Monday, June 23, 2014

Cyber Security News, Education and Vulnerability Patch Report for the week of June 23, 2014

Cyber Security News of the Week

From our friends at Citadel Information Group

Cyber Crime

Cybercriminals Zero In on a Lucrative New Target: Hedge Funds: Computer security experts say hedge funds, with their vast pools of money and opaque nature, have become perfect targets for sophisticated cybercriminals. Over the past two years, experts say, hedge funds have fallen victim to targeted attacks. What makes them such ripe targets is that even as hedge funds expend millions in moving their trading operations online, they have not made the same investment in security. The New York Times, June 19, 2014
Tally of Cyber Extortion Attacks on Tech Companies Grows: Tech start-ups continue to get hit by extortion attempts from cybercriminals who aim to shut down their systems until companies pay their ransom. The New York Times, June 19, 2014
Hedge-Fund Hackers Disrupting Trades for Profits, BAE Says: Hackers disrupted high-speed trading at a large hedge fund and rerouted data that might be used to make money in rogue stock-market transactions, a security official with BAE Systems Plc (BA/) said. Bloomberg, June 19, 2014
P.F. Chang’s Breach Likely Began in Sept. 2013: The recently-announced credit card breach at P.F. Chang’s Chinese Bistro appears to have gone on for at least nine months: New information indicates that the breach at the nationwide restaurant chain began on or around Sept. 18, 2013, and didn’t end until June 11, one day after broke the news about the break-in. KrebsOnSecurity, June 18, 2014

Cyber Attack

Hackers Take Down World Cup Site in Brazil: Hackers on Friday made good on their threat to take down the 2014 World Cup site in Brazil. The New York Times, June 20, 2014
Hackers Take Down Website of Brazilian Federation: (TERESOPOLIS, Brazil) — The Brazilian football federation says hackers momentarily took down its website on Thursday. Time, June 19, 2014

Cyber Espionage

2nd China Army Unit Implicated in Online Spying: SAN FRANCISCO — The email attachment looked like a brochure for a yoga studio in Toulouse, France, the center of the European aerospace industry. But once it was opened, it allowed hackers to sidestep their victim’s network security and steal closely guarded satellite technology. The New York Times, June 9, 2014

Cyber Privacy

British Spy Agencies Assert Power to Intercept Web Traffic: LONDON — In a broad legal rationale for collecting information from Internet use by its citizens, the British government has asserted the right to intercept communications that go through services like Facebook, Google and Twitter that are based in the United States or other foreign nations, even if they are between people in Britain. The New York Times, June 16, 2014

Financial Cyber Security

New powerful banking malware called Dyreza emerges: Security researchers said they’ve spotted a new type of banking malware that rivals the capabilities of the infamous Zeus malware. PCWorld, June 16, 2014
First Major Mobile Banking Security Threat Hits the U.S.: Is mobile banking safe? It’s a question that’s been in the back of many people’s minds ever since banks introduced apps in 2009. With roughly 102 million Americans using mobile banking, the potential for hackers, phishers and other types of cyberattackers to prey on mobile banking users is vast. American Banker, June 13, 2014

Cyber Warning

Chinese smartphone on sale on Amazon and eBay contains built-in malware: A Chinese Android smartphone on sale on Amazon, eBay and other online stores has been found to contain a virus that pretends to be the Google Play Store but steals user data. The Guardian, June 18, 2014
If It Sounds Too Good To Be True…: The old adage “If it sounds too good to be true, it probably is” no doubt is doubly so when it comes to steeply discounted brand-name stuff for sale on random Web sites, especially sports jerseys, designer shoes and handbags. A great many stores selling these goods appear to be tied to an elaborate network of phony storefronts and credit card processing sites based out of China that will happily charge your card but deliver nothing (or at best flimsy knockoffs). KrebsOnSecurity, June 17, 2014

Cyber Security Management

Information Security Pro Shortage Creates Risks: Scathing headlines about the National Security Agency monitoring the online and telephone communications of global leaders and common citizens apparently haven’t hurt the NSA’s efforts to recruit cybersecurity talent. BankInfoSecurity, June 19, 2014

Cyber Security Management — Cyber Awareness

“Human error” contributes to nearly all cyber incidents, study finds: Even though organizations may have all of the bells and whistles needed in their data security arsenal, it’s the human element that continues to fuel cyber incidents occurring, according to one recent study. SC Magazine, June 16, 2014

Securing the Village

FBI, NYPD and Transit Authority Form Task Force to Combat Cybercrime: The FBI’s New York office said Thursday it’s teaming up with the New York Police Department and the region’s transit authority to form a new cybercrime task force to target cyber-related criminal activity in the area. The Wall Street Journal, June 19, 2014

Cyber Law

Oil Co. Wins $350,000 Cyberheist Settlement: A California oil company that sued its bank after being robbed of $350,000 in a 2011 cyberheist has won a settlement that effectively reimbursed the firm for the stolen funds. KrebsOnSecurity, June 20, 2014
Ruling Raises Stakes for Cyberheist Victims: A Missouri firm that unsuccessfully sued its bank to recover $440,000 stolen in a 2010 cyberheist may now be on the hook to cover the financial institution’s legal fees, an appeals court has ruled. Legal experts say the decision is likely to discourage future victims from pursuing such cases. KrebsOnSecurity, June 16, 2014

Cyber Misc

10 Ways To ‘Fix’ Cybersecurity: Security reporter Byron Acohido and I asked ten cyber-experts to offer up their best ideas for stemming the threats we face when it comes to digital security. Note: Almost every one of them muttered something about there being no silver bullets. Forbes, June 18, 2014
Ukraine election narrowly avoided ‘wanton destruction’ from hackers (+video): A brazen three-pronged cyber-attack against last month’s Ukrainian presidential elections has set the world on notice – and bears Russian fingerprints, some say. Christian Science Monitor, June 17, 2014

Cyber Calendar

Information Systems Infrastructure Security Management: This security course covers physical and logical security over datacenters, buildings, and offices. It will define a management program that protects assets across all levels of technology and the core components that support that technology. It will analyze hacking methodology and how to create a functioning IT Infrastructure program for businesses, whether large or small. It will include change management scenarios and how to approach daily business security issues from an IT perspective. Much of the challenge of IT security remains the fundamental fact that management does not see it as a profit center and as long as there has been no reported breach there is clearly nothing to worry about. With this as a starting point we will investigate how best to explore the myriad options for network security.Internet access required to retrieve course materials. UCLA Extension, Start Date: June 24, 2014

share on TwitterLike Weekend Vulnerability and Patch Report, June 22, 2014 on Facebook

Weekend Vulnerability and Patch Report, June 22, 2014

Important Security Updates

Dropbox: Dropbox has released version 2.8.4 for its file hosting program. Updates are available at Dropbox’s website. [See Citadel's warning below]
Opera: Opera has released version 22.0.1471.70. Updates are available from within the browser or from Opera’s website.

Current Software Versions

Adobe Flash [Windows 7: IE]
Adobe Flash [Windows 7: Firefox, Mozilla]
Adobe Flash [Windows 8: IE]
Adobe Flash [Macintosh OS X: Firefox, Opera, Safari]
Adobe Reader 11.0.07
Dropbox 2.8.4 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]
Firefox 30
Google Chrome 35.0.1916.153
Internet Explorer 11.0.9600.17126
Java SE 7 Update 60 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have a particular web site that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser — such as Chrome, IE9, Safari, etc — with Java enabled to browse only the sites that require it.]
QuickTime 7.7.5
Safari 5.1.7 
Safari 7.0.4 [Mac OS X]

Newly Announced Unpatched Vulnerabilities

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel’s website.

For Your IT Department

Cisco Multiple Products: Secunia reports that Cisco has released updates for its WebEx Meeting Server, Adaptive Security Appliance (ASA), Adaptive Security Appliance (ASA), IOS XR, IOS XE, MATE, and others. Apply updates. Secunia also reports unpatched vulnerabilities for Cisco’s AnyConnect VPN, Intrusion Prevention System (IPS), multiple Video Surveillance products, Prime Network, and others. No official solution is currently available.
Novell Open Enterprise: Secunia reports that Novell has released updates for its Open Enterprise Server. Apply May 2014 OES11SP1 Scheduled Maintenance Update – 9151.
Trend Micro InterScan: Secunia reports that Trend Micro has released updates for its InterScan Messaging Security Virtual Appliance to fix a vulnerability. Apply
VMware Multiple Products: Secunia reports that Trend Micro has released updates for its InterScan Messaging Security Virtual Appliance to fix a vulnerability. Apply Secunia also reports a partial fix for  vulnerabilities reported in VMware’s IT Business Management Suite Standard Edition, VMware Data Recovery, VMware vCenter Configuration Manager, VMware vCenter Site Recovery Manager, VMware vCloud Application Director, VMware vCloud Usage Meter, VMware vSphere Data Protection, VMware vSphere Management Assistant, VMware vSphere Replication, VMware vSphere Storage Appliance, VMware Studio, VMware vCenter Converter Standalone, VMware vCenter Server, VMware vCenter Support Assistant, VMware Virtual Disk Development Kit (VDDK), VMware VIX API, VMware vSphere PowerCLI, VMware vSphere SDK for Perl, VMware vSphere Update Manager, VMware ESXi, VMware NSX, VMware vCloud Automation Center (vCAC), Pivotal Web Server (formerly VMware vFabric Web Server), VMware Fusion, VMware Horizon Mirage, VMware Horizon View, VMware Horizon Workspace, VMware Player, VMware vCenter Chargeback Manager, VMware vCenter Operations Manager (vCOps), VMware vCenter Server Appliance, VMware vCloud Director, VMware vCloud Networking and Security (vCNS), VMware View, VMware Workstation, VMware Workstation, vSphere Big Data Extensions. Secunia also reports unpatched vulnerabilities in OVF Tool, Horizon View Client, and VMware vCenter Server Appliance. No official solution is currently available.
If you are responsible for the security of your computer, Citadel’s Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.
If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that “exploit” vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer’s computers.
Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week’s important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.
Copyright © 2014 Citadel Information Group. All rights reserved.'s Security Recruiter Blog