endpoint security

Hack Uses Phone’s Camera and Mic To Best Anti-Keylogger

Smart phones these days are bristling with sensors. Forget about the camera and microphone – there are accelerometers, Global Positioning System components, not to mention Bluetooth and NFC transmitters. All those remote sensors enable all kinds of cool features – from finding the nearest Starbucks to mobile payments. But they also pose a risk to the privacy of the phone’s owner – as malicious actors (and the occasional national government) look for ways to turn cameras and other sensors into powerful, cheap and convenient spying tools. Now researchers at The University of Cambridge have demonstrated one possible, new attack type: harnessing the built-in video camera and microphone on Android devices to spy on an owner’s movements and guess his or her password. The technique could be a way for cyber criminals to defeat anti-keylogging technology like secure “soft” keyboards used to enter banking PINs and other sensitive information. The work […]

Malware Supply Chain Links Eleven Attacks

Fresh off their discovery of a previously unknown (‘zero day’) security hole in Microsoft’s Internet Explorer web browser, researchers at the security firm Fireeye say that they have evidence that a string of sophisticated attacks have a common origin. In a report released on Monday (PDF), the firm said that many seemingly unrelated cyber attacks identified in the last year appear to be part of a “broader offensive fueled by a shared development and logistics infrastructure” — what Fireeye terms a ‘supply chain’ for advanced persistent threat (APT) attacks. At least 11 APT campaigns targeting “a wide swath of industries” in recent months were found to be built on a the same infrastructure of malicious applications and services, including shared malware tools and malicious binaries with the same timestamps and digital certificates. “Taken together, these commonalities point to centralized APT planning and development,” Fireeye wrote. The attacks link at least 11 separate […]

For SANS Critical Controls: Authentication Missing In Action

Authentication is the gateway to privilege and authorization. Consider how many portions of your life, digital and otherwise, revolve around authentication. Whether you want to do Internet banking, tweet a friend, or buy a present, some sort of authentication likely occurred to allow you to do so.   But when it comes to one of the most widely used sources of advice for organizations to improve their security, authentication is absent. I’m speaking about The SANS Institute’s “20 Critical Security Controls.” This list represents a great public-private partnership effort with SANS, the Center for Internet Security, and Center for Strategic and International Studies all involved in its production and maintenance. The goal of the document is to help provide organized guidance and actionable improvements for organizations wanting to strengthen their security posture. Because of the separation of subject matter into individual control areas, the document is quite useful at conveying […]

Identity Management’s Next Frontier: The Interstate

Factory-installed and even aftermarket identity management applications may soon be standard components on automobiles, as the federal government looks for ways to leverage automation and collision avoidance technology to make the country’s highways and roadways safer.   That’s the conclusion of a new report from the Government Accountability Office (GAO), which finds that vehicle to vehicle communications are poised to take off, but that significant security and privacy challenges must first be met, identity management top among them. The report, GAO 14-13 (PDF available here) takes the measure of what the GAO calls “Intelligent Transportation Systems,” including vehicle-to-vehicle (or V2V) technology. The GAO found that V2V technology that allows automobiles to communicate with each other in ways that can prevent accidents has advanced considerably in recent years. Automakers, working with the Department of Transportation, are testing the technology in real-world scenarios. However, the deployment of V2V technologies faces a number […]

Spy Vs. Spy

Ephemeral In-Memory Malware Common At High Value Targets

Computer security has always been a game of Spy vs. Spy, with the bad guys trying to stay one step ahead of the latest tactics and tools used to catch them. And that’s still true today, in an age of so-called “advanced persistent threats.” So what’s the next big thing in advanced malware? How about ghostly, ephemeral malware that never exists outside of memory and disappears whenever the infected system is rebooted?   The security firm Triumfant issued a warning on Monday about what it calls “advanced volatile threats” or AVT. The malware is already a common component in attacks against high value targets, including government agencies and intelligence services John Prisco, Triumfant’s CEO and President told The Security Ledger. The terminology here is a bit tricky – as Prisco admits. Technically, almost every online attack begins in memory, where attackers seek to overwrite the memory space used by a […]