CyberSecurity Pulse 2016-03-17

CyberSecurity Pulse 2016-03-17

“Once the decision has been made, close your ear even to the best counterargument: sign of strong character. Thus an occasional will to stupidity”
Friedrich Nietzsche (1844-1900) – German philosopher

Analyst Insight

Mass Surveillance Programs Under the Label of National Security

Edward Snowden, the former employee of the National Security Agency (NSA), has returned to give an interview. This time in last Sunday's El Objetivo aired in the Spanish TV channel La Sexta in which he has revealed that the US is not the only the country that is conducting mass surveillance programs. "The Spanish, French, German and, particularly, the British government are also implementing these measure. Because it is easy, cheap and useful", said Snowden. In the same way, he explained that such programs do not aim to fight terrorism, but are aimed at "diplomatic manipulation, economic espionage and social control".

CyberSecurity Pulse 2016-03-17The interview has not exactly gone unnoticed and the US government has sent a statement saying that they "have not carried out any activity of foreign intelligence surveillance unless there is a specific purpose and validated for reasons of national security". Similarly, Alberto Garzón, deputy of Izquierda Unida-Unidad Popular, has recorded a battery of questions to the Spanish government to see if the authorities have taken part in such programs, either supporting them or providing some coverage to such activities.

Sometimes being yourself and your circumstances has many repercussions. Snowden with his complaint, has preferred to lose her nationality to his voice. At least that is his speech. The reality is that he is currently living in Russia without guarantees of a fair trial in case he decided to return home. With these expectations, would you be an Edward Snowden?

» More information at La Sexta

Top Stories

New Chapter in the Legal Battle Between Apple and FBI

CyberSecurity Pulse 2016-03-17The legal battle between Apple and FBI is revealing a new chapter every day. This week, Polk County Sheriff, Grady Judd, has sent a message to Apple CEO Tim Cook: "The first time we do have trouble getting into a cell phone, we're going to seek a court order from Apple. And when they deny us, I am going to lock up the CEO of Apple". On the other hand, it seems that Whatsapp will be the next company that will have trouble with the FBI. Following the decision to offer end-to-end encryption to text messages as well as VoIP calls, last week, a federal judge had approved a wiretap in a criminal investigation, but WhatsApp's encryption hindered investigators.

» More information at The Hacker News

White House Draft Source Code Policy

CyberSecurity Pulse 2016-03-17The White House's draft Source Code Policy would require federal agencies to share custom code funded by the government with other agencies, and for agencies to share third-party custom code with the open-source community. One of the policy's goals is to reduce duplicative spending. The draft policy is available on Github for community comments until April 11, 2016. Amongst the issues being discussed we can find several topics related to the licensing policies, the long-term maintenance of the code and the criteria to measure whether the 20% of the new code is being released or not.

» More information at CIO Council

Rest of the Week´s News

Big-name Sites Hit by Rash of Malicious Ads Spreading Crypto Ransomware

A number of high-profile and very high-traffic websites such as The New York Times (NYT), BBC, AOL, MSN, the NFL and others have all been serving up malicious adverts to unsuspecting users that ultimately results in files being held to ransom by the malware. The attackers have used these websites with lots of traffic to reach a wider audience of potential victims.

» More information at Ars Technica

Malware for installing root certificates

ElevenPaths has discovered malware samples intended for the installation of root certificates obliterating the security window by pressing the keys for installation, without giving the user a chance to repent. Such attacks are likely to become a trend that could take advantage of banking malware.

» More information at ElevenPaths Blog

Anti-DDoS Firm Staminus Hacked

Staminus Communications, a California-based hosting and DDoS (Distributed Denial of Service) protection company, is recovering a massive data breach after hackers broke down into its servers and leaked personal and sensitive details of its customers. The leak was composed of more than 48 GB of data including database dumps and other files.

» More information at The Hacker News

Further Reading

Anonymous Escalates Offensive Against Trump

» More information at SC Magazine UK

Hackers Stole $80 Million from Bangladesh Bank

» More information at The Hacker News

Steam Stealer Malware Begins to Proliferate

» More information at HEXUS