I have been asked a bunch of times “Which is the more secure mobile platform? Android or iOS?”. There are tons of articles on this topic found by searching on Google. Here is my two cents on the topic.
When looking at AppleiOS and Android, both take completely different approaches to security giving pros and cons to each option. Apple is extremely strict with how applications can leverage resources while Android is open source. For example, Apple devices sandbox APPs meaning they can’t interact with other APPs. Only “jail broken” phones open up the ability for applications to interact with other resources. So for those thinking its smart to jailbreak your iPhone, just be warned that you are also putting your device at risk for compromise. Continue reading →
CBSNews has a segment of 60s minutes covering how DARPA “the creator of the Internet” is fighting cyber crime (found HERE). They claim Dan Kaufman aka Darpa Dan and his team have built a application that can monitor the military’s network for compromised hosts. They continue to claim “any device that is breached will show up as red dots so you know EXACTLY whats going on”. Uhhhhh sure … is this malware / breach detection mixed with behavior analytics or is it just smoke and mirrors to look impressive on TV?
Next they say they can shut down or quarantine an infected system. Ok well at least that sounds reasonable since technology like NAC is around so just add a desktop management application and that is accomplished. I guess it sounds reasonable when DARPA Dan’s team gets a half of billion dollars a year to develop technology according to this report. With that budget, they better be able to accomplish something. Continue reading →
The people at TheHackerNews.com wrote a article on a new attack against Android devices that tricks users into believing they have powered off their device so they can spy on them. The original post can be found HERE.
Security researchers have unearthed a new Android Trojan that tricks victims into believing they have switched their device off while it continues “spying” on the users’ activities in the background. So, next time be very sure while you turn off your Android smartphones.
My buddy Aamir Lakahni at drchaos wrote a interesting post about criminals using RAT tools to steal boat loads of money from banks. The original post can be found HERE.
Another week, another hack. A group of cybercriminals used phishing attacks to install remote access toolkits (RATs) and steal over $300 million from banks and other financial institutions (source: http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html)
Using RATs is not new, and common method cybercriminals use. We had an in-depth look at njRAT and the Sweet Orange Exploit on this site. It is also not uncommon to use phishing and other social engineering attacks by attackers to trick users into installing sophisticated malicious tools. Continue reading →
NSS Labs just released their latest Threat Capabilities Report found HERE. Its a short yet interesting report covering widely used applications that were exploited after September of 2014. They list the top applications, operating systems and countries hosting command and control call homes. This one is free to download. Below is a summary from the report.
Data breaches continue to hit the news yet are only a fraction of what is being reported. Some recent ones are Sony (more on this HERE … and yes I saw The Interview because of the press behind this) and Anthem (more on this HERE). The reasons why organizations don’t report a breach vary from the fear of having critical infrastructure confiscated (which today usually isn’t the case like it was in the past), have negative press or costs associated with an investigation. Hopefully these and other concerns don’t become barriers for reporting data crimes. The more criminals get away with crimes, more likely they will do it again with less concern of being caught.
One really good resource you can check out to learn more about known data breaches is datalossdb.org. The people at Open Security Foundation do a pretty good job keeping up with documenting data breaches as they become public. Continue reading →
The people at Propublica.org wrote a really cool piece on the creature of GPG, Enigmail and GPG4Win Werner Koch (original post can be found HERE). Until recently, Werner has been the one man band behind developing and maintaining a few versions of free email encryption software applications. Large organizations and governments tend to dump funds into spying and cyber defense yet can’t seem to fund developers of really important things such as email encryption. PGP isn’t good enough so its great to see Werner finally received some funding.
The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive. Continue reading →
Andrea Allievi & Earl Carter from the security group at Cisco, Talos, wrote a interesting post covering the latest Cyrptowall 3.0 ransomware. The original post can be found HERE. They really break down how the new attack functions. Check it out below.
Ransomware continues to impact a large number of organizations and the malware continues to evolve. In January, we examined Cryptowall 2.0 and highlighted new features incorporated into the dropper and Cryptowall binary. When Cryptowall 3.0 appeared, we were interested in seeing what new functionality was incorporated into this latest variant in the Cryptowall series. Continue reading →