Malware attacks seem to be evolving. The traditional viruses, Trojan horses, botnets, and phishing attacks are still a threat, but the next generation malware takes insidious to a whole new level. Thankfully, there’s a silver lining as well.
A new threat dubbed Shamoon has been identified that steals sensitive data, then wipes the target computer and effectively renders it useless. Shamoon--along with Stuxnet, Duqu, Flame, and Gauss--represents a new era of malware that is designed with specific goals in mind, and programmed to fly under the radar and evade detection in most cases.
In the early 90’s the primary goal of malware developers seemed to be notoriety. The objective was to wreak as much havoc as possible in order to get attention and make the malware a household name. There were attacks like CodeRed, Nimda, or the infamous SQL Slammer attack that managed to bring much of the Internet around the world to its knees in under an hour.
There is no silver bullet when it comes to encryption. Even the most complex, invulnerable encryption today could be child’s play in the future. The NIST (National Institute of Standards and Technology) is publishing new encryption standards for public review to try and keep up with the times and stay a step ahead of the bad guys.
The NIST is a government agency, and its guidelines only really impact other government agencies. However, many security experts and organizations look to the NIST standards as a baseline.
All of security is more or less a game of cat and mouse. Security measures are put in place, and they work for a while until attackers find the weak spots, or figure out how to compromise or circumvent them. Then, security experts have to devise new methods, and the game starts over. Website encryption, and the certificates we use to prove a site is legitimate, are subject to this same cause and effect.
You can implement rock solid network security; enforce strong, complex passwords; and install the best anti-malware tools available. Most security experts agree, however, that there is no security in the world that can guard against human error.
Consider your house--you can have a solid steel door, an industrial strength deadbolt, and an alarm system straight out of a Mission Impossible movie. But if you forget to lock the door or engage the alarm system, it won’t do any good.
The same logic applies when it comes to computer and network security, and it’s exacerbated by the growing BYOD (Bring Your Own Device) trend.
Secure data being beamed across the Internet it? Encrypt it. Protect data at rest from being accessed? Encrypt it. It seems like encryption is the answer to all of your security concerns. That’s true to an extent, but even encryption has its limitations.
Encryption is a perfectly viable solution for securing data, but it’s not invulnerable--especially for data at rest, like files stored on backup media. Today’s unbreakable algorithm is tomorrow’s cracked encryption.
The idea of encryption dates back centuries. At its core, it’s nothing more than replacing information with other data that makes it appear to be gibberish unless you have the key that helps you reverse the process (decrypt) so you can recover the original information.
It seems Facebook is preparing to roll out a new feature called “Find Friends Nearby”. The feature--which is designed to simplify the process of finding new friends and adding them to your social network--blurs the line a bit between the online social network and real life, and will probably draw the ire of privacy advocates.
First, a little about the feature itself--or at least what we think is known about the as yet unofficial feature. The name implies a feature that will alert you when one of the contacts from your Facebook social network happens to be nearby so you have an opportunity to meet up in real life. However, that isn’t really the way the feature works.
“Find Friends Nearby” isn’t about finding existing friends in your proximity, but rather for finding other “Find Friends Nearby” users in your proximity that might want to be friends. It’s a way to expand your social network by adding random strangers who are also interested in expanding their social network.
Hopefully you’ve applied all of the updates and fixes from Microsoft’s Patch Tuesday by now. But, have you also implemented the workarounds Microsoft published? If not, your system could end up compromised.
While organizations and individuals were busy with the Patch Tuesday security bulletins, Microsoft also released an out-of-band security advisory for a flaw in Microsoft XML Core Services that can allow an attacker to gain control of a vulnerable system from across the Internet. The vulnerability affects all supported versions of Windows, and all supported versions of Office 2003 and Office 2007.
In the security advisory, Microsoft spells out some mitigating factors that may reduce the risk this vulnerability poses for a PC. The flaw can be exploited just by loading a malicious Web page, but there’s no way an attacker can force a user to do so. The attacker has to craft the malicious site, and then convince victims to visit the website somehow in order to compromise their systems.
Have you applied Microsoft’s fixes and updates from the June Patch Tuesday yet? If not, you’re asking for trouble because a vulnerability that was already addressed by Microsoft is being actively exploited in the wild.
Microsoft security bulletin MS12-037 was this month’s cumulative update for Internet Explorer. It is rated as Critical, and addresses 14 separate vulnerabilities that affect every supported version of Internet Explorer in some way.
One vulnerability in particular is more urgent than the rest, though. There are multiple attacks circulating online that target CVE-2012-1875.