It sounds like a scene from an absurdist play or a companion to the old tale of dogs and cats living together in harmony, but it has now been confirmed. Servers distributing the notorious Dridex banking trojan were instead circulating clean copies of the freely available Avira antivirus program.

Avira researchers still don't know how the mixup happened, but their chief theory is that a whitehat hacker compromised some of the Dridex distribution channels and replaced the normal malicious executables with a digitally signed Avira installer. As a result, when targets opened attachments contained in spam e-mails sent by Dridex servers, the would-be marks were instead prompted to run a program designed to protect computers from the very likes of the Dridex threat.

"We still don't know exactly who is doing this with our installer and why—but we have some theories," a blog post published Friday quoted Avira malware expert Moritz Kroll saying. "This is certainly not something we are doing ourselves."

Read 2 remaining paragraphs | Comments


(credit: Ethan Ligon)

BERKELEY, Calif.—Days after a group of concerned professors raised alarm bells over a new network monitoring system installed at the University of California, Berkeley and the other nine campuses of the University of California system, a separate committee of system-wide faculty has now given its blessing. Some Berkeley faculty remain concerned that their academic freedom has been threatened by the new full packet capture system that sits on each campus network’s edge, however. They say that retaining such information could be used as a way to constrain legitimate discussion or research on controversial topics.

Last summer, the University of California Office of the President (UCOP) ordered that a Fidelis XPS system be installed at all 10 campuses at a total estimated cost of at least a few million dollars. The Fidelis hardware and software is designed to "detect attacks" and analyze "every single packet that traverses the network."

The move came in response to a July 2015 attack against the University of California Los Angeles Health System, which resulted in 4.5 million records being stolen. Following that attack, University of California President Janet Napolitano, the former Secretary of Homeland Security, moved quickly to bring more digital monitoring onto the campuses, which stretch from Berkeley to San Diego. The UC Regents, the governing board of the entire UC system, now face 17 separate lawsuits as a result of the breach at UCLA. Similar network monitoring hardware has also been installed at other universities nationwide.

Read 10 remaining paragraphs | Comments


Posted by InfoSec News on Feb 05


By Jai Vijayan

Critics maintain that Norse Corp. is peddling threat data as threat

A massive and potentially company-ending shakeup at security vendor Norse
Corp. in recent weeks amid controversy over its practices may be a signal
that the threat intelligence industry is finally maturing....

Posted by InfoSec News on Feb 05


By Jim Reno
Feb 4, 2016

A few weeks ago on a Saturday morning I tried to pay a medical bill online
and received the following message:

Sorry! In order to serve you better, our website will be down for
scheduled maintenance from Friday 6:00 PM to Sunday 6:00 PM.

OK, I get it. Stuff happens. However, the following week I...

Posted by InfoSec News on Feb 05


By Kaveh Waddell
The Atlantic
February 4, 2016

A nuclear scientist formerly employed by the federal government admitted
Tuesday that he tried to infect the computers of about 80 government
employees whom he believed had access to nuclear materials and weapons.

According to court documents released by the Justice...

Posted by InfoSec News on Feb 05


By Lim Yan Liang
The Straits Times
Feb 4, 2016

Singapore will face more cyber attacks as technology is increasingly used
in everyday life, from smart traffic lights and driverless trains to the
ubiquitous smartphones.

The greater risk, which is inevitable as Singapore pushes to be a Smart
Nation, was flagged yesterday by the managing director of the Infocomm...

Posted by InfoSec News on Feb 05


By Krzysztof Polak
04 Feb 2016

The internet of things (IoT) has gone from an industry buzzword to a
highly promising phenomenon in central and eastern Europe – but IT
specialists are concerned about how to protect networks from the extra
strain of new connected devices.

The driving force behind IoT is the desire to gain...
CVE-2015-3252: Apache CloudStack VNC authentication issue
[SECURITY] [DSA 3466-1] krb5 security update
CVE-2015-3251: Apache CloudStack VM Credential Exposure
Internet Storm Center Infocon Status