CyberSecurity Pulse 2016-03-10

CyberSecurity Pulse 2016-03-10

Analyst Insight

“While there remains someone who believes in an idea, the idea will live on”
José Ortega y Gasset (1883-1955)
Spanish philosopher and essayist

INCIBE and Huawei Spain Signed a MoU for Exchanging Information

The National Cybersecurity Institute (INCIBE) and Huawei Spain signed, at the Mobile World Congress (MWC), an agreement in which both organizations undertake to promote cybersecurity in Spain. In this Memorandum of Understanding (MoU, for its acronym in English) the following objectives are set: create mechanisms for the exchange of periodic information relating to incidents or other relevant issues in cybersecurity, promote sharing of methodologies to improve cybersecurity, share knowledge in this area and support the training of professionals and Spanish companies in this area.
Cybersecurity PulseThis kind of agreements would not be an issue if it were not because Huawei has been accused on numerous occasions of work for the Beijing government. The company was founded by a senior People's Liberation Army and has aroused many suspicions regarding cyber security between the intelligence services of several Western countries. UK even ordered in 2013 the inspection of a cybersecurity center led by Huawei following the recommendation of the Intelligence Committee of Parliament in order to "maintain confidence in the security of telecommunication networks in the country". Without being able to determine whether these concerns were really founded, the cybersecurity community will closely follow what is really involved in the exchange of information between such a significant Spanish institution and the Chinese giant.
» More information at INCIBE

Top Stories

The Head of the GCHQ, in Favour of Developing Cybersecurity Dialogue

Cybersecurity PulseRobert Hannigan, the head of Government Communications Headquarters (GCHQ), has called for "a closer relationship" between the intelligence community and the technological sector at a recent speech at the Massachusetts Institute of Technology (MIT). This is a response to the incoming Apple's recent collision with the FBI over the unlocking of the San Bernardino shooter's iPhone in which it is recognized the need of a new relationship between the tech sector, academia, civil society and government agencies with the aim to find a framework for building dialogue and avoid the current atmosphere of distrust.
» More information at SC Magazine UK

Open Source Adoption Boosts Development As Well As The Need for Secure Development Practices

Cybersecurity PulseThe adoption of open source permits go faster to market with lower development costs. In fact, Forrester already reported that in 2015 four out of five developers surveyed had used some type of open source software for deployment or development over the past 12 months. Nevertheless, since 2014, more than 6,000 new vulnerabilities associated with open source code have been disclosed. In this sense, developing secure software has always been a challenge that it must be well managed with policies, controls and the right tools independently of the origin of the code.
» More information at SC Magazine UK

Rest of the Week´s News

KeRanger, a Ransomware Sample That Targets Apple Users

Palo Alto Networks researchers have revealed Apple that its customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a new ransomware family known as KeRanger. The ransomware encrypts data three days after the original infection and, in exchange for approximately 350 euros of bounty, it reveals the unlock of the compromised system.
» More information at The Guardian

European Court Rules: Companies Can Legally Read Their Employees Emails and Chat

Recently, European Court had ruled that companies can legally monitor as well as read workers' private messages sent via chat software and webmail accounts during their working hours. Because of this, the iOS 9.3 version will tell employees whether their employers are monitoring their company-issued iPhones.
» More information at The Hacker News

Donald Trump Voicemail, Allegedly Leaked by Anonymous

Donald Trump's voicemail has allegedly been hacked by the hacktivist group Anonymous. The 2012 messages appear to show leading figures in the US media showing him with praise, compliments and thanks for his financial support.
» More information at The Independent

Further Reading

Guccifer, Who Hacked Bush and Clinton, to Be Extradited to the US

» More information at The Hacker News

"Hack the Pentagon", the New Vulnerability Reward Program

» More information at Reuters

How a Researcher Could Hack Any Facebook Account

» More information at Security Affairs