Malware

iPhone and iPad Hijacking: What You Need To Know

The past 24 hours has seen a spate of stories warning about a spate of ‘ransomware’ attacks on iPhones and iPads – especially in the the UK and Australia. According to the reports, compromised devices are locked and owners are instructed to email a ransom (variously: $100, $50, €100) to one “Oleg Pliss” to have their devices unlocked. These attacks aren’t really news. In fact, the Oleg Pliss scam appears to have been circulating for close to six months. However, it’s worthwhile reviewing what we do (and don’t) know about these latest attacks on mobile devices. Accordingly, Security Ledger has put together a short FAQ that tells you what you need to know about the latest mobile scam, and to dispel some of the rumors floating around in the Internet ether. What’s Going On? According to news reports and complaints on Apple Support forums, owners of iPhones and iPads are having their devices locked. […]

Continue Reading

WSJ: Samsung Looks To Iris Scans To Secure Mobile Devices

Min-Jeong Lee has an interesting article over at The Wall Street Journal Digits blog on how mobile device maker Samsung is looking to expand its use of biometric sensors in mobile devices beyond the finger-print scanners that are now the state of the art. According to the article, Samsung is considering “various types of biometric [mechanisms]” in addition to fingerprint scanners. Samsung’s senior vice president Rhee In-jong told analysts and investors at a forum in Hong Kong on Monday that iris scanners are a top consideration. “One of things that everybody is looking at is iris detection,” Rhee said. The biometric features are part of Samsung’s enterprise-focused mobile software, dubbed “Knox.”According to Rhee, only a small portion of some 80 million Samsung devices that shipped with the Knox software, which provides additional security functions for use by businesses, such as hardware based “TrustZone” technology to isolate sensitive data, virtualization for data- […]

Continue Reading

FireEye Report: Iranian Hacker Group Becoming More Sophisticated

A report from the security firm FireEye claims that hacking crews based in Iran have become more sophisticated in recent years. They are now linked to malicious software campaigns targeting western corporations and domestic actors who attempt to circumvent Internet filters put in place by the ruling regime.   The report, dubbed “Operation Saffron Rose,”(PDF)  was released on Tuesday. In a blog post accompanying the research, FireEye researchers say that it has identified a group of hackers it is calling the “Ajax Security Team” that appears to have emerged out of Iranian hacker forums such as Ashiyane and Shabgard. Once limited to website defacements, the Ajax team has graduated to malware-based espionage and other techniques associated with “advanced persistent threat” (APT) style actors, FireEye said. The researchers claim that the group has been observed using social engineering techniques to implant custom malware on victims’ computers. The group’s objectives seem to align with those […]

Continue Reading

Blade Runner Redux: Do Embedded Systems Need A Time To Die?

The plot of the 1982 film Blade Runner (loosely based on the 1968 novel Do Androids Dream of Electric Sheep by Philip K Dick) turns on the question of what makes us ‘human.’ Is it memories? Pain? Our ability to feel empathy? Or is it merely the foreknowledge of our own certain demise? In that movie, a group of rebellious, human-like androids – or “replicants” – return to a ruined Earth to seek out their maker. Their objective: find a way to disable an programmed ‘end of life’ in each of them.  In essence: the replicants want to become immortal. It’s a cool idea. And the replicants – pre-loaded with fake memories and histories – pose an interesting philosophical question about what it is that makes us humans. Our artificial intelligence isn’t quite to the ‘replicant’ level yet (the fictional tale takes place in 2019, so we have time). But some […]

Continue Reading

Unknown Knowns: Arbor Warns Of Widespread Point of Sale Compromises

The hack of U.S. retailer Target put attacks on point of sale systems on the radar, and prompted major retailers to revisit the security of the systems that accept credit card transactions. Now research from Arbor Networks is warning that hackers and cyber criminals are doubling down on point of sale (PoS) systems with a wide range of specialized PoS malware and targeted attacks. Arbor says it has data suggesting that PoS compromises may be widespread, and undetected. Arbor’s Security Engineering & Response Team (SERT)  issued its findings in a Threat Intelligence Brief (2014-6)  report. The company said that “ambitious threat actors” are using targeted attack campaigns against PoS networks. The “longevity and extent” of PoS attack campaigns – even at wealthy and sophisticated organizations – is “a serious concern.”   [Read Security Ledger’s coverage of the Target data breach here.] “In organizations with security teams and well-managed network infrastructure, point of […]

Continue Reading
1 56 57 58 59 60 77