- Friday, 10 July 2015
- Hits: 1454
The Great Cannon is China's powerful new hacking weapon
The relentless days-long cyberattack on GitHub showed that someone was willing to use hundreds of thousands of innocent internet users to try to take down two single pages set up by an organization fighting Chinese censorship.A group of cybersleuths has discovered that someone is indeed China, as everyone suspected. More importantly, they’ve also learned that the attack was carried out with a powerful new cyberweapon, whose existence was previously unknown. Researchers at the Citizen Lab—a digital watchdog at the University of Toronto's Munk School of Global Affairs—are calling it the “Great Cannon.” It’s a tool essentially capable of monitoring internet traffic and targeting anyone its operators decide to hit, sending back malware or spyware, or using the target to flood another site with traffic. Read more...
Chinees mobile app used for hiring thugs to beat up people!
|Major Hacks of the Week|
Magento Flaw Exploited in the Wild a few hours after disclosure
According to the security experts at Sucuri firm, within 24 hours after the disclosure of the vulnerability in Magento platform, bad actors are already attempting to hack e-commerce websites using it. The experts traced back the attacks to a couple of Russian IP addresses (22.214.171.124 and 126.96.36.199). Read more...
How attackers exploit end-users' psychology
At RSA Conference 2015, Proofpoint released the results of its annual study that details the ways attackers exploit end-users' psychology to circumvent IT security. Read more...
|Major Vulnerabilities Disclosed|
Patching Windows HTTP vulnerability should be prioritized
A newly patched vulnerability in Windows has set alarm bells ringing because it can be used to remotely execute code on unpatched computers. Unsuccessful attempts may result in a blue screen of death (BSoD) condition, which could be used as a means to perform denial-of-service (DoS) attacks against computers running Microsoft Internet Information Services (IIS) servers. This vulnerability affects Windows 8.1, Windows 8, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows 7. If left unpatched, the vulnerability could enable remote code execution if an attacker sends a specially crafted HTTP request to a Windows computer. Read more...
Ransomware: Return of the mac(ro)
Ransomware attackers have resorted to reviving a very old attack vector, the malicious Word macro. Although they enjoyed their heyday more than a decade ago, Word macro attacks picked up in recent months before a major surge last week. One such ransomware campaign was discovered last week and targeted victims in France with emails that purport to come from the French Ministry for Justice. The emails informed the victim that a court judgment had been made against them, authorizing the seizure of property in lieu of money they owed. The fake judgment comes in an attached Microsoft Word document. The document contains a macro which, if allowed to run, will install several pieces of malware on the victim’s computer, including the Cryptodefense variant of ransomware (Trojan.Cryptodefense). Read more...
Legal, Regulatory and Corporate
Huawei CEO says Chinese cybersecurity rules could backfire
China can only ensure its information security in the long run if it keeps its market open to the best technology products, be they foreign or domestic, Huawei's rotating chief executive Eric Xu told Reuters on Tuesday.Xu's remarks are a rare example of a top Chinese CEO openly questioning the direction of Beijing's information security policy, already a source of concern for countries who fear it will limit opportunities for their technology firms. Read more...
Blackberry wants to lock down security for the Internet of Things
The Canadian company has plans to make that work in its favor with an encryption certificate based on subsidiary Certicom's elliptic-curved cryptography, this could secure numerous devices ranging from connected car systems to smart meters -- ease of security and authentication are the name of the game here. Read more...
|Security and Beyond|
Export Google Search History
"You can download all of your saved search history to see a list of the terms you've searched for. This gives you access to your data when and where you want," informs Google. "When you download your past searches, a copy of your history will be saved securely to the Takeout folder in Google Drive. You can download the files to your computer if you want a copy on your computer." Google will send you an email when your archive is ready to download. Read more...
The Delicate Art of Remote Checks – A Glance Into MS15-034
By definition a remote check is a piece of code that allows the user to discern a vulnerability by actually exercising the code in a patch. These types of checks became popular during the era of worms, as a way to reliably determine exploitability in circumstances where a server’s banner was not enough information to discern a patched status. The exact process is somewhat difficult to capture as years of patch analysis at eEye (acquired by BeyondTrust in 2012) provides some measure of intuition. Read more...
|Security Awareness Tip|
2 step verification
You should to take advantage of 2 step authentication on google and facebook where a one time key is sent as an SMS everytime one wants to login.
|Silensec Editorial Team|
Editor: Dr. Almerindo Graziano
Dr. Graziano is the Silensec CEO. He holds an MSc in Electronic Engineering and a PhD in Mobile Computer Security, both from the University of Naples, Italy. Dr. Graziano has consulted in information security for private and government organisations across Europe, Africa and Middle East over the last 15 years. He is also a BSI-certified ISO27001 Lead Auditor trainer and auditor
Vice Editor: George Nicolaou (BSc, MSc)
George Nicolaou (BSc, MSc) leads the Silensec Malware Analysis Lab (MAL). He received his BSc in Computer Science and MSc in Advanced Computing Security from the University of Bath in UK, where he pursued research in malware and vulnerability analysis. For many years George has also been the Head of Research and Development department of the Astalavista Security Community. George is also a frequent speaker at security conferences around the world on advanced malware analysis, reverse engineering and exploit development techniques.
Associate Editor: Joseph Alulu (B.A)
Joseph Alulu leads the Silensec Marketing Department. He holds a Bachelors of Arts Degree from the University of Nairobi in Kenya. He publishes the weekly Silensec Newsletter, keeping you up to date on the latest information security news as well as creating information security awareness.
For any questions please click on the following contact us link