SANS Institute - News, Features, and Slideshows

News

• Personal weather stations can expose your Wi-Fi network

  In the latest Internet of Things security blunder, personal weather station devices made by Netatmo were found sending users' Wi-Fi passwords back to the company over unencrypted connections.

• Vulnerabilities found in more command-line tools, wget and tnftp get patches

  The critical Shellshock vulnerabilities found last month in the Bash Unix shell have motivated security researchers to search for similar flaws in old, but widely used, command-line utilities.

• Encryption goof fixed in TorrentLocker file-locking malware

  The developers of a type of malicious software that encrypts a computer's files and demands a ransom have fixed an error security experts said allowed files to be recovered without paying.

• DOJ's charges against China reframe security, surveillance debate

  The U.S. Department of Justice's decision to bring computer hacking and economic espionage charges against five alleged members of the Chinese army is an attempt by President Barack Obama's administration to redirect a global discussion about cyberhacking and surveillance, some cybersecurity experts said.

• NSA denies knowing about Heartbleed flaw for years

  The U.S. National Security Agency, which has a cybersecurity mission in addition to surveillance, has disputed a report that it knew about the Heartbleed security vulnerability for at least two years before other researchers disclosed the flaw this month.

• Exploit released for vulnerability targeted by Linksys router worm

  Technical details about a vulnerability in Linksys routers that's being exploited by a new worm have been released Sunday along with a proof-of-concept exploit and a larger than earlier expected list of potentially vulnerable device models.

• Worm 'TheMoon' infects Linksys routers

  A self-replicating program is infecting Linksys routers by exploiting an authentication bypass vulnerability in various models from the vendor's E-Series product line.

• Spy agencies around the world use radio signals to tap data from targeted systems

  Reports this week that the National Security Agency uses radio signals to collect data from tens of thousands of non-U.S. computers, some not connected to the Internet, is sure to fuel more acrimony towards the U.S. spy agency.

• US Department of Homeland Security releases software security scoring system

  The US Department of Homeland Security (DHS), along with the SANS Institute and Mitre, released a scoring system on Monday designed to help enterprises verify whether the software they are using meets reasonable standards for secure coding.

• Search on for next UK Cyber Security Challenge champion

  Registration for the 2011 <a href="http://www.computerworlduk.com/news/public-sector/21312/government-launches-computer-security-training-exercises/">Cyber Security Challenge UK</a> has opened today, as the industry goes on its second annual search to find the IT security talent of the future.

• Memory scraping malware tipped as big threat for 2011

  SANS Institute security researchers have identified &quot;pervasive memory scraping&quot; as one of the most dangerous attack techniques likely to be used in coming the coming year.

• NASA appoints new information security chief

  NASA this week appointed Valarie Burks as its deputy CIO for Information Technology Security.

• 'Here you have' threat subsides, but comeback possible

  The first wave of the "Here you have" virus seems to have run its course with removal of the malicious file from the site from which it was being downloaded, but keep an eye out for follow-up versions.

• One in five mobile devices running malware: study

  The SANS Institute's Internet Storm Center (ISC) has surveyed its membership on the subject of malicious programs that target mobile devices like iPhones and BlackBerrys, and the results are sobering.
  In a running poll that has, so far, netted 540 respondents, SANS researchers found that 85 percent were not scanning their mobile devices for malicious programs. Of the 15 percent who were, 18 percent found mobile malware running on their devices. That's higher than the overall infection rate for PCs in North America, which Microsoft pegs at between 7 and 10 percent of all Windows systems in the United States and Canada. In fact, 18 percent is close to the infection rate for XP SP1 systems. &quot;As secure as XP SP1&quot; isn't the kind of security you want.
  Extrapolate that number and it suggests that, as SANS points out, as many as 83 of the 457 participants who weren't scanning their mobile devices could be missing an active malware infection. Look at the number of smartphones in use globally and the infection numbers get even scarier, but also more hypothetical &#8212; after all, the mobile universe isn't a monoculture like the PC world. There are endless variations of Symbian, Windows Mobile, Palm, as well as BlackBerry, iPhone, Android and the like. Not all are equally valuable or attractive to attackers. It's also not clear what kinds of malware turned up on the self-reported scans and whether false positives might be in the mix.
  The conventional wisdom is that mobile malware isn't a big concern so much as a gushing font of vendor FUD and scare tactics. The enterprises I talk to are far more concerned about the data on mobile devices that might get lost or stolen than they are about mobile devices as a malware bridge to their enterprise networks.
  Anecdotally, anti-malware vendors tell me that mobile malware is still a tiny sliver of a fat malware pie &#8212; but it's also a growth area with new instances of mobile malware coming online at an alarming rate. We've also written about some of the big security loopholes that scammers and malware authors are getting hip to &#8212; notably the loosely policed application marketplaces for platforms like iPhone and, especially, Android.
  Despite all that, if we're to believe that 85 percent of mobile phone users don't scan for malware, then there's clearly some waking up that will need to take place. The SANS report may be one alarm bell. Also look to this year's Black Hat and Defcon events to raise the heat under the mobile malware pot.

• Cybercrims focus on Macs and zero-day

  The SANS Institute has warned of a steep increase in critical security holes in Apple&#8217;s Mac OS X operating system and in previously undiscovered (&#8220;zero day&#8221;) vulnerabilities in web browsers.