Information Security News
LAS VEGAS—Google and its Android partners on Wednesday started distributing a fix for a vulnerability that could cause millions of phones to execute malicious code when they're sent a malformed text message or the user is lured to a malicious website.
The flaw in an Android code library known as Stagefright was disclosed last week, several months after security researchers privately reported it to engineers responsible for Google's Android operating system. Google engineers, in turn, have introduced changes to the Android text messaging app Messenger. The changes mitigate the threat by requiring users to click on videos before playing them.
Google began pushing out the updated app and other unspecified safeguards to Nexus devices and will be releasing them in open source later in the day, once full vulnerability details are disclosed. Google already sent the fix to hardware partners, and according to the Android Police news site, both Sprint and Samsung have started pushing out the updates. Updated handsets include the Nexus 5 and Nexus 6, the Galaxy S5, S6, S6 Edge, and Note Edge, the HTC One M7, One M8, One M9; LG Electronics G2, G3, G4; Sony Xperia Z2, Xperia Z3, Xperia Z4, Xperia Z3 Compact; and the Android One.
by Sean Gallagher
LAS VEGAS—Today at the Black Hat information security conference, Dell SecureWorks researchers unveiled a report on a newly detected hacking group that has targeted companies around the world while stealing massive amounts of industrial data. The majority of the targets of the hacking group were in the automotive, electronic, aerospace, energy, and pharmaceutical industries. The group, believed to be based in China, has also targeted defense contractors, colleges and universities, law firms, and political organizations—including organizations related to Chinese minority ethnic groups.
Designated as Threat Group 3390 and nicknamed "Emissary Panda" by researchers, the hacking group has compromised victims' networks largely through "watering hole" attacks launched from over 100 compromised legitimate websites, sites picked because they were known to be frequented by those targeted in the attack.
At least 50 organizations in those industries in the US and the United Kingdom had data stolen by members of Emissary Panda. Sites targeted included the website of the Embassy of the Russian Federation in the US (as well as those of other embassies and non-governmental organizations); government agency websites around the world; manufacturing companies, many of whom were suppliers to defense contractors; and the Spanish defense manufacturer Amper. A cultural site for the Chinese Uyghur ethnic group was also used, apparently to target members of the Muslim minority for surveillance.
Crowdsourced InfoSec Budgeting Tool Available Free to Peerlyst Users
SYS-CON Media (press release)
SAN FRANCISCO, CA -- (Marketwired) -- 08/05/15 -- Peerlyst, the preeminent information security community, is today pleased to announce PeerSource Budget™. The crowdsourced free tool gives InfoSec professionals, for the first time, a flexible and ...
I could spoof Globalstar satellite messages, boasts infosec bod
Black Hat 2015 Intercepting and spoofing satellite communications carried over the Globalstar network is possible with modest technical skills and an investment of just $1,000, according to new research due to be unveiled at Black Hat. Globalstar is ...