Monday, June 29, 2015

Mobile devices are a company’s biggest security risk

Mobile devices are the weak links in a company’s security chain, providing easy access to valuable organizational assets.

Mobile devices are the weak link in a company’s security chain, providing easy access to valuable organisational assets. This is according to Check Point Software Technologies’ third annual Security Report.

For an organisation with more than 2,000 devices on its network, there’s a 50% chance that at least six are infected.

IT providers’ top mobile security challenge is securing corporate information, while their second is managing personal devices storing both corporate and personal data.

“Corporate data is at risk, and being made aware of these risks is critical to taking the proper steps to secure mobile devices,” said Check Point South Africa.

Read more:

Image courtesy of Stuart Miles at

Thursday, June 25, 2015

Easy Access Fuels ATM Attacks - ATM 'Eavesdropping' Alert Highlights New Risks

Global ATM manufacturer NCR Corp. issued an alert this week about card reader eavesdropping attacks, which were first identified in Europe last year and are now spreading, potentially posing a risk in the U.S.

These attacks involve accessing or opening the top of an ATM's enclosure, where the card reader is housed, and attaching a so-called wiretapping or eavesdropping device to the reader. The attackers' device captures card data as it is transmitted from the card reader to the ATM.

Earlier attacks, which were targeting through-the-wall ATMs typically installed right outside a bank branch, involved drilling a hole or cutting into the ATM's enclosure to insert and attach the device to the card reader.

Read more:
(Image courtesy of 

Wednesday, June 24, 2015

Unencrypted Device Breaches Persist

Health Data Breach Tally Shows String of Theft Incidents

Image courtesy of 
dream designs 
Although hacker attacks have dominated headlines in recent months, a snapshot of the federal tally of major health data breaches shows that stolen unencrypted devices continue to be a common breach cause, although these incidents usually affect far fewer patients.

See Also: The Enterprise at Risk: The 2015 State of Mobility Security

As of June 23, the Department of Health and Human Services' Office for Civil Rights' "wall of shame" website of health data breaches affecting 500 or more individuals showed 1,251 incidents affecting nearly 134.9 million individuals.

Those totals have grown from 1,213 breaches affecting 133.2 million individuals in an April 29 snapshot . . . Read more:

Tuesday, June 23, 2015

Google Chrome Listening In To Your Room Shows The Importance Of Privacy Defense In Depth

Image courtesy of joesive47 at

Yesterday, news broke that Google has been stealth downloading audio listeners onto every computer that runs Chrome, and transmits audio data back to Google. Effectively, this means that Google had taken itself the right to listen to every conversation in every room that runs Chrome somewhere, without any kind of consent from the people eavesdropped on. In official statements, Google shrugged off the practice with what amounts to “we can do that”.
It looked like just another bug report. "When I start Chromium, it downloads something." Followed by strange status information that notably included the lines "Microphone: Yes" and "Audio Capture Allowed: Yes". Without consent, Google’s code had downloaded a black box of code that – according to itself – had turned on the microphone and was actively listening to your room.

Monday, June 22, 2015

“EPIC” fail—how OPM hackers tapped the mother lode of espionage data

Image courtesy of  Idea go at
Two separate "penetrations" exposed 14 million people's personal info.

Government officials have been vague in their testimony about the data breaches—there was apparently more than one—at the Office of Personnel Management. But on Thursday, officials from OPM, the Department of Homeland Security, and the Department of the Interior revealed new information that indicates at least two separate systems were compromised by attackers within OPM's and Interior's networks. The first was the Electronic Official Personnel Folder (eOPF) system, an entity hosted for OPM at the Department of the Interior's shared service data center. The second was the central database behind EPIC, the suite of software used by OPM's Federal Investigative Service in order to collect data for government employee and contractor background investigations.
OPM has not yet revealed the full extent of the data exposed by the attack, but initial actions by the agency in response to the breaches indicate information of as many as 3.2 million federal employees (both current federal employees and retirees) was exposed. However, new estimates in light of this week's revelations have soared, estimating as many as 14 million people in and outside government will be  . . .  

Saturday, June 20, 2015

Zero-Day Exploits for Stealing OS X and iOS Passwords

I think you'll agree with me when I say: Apple devices are often considered to be more safe and secure than other devices that run on platforms like Windows and Android, but a recent study will make you think twice before making this statement.

A group of security researchers have uncovered potentially deadly zero-day vulnerabilities in both iOS and OS X operating systems that could put iPhone/iPad or Mac owners at a high risk of cyber attacks.

Researchers have created and published a malicious app on the App Store that was able to siphon users’ personal data from the password storing Keychain in Apple's OS X, as well as steal passwords from iCloud, banking and email accounts.

Read more:

Thursday, June 18, 2015

Baseball Insider Corporate Espionage: Making Sure You Aren’t Next

Image courtesy of cooldesign at
With a successful major security breach happening nearly every month now, it is easy to start treating this as noise, but that could be a career-ending decision. The news this week wasn’t just on the Cardinals hacking the Astros but also on Congress asking for heads to roll on the Chinese hack that compromised the information of a massive number of federal employees.

While I think the drama of all of this is fascinating, the underlying problem is the continued focus on blame rather than actually attempting to fix the problem. At the heart of the federal problem is an endemic lack of focus on making critical systems secure. So much so that last year the Attorney General recommended shutting much of the system down to protect confidential information. 

Wednesday, June 17, 2015

New exploit turns Samsung Galaxy phones into remote bugging devices

Image courtesy of patrisyu at
As many as 600 million Samsung phones may be vulnerable to attacks that allow hackers to surreptitiously monitor the camera and microphone, read incoming and outgoing text messages, and install malicious apps, a security researcher said.

The vulnerability is in the update mechanism for a Samsung-customized version of SwiftKey, available on the Samsung Galaxy S6, S5, and several other Galaxy models. When downloading updates, the Samsung devices don't encrypt the executable file, making it possible for attackers in a position to modify upstream traffic—such as those on the same Wi-Fi network—to replace the legitimate file with a malicious payload. The exploit was demonstrated Tuesday at the Blackhat security conference in London by Ryan Welton, a researcher with security firm NowSecure. A video of his exploit is here.

Read more:

Tuesday, June 16, 2015

Yorktown Naval Engineer Pleads Guilty to Attempted Espionage

Image courtesy of 

A Yorktown engineer working for the Department of the Navy pleaded guilty to attempting to leak classified information about a U.S. naval aircraft carrier Monday.

Although the maximum punishment for this crime is life in prison, prosecutors have elected to recommend a sentence of eight to 11 years for Mostafa Ahmed Awwad after he accepted a plea deal in the Norfolk District Court for the Eastern District of Virginia

The 36-year-old Saudi Arabia native attempted to share schematics of the USS Gerald R. Ford nuclear aircraft carrier . . . 

Monday, June 15, 2015

China’s Hack Just Wrecked American Espionage

Image courtesy of
Idea go 
It's tough enough to be an undercover spy in the age of the Internet. China's hack of American personnel files just made it much, much harder.

The mega-hack of the Office of Personnel Management continues to get worse for Washington. Revelations of a second, even deeper intrusion into OPM servers bring distressing news that Pentagon employees, including intelligence personnel, are among the millions of Americans whose personal and security data have been compromised.

As The Daily Beast reported, this hack constitutes a disaster for Washington's counterintelligence operatives. Armed with very private information about the personal lives of millions of security clearance holders, foreign intelligence services can blackmail and coerce vulnerable officials. To make matters worse, . . . 

Saturday, June 13, 2015

The New Spymasters by Stephen Grey review – the spies above us

Image courtesy of 
Stuart Miles
What makes a good spy? Is there such a thing? To what extent should spymasters turn a blind eye to crimes, even collusion in murder, committed by their informants or agents?
These important – perhaps increasingly important – issues are discussed in this valuable and thought-provoking book by Stephen Grey, the journalist whose first book, Ghost Plane, about US and UK involvement in the secret rendition of detainees in the “war on terror”, raises questions that remain unanswered.
The New Spymasters breaks new ground, not so much in revealing hitherto unknown cases of espionage, but in identifying and pursuing a number of cases – including that of MI6’s spies, who were never in Iraq before the 2003 invasion – where British and US security and intelligence agencies were deeply involved. Read more:  

Thursday, June 11, 2015

Cyber-Espionage Nightmare!

Image courtesy of khunaspix at
A groundbreaking online-spying case unearths details that companies wish you didn’t know about how vital information slips away from them.

On a wall facing dozens of cubicles at the FBI office in Pittsburgh, five guys from Shanghai stare from “Wanted” posters. Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui are, according to a federal indictment unsealed last year, agents of China’s People’s Liberation Army Unit 61398, who hacked into networks at American companies—U.S. Steel, Alcoa, Allegheny Technologies (ATI), Westinghouse—plus the biggest industrial labor union in North America, United Steelworkers, and the U.S. subsidiary of SolarWorld, a German solar-panel maker. Over several years, prosecutors say, the agents stole thousands of e-mails about business strategy, documents about unfair-trade cases some of the U.S. companies had filed against China, and even piping designs for nuclear power plants—all allegedly to benefit Chinese companies. 

Tuesday, June 9, 2015

The Internet of Evil Things The Rapidly Emerging Threat of High Risk Hardware

The Internet of Everything has arrived and alongside every great technology trend comes a challenging and loosely-defined threat vector. With the rush to Internet-enable everything from wristwatches to power grids, the massive proliferation of smart devices has significantly expanded the attack surface of our interconnected world. This attack surface has expanded well beyond the visibility of today’s monitoring and intrusion detection systems. As a result, a little understood and ever expanding threat vector has emerged: The Internet of Evil Things (IoET). Get the report from Pwnie Express:

This machine catches stingrays: Pwnie Express demos cellular threat detector

At the RSA Conference in San Francisco today, the network penetration testing and monitoring tool company Pwnie Express will demonstrate its newest creation: a sensor that detects rogue cellular network transceivers, including "Stingray" devices and other hardware used by law enforcement to surreptitiously monitor and track cell phones and users.
In an exclusive demonstration for Ars, Pwnie Express CTO Dave Porcello and Director of Research and Development Rick Farina showed off the company's new cell network threat detection capabilities, which integrate into Pwnie's Pulse security auditing service. The capability will give companies the ability to monitor cellular networks around them and detect anomalies caused by rogue cellular base stations, IMSI catchers, and devices used to extend cellular coverage into areas where it may not be authorized. Learn more:

Monday, June 8, 2015

With a series of major hacks, China builds a database on Americans

Image courtesy of Bigjom at
China is building massive databases of Americans’ personal information by hacking government agencies and U.S. health-care companies, using a high-tech tactic to achieve an age-old goal of espionage: recruiting spies or gaining more information on an adversary, U.S. officials and analysts say.

Groups of hackers working for the Chinese government have compromised the networks of the Office of Personnel Management, which holds data on millions of current and former federal employees, as well as the health insurance giant Anthem, among other targets, the officials and researchers said.

“They’re definitely going after quite a bit of personnel information,” said Rich Barger, chief intelligence officer of ThreatConnect, a Northern Virginia cybersecurity firm. “We suspect they’re using it to understand more about who to target [for espionage], whether electronically or via human ­recruitment.”  
Read more:

Massive cybersecurity breach raises concerns about what hackers stole

Image courtesy of Hyena Reality at
A massive hack of government personnel files is being treated as the work of foreign spies who could possibly use the information to sneak their way into more-secure computers and plunder U.S. secrets. 

Dan Payne, a senior counterintelligence official for the Director of National Intelligence, told federal employees Friday to change their passwords, put fraud alerts on their credit reports and watch for attempts by foreign intelligence services to exploit them.

"Some of you may think that you are not of interest because you don't have access to classified information," he said. "You are mistaken."

Read more:

Friday, June 5, 2015

Medical data, cybercriminals' holy grail, now espionage target

Image courtesy of Hyena Reality at
Whoever was behind the latest theft of personal data from U.S. government computers, they appear to be following a new trend set by cybercriminals: targeting increasingly valuable medical records and personnel files.

This data, experts say, is worth a lot more to cybercriminals than, say, credit card information. And the Office of Personnel Management (OPM) breach revealed on Thursday suggests cyber spies may now also be finding value in it.

Cyber investigators from iSight Partners said they had linked the OPM hack to earlier thefts of healthcare records from Anthem Inc, a health insurance company, and Premera Blue Cross, a healthcare services provider. Tens of millions of records may have been lost in those attacks. Read more: 

Federal government hit by major data breach

Image courtesy of David Castillo Dominici at

The Obama administration is scrambling to assess the impact of a massive data breach that occurred when federal agencies were hacked.

A congressional aide familiar with the situation, who declined to be named because he was not authorized to discuss it, says the Office of Personnel Management (OPM) -- the agency that handles security clearances and employee records -- and the Interior Department were hacked. A second U.S. official who also declined to be identified said the data breach could potentially affect every federal agency.

U.S. officials say the investigation . . .  Read more:

Thursday, June 4, 2015

Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border

Without public notice or debate, the Obama administration has expanded the National Security Agency’s warrantless surveillance of Americans’ international Internet traffic to search for evidence of malicious computer hacking, according to classified N.S.A. documents.

In mid-2012, Justice Department lawyers wrote two secret memos permitting the spy agency to begin hunting on Internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad — including traffic that flows to suspicious Internet addresses or contains malware, the documents show.

The Justice Department allowed the agency to  . . .  

Image courtesy of Idea go at 

Monday, June 1, 2015

Mac bug makes rootkit injection as easy as falling asleep

Respected Apple hacker Pedro Vilaça has uncovered a low-level zero day vulnerability in Mac computers that allows privileged users to more easily install EFI rootkits.

Vilaça says the attack, first thought to be an extension of previous research rather than separate zero day, took advantage of unlocked flash protections when machines go into sleep mode.

“Apple’s S3 suspend-resume implementation is so f*cked up that they will leave the flash protections unlocked after a suspend-resume cycle,” Vilaça says in a post.

“It means that you can overwrite the contents of your BIOS from userland a rootkit EFI without any other tricks other than a suspend-resume cycle, a kernel extension, flashrom, and root access.

Image courtesy of chanpipat