Security Protection – Harry Waldron MVP Rotating Header Image

Android Malware – NotCompatible variants major threat in 2014

Lookout Security documents increased sophistication in latest version of an Android Malware agent called “NotCompatible”   

https://blog.lookout.com/blog/2014/11/19/notcompatible/

http://bits.blogs.nytimes.com/2014/11/20/malicious-software-said-to-spread-on-android-phones/

QUOTE:   The new NotCompatible: Sophisticated and evasive threat harbors the potential to compromise enterprise networks

A particularly nasty mobile malware campaign targeting Android users has hit between four million and 4.5 million Americans since January of 2013, according to an estimate by Lookout, a San Francisco mobile security company that has been tracking the malware for about two years.

Lookout first encountered the mobile malware, called NotCompatible, two years ago and has since seen increasingly sophisticated versions. Lookout said it believes, based on attempted infections of its user base of 50 million, that the total number of people who have encountered the malware in the United States exceeds four million.

The attackers goal, researchers say, is to infect as many smartphones as possible and turn them into a so-called botnet, a network of infected devices that can be used by attackers for various malicious purposes. Lookout’s researchers say there is evidence that Not Compatible’s authors are renting out control of infected mobile devices to people who have used them to simply send out more spam or buy up event tickets in bulk from from Ticketmaster, Live Nation, EventShopper and Craigslist. Some have used infected devices to try to crack WordPress accounts.

Facebook – New Privacy changes for 2015

Details of Facebook’s forthcoming PRIVACY terms of service starting in 2015:

http://www.welivesecurity.com/2014/11/27/facebook-strengthen-privacy-policy/

 
Facebook has announced a set of new privacy focused terms of service, which aims to let users of the social network ‘control their information’, according to The Independent. The changes, which will be live as of 1 January 2015, introduce ‘Privacy Basics’, a tool that shows users who can see any information they share on the site, from links to photos tagged in. It will also include simple instructions on privacy issues, like removing your name from a photograph you’ve been tagged in. Lifehacker claims that Privacy Basics will be broken up into three main categories: ‘What Others See About You’, ‘How Others Interact With You’ and ‘What You See.’ The update won’t be changing any settings on people’s accounts, rather choosing to inform users of how they can control the their data, should they wish. The update will also give people more control over the types of advertising they’re served, allowing you to opt out of advert types across all devices, rather than just the desktop site, reports Business Insider. Additionally, the new policies give a bit more detail on how mobile data such as battery, signal strength and location are used by the company to serve ‘relevant adverts’.

2015 Security Predictions – Threat Track Security

The 2nd link provides the detailed study

http://www.threattracksecurity.com/it-blog/2015-security-predictions-front-lines/

http://www.threattracksecurity.com/getmedia/4db57e54-3a46-4390-bb6a-2343b6804d63/2015-security-predictions-report.aspx

 
ThreatTrack Security today published the study 2015 Predictions from the Front Lines which found that expectations for data security next year are surprisingly optimistic given the harsh reality of 2014, which has been the worst year on record for data breaches. Enterprise security staffers are so confident that 81% of survey respondents said they would “personally guarantee that their company’s customer data will be safe in 2015.”

Windows 10 – Continuum interface flexibility

Windows 10 will feature a new Continuum interface that is still in development and may offer improved ease of use for traditional Windows users

http://www.theverge.com/2014/9/30/6873963/windows-10-continuum-touch-interface

 
During its big unveiling of the new Windows 10 operating system, Microsoft demonstrated a feature called Continuum, which is designed to make it easy for users to switch between touch interfaces and non-touch environments.  With Continuum, Microsoft says the new interface design smoothes those transitions. Microsoft says this interface was built specifically for devices such as the Surface Pro 3 and Lenovo Yoga, which have users switching between touch and non-touch interfaces often. Users will be prompted to switch between the touch and non-touch modes whenever they connect or disconnect the keyboard, and the Start screen and apps will adjust themselves accordingly.

Windows 10 – Consumer version preview early 2015

The new Windows 10 Consumer version of new operating system is expected to preview in early 2015

http://www.theverge.com/2014/11/27/7298717/windows-10-consumer-features-january-event

http://www.pcmag.com/article2/0,2817,2472916,00.asp

 
Microsoft is planning to detail the consumer features of Windows 10 at an event in January. While Microsoft will be present at the Consumer Electronics Show in early January, sources familiar with the company’s plans tell The Verge that Microsoft will hold a separate press event in late January to unveil the consumer preview of Windows 10. Microsoft previously promised “early 2015″ for a discussion on consumer features, and it appears the company is on track.

SPAM – 2014 holiday season warning

The Internet Storm Center shares heightened awareness of spam, adware, phishing attacks actively circulating 

https://isc.sans.edu/forums/diary/Lots+of+Black+Friday+SPAM+Phishing/19003

QUOTE: Likely every reader out there, their friends and family, even their pets with email accounts, have received Black Friday SPAM or phishing attempts today. An Amazon sample for One Click Black Friday Rewards is circulating. Of course, that one click goes no where near Amazon and directs you to the likes of Black Fiday  Can’t speak to the payload there, don’t bother, just use it at as ammo for heightened awareness and safe shopping on line during these holidays, and…well, all the time. Be careful out there. :-)

E-Commerce Safety tips – 2014 holiday season

PC Magazine shares safe shopping practices inKeeping Your Data Safe While Shopping For The Holidays”

http://securitywatch.pcmag.com/shopping/329924-keeping-your-data-safe-while-shopping-for-the-holidays

QUOTE: With so many major retailers hit by point-of-sale malware over the past year, many consumers may decide to shift the bulk of their holiday shopping to online retailers, said Mark Stanislav, a security researcher at Duo Security. Analysts estimate holiday shoppers will spend over $304 billion online this year, a 15.5 percent increase from 2013.  Online shopping may seem less dangerous than swiping a card at the payment terminals in the store, but “don’t be fooled,” Stanislav warned. There are risks at both brick-and-mortar stores as well as online.

Safety tips are organized into following categories:

1. Things to Do Before You Go Shopping 2. Protecting Your Online Accounts 3. Things to Keep in Mind While Shopping 4. Shopping With Mobile Devices

Adobe Flash Player – OOB Security Update NOV 2014

Users should update Adobe products as prompted and below is a new OOB emergency update released just a few days ago

http://www.f-secure.com/weblog/archives/00002768.html

http://helpx.adobe.com/security/products/flash-player/apsb14-26.html

 
Adobe has released an out-of-band update to fix a vulnerability in Flash Player which was reported by F-Secure. We discovered the vulnerability while analyzing a Flash exploit from an exploit kit called Angler. We received the sample from Kafeine, a renowned exploit kit researcher. He asked us to identify the vulnerability which was successfully exploited with Flash Player 15.0.0.152 but not with 15.0.0.189. That would imply the vulnerability was something patched in APSB14-22. However, based on the information that we had received via Microsoft Active Protections Program the exploit didn’t match any of the vulnerabilities patched in APSB14-22 (CVE-2014-0558, CVE-2014-0564, or CVE-2014-0569).

MALWARE: Point-of-Sale attack threat high for 2014 holiday season

Symantec documents that high risk during the forthcoming holiday seasons still remains high.  While it is likely many companies have strengthened controls, it still is a cat-and-mouse game in staying ahead of latest malware developments

http://www.symantec.com/connect/blogs/pos-malware-potent-threat-remains-retailers

 
As Americans gear up for another holiday shopping season, the threat posed by point-of-sale malware remains high. More than a year after the discovery of the first major attacks against POS networks, many US retailers are still vulnerable to this type of attack and are likely to remain so until the complete transition to more secure payment card technologies in 2015. While some retailers have enhanced security by implementing encryption on their POS terminals, others have not and retailers will continue to be a low-hanging fruit for some time. While the introduction of new technologies will help stem the flow of attacks, it will not eliminate fraud completely and attackers have a track record of adapting their methods.

MALWARE: Regin advanced spyware threat

Symantec documents a highly advanced form of spyware that is very stealth-like and difficult to detect and may have been used in variety of attacks

http://www.symantec.com/connect/blogs/regin-top-tier-espionage-tool-enables-stealthy-surveillance

http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/regin-analysis.pdf

http://www.symantec.com/security_response/writeup.jsp?docid=2013-121221-3645-99

 
An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals.