[ISN] Attackers poison legitimate apps to infect sensitive industrial control systems

http://arstechnica.com/security/2014/06/attackers-poison-legitimate-apps-to-infect-sensitive-industrial-control-systems/ By Dan Goodin Ars Technica June 24 2014 Corporate spies have found an effective way to plant their malware on the networks of energy companies and other industrial heavyweights—by hacking the websites of software companies and waiting for the targets to install trojanized versions of legitimate apps. That’s what operators of the Havex malware family have done with aplomb, according to a report published Tuesday by researchers from antivirus provider F-Secure. Over the past few months, the malware group has taken a specific interest in the types of industrial control systems (ICS) used to automate everything from switches in electrical substations to sensitive equipment in nuclear power plants. In addition to the normal infection channels of spam e-mail, the malware operators have added a new tack—replacing the normal installation files of third-party software with tainted copies that surreptitiously install a remote access trojan (RAT) on the computers of targeted companies. “It appears the attackers abuse vulnerabilities in the software used to run the websites to break in and replace legitimate software installers available for download to customers,” F-Secure researchers Daavid Hentunen and Antti Tikkanen wrote. “Our research uncovered three software vendor sites that were compromised in this manner. The software installers available on the sites were trojanized to include the Havex RAT. We suspect more similar cases exist but have not been identified yet.” […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Sensitive Data Protection Bedevils IT Security Pros

http://www.informationweek.com/government/cybersecurity/sensitive-data-protection-bedevils-it-security-pros/d/d-id/1278796 By William Welsh InformationWeek.com 6/24/2014 Most organizations don’t know where their sensitive structured or unstructured data resides, says new Ponemon study. Knowing where sensitive data is located on an organization’s computer systems would seem a prerequisite for sound IT security, but the vast majority of IT security practitioners say they can’t count even on that fundamental premise, according to a Ponemon Institute study released Tuesday. Only 16% of respondents said they knew where their organization’s sensitive structured data resides, according to the State of Data Centric Security study. A mere 7% of respondents said they know the location of all sensitive unstructured data, including in emails and documents. Not knowing where their organization’s sensitive or confidential data is located was the No. 1 worry of the IT security respondents, eclipsing both hacker attacks and insider threats, according to the study. The study, which was sponsored by data integration software provider Informatica, is based on a survey of 1,587 IT security professionals whose jobs include helping protect sensitive or confidential structured and unstructured data. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] New UK cybersecurity training scheme prepares for hackers

http://www.cnet.com/news/new-uk-cybersecurity-training-scheme-prepares-for-hackers/ By Rich Trenholm @rich_trenholm CNet News June 24, 2014 With hackers attacking almost every government body, institution and business, organisations have to do more than hide behind technology


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Cupid Media exposed 254,000 Australian lonely hearts

http://www.smh.com.au/it-pro/security-it/cupid-media-exposed-254000-australian-lonely-hearts-20140625-zskua.html By Ben Grubb SMH.com.au June 25, 2014 Australian online dating company Cupid Media breached the Privacy Act by failing to take reasonable steps to secure the personal information of 254,000 Australians held on its dating websites, the privacy commissioner has found. Cupid, run out of Southport on the Gold Coast, operates more than 35 niche dating websites based on users’ personal profile including ethnicity, religion and location. In January last year, hackers gained unauthorised access to Cupid web servers and stole the personal information of what was reported to be 42 million users across the globe. The 42 million figure was, however, disputed by Cupid managing director Andrew Bolton. When the breach was made public in November he said the number of ”active members” affected was ”considerably less than 42 million”. How many non-active members details were breached was never disclosed. Before Wednesday the number of Australians exposed was also unknown until it was revealed by the Privacy Commissioner. The personal information included full name, date of birth, email addresses and passwords. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail