Hackin9
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

A US congressman has learned first-hand just how vulnerable cellphones are to eavesdropping and geographic tracking after hackers were able to record his calls and monitor his movements using nothing more than the public ten-digit phone number associated with the handset he used.

The stalking of US Representative Ted Lieu's smartphone was carried out with his permission for a piece broadcast Sunday night by 60 Minutes. Karsten Nohl of Germany-based Security Research Labs was able to record any call made to or from the phone and to track its precise location in real-time as the California congressman traveled to various points in the southern part of the state. At one point, 60 minutes played for Lieu a crystal-clear recording Nohl made of one call that discussed data collection practices by the US National Security Agency. While SR Labs had permission to carry out the surveillance, there's nothing stopping malicious hackers from doing the same thing.

The representative said he had two reactions: "First it's really creepy," he said. "And second it makes me angry. They could hear any call. Pretty much anyone has a cell phone. It could be stock trades you want someone to execute. It could be a call with a bank."

Read 7 remaining paragraphs | Comments

 
The National Institute of Standards and Technology (NIST) has released the Department of Commerceaposs (DOC) 2015 Technology Transfer Report. The annual report provides comprehensive statistics on the technology transfer activities of ...
 

This Week We're Exploring Gender Inequality in Tech—Starting With Ourselves
Motherboard
This week, as part of our “Silicon Divide” theme week, we'll be examining issues of gender in disparate aspects of tech and science, from sexism in the science lab to the gender gap in infosec. We'll be investigating Silicon Valley's obsession with ...

and more »
 
[security bulletin] HPSBST03576 rev.2 - HP P9000, XP7 Command View Advanced Edition (CVAE) Suite including Device Manager and Tiered Storage Manager using Java Deserialization, Remote Arbitrary Code Execution
 
[security bulletin] HPSBGN03555 rev.1 - HPE Vertica Analytics, Management Console, Remote Disclosure of Sensitive information, Execution of Arbitrary Code with Root Privileges
 
CVE-2016-4021: pgpdump 0.29 - Endless loop parsing specially crafted input (SYSS-2016-030)
 

Naked Security

Blackhole gang shipping off to Russian penal colony
Naked Security
Seems like just yesterday, the whole infosec world was obsessed with Blackhole. And we had every right to be. ... ranging from 5 and a half to 8 years. According to the Russian news agency TASS, one was sentenced in absentia, and remains at large.

and more »
 

This Week We're Exploring Gender Inequality in Tech—Starting With Ourselves
Motherboard
This week, as part of our “Silicon Divide” theme week, we'll be examining issues of gender in disparate aspects of tech and science, from sexism in the science lab to the gender gap in infosec. We'll be investigating Silicon Valley's obsession with ...

and more »
 

Networks may look different, but the security problems are basically the same.

The National Security Archives at George Washington University has just added a classic text of computer security to its "Cyber Vault" project—the original version of what came to be known as the "Ware Report," a document published by the predecessor to the Defense Advanced Research Projects Agency in February 1970. And as much as technology has changed in the 46 years that have passed, the Ware Report would still hold up pretty well today with a few notable edits.

The document, officially entitled "Security Controls for Computer Systems: Report of the Defense Science Board Task Force on Computer Security," was the result of work undertaken in 1967 at the behest of the Advanced Research Projects Agency (ARPA, now DARPA) to deal with the risks associated with the rapid growth of "multi-access, resource-sharing computer systems"—the primordial network ooze from which the Internet would be born. Authored by a task force led by computer science and security pioneer Willis Ware, the report was a first attempt to take on some of the fundamental security problems facing a future networked world.

The Ware Report included a list of conclusions and recommendations that (based on recent data breaches and security failures) many have failed to take to heart. The first of these is one that recent ransomware attacks seem to show that organizations have forgotten. "Providing satisfactory security controls in a computer system is in itself a system design problem," Ware wrote in the summary memo accompanying the report. "A combination of hardware, software, communication, physical, personnel and administrative-procedural safeguards is required for comprehensive security. In particular, software safeguards alone are not sufficient."

Read 4 remaining paragraphs | Comments

 

The last week has been characterized by the coming back (again) of yet another wave of Retefe malware, which first appeared in 2014 and has since come back">Bestellung.dd.MM.YY.N353610.zip fcb54818faf6884d2e00cfd5fec49872
|-- Quittung.dd.MM.YY.N821175.js">C:\Users\userfolder" />

wants to get more hints about Retefe, in the references you can find information about analysis of previous samples.

Happy Hunting

Pasquale

REFERENCES:

http://researchcenter.paloaltonetworks.com/2015/08/retefe-banking-trojan-targets-sweden-switzerland-and-japan/

https://securityblog.switch.ch/2014/11/05/retefe-with-a-new-twist/

http://securityintelligence.com/tsukuba-banking-trojan-phishing-in-japanese-waters/

http://blog.trendmicro.com/trendlabs-security-intelligence/finding-holes-operation-emmental/

http://securityblog.switch.ch/2014/11/05/retefe-with-a-new-twist/

https://countuponsecurity.com/2016/02/29/retefe-banking-trojan/

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 

SYS-CON Media (press release)

Ransomware Evolution | @CloudExpo #InfoSec #DataCenter #Security
SYS-CON Media (press release)
Initially, we came across ransomware which exploited the entire system and just restricted you from interacting with your own device, later on requiring you to pay dollars if you want to go back and use your computer. And then it started becoming ...

 
[SECURITY] [DSA 3552-1] tomcat7 security update
 
[SECURITY] [DSA 3551-1] fuseiso security update
 
Ahrare Andeysheh Cms Multiple Vulnerabilities
 
Internet Storm Center Infocon Status