A Week in Security (April 27 – May 3)
Here’s a review of last week’s posts on Malwarebytes Unpacked:
- Cyber-criminals interested in Microsoft Azure, too (Fraud/Scam Alert) The Microsoft Azure public cloud platform was found being used by online criminals to host phishing pages to target, in this case, Apple users. Azure-hosted phish has been around for quite a while, with the earliest case recorded in 2012 where a phishing site targeted Brazilian bankers.
- Automating Malware Analysis with Cuckoo Sandbox (Malware Analysis) “To fully understand a sample, it can take a long time–in some cases, it may take years.” writes Malware Intelligence Analyst Joshua Cannell,”The problem for malware analysts and security researchers alike is we don’t have years to dedicate to one sample.” In this blog, Joshua suggested using a sandbox to get the job done a lot quicker. Cuckoo, however, is not the ready-to-install, user-friendly type of software that one would normally expect. He provided tips for beginners.
- Sideloading Apps is a Dangerous Game (Mobile Security) Malware Intelligence Lead Adam Kujawa advises readers to trust only authorized and reputable stores when one is looking for apps to download for their mobile devices, whether these be movies, music albums, or new game in the market. More often than not, .APK downloads claiming to be free are malware.
- Fake and Bundled Malwarebytes Anti-Malware 2.0 Abound (Security Threat) In this blog posts, we discussed the potentially unwanted programs (PUPs) and a survey scam we encountered while scouring the Web for download sites and files that may give users more trouble than the solution our product promises. We’ve seen something like this happen before with other popular security software product. We weren’t surprised when certain groups or individuals started targeting luring users with the MBAM brand.
- Microsoft warns against new Internet Explorer Zero-Day UPDATED (Exploits) Senior Threat Researcher Jérôme Segura updated his April 28 post to include news of Microsoft also providing a patch or fix for their users who decided to or are sticking to (at least for now) Windows XP.
Top news stories:
- Hacker claims about bug in fixed OpenSSL likely a scam. Following the discovery of Heartbleed, an OpenSSL security flaw that continue to make waves up to today, a hacker claimed to have found another Heartbleed-like vulnerability and sells its exploit for $870. (Source: TechCentral)
- Skype stores all application data in a local database in plain text. Romanian programmers uncovered insecurity in Skype when they found a local database file containing chat logs, credentials, and phone numbers that can be read using SQLite. (Source: Digitalmunition)
- 4chan admits it suffered hack attack. According to their official blog post: “The intruder later stated their motive was to expose the posting habits of a specific user they disliked;” however, there were claims that it’s more to it than than. (Source: Graham Cluley Blog)
- Heartbleed used to uncover data from cyber-criminals. Security researchers were able to penetrate private and exclusive forums that were once difficult to get into using the infamous Heartbleed bug. (Source: BBC)
- 300% growth in enterprise attacks across UK and Ireland. This is according to FireEye after announcing the release of their Regional Advanced Threat Report for the United Kingdom and Ireland (UKI) at Infosecurity Europe 2014. (Source: Help Net Security)
- Hackers Can Mess With Traffic Lights to Jam Roads and Reroute Cars. Due to poorly secured traffic control systems installed all over US cities, hackers can actually blur the line that separates Hollywood reality and real life if they want to. (Source: Wired)
- ‘Dark Wallet’ Is About to Make Bitcoin Money Laundering Easier Than Ever. unSystem, a “collective of politically radical coders”, plans to release ‘Dark Wallet’, a piece of software that enables untraceable bitcoin transactions over the Web—a response to governments that seek to regulate bitcoin. (Source: Wired)
- Facebook Unveils Anonymous Login at F8 Developer Meetup. At the F8 Developers’ Conference in San Francisco, CA, Facebook tells attendees that this new feature, once released, will allow users to login to new apps namelessly until they’re comfortable enough to trust the apps with their information. (Source: eWeek)
Stay secure, everyone!