CyberSecurity Pulse 2016-12-8

CyberSecurity Pulse 2016-12-8

“Everyone wants happiness without any pain, but you can’t have a rainbow without a little rain.”
Zion Lee

Analyst Insight

Christmas, Gift Time and Internet Attacks

Internet is the key of e-commerce and this is known by cybercriminals. According to financial cyberthreats Q3 2016 report released by ElevenPaths and Kaspersky Lab in anticipation of New Year holidays, carding and skimming malicious activity have significantyly increased while malware on PoS still remains active throughout the world. In fact, the share of attack attempts using malware on PoS constituted the 6% of the registered attacks against Kaspersky users. In the same way, during the quarter, new samples of malicious software for ATMs appeared, as well as a new type of skimming devices.

CyberSecurity Pulse 2016-12-1As in the previous period, users in China and Brazil were most likely to suffer from phishing attacks. They are followed by residents of the United Arab Emirates, Australia and Saudi Arabia. It should be noted that the United Arab Emirates, which rated as number three among the countries most prone to these incidents, was not included in the top ten most attacked countries in the previous period.

The third quarter of 2016 was characterized by increased activity of attack attempts using Zeus family malware (note that in the past quarter, approximately 0.481% of Kaspersky users were attacked, and in the second quarter, this value reached 0.514%). The greatest dynamics of change was exhibited by Nymaim family with the value having increased almost twofold (from 0.058% to 0.120%). As in the previous quarters, Android remains the mobile platform that is most prone to attacks: 99.68% of all reported attacks were aimed at this operating system. The greatest share of attacked users were identified in the Russian Federation, Australia and Ukraine. Even if you are not among the countries most affected by these threats, keep common sense as well as the maximum precaution when you are making any purchase on the network. Cybercriminals will be just waiting for us around the corner.

» More information at ElevenPaths

Top Stories

Senators Fail to Block Rules Allowing US Law-enforcement Hacking

CyberSecurity Pulse 2016-12-1

Three senators' efforts to stop a major expansion of US law enforcement agencies' hacking powers has failed for now. The rules change will give US Law Enforcement Agencies the authority to cross jurisdictional lines and hack computers anywhere in the world during criminal investigations. Until now, the rules, in most cases, prohibited federal judges from issuing a search warrant outside their jurisdictions. The Department of Justice has called for the changes as a way to track criminal using anonymizer technology to shield the location of other servers, computers or smartphones.

» More information at Computerworld

US Presidential Commission Presents Recommendations on Cybersecurity

CyberSecurity Pulse 2016-12-1

Cybersecurity is a primary issue in the agenda of many countries. In this sense, last week the US Presidential Commission has issued a bunch of new recommendations to boost a proactive cooperation between both, private and public sectors (an issue which has remained difficult to tackle when speaking about cybersecurity). This call for collaboration aims to improve the security of computer networks and counteract the action of the different actors that threat the cyberspace. The report has identified several potential attack vectors like Internet of Things technologies and the global supply chain of manufacturers, while it feels important to keep the focus on the protection of critical infrastructure.

» More information at The White House

Rest of the Week´s News

New DDoS Army: Ten Days of Massive Attacks

The as-yet unnamed botnet was first detected on November 23, the day before the US Thanksgiving holiday. For exactly 8.5 hours, it delivered a non-stop stream of junk traffic to undisclosed targets. The attack has been repeated in a similar basis every day during the next six days at roughly the same time, aimed at a small number of targets mostly on the US West Coast. More recently, the attacks have run for 24 hours at a time.

» More information at Cloudflare Blog

1 Million Google Accounts Compromised by Gooligan

Researchers say they've uncovered a family of Android-based malware that has compromised more than 1 million Google accounts. Gooligan has been found in at least 86 apps available in third-party marketplaces. Once installed, it roots the pohone to gain highly privileged system access to devices running version 4 (Ice Cream Sandwich, Jelly Bean, and KitKat) and version 5 (Lollipop) of Google's Android operating system.

» More information at Ars Technica UK

Banking Malware Allows to Lock and Reset Phone Passwords

The original attack that was uncovered by Trend Micro, called Operation Emmental, has been improved to enable malicious actors to now use SMS to issue commands that lets them control the hacked phone in real time. Attackers would have used this feature to reset passwords and even lock the phone.

» More information at TrendLabs Security Intelligence Blog

Further Reading

Shamoon Returns in New Gulf Cyberattacks After Four Years

» More information at Reuters

Fatal Flaws Found in Medical Implant Software

»Más información at BBC

The Giant of Cosmetic Industry Shiseido Co. Announced a Data Breach

»Más información at Security Affairs