Information Security News
It sounds like a scene from an absurdist play or a companion to the old tale of dogs and cats living together in harmony, but it has now been confirmed. Servers distributing the notorious Dridex banking trojan were instead circulating clean copies of the freely available Avira antivirus program.
Avira researchers still don't know how the mixup happened, but their chief theory is that a whitehat hacker compromised some of the Dridex distribution channels and replaced the normal malicious executables with a digitally signed Avira installer. As a result, when targets opened attachments contained in spam e-mails sent by Dridex servers, the would-be marks were instead prompted to run a program designed to protect computers from the very likes of the Dridex threat.
"We still don't know exactly who is doing this with our installer and why—but we have some theories," a blog post published Friday quoted Avira malware expert Moritz Kroll saying. "This is certainly not something we are doing ourselves."
BERKELEY, Calif.—Days after a group of concerned professors raised alarm bells over a new network monitoring system installed at the University of California, Berkeley and the other nine campuses of the University of California system, a separate committee of system-wide faculty has now given its blessing. Some Berkeley faculty remain concerned that their academic freedom has been threatened by the new full packet capture system that sits on each campus network’s edge, however. They say that retaining such information could be used as a way to constrain legitimate discussion or research on controversial topics.
Last summer, the University of California Office of the President (UCOP) ordered that a Fidelis XPS system be installed at all 10 campuses at a total estimated cost of at least a few million dollars. The Fidelis hardware and software is designed to "detect attacks" and analyze "every single packet that traverses the network."
The move came in response to a July 2015 attack against the University of California Los Angeles Health System, which resulted in 4.5 million records being stolen. Following that attack, University of California President Janet Napolitano, the former Secretary of Homeland Security, moved quickly to bring more digital monitoring onto the campuses, which stretch from Berkeley to San Diego. The UC Regents, the governing board of the entire UC system, now face 17 separate lawsuits as a result of the breach at UCLA. Similar network monitoring hardware has also been installed at other universities nationwide.
Posted by InfoSec News on Feb 05http://www.darkreading.com/threat-intelligence/newly-fired-ceo-of-norse-fires-back-at-critics-/d/d-id/1324195
Posted by InfoSec News on Feb 05http://www.infoworld.com/article/3029772/cloud-computing/how-to-secure-containers-and-microservices.html
Posted by InfoSec News on Feb 05http://www.nextgov.com/cybersecurity/2016/02/former-federal-employee-who-tried-launch-cyberattack-nuclear-scientists/125694/
Posted by InfoSec News on Feb 05http://www.straitstimes.com/singapore/new-centre-to-help-spore-boost-cyber-security
Posted by InfoSec News on Feb 05http://www.computerweekly.com/news/4500272253/IoT-risks-raise-concerns-among-IT-specialists-in-CEE