published research Archives

published research

FireEye Report: Iranian Hacker Group Becoming More Sophisticated

May 14, 2014 Paul Roberts

A report from the security firm FireEye claims that hacking crews based in Iran have become more sophisticated in recent years. They are now linked to malicious software campaigns targeting western corporations and domestic actors who attempt to circumvent Internet filters put in place by the ruling regime. The report, dubbed “Operation Saffron Rose,”(PDF) was released on Tuesday. In a blog post accompanying the research, FireEye researchers say that it has identified a group of hackers it is calling the “Ajax Security Team” that appears to have emerged out of Iranian hacker forums such as Ashiyane and Shabgard. Once limited to website defacements, the Ajax team has graduated to malware-based espionage and other techniques associated with “advanced persistent threat” (APT) style actors, FireEye said. The researchers claim that the group has been observed using social engineering techniques to implant custom malware on victims’ computers. The group’s objectives seem to align with those […]

Unknown Knowns: Arbor Warns Of Widespread Point of Sale Compromises

May 12, 2014 Paul Roberts

The hack of U.S. retailer Target put attacks on point of sale systems on the radar, and prompted major retailers to revisit the security of the systems that accept credit card transactions. Now research from Arbor Networks is warning that hackers and cyber criminals are doubling down on point of sale (PoS) systems with a wide range of specialized PoS malware and targeted attacks. Arbor says it has data suggesting that PoS compromises may be widespread, and undetected. Arbor’s Security Engineering & Response Team (SERT) issued its findings in a Threat Intelligence Brief (2014-6) report. The company said that “ambitious threat actors” are using targeted attack campaigns against PoS networks. The “longevity and extent” of PoS attack campaigns – even at wealthy and sophisticated organizations – is “a serious concern.” [Read Security Ledger’s coverage of the Target data breach here.] “In organizations with security teams and well-managed network infrastructure, point of […]

Traffic Monitoring Tech Vulnerable To Hacking

May 1, 2014 Paul Roberts

Connected cars aren’t the only transportation innovation that’s coming down the pike (pun intended). As we’ve noted before: smart roads and smart infrastructure promise even more transformative changes than – say – having Siri read your text messages to you through your stereo system. The applications of smart road and connected infrastructure are almost limitless. But at this early stage (mostly proof of concept), much of the light and heat around smart roads is around applications of remote sensors at the roadside, or embedded in the road surface to identify problems like icy roads, the presence of liquids, traffic density, vehicle and pedestrian detection and more. For a nice overview of some sensor applications, check out this video from Liebelium. But that doesn’t mean that attacks against smart infrastructure are problems for the future. The security researcher Cesar Cerrudo points out in a blog post over at IOActive.com that many […]

IoT And Big Data To Create Insurance Industry Winners, Losers

April 26, 2014 Paul Roberts

This blog writes a lot about risk and the Internet of Things. Specifically: we talk about how smart, sensor rich, connected devices create all kinds of new risks for enterprises and consumers. It goes without saying that feature development (and adoption) are running well ahead of pesky issues like secure design and deployment or data privacy. Smart companies are trying to put some brakes on that trend. (Witness Google prohibiting sensitive health data from its Android Wear platform.) But, by and large, companies are plowing ahead into IoT technologies without a lot of consideration of the risks. But there’s one industry where risk _is_ the business: the insurance industry. And there, the thinking about the potential of Internet of Things is decidedly bullish. In fact, a recent report from the financial services research firm Celent (paywall) suggests that broad adoption of IoT technologies will revolutionize the way insurance companies market and sell to […]

The Heartbleed OpenSSL Flaw: What You Need To Know

April 8, 2014 Paul Roberts

There’s a serious vulnerability in most versions of the OpenSSL technology that requires an immediate update to avoid exposing sensitive information and Internet traffic to snooping. In response, the SANS Internet Storm Center (ISC) has raised its InfoCon (threat) level to “Yellow,” indicating that…well…the Internet’s not as safe a place today as it was yesterday, before the vulnerability was released. Here’s what we know right now: + Researcher Neel Mehta of Google Security discovered the vulnerability, which was apparently introduced with a OpenSSL update in December, 2011, but only fixed with the release of OpenSSL 1.0.1g on Monday. + Dubbed “heartbleed” (thank the Codenomicon marketing department for that one), the vulnerability (CVE-2014-0160) is described as a TLS heartbeat read overrun. TLS stands for Transport Layer Security. According to OpenSSL.org, vulnerable versions of the OpenSSL software have version numbers ranging from 1.0.1 and 1.0.2-beta. + Codenomicon described the vulnerability as an “implementation problem” […]