March 2013 - Posts
German researchers have demonstrated a "proof of concept" test where phones placed in a freezer will boot slowly. This may allow possible access to keys which can be used to decrypt protected information stored on the phone.
QUOTE: A team of researchers in Germany has demonstrated a surprising attack on Android phones, where they managed to grab stored cryptographic keys. While we hear about research demonstrations pretty often, this experiment distinguished itself by requiring that the target phone first be chilled in a freezer for an hour. At issue are the encryption tools rolled out for Anroid 4.0, aptly named Ice Cream Sandwich. "For the first time, Android smartphone owners were supplied with a disk encryption feature that transparently scrambles user partitions, thus protecting sensitive user information against targeted attacks that bypass screen locks," wrote the team from Erlangen's Friedrich-Alexander University.
First, they placed the target phone in a freezer. Their goal was to keep the phone at around -15C for about an hour. Interestingly, they reported that this appears not to damage the phone. Once it was adequately cold, the team quickly disconnected and reconnected the battery. Because the device they used to demonstrate the attack did not have a reset button, they wrote that the phone should be unpowered for no more than 500ms. Then, they activated the phone's "fastboot mode" by holding the power button and volume button at the same time. In this mode, the team was able to run their software and recover the keys to decrypt the device's user partition.
Below are beneficial Windows 8 security tips from PC World
QUOTE: Microsoft actually introduced a few great features in its new operating system, some of which will help keep you safer from malware and other security threats. Though most of these security enhancements are active by default, you still must be proactive to get the most from them. Also, one new Windows 8 feature presents specific security concerns that must be addressed to keep your PC—and your data—as safe as possible. Let's jump in and investigate.
1. Buy a new PC instead of upgrading -- To take full advantage of Windows 8’s new security features, your PC needs to run a new kind of boot system called Unified Extensible Firmware Interface (UEFI). This system, which replaces the archaic Basic Input/Output System (BIOS), adds many new boot features and greatly speeds the startup process. Included in UEFI is a feature, called Secure Boot, that helps prevent unauthorized operating systems and malware from running at startup. This makes it more difficult for data thieves to use bootable discs or flash drives to access your files; it also helps keep rootkits—a form of malware that's hard to detect—from infecting your computer during bootup.
2. Take precautions when using a Microsoft account -- If you log in to Windows using a Microsoft account, take the extra precautions I’ve described to secure your data. Use separate and unique strong passwords for both the Microsoft account and the email account you use. Don’t store sensitive files in your SkyDrive online storage account. And keep your Microsoft account up-to-date with your mobile number.
3. Choose your antivirus program wisely -- Windows 8 comes with built-in antivirus software as part of the updated Windows Defender program. However, if your PC manufacturer included a third-party antivirus program with your computer, Windows Defender may be disabled. Either way, make sure you have some form of antivirus program installed and enabled.
It is important to always be careful when installing any free application on Facebook, on mobile phones, etc.
QUOTE: The ‘PokerAgent’ botnet, which we have tracked in 2012, was designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats, presumably with the intention to mug the victims. The threat was mostly active in Israel. 800 computers were infected, over 16194 Facebook credentials stolen. ESET Security Research Lab has discovered an attention-grabbing Trojan horse about a year ago. The signs which indicated that it would be something interesting were references to Facebook, its Zynga Poker App (seen from the text strings in the binary), the executable name “PokerAgent” and botnet features – the Trojan would request tasks from a C&C server. ESET has been detecting the different variants of the Trojan generically as MSIL/Agent.NKY. After the initial discovery, we were able to find other versions of the Trojan, both older and newer, and acquire detection statistics which have revealed that the Trojan was most active in the country of Israel.
Facecrooks security warns that a fake message prompting users to re-enter their Facebook credentials is circulating. This should be avoided as it will compromise FB security for the user.
Facebook - Fake Mark Zuckerberg Message circulating
QUOTE: The latest malicious scam to go viral on Facebook purports to be a message from Facebook CEO Mark Zuckerberg. The obvious problems with the message start immediately: Zuckerberg’s name is spelled “Zurckerberg” at the very top of the message content. The alert then goes on to say that the user is in violation of Facebook’s Terms of Service, and could have their profile permanently locked if they don’t click on a link and verify their identity. If users click on the link, they are taken to a fake Facebook log-in page that is then used to reap their personal information.
Dark Reading shares an informative approach to improve application security during development
QUOTE: While application security cascades into just about every facet of IT security today, many enterprises have a difficult time implementing sustainable application security programs that offer measurable benefits to the business. A general disconnect between security goals and the profit motives of development teams can cause insurmountable conflict between infosec teams and developers, with line of business leaders all too ready to side with money-making dev teams nine times out of 10.
1. Thou Shall Execute App Security At The Speed Of Business
2. Thou Shall Not Architect Security
3. Thou Shall Evolve Your Testing Methodologies
4. Thou Shall Not Surprise Dev Teams
5. Thou Shall Test Apps In Production (Application security testing shouldn't stop in QA)
6. Thou Shall Not Let Frameworks Replace Common Sense
7. Thou Shall Put Vulnerabilities In Proper Context
8. Thou Shall Not Give Developers Rampant Access To Live Customer Data
9. Thou Shall Use A Web application firewall With A Plan
10. Thou Shall Not Blame The Developers
More Posts « Previous page