- Millions of SIM cards can be compromised because of wrongly configured Java Card software and weak encryption keys said security researcher Karsten Nohl. Nohl will be presenting his result on August 1st at the Black Hat security conference in Las Vegas. At least for Switzerland, the big mobile network operators assure that they never used SIM cards with weak encryption keys.
- The team at Information is Beautiful published an interesting visualization about the World’s Biggest Data Breaches from the last almost ten years. Looking at the graph, it’s of no surprise we sometimes feel that there is a data breach almost every week!
- URL shortener are often times used to hide malicious URLs. McAfee Labs looked at the Short-URL services most targeted by Malware in 2013 and also mentions its own secure URL shortener (mcaf.ee).
- In the IT-Security-Links Week 28, we mentioned the “Master key” vulnerability that allows attackers to inject malicious code into legitimate Android applications. Symantec now found the first applications abusing this vulnerability. All of these apps are designed for Chinese language users though.
- Microsoft informed that with the 1400 Citadel botnets taken down in June a total of 88 percent of the botnets spawned by that malware have been taken down. In addition, their analysis shows that approximately 40 percent of the infected computers which were impacted by their operation have been cleaned.
IT-Security-Links #31
SWITCH Security-Blog 