Security Protection – Harry Waldron MVP Rotating Header Image

October, 2013:

Malware – Ploutus ATM malware

 Symantec shares an overview of Ploutus ATM malware currently found in Mexico and may be spreading to other areas

http://www.symantec.com/connect/blogs/backdoorploutus-reloaded-ploutus-leaves-mexico

QUOTE; A malicious software program found in ATMs in Mexico has been improved and translated into English, which suggests it may be used elsewhere, according to security vendor Symantec. Two versions of the malware, called Ploutus, have been discovered, both of which are engineered to empty a certain type of ATM, which Symantec has not identified. In contrast to most malware, Ploutus is installed the old-fashioned way: by inserting a CD boot disk into the innards of an ATM machine running Microsoft Windows. The installation method suggests that cybercriminals are targeting standalone ATMs where access is easier. On September 4, 2013, we were the first to discover and add detections for a new malware targeting ATMs named Backdoor.Ploutus, as reported by our Rapid Release Definitions. Recently, we identified a new variant of this threat and realized that it has been improved and translated into English, suggesting that the ATM software is now being used in other countries

 

 

Business Systems – New Architecture emerges for future

From business perspective, many changes noted in insurance sector are occuring in other professions

http://www.insurancetech.com/architecture-infrastructure/the-new-architecture-of-how-things-are-d/240160655

QUOTE: As insurance shifts from being a risk product to a consumer product that is more usage-based, there will be dramatic changes in the way insurance is bought, sold and distributed.   The shifts in business models will dramatically change the way insurance is bought, sold and distributed. The historical strength and pride of every insurer has been agency. The future consumer will want experience, ease and choice. The old model of distribution based on trust, relationships — the agency — will face extinction and will move to a more experienced, choice-based, real-time distribution model via Facebook, Amazon, eBay and many other channels. Insurance will no longer be an annuity product or even a term-based. It will be a choice and usage based.

Consumerization will force the death of fixed-cost in insurance companies. Just as their customers are demanding of them, insurance companies will demand variable cost and “pay as you go” models from their suppliers of technology. Large change programs will be replaced by small agile based many projects. Software licensing will be replaced by utility.   The insurance industry will demand a new, fresh approach to talent building.   It won’t be too long until there will be a green field virtual insurance company which will completely disrupt the way insurance is bought and sold. Underwriting will be on the spot, policies will be simple, customer behavior will be analyzed to petabyte and claims will be handled in real-time with customer interaction at its finest.

Mobile Security – 2013 study on top user concerns

Key mobile phone user concerns were recently assessed and they center around security

http://securitywatch.pcmag.com/mobile-security/317222-what-smartphone-users-are-really-worried-about

QUOTE: It’s easy to see we’re attached to our devices. Of those surveyed, 63 percent of users said they’d be upset if they left the house without their phones. Without phones, 29 percent of users would miss texting the most followed by calling with 26 percent and email with nine percent. Not to say this saturation is a bad thing, it’s just the world we’re living in now.

However, this new world has new rules for keeping vulnerable, personal information safe and not all users are following them. 18 percent of those surveyed store password information on their phones while 26 percent remain uninformed of the risks of clicking strange links and downloads. Nearly half of all users still don’t bother using a passcode at all, one of the simplest security measures. Bad habits can be hard to notice and harder to break. But, if users are really worried about privacy and don’t know what to do, being cautious and paying attention to their mobile activity is a good place to start.

Aside from the serious potential risks that come with stolen data, one out of three users under 30 said they’d just be embarrassed if their information was exposed. That’s not surprising considering how much of ourselves we can now put on the internet, and how much of it is apparently ripe for the taking. “Smartphones have become our most personal computers and in many cases know more about us than our best friends,” said diVittorio. Users are worried about losing personal info (42 percent), bank info (33 percent), contacts (29 percent) and texts (23 percent).

Facebook – Fake Social Empires gaming scam in circulation

Bitdefender warns regarding a fake scam pretending to be associated with FB Social Empires game

http://securitywatch.pcmag.com/malware/317257-facebook-users-fall-victim-to-social-empires-cheat-scam

http://www.hotforsecurity.com/blog/fake-social-empires-cheat-exposes-over-135000-facebook-users-to-fraud-7224.html

QUOTE:  Facebook games have amassed huge audiences with their broad, social appeal. However, among these expanding user bases are some more casual players who aren’t necessarily the world’s most tech-savvy people. Case in point, 135,000 players of the popular Facebook strategy game Social Empires have recently been scammed through a fake cheat according to Bitdefender’s Hot for Security blog.   Like many in Facebook games, the economy of Social Empires, from Spanish developer Social Point, works by making its over six million monthly users wait or pay real money for the resources needed to proceed. The purposefully frustrating yet addicting mechanic controls the pace of play keeping players locked into the system. Knowing this, the scam entices players by offering maxed out food, gold, wood, stone and cash reserves. All they have to do is Like and spread the page by sharing it on other Facebook walls. It sounds like a steal, but the real theft is happening to the user.

SPAM – USA top nation sending in 2013

Sophos shares recent detailed study on SPAM

http://nakedsecurity.sophos.com/2013/10/17/dirty-dozen-spam-sending-nations-find-where-you-finished-in-our-q3-spampionship-chart/

http://securitywatch.pcmag.com/spam/317274-us-reigning-spampions

QUOTE:  Prepare yourself for the results of the latest Spampionship. SophosLabs conducted a study calculating the “Dirty Dozen” spam sending countries.  United States, Belarus, and India take the leading three spots on the “Dirty Dozen” list for countries that send the most amount of spam; consistent with what SophosLabs has seen this past year. Countries on this list aren’t necessarily spammers, but they are spam senders. Spam senders and spammers are two different things.  Spammers usually don’t send their own spam in bulk because it makes them easy to identify. Out of the ten million unwanted emails they attempt to send, one million could get sent before either recipients or data centers start resisting. At this point, spammers are blocked from using the servers and sending the remaining emails.

Trend – Halloween infographic theme on Malware

Trend has published a creative theme that documents the dangers of malware

http://securitywatch.pcmag.com/security/317442-the-haunted-house-of-cyber-scares

http://blog.trendmicro.com/vampires-zombies-ghostsoh/

QUOTE: Happy Halloween! Ready for a really good scare? Check out our latest infographic titled “The Scariest Cyber Security Threats.” Our clever team of researchers have created this creepy artwork by comparing the traditional frightening Halloween characters with their associated cyber threats.  For example, vampires compare quite well to online banking Trojans that “suck cash out of your accounts.” Zombies in the “reel world” of Hollywood Halloween movies were the role models for hackers who created their own zombies—“mindless creatures that are controlled by botmasters who make them do their [nefarious] bidding.”  Ghosts” represent targeted attacks that are designed to be neither seen nor heard. Our research indicates that for this type of attack, the average time from initial breach to detection has increased dramatically over the past couple of years.

WordPress 3.7 – Introduces automated server based updating

EWeek shares the new automated Server based updating found in WordPress 3.7

http://www.eweek.com/enterprise-apps/wordpress-3.7-debuts-improving-security-for-millions.html

QUOTE: A new version of the open-source WordPress content management and blogging platform, Version 3.7, has been officially released, providing users with improved stability and security. The impact of the new WordPress platform on the Web as a whole is nontrivial, as WordPress currently is the technology behind some 72 million Websites.

One of the biggest changes in the WordPress 3.7 release is the much anticipated introduction of background updates. Until the 3.7 release, WordPress users needed to manually click the update button inside WordPress or download a new release to update an installation for security fixes. It’s a situation that could well have left countless millions of sites with older versions of WordPress, which could potentially be exploited by attackers.

However, the new background updater in Version 3.7 can now automatically update WordPress installations for maintenance and security. Introducing automatic updates for a server-side technology like WordPress, however, could be riskier as it could potentially also impact the myriad plug-ins or underlying technology that the site is running on

Windows 8.1 – Ten improvements in October 18th release

EWeek highlights 10 improvements found in Windows 8.1, including security

http://www.eweek.com/enterprise-apps/slideshows/10-windows-8.1-improvements-microsoft-hopes-will-placate-users.html

QUOTE:  Windows 8.1 promises to strike a proper balance between Microsoft’s vision for the future of its operating system and the average user’s view on what features it needs to make the OS as effective for their needs as possible. While Windows 8.1 is an improvement over Windows 8, it’s an admission that the software company might have misjudged what users would find acceptable in the latest edition of Windows. This is not unfamiliar territory for Microsoft. When the company launched Windows Vista, users were displeased with its redesign of the user interface. But Windows 7 fixed that, and Microsoft moved on. Now, after Microsoft’s mistakes with Windows 8, company officials hope improvements in Windows 8.1 will put the OS in users’ good graces. This slide show looks at the improvements in Windows 8.1 that Microsoft hopes will placate alienated users

It Includes Better Security Features.   Overall, it’s hard to not be happy with the improvements Microsoft made to Windows 8.1’s security. The company has updated Windows Defender to provide improved antivirus and anti-spyware protection. It also has finally delivered device encryption across its entire software line, not just its mobile platforms. Windows 8.1 will even work with enhanced biometrics—a feature that enterprise buyers eagerly desire

Microsoft MMPC – Windows XP support ends April 2014

MMPC highlights SIR v15 report and Windows XP vulnerabilities, noting latest Windows versions are safer and more reliable.  The popular O/S is now 12 years old and is being retired for improved and more secure control systems for the PC, laptop, or device.

http://blogs.technet.com/b/mmpc/archive/2013/10/29/infection-rates-and-end-of-support-for-windows-xp.aspx

QUOTE: Earlier today we published a blog post that discussed a new metric for analyzing malware prevalence which was introduced in the latest report. This new metric, called the encounter rate, measures the percentage of computers protected with Microsoft real-time antimalware products that come into contact with malware. It is important to note encounters do not equate to infections. Although some computers do report active malware, the vast majority of these encounters represent blocked infections reported by our antimalware products. Another recent blog explained our metrics in more detail.

Microsoft SIR v15 – Windows XP 5 good reasons to update your OS

As shared in volume 15 of the SIR report, more recent operating systems (Windows 7/8) are better hardened for security and can mitigate or prevent most attacks circulating today, with complementary defenses in place (i.e., AV, Firewall, safe user practices, etc)

http://www.microsoft.com/security/sir/default.aspx

If you need a strong supporting argument and five good reasons to upgrade, look no further than the Microsoft Security Intelligence Report v15 released today. All you need to do is CTRL+F this doc and search for Windows XP to see what I’m talking about. Here, I’ll help, as ripped directy from the SIR v15:
  1. 9.1 computers cleaned per 1000 scanned by the Malicious Software Removal Tool (MSRT) were Windows XP SP3 32-bit, more than any other system cleaned.
  2. Windows XP SP3 holds the top spot for infection rate (9.1 CCM)  even though it actually has a lower encounter rate (percent of reporting computers) than Windows 7 SP1.
  3. The disparity between the two metrics above highlights the importance of moving away from older operating system versions to newer, more secure ones. Computers running Windows XP in the first half of 2013 encountered about 31 percent more malware worldwide than computers running Windows 8, but their infection rate was more than 5 times as high.
  4. #1 threat family affecting Windows XP SP3? INF/Autorun. Yes, that autorun, used by worms when spreading to local, network, or removable drives. Doesn’t work on modern versions of Windows in their default configuration.
  5. Windows XP extended support ends April 8, 2014. That means no more patches, people.

XP has been a beloved operating system for millions and millions of people around the world, but after 12 years of service it simply can’t mitigate the threats we’re seeing modern-day attackers use.”