- Simon Mullis of FireEye now posted the last part of the three-part series we mentioned last week with the title “Thinking Outside the Sandbox“. It seems like Anti-Virus vendors are using uploaded files from VirusTotal and alike services to find new Command-and-Control (C&C) servers but do this only successfully for ZeuS based malware families.
- A talk from Alex Stamos at the Black Hat conference last week made the point that RSA is broken in four to five years. The BREACH attack he showed abuses the fact that compression combined with encryption is problematic. Applied to HTTPS he was able to steal a secret in under 30 seconds.
- Nice write-down of the Comfoo APT threat by SecureWorks. While it targeted mainly Japanese and Indian government ministries, other industries such as education were targeted as well. The article concludes with the very true statement that most businesses will never see a Comfoo infection. However, evaluating whether an organization is a potential target of cyber-espionage is important in any risk evaluation.
- OpenX downloads were compromised. OpenX is an open source ad serving product used widely on the Internet. The binary distribution contained malicious files with a backdoor. The file was modified in November 2012. So, if you downloaded this software within the last 7 months, attackers have full access to your site.
- Matt Johansen of WhiteHat Security writes about Two-Factor Authentication. What it is, why you should care and how it is used by Google, Facebook and Twitter. Read the article and then go and enable it for your accounts if you haven’t already.
IT-Security-Links #33
SWITCH Security-Blog 