My Twitter feed has exploded with the release of the Kaspersky report on the "Equation Group", an entity behind a very advanced family of malware. (Naturally, everyone is blaming the NSA. I don't know who wrote that code, so I'll just say it was beings from the Andromeda galaxy.) The Equation Group has used a variety of advanced techniques, including injecting malware into disk drive firmware, planting attack code on "photo" CDs sent to conference attendees, encrypting payloads...
Lastly, and certainly not the least, part four of my security predictions takes a deeper dive into mobile threats and what companies and consumer can do to protect themselves. If there is one particular threat category that has been repeatedly singled out for the next great wave of threats, it has to be the mobile platform -- in particular, smartphones... The general consensus of prediction was that we're (once again) on the cusp of a pandemic threat.
A number of security predictions have been doing the rounds over the last few weeks, so I decided to put pen to paper and write a list of my own. However, I have a quite a few predictions so I have listed them over several blog posts. After all, I didn't want to bombard you with too much information in one go! Part three examines the threats associated with data breaches.
Cyber security was a hot topic in 2014. It seemed not a week went by without details of a high profile data breach hitting the headlines. To recap, the Sony breach was one of the most notable, as was the Home Depot hack, while details of widespread security vulnerabilities such as Heartbleed, Shellshock and Poodle were also revealed. But what will 2015 bring? Will it be more of the same, or have cyber criminals got some new tricks up their sleeves?
As I read through multiple postings covering the proposed Computer Fraud and Misuse Act, such as the ever-insightful writing of Rob Graham in his Obama's War on Hackers or the EFF's analysis, and the deluge of Facebook discussion threads where dozens of my security-minded friends shriek at the damage passing such an act would bring to our industry, I can't but help myself think that surely it's an early April Fools joke.
The Spamhaus Project just published a long article about the botnets they've been watching during 2014. As this chart shows, we're not making any progress. They also note that the goals of botnets have changed. While in the past they were mostly used to send spam, now they're stealing banking and financial information, engaging in click fraud, and used for DDoS and other malicious mischief.
After the botched burglary at the Watergate Apartments, every scam and scandal that hit the headlines became a 'gate' -- Irangate, Contragate, you name it. The Heartbleed bug is possibly the closest thing to Watergate that this generation of computer security had seen till the past few days -- an exploit in a component that is "just there" -- something you utterly rely on to be there and perform its duties, and give very little thought to how secure (or rather, insecure) it might be. So, fittingly, every such catastrophic bug in an ubiquitous component is now a 'bleed'.
Anyone seeking to honor a groundbreaking contribution toward a better online world should submit a nomination for the 2014 M3AAWG J. D. Falk Award. Presented to people whose work on specific projects made the Internet a safer, more collaborative, more inclusive place, the J. D. Falk Award has recognized leaders and pioneers who saw elements of the online experience that needed improvement and took action to fix them.
Until now, the criminals behind malware and phishing have had only 22 generic top-level domain names (TLDs) to abuse -- names like .com, .net or .org. But with hundreds of new TLDs entering the marketplace, e.g. .buzz, .email, and .shop, there are many more targets than ever... What can attackers do with domain names?
The holidays open up a block of time to catch up on "I meant to read that" bookmarks, RSS feeds, and all the favorited and forgotten tweets. I made it through 50 before a NormanShark blog post kicked off a research project. The analysts found a malware sample which was using .bit domains in their communications infrastructure, but .bit ... what is that? .bit is a TLD operating outside of ICANN. Some would say they are TLD squatting, but I leave that opinion up to the reader.