According to a press release that arrived today, entitled "Kaspersky Lab identifies first targeted attack utilising malware for Android devices", it marks the "first serious wave of targeted attacks using Android malware" but just how worrying is that really?
The PR company sending the release were at pains to point out that "this latest discovery is perhaps the first serious wave of targeted attacks using Android malware in-the-wild against Tibetan and Uyghur activists" and that "the malware secretly reports the infection to a command-and-control server. After that, it begins to harvest information stored on the device". The stolen data including contacts as stored on the phone and any associated SIM card, call logs, SMS messages, geolocation data, phone handset data such as phone number, OS version, phone model and SDK version. The release itself starts by stating how this is a similar attack style as others aimed at Uyghur and Tibetan activists, but targeting mobile devices instead of DOC, XLS or PDF documents exploiting zero-days for Windows computers and Macs.
It all sounds very serious stuff indeed, especially when you read statements such as "the Android malware used in the new attack steals private data from infected smartphones, including the address book and messaging history, and sends it to a command and control server. This attack is believed to be the first of this kind utilising fully functional Android malware and specifically targeting mobile devices of potential victims". But if you can get past the …
It has been just over a month now since North Korea gloated about its successful nuclear weapon test. A test which prompted the imposition of new UN sanctions against Pyongyang, and if the Korean Central News Agency (KCNA) which acts as a state mouthpiece for the Democratic People's Republic of Korea is to be believed, it has also prompted "intensive and persistent" cyber-attacks. Attacks, according to the North Koreans, which have been jointly launched by South Korea and the United States.
The KCNA claims that the attacks, which are believed to have taken down official state websites such as KCNA itself, were targeted to coincide with the military drills by the US and South Korea. Calling the attack cowardly and despicable, KCNA went on to insist that the "US and South Korean puppet regime are massively bolstering up cyber forces in a bid to intensify the subversive activities and sabotages against the DPRK". The KCNA statement went on to claim that "intensive and persistent virus attacks are being made every day on Internet servers operated by the DPRK".
It's not only the KCNA which is reporting that cyber attacks have been launched against the North Korean state. In Russia, the Ita-Tass news agency has also claimed that some official North Korean websites were disabled after servers were brought down during a "powerful hacker attack".
Of course, it is perhaps a little hypocritical that North Korea should be complaining about being the victim of state sponsored …
The news wires have been buzzing over the weekend after it emerged that the Raspberry Pi website had been hit by a 'million zombie' Distributed Denial of Service (DDoS) attack during the week. Although the outage was relatively brief, with the Raspberry Pi Foundation admitting the attack with a Twitter message that stated "We're being DDoS'd at the moment—very sorry if you can't see the website" and continued "If it goes on, we'll try to get some more capacity in tomorrow". The attack meant that parts of the site were offline for e a few hours while others were very slow and intermittent.
Forget the media obsession with that 'million zombies' headline, which seems to have come about after someone posted a statement claiming the attack took the form of a significant SYN flood from a botnet with about a million nodes. To be honest, botnets are out there for hire by people who want to launch such attacks and a million nodes may be on the large side but it's not particularly uncommon these days. What is uncommon, or so you might think, is for a DDoS attack to target something as harmless as Raspberry Pi in the overall scheme of things; a charitable foundation no less. The general perception is that hacktivism rules when it comes to DDoS attacks, and that the victims are mainly big business and political targets. That perception is, sadly, rather unfounded.
Sure, the Anonymous attacks with a political …
Apple, Facebook and Twitter have all been the target of hackers recently, and now Evernote has admitted to a potential breach that has forced it to reset the passwords of approximately 50 million registered users. Evernote, a kind of web scrapbook that enables you to take notes, save web pages and web page content, sync files across devices and share ideas with friends and colleagues, did the right thing in notifying users and resetting passwords. However, it did the right thing in the wrong way; and here's why.
I received an email last night informing me that:
Evernote's Operations & Security team has discovered and blocked suspicious activity on the Evernote network that appears to have been a coordinated attempt to access secure areas of the Evernote Service.
This immediately sought to put my, and the 49,999,999 other people who were reading the communication, mind at rest by assuring me that Evernote was taking this seriously enough to implement an across the board password reset. This despite there being no evidence, as yet, that any of my Evernote content had been accessed, changed or stolen. Evernote also told me that no payment information for 'premium' or 'business' customers had been accessed. So far so good you may be thinking.
The bad news is that the breach investigation does reveal that the hackers were able to gain access to usernames and the emails associated with them (sound familiar yet folks?) and, yes, those …
According to the network security team at Oxford University Computing Services (OxCERT) with the title of 'Google Blocks' the world famous seat of learning has decided to put a block, albeit a temporary one, on the use of Google Docs. Robin Stevens from the network security team at Oxford says that the "extreme action" was felt necessary in order to protect "the majority of University users".
While admitting that Google Docs is a "perfectly legitimate site" and one which is "widely used by staff and students as part of their work and personal lives" Stevens explains that it is "also frequently used for illegal activities... which threaten the security of the University’s systems and data". Of course, the same could be said of the Internet itself, or the students themselves, and neither of these have been banned.
It would appear that the IT Security folk at Oxford University are particularly concerned about phishing, and specifically phishing which is targeted at harvesting University email account credentials. If successful, and one has to assume they have been seeing as it has been felt necessary to take such drastic action, the phishers are then using these compromised accounts in order to distribute spam. The method of choice for the phishermen is linking to web forms hosted on Google Docs.
"Google Docs has many advantages. One significant one is that millions of people use it for perfectly law-abiding purposes. Another is that traffic is encrypted" Stevens says, …
According to new research from Kaspersky Lab, in the form of a report called Evaluating the threat level of software vulnerabilities, 72% of Java users haven't switched to the latest, safest, version despite highly publicised vulnerabilities and resulting security exploits.
And it's not just Java, the report also shows that users of older versions of Adobe Flash Player and Adobe Reader are also failing to upgrade to safer versions, leaving their systems and their data at potential risk of breach.
Researchers looked at the most dangerous vulnerabilities (those known to be actively exploited by cybercriminals) found in assorted programs during the last year, and analysed the enthusiasm with which users were upgrading to the safer updated editions once they were made available. The unsettling result was the discovery that for a large number of people the older, unsafe and often obsolete, versions of popular software applications remain installed on "a significant number of PCs" for "months and even years".
Here are the key points of the Kaspersky Lab paper:
Data analysis from more than 11 million users was used to reveal more than 132 million vulnerabilities, with an alarming average of 12 vulnerabilities per user.
In total more than 800 specific and different vulnerabilities were discovered, and of these a miniscule 37 were found to be present on at least 10% of computers for one week or more during 2012. Yet these same vulnerabilities incredibly accounted for a massive 70% of all the …
Research published today by data governance software developer Varonis reveals that, when it comes to the virtualized environment, security awareness appears to be something of a black hole.
The study found that data security in these virtualized environments can all too often be totally neglected, and some 48% of IT organisations reported or suspected there had been unauthorised access to files kept on virtual servers. The findings suggest that when it comes to awareness of security matters regarding virtualized servers and the data stored upon them, the harsh truth of the matter is that there is very little. Indeed, the survey found that 70% of those questioned had 'little or no' auditing in place for example.
When you consider that Gartner reckons there are now in excess of 50 million Virtual Machines installed on servers, it should come as no surprise to discover that 87% of respondents to the Varonis study said their application servers were already virtualized. The reasons for this virtualization being mainly a combination of deployment speed (76%) and disaster recovery potential (74%). Yet file security appears to be neglected almost across the board.
Sure, nearly 60% did claim to be "very careful about setting permissions and controlling subsequent updates" there's no escaping from the fact that 70% had implemented little or no auditing regardless of the company size. A statistic made all the more surprising by the revelation that in enterprises of more than 5,000 employees some 20% admitted …
According to new independent research commissioned by Corero Network Security, and conducted by the Ponemon Institute, two thirds of banks in the United States have suffered a Distributed Denial of Service (DDoS) attack during the last 12 months. The 64% statistic refers to the number of IT and IT security practitioners who reported that the banks at which they work were subject to at least one DDoS attack during 2012.
The research questioned 650 IT and IT security professionals working at a total of 351 banks, including some of the biggest in the world, and the sadly not at all surprising conclusion was that these DDoS attacks will continue, or 'significantly increase' during 2013 according to 78% of them.
With 48% of the banks concerned having been targeted multiple times during the course of 2012, the IT security professionals also admitted that Zero-Day attacks targeting previously unknown vulnerabilities were also hitting banks hard. Insufficiently experienced staff, along with ineffective security technology such as traditional firewalls (deployed by 35% of banks), were cited as the main barriers preventing the banks from being able to deal with these attacks more efficiently in 50% of cases. A lack of funding for security was the third most cited cause for concern.
"It really comes as no surprise that DDoS attacks are one of the most severe security risks cited by the banking industry and these results clearly demonstrate the level to which they are being targeted on …
Google's seemingly always changing indexing algorithm continues to hit site rankings as the search giant continues to drive a new generation of SEO relying upon original and relevant content generation and sharing above all else. Now a panel of SEO experts in the UK has warned that companies need to avoid putting all their SEO eggs into the one Google basket and instead embrace SEO strategic evolution in order to maintain and grow traffic.
At a round-table discussion, hosted by cloud provider UKFast, Sam Allcock, CEO of Custard Media, stated that the key to successful audience growth was traffic stream diversification rather than a reliance upon Google-led SEO strategies. "Businesses must investigate every alternative method of traffic, including Facebook and Twitter. It just so happens now the easiest way to attract traffic is through Google but will this be the case in five years?” Allcock said.
Naturally, much of the discussion revolved around the rise of social media and how this has ensured that link-building is no longer enough. "With the advent of social media it’s no longer about focusing on the link but on the traffic stream the content can give you" Christian Hill, director of strategy at digital agency Project Simply insisted, adding "It’s now about building the value of the business”.
UKFast MD Jonathan Bowers stated that his company has spent a lot of time assessing the role that hosting and page load speed plays in Google’s search ranking, but admitted that …
Last week saw the discovery of YAJE: Yet Another Java Exploit. Sadly, Java vulnerabilities are neither new nor uncommon and the bad guys are quick to exploit them in the wild. Some claim that Oracle is in too much of a rush to extricate itself from this unholy mess and while being quick to patch whatever vulnerability is currently making the media headlines is still leaving far too many insecurities in the software unfixed. But does that mean it's time to give up on Java?
AlienVault's Head of Labs, Jaime Blasco, reproduced the latest exploit in a previously fully patched Java installation and found that the exploit was probably "bypassing certain security checks tricking the permissions of certain Java classes as we saw in CVE-2012-4681". In fact, according to Blasco, the exploit is the "same as the zero day vulnerabilities we have been seeing in the past year in IE, Java and Flash".
Most vendors, AlienVault included, were advising that prior to the Oracle patch the only sensible option to protect against the threat was to disable Java. Simple as. But is it really that simple, and should we be writing off software such as Java (or indeed Flash and Internet Explorer) as being 'too vulnerable' and 'too insecure' and therefore not fit for purpose?
Let's look at the facts for a moment: Oracle released a patch for this latest vulnerability within a few days of exploits being seen in the wild. That …
This special edition of the Guinness World Records book will appeal to geeks and nerds the world over. Not just because it is packed full of the kind of trivia that we all thrive on in social situations, but also because that trivia is firmly based in the realm of video gaming. Previous editions have been described as being a veritable gaming almanac, and this sixth installment of the series does nothing to degrade that opinion. It's packed with facts, figures, lists, stats and high quality imagery.
It's also more than just a collection of lists though, the 2013 edition has a number of really rather well presented and very in-depth feature spreads covering games such as Call of Duty, Grand Theft Auto and Forza. There are even some more unexpected features like the one that looks at the relationship between the mediums of comic books and gaming, or another that delves into the top 50 videogame villains of all time.
As many of you may have been drawn to this review by the mention of Bowser, Darth Vader and Donkey Kong in the first place, let's start with a quick look at the Top 50 Video game Villains list which was compiled by polling Gamer's Edition readers and resulted in more than 12,000 votes in all. The broadness of gaming genres represented is quite staggering, as are the number of years covered. This is not just a list of the current bad guys and monsters …
This one is for UK-based DaniWeb members, or those of you who are visiting the UK and want to be able to charge your smartphone via a USB mains charger that is neither bulky or heavy. I'm not usually the type of person to get excited by a plug, honestly, but I will make an exception for the Mu.
The designer of the Mu, Min-Kyu Choi, says that he was frustrated by the dimensions of a traditional plug and thought that it was about time to redesign something that dated back to 1947 and hadn't really changed much since. "My idea was very simple – redesign the plug to bring it in line with the clean look and feel of today’s technology; without compromising functionality" Min-Kyu Choi reckons. DaniWeb reckons he was succeeded, with knobs on (although not literally as that would spoil the sleek design of the Mu). And sleek the Mu certainly is; it's a startlingly compact design for both a plug and a USB charger in one. Folding completely flat for storage, to a depth of a smidgeon over half an inch thick.
If you want to be precise, when folded flat the Mu is 14mm x 55mm x 60mm. That's a reduction in size, over a traditional UK-spec plug, of more than 70%. Yet when you come to unfold it and use the thing then the user is not faced with a fiddley, nail-breaking, annoying exercise in temper control. Simply unfold …
There can be no denying the impact that social media has had on business, you only have to look at the reach it has: well over a billion people between Facebook, Twitter and LinkedIn subscribers. What's more, there is no sign of the social media bubble bursting just yet.
However, social media is actually much more than just a numbers game and in order for any marketing campaign to succeed then businesses simply have to understand how to embrace it properly. Indeed, the potential for extending the reach of your business and your brand has never been bigger. The time for action is now, but jumping onto the social media bandwagon without first doing your homework and making careful preparation is just inviting the wheels to fall off your campaign. And that means constructing a relevant and worthy social media marketing strategy.
DaniWeb has already covered how social video plays a key role in online advertising campaigns so I won't bother going over that same ground again. Likewise, DaniWeb has detailed why buying social media reviews is a recipe for disaster when it comes to any sensible marketing campaign that expects customer retention and brand longevity.
What we haven't done so far is compile a basic list of social media marketing campaign tips, until now...
Think of social media networks as marketing channels and match your products to those which are appropriate. The scattergun approach of simply throwing your efforts into …
Network security vendor Stonesoft predicts that the top infosec threats to watch out for in 2013 will include unseen and unknown targeted cyber-attacks, espionage and hacktivism. Jarno Limnell, director of cyber-security at Stonesoft, reckons that in 2013 the security of the digital world will become an even more pressing issue, and this will lead to increasing pressure to consider international norms, rules and regulations. "As nation-states continue to invest heavily in cyber capabilities (defence and offence), it is also likely that they will be more inclined to use these capabilities and the use of cyber force in the world will increase" Limnell says "this may have severe consequences – in particular with regard to unpredictable side-effects. A single attack can spread rapidly around the world, even by a mistake. There is a myriad of players who are investing immense resources to change the cyber reality".
The top six security trends to watch for in 2013 according to Stonesoft are: