Security Flash News from 23rd to 27th of October, 2017

-
 0

On Monday (23rd of October), we decided to observe the change that Android operating systems are planning to face. It is called “DNS over TLS”. What does this mean? Well, it should be a known fact your Internet Service Provider (ISP) might be allowed to obtain the DNS requests you are making. This basically exposes the websites you visit. With Google trying to make a change, this would mean that DNS lookups would use end-to-end authentication. In other words, the layer of protection would resemble HTTPS. This feature should be activated manually with people accessing their Developers Options category. However, this does not mean that DNS queries would automatically become 100% secure. In fact, DNS service provider can still be able to obtain this information. More at: 2-viruses.com.

On the same day it was clear that young adults or millennials, if you will, are not really interested in cyber security and pretty much no one wants to build a career in this particular field. An annual survey by Raytheon Intelligence exposed the fact that only 38% of survey participants are thinking about the possibility to study cyber security in the university. In addition to that, besides the fact that awareness of problems regarding cyber security now is higher than ever, most of young adults are acting risky online, ignoring the possible consequences. More at: Securitymagazine.com.

On Tuesday (24th of October), we discussed a curious question, raised by FBI officials. Is data encryption too strong? Well, FBI would certainly think so as their latest operation failed miserably when they were unable to hack into 7 thousand mobile phones. According to the director of Federal Bureau of Investigation (FBI) Christopher Wray, this is a huge problem in terms of national security. However, not everyone agrees with the notion that strong encryption and online security should be treated as an issue. In fact, security researchers argue that it would be a bigger problem if data would not be encrypted strongly as it would open doors for any hacker to obtain information. On the other hand, it is controversial because hacking into terrorists’ phones or devices that belong to other dangerous people could potentially prevent crime. More at: 2-viruses.com.

Also on Tuesday third vulnerability related cryptocurrencies this month was discovered. It is dubbed ‘The DUHK Attack’ – Don’t Use Hard-coded Keys. Since the PRMHs (pseudorandom number generators) technology is still used by most of vendors, products from companies such as as Cisco or TechGuard are vulnerable. During the attack cyber criminals can recover encryption keys which are used to protect VPN connections and web browsing sessions. More at: Thehackernews.com.

Security Flash News End of October

On Wednesday (25th of October), our goal was to inform our readers of another incident in the are of miners of cryptocurrencies. This time, our main subject was CoinHive mining service which is, on its own, a legitimate tool. However, when vicious hackers attempt to mine digital money in unacceptable ways while using the CoinHive: this becomes an illegal activity. In the terms of the incident we discussed, hackers hacked into CoinHive service and managed to switch up the legitimate JavaScript codes with the ones modified by hackers. This meant that anyone who incorporated CoinHive miner into their websites during the invasion received a tool which mined digital currency for hackers. More at: 2-viruses.com.

On Thursday (26th of October), we had to pay attention to the biggest news we encountered this week: BadRabbit ransomware virus. Despite its ridiculous name, the infection received worldwide coverage from hundreds of countries and was indicated to be a new-and-improved version of NotPetya, presumably generated by the same vicious hackers. The attack targeted Eastern Europe countries, but spread to Russia, United States, Turkey, South Korea and other countries. One of the most well-off targets were found to be in Ukraine, while the total amount of infected computers was bigger in Russia. While these incidents are very unfortunate, we hope that they will serve as a warning for all: backup your data and avoid suspicious offers to install software/updates. More at: 2-viruses.com.

Even though the week was going to its’ end, we received some shocking news from far East – Japan, to be more specific. The most active virus in the financial sector in 2016, trojan Ursnif, is back. As stated by Limor Kessem, ESA for IMB, “In addition to banks, the active Ursnif variant in Japan also targets user credentials for local webmail, cloud storage, cryptocurrency exchange platforms and e-commerce sites”. More at: Threatpost.com.

On Friday (27th of October), we decided to end the working-week with an announcement about LG’s IoT Home Appliances. Researchers from CheckPoint discovered a rather disturbing flaw in LG’s home infrastructure, allowing vicious hackers to invade personal spaces of basically anyone that has this system in their houses. One of the curious discoveries was the fact that LG’s camera-equipped robotic vacuum cleaner can be invaded and used for spying. This, once again, shows a rather disturbing side of IoT devices: if they are not protected properly or the software systems have flaws, they are rather easy to invade. If hackers would manage to obtain control of LG’s Home Appliances, this would mean that invaders could regulate and control all of the devices connected to the Internet. More at: 2-viruses.com.

 

About the author

 - Main Editor

I have started 2-viruses.com in 2007 after wanting to be more or less independent from single security program maker. Since then, we kept working on this site to make internet better and safer place to use.

 
 
 

Leave a Reply

Your email address will not be published. Required fields are marked *