Computerworld is reporting that the nasty malware Duqu is back. After being undetected for several months, Symantec discovered a new driver release on February 23, 2012. Liam O Murchu, manager of operations at Symantec's security response team, is quoted as saying that the functionality of the new driver was "more or less the same" as earlier versions, including the one spotted last October and another from late 2010 that later surfaced. According to O Murchu, It's hard to tell whether they really did take several months off, and if so, why. It's installed on a very small number of computers, and that [...]
On March 7, 2012, senior officials of the Obama administration conducted a cyberattack simulation for 50 United States Senators. The Washington Post Blog described the simulation: The scenario: a computer attack on the electricity grid in New York City during a summer heat wave. Using PowerPoint graphics, officials explained that the attack is launched by a software virus inserted into the system when an unsuspecting power company employee clicks on an infected attachment in an e-mail — a technique known as “spear phishing.” The virus spreads unchecked through the system, causing power outages and blackouts. The effects, officials said, could [...]
Eric Fiterman of Rogue Networks/Methodvue demonstrates how to construct a malicious email that effectively impersonates President Obama. Using malware delivered in an attachment, Fiterman takes control of the recipient’s computer. Watch as he steals passwords, searches for files and even takes a picture of his victim using the computer’s camera. What permits Fiterman to infiltrate this computer? The recipient can't distinguish a real email from the President from a fake email from the President. People need to know if an email is really from the President. They need to know if an email is really from a co-worker. SP Guard from Iconix [...]
Hackers frequently infiltrate networks by attacking the people who use the network rather than the network itself. How do the hacker's attack the people? A common method is spearphishing, in which a highly personalized email is sent to a small number of people. Because the email appears to be real -- it contains personalized information -- the recipient responds to the email. This creates a relationship of trust between the victim and the hacker. CNN Money reports on how security researcher Ryan O'Horo of IOActive used Linked-In to obtain personal information about a firm's employees. He used Linked-In to figure out the corporate [...]
Today Iconix released its whitepaper, “DMARC - Less Than Meets The Eye.” In this whitepaper, Iconix discusses the limitations of DMARC in solving the problem of deceptive emails. In the whitepaper, Iconix focuses on Section 2.2 of the DMARC spec. Iconix discussed how, while the DMARC standard is important, it addresses only one technical avenue exploited by the creators of deceptive email. You can download a copy of the whitepaper here.
Yesterday (March 1, 2012), FBI Director Robert Mueller addressed the RSA Conference in San Francisco. These are a few of Director Mueller's observations: Terrorism remains the FBI’s top priority. But in the not too distant future, we anticipate that the cyber threat will pose the number one threat to our country. Terrorists are increasingly cyber savvy. Much like every other multi-national organization, they are using the Internet to grow their business and to connect with like-minded individuals. And they are not hiding in the shadows of cyber space. Terrorist use of the Internet is not our only national [...]