique and surprising […] more…Spam and Phishing in the First Quarter of 2015
Spam: features of the quarter New domain zones In January 2014 the New gTLD program of registration for new generic top-level domains designated for certain types of communities and organizations was launched. The main advantage of this program is the opportunity for organizations to choose a domain zone that is clearly consistent with their activities […] more…Microsoft Security Updates May 2015
Microsoft released a set of thirteen Security Bulletins (MS015-043 through MS015-055) to start off May 2015, addressing 38 vulnerabilities in a wide set of Microsoft software technologies. Three of these are rated critical for RCE and the rest of the May 2015 Security Bulletins are rated Important. Two of the critical Bulletins (043 and 044) are especially […] more…Identifying and Dividing Networks and Users
Proper network segmentation is the most critical proactive step in protecting networks against targeted attacks. It is also important for organization to properly identify and categorize their own users and the networks they access. This is an important task as it allows an administrator to properly segment both user privileges and network traffic. Some users will […] more…Second Chinese security vendor caught cheating
Chinese anti-virus developer Tencent will lose its certifications after it was found to have submitted products with optimisations designed to improve their ratings in independent third-party testing. Tencent is the second Chinese security vendor to be caught cheating recently. Last week, rival anti-virus developer Qihoo 360 was stripped of its awards after it was found […] more…City of London Police crack counterfeit Cisco ring
The City of London Police, working with detectives from the Police Intellectual Property Crime Unit (PIPCU), have busted a Hertfordshire crime ring suspected of importing, exporting and selling counterfeit Cisco hardware. The force swooped on two men, aged 36 and 35, at their homes in Sawbridgeworth and Birchanger, and a third man, aged 38, at […] more…IT threat evolution in Q1 2015
Q1 in figures According to KSN data, Kaspersky Lab products detected and neutralized a total of 2,205,858,791 malicious attacks on computers and mobile devices in the first quarter of 2015. Kaspersky Lab solutions repelled 469,220,213 attacks launched from online resources located all over the world. Kaspersky Lab’s web antivirus detected 28,483,783 unique malicious objects: scripts, […] more…Microsoft sets commercial cloud goal of $20 billion run rate by 2018
Last week, during Microsoft’s third quarter fiscal 2015 earnings, company execs said Microsoft had hit an annual run rate of $6.3 billion for its commercial cloud. This week at the company’s annual Financial Analyst Meeting (FAM), CEO Satya Nadella said Microsoft’s goal is to hit a $20 billion run rate for its commercial cloud by […] more…Wi-Fi client vulnerability could expose Android, Linux, BSD, other systems to attacks
A serious flaw in a component that’s used to authenticate clients on Wi-Fi networks could expose Android, Linux, BSD, and possibly Windows and Mac OS X systems to attacks. The vulnerability is in wpa_supplicant, an open-source software implementation of the IEEE 802.11i specifications for wireless clients. The component is cross-platform and is used to control […] more…More information
- Update to authsmtp.psu.edu – June 23
- Chipmaker Patch Tuesday: Intel, AMD Address Over 100 Vulnerabilities
- First American Financial Exposed Millions of Sensitive Documents
- SMB Disaster Prepardness Survey
- Update: Voice System Upgrade
- Ukrainian Group Claims Hack of Putin Advisor’s Email
- Must-see talks from 2015’s Chaos Communication Congress hacker conference
- Google Introduces Kids to Coding Through Blockly Games Project
- Remaining Nimble During Times of Rapid Change
- SecurityWeek to Host AI Risk Summit June 25-26 at the Ritz-Carlton, Half Moon Bay CA