Category Archives: Security

Critical Patch for Apple IOS

AppleLogo

Apple has released a critical update for all IOS devices from the iPhone 3GS up to the new iPhone 5S and iPad Air ranges. The patch fixes a severe security flaw in the operating system which could allow a Man-in-the-Middle (MITM) attack where a secure connection could be transparently redirected to a malicious website where password and other data could be stolen or compromised. You can read more about the patch and possible danger here.

NOTE: Although this appears to be a severe issue, it is similar to the many other dangers that are out in the IT connected world today. Make sure your devices and computers are patches. Oh, and by the way, THIS IS A GOOD TIME TO REPLACE THAT OLD WINDOWS XP COMPUTER. Windows XP Will no longer be maintained with security patches from April 2014.

Here are the worst passwords for 2013 – DO NOT USE THESE!

SplashData announced its annual list of worst passwords for 2013. DO NOT USE THESE PASSWORDS. If you do currently have any of these, please change them IMMEDIATELY.

From – http://splashdata.com/press/worstpasswords2013.htm

Rank Password Change from 2012

1

123456

Up 1

2

password

Down 1

3

12345678

Unchanged

4

qwerty

Up 1

5

abc123

Down 1

6

123456789

New

7

111111

Up 2

8

1234567

Up 5

9

iloveyou

Up 2

10

adobe123

New

11

123123

Up 5

12

admin

New

13

1234567890

New

14

letmein

Down 7

15

photoshop

New

16

1234

New

17

monkey

Down 11

18

shadow

Unchanged

19

sunshine

Down 5

20

12345

New

21

password1

Up 4

22

princess

New

23

azerty

New

24

trustno1

Down 12

25

000000

New

SIM Card vulnerability discovered

German cryptographer Karsten Nohl is presenting a seminar on his findings vulnerabilities discovered in the GSM SIM card platform at Blackhat 2013 (http://www.blackhat.com/us-13/briefings.html#Nohl

Forbes has covered this news here with some explanation of what the hack is about and how it affects mobile phone users here – http://www.forbes.com/sites/parmyolson/2013/07/21/sim-cards-have-finally-been-hacked-and-the-flaw-could-affect-millions-of-phones/

It appears that the vulnerability generally affects GSM systems using the 64-bit encryption technology (http://www.nowpublic.com/tech-biz/gsm-encryption-cracked-karsten-nohl-posts-phone-hack-torrent-2547037.html).

What does this mean for Australian users? None of the carriers has put out a statement on this. However, carriers like Telstra have been using the newer 128-bit encryption technology for a number of years already. Other providers may have also followed suit. At this stage, we can only sit tight and hope carriers will address this issue quickly. In the meantime, monitor your phone usage closely and report any suspicious activity to your phone carrier quickly.

Analysis of the Australian Web Threat Landscape

In May 2013, Trend Micro and Deakin University conducted a study into the state of web based threats in Australia. They monitored web activity using Trend Micro’s Smart Protection Network (SPN) technology over a 2 week period.

The key findings were:

  • One in eight Australian IPs are exposed to web threats every day
  • Researchers’ analysed malicious activity from over 200,000,000 web requests per day from Australia, with around 400,000 of these issued to malicious web pages
  • One in every 2,500 web hits originating from Australia is malicious in nature, resulting in Australian users being victim to (3%) of the world web threat attacks
  • 57% of malicious traffic was triggered by business product users whilst consumer product users accounted for over a third 41%

You can read the full report here – http://www.trendmicro.com.au/cloud-content/au/pdfs/security-intelligence/white-papers/australian_web_threat_landscape_-v7.pdf. The report includes an example analysis of two spam attacks that occured during that period relating to the Boston Marathon Bombings using a Black Hole Exploit Kit (BHEK) landing page, and a Kelios worm.

 

Removing System Care Antivirus virus

Here is an excellent step by step guide to removing a common malware virus – http://malwaretips.com/blogs/system-care-antivirus-removal/

You will need to download the following tools:

Note: One thing that is not mentioned in the guide above is the restoration of your previous antivirus. This malware/virus will hide your existing systems, and render them unusable. When the virus is removed, you should run a System Restore back to a point before the virus was introduced.

Beware of Facebook Black malware

The Facebook Black malware virus is spreading like wildfire. It gets users to click on a link pointing to a supposed black Facebook template. The malware then accesses the user’s account to post updates and tag users to get them to click on the link.

If you are infected by this, you can easily remove the malware by navigating to the App Settings on your Facebook Account (http://www.facebook.com/settings?tab=applications). Then seach for Facebook Black and delete it.

 

You are a Target for cybercriminals

Most small businesses do not think that they are targetted by cyber criminals. SANS Securing the Human have put out and excellent poster highlighting why nobody is safe from cyber criminals and what steps you can take to protect yourself from this danger.

Here is the link – http://www.securingthehuman.org/resources/posters. Thanks to Cris Hanna (SBS MVP) for sharing the information!

Five things every Small Business should know about Web Threats and Cybercrime

The following article is an excellent summary of why Small Businesses cannot afford to be complacent in implementing safe and secure computing policies in their workplace. This was released by TrendLabs – http://www.trendmicro.com/cloud-content/us/pdfs/internet-safety/tlp_small-business-big-for-cybercrime.pdf

A quick summary of the article.

  1. Any organization, regardless os size or type can fall victim to cybercrime.
  2. Small businesses manage infromation that is of interest to cybercriminals.
  3. Cybercriminals unleash 3.5 new threats targetting small businesses every second.
  4. Compliance is costly, but noncompliance is costlier and can serve as a window to cybercrime.
  5. Small businesses are moving to the cloud and are embracing cloud security but cybercriminals are not far behind. (my note: they are already there!)

So what can you do about this?

  1. Make sure your systems are up to date (hardware and software) and that you have a plan for backup and disaster recovery.
  2. Talk to a specialist (your IT provider) about getting into compliance. If you don’t have one, I would strongly recommend that you locate a IT partner that you can trust and work with.
  3. Be alert about the threats that are out there. Have a look at my previous blog posts (search Category:Security) for more infomation.