In the wake of news that the FBI has arrested a LulzSec hacker on charges related to attacks against Sony Pictures, a new team of hackers is making headlines. Team GhostShell has published over a million hacked records, and it promises there’s more to come.
The new attacks are part of “Project HellFire." Project HellFire is intended as a form of online protest against banks and politicians, and as retaliation for arrested hackers. Team GhostShell says, “We are also letting everyone know that more releases, collaborations with Anonymous and other, plus two more projects are still scheduled for this fall and winter. It's only the beginning."
An analysis from a security vendor suggests that most of the breaches were a result of SQL injection attacks. The attacks were aimed at consulting firms, manufacturing firms, government agencies, and banks. Team GhostShell was able to capture Admin passwords, usernames and passwords from customer accounts, and other files and documents.
Phishing attacks and many malware variants are designed to trick users into sharing sensitive information like passwords, or surreptitiously capturing them without the user’s knowledge. You should have a cross-device security platform in place to detect and block such attacks, but two-factor authentication provides even stronger security that can be so easily compromised.
Adobe Flash has long been a prime target for hackers and malware developers. The virtually ubiquitous app seems to have plenty of weaknesses, and presents attackers with an appealing method of exploiting and compromising victims. Currently, both the traditional Adobe Flash, and the Adobe Flash for Android mobile app have caught the attention of attackers.
Adobe Flash is a staple of Web browsing, and is essentially a de facto app installed on just about every Windows, Mac, and Linux PC. The mobile app has been a source of controversy between Apple and Adobe—famously excluded from Apple’s iOS mobile platform—however, Flash was trumpeted as a key selling point for rival Android devices.
The United States Department of Justice (DOJ) has seized three websites for alleged copyright violations. The sites are accused of illegally distributing Android apps. When dealing with third-party mobile app sites, though, pirated apps may be the least of your worries. The more pressing concerns: your privacy and security.
One of the defining features of Android is its “openness”. In contrast to other mobile platforms, Google’s Android ecosystem allows users much more latitude in customizing the mobile device itself. It also enables users to acquire apps from a variety of sources outside of the official Google Play store.
In the case of the websites targeted by the DOJ, Android’s openness simply means that users may be unknowingly buying illegal, pirated apps. However, the lack of a review process, or any sort of curating of the apps by a trusted source also means that it’s much easier for malicious apps to be distributed as well.
SMS text messaging is certainly not exclusive to Apple or its iconic iPhone smartphone. But, apparently there is something unique about the way Apple delivers SMS messages that makes the iPhone particularly vulnerable to spoofing or smishing (SMS phishing) attacks.
An iOS security researcher wrote a blog post detailing the discovery. When an SMS text message is sent, part of the header information contains the actual number the message originated from. However, there is also an optional header called the UDH (User Data Header) which allows for a different Reply To address to be entered.
Some mobile platforms display both the actual originating number and the information from the Reply To field, hopefully raising some red flags for the recipient if the two are different. Apple’s iOS only displays--and responds to--the address specified in the Reply To field.
Malware attacks seem to be evolving. The traditional viruses, Trojan horses, botnets, and phishing attacks are still a threat, but the next generation malware takes insidious to a whole new level. Thankfully, there’s a silver lining as well.
A new threat dubbed Shamoon has been identified that steals sensitive data, then wipes the target computer and effectively renders it useless. Shamoon--along with Stuxnet, Duqu, Flame, and Gauss--represents a new era of malware that is designed with specific goals in mind, and programmed to fly under the radar and evade detection in most cases.
In the early 90’s the primary goal of malware developers seemed to be notoriety. The objective was to wreak as much havoc as possible in order to get attention and make the malware a household name. There were attacks like CodeRed, Nimda, or the infamous SQL Slammer attack that managed to bring much of the Internet around the world to its knees in under an hour.
There is no silver bullet when it comes to encryption. Even the most complex, invulnerable encryption today could be child’s play in the future. The NIST (National Institute of Standards and Technology) is publishing new encryption standards for public review to try and keep up with the times and stay a step ahead of the bad guys.
The NIST is a government agency, and its guidelines only really impact other government agencies. However, many security experts and organizations look to the NIST standards as a baseline.
All of security is more or less a game of cat and mouse. Security measures are put in place, and they work for a while until attackers find the weak spots, or figure out how to compromise or circumvent them. Then, security experts have to devise new methods, and the game starts over. Website encryption, and the certificates we use to prove a site is legitimate, are subject to this same cause and effect.