SWITCH Security-Blog

SWITCH-CERT IT-Security Blog


The December 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Power and cybercrime – massive quantities of user data stolen in two recent hacks
  • When supposed security add-ons actually spy on your browsing habits
  • Mirai part II – botnet knocks out 900,000 Telekom routers
  • It’s not all bad news – Avalanche botnet taken down

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


The November 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • IT security researchers reveal vulnerabilities in photoTAN procedure for mobile banking
  • DDoS attack via IoT botnet shuts down parts of Internet
  • Triple record: Yahoo loses half a billion customers’ details, more trust than ever and USD 1 billion from its acquisition price

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The October 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Swiss electorate votes in favour of Intelligence Service Act – making everyone a suspect?
  • Your money or your device – mobile banking Trojan Gugi tricks Android users
  • SWIFT, and it’s gone – banks lose money to hackers again following SWIFT data theft
  • It was just a question of time – botnet discovered on Internet of Things

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


2 Comments

The September 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Bug bounties and the Cyber Grand Challenge
  • Pegasus spies on Apple devices, QuadRooter threatens Android
  • A USD 22 billion investment pays off – WhatsApp shares phone numbers with Facebook
  • Now you see them, now you don’t – another multi-million-dollar Bitcoin theft
  • DiskFiltration and Fansmitter attempt to bridge the air gap

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The July 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • DAO-ism on the ethereal plane – hacker bags cryptocurrency worth USD 50 million
  • Ransomware – smart, greedy and unkillable
  • CANVAS ready to launch – bridging cybersecurity and ethics
  • US border guards want to be your Facebook friend – and other news on anti-terror measures

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


The June 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • A RUeful tale – unknown cyberattackers steal 20 gigabytes of data from RUAG
  • Twitter shuts the door on US intelligence services
  • iPhone stays locked – Touch ID demands a password after 48 hours
  • Passwords for e-banking and suchlike? You can soon forget them!

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The May 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Faster than Odysseus – e-banking Trojan Gozi attacks Switzerland via news website
  • Heartbreak remote – chip implants and the security of implanted, software-driven medical devices
  • One point three million dollar phone – FBI spends big in iPhone hacking dispute with Apple
  • It looks horrible, and it is – Jigsaw causing terror once again, this time in digital form

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The April 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Probably the most expensive typo ever foils probably the biggest attempted bank robbery ever
  • Switzerland targeted by various hacker groups? Series of DDoS attacks on Swiss websites
  • Connected cars “one of this generation’s biggest security risks”
  • Done and dusted – the new Federal Act on the Surveillance of Post and Telecommunications

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The March 2016 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Torpedoed for a fistful of dollars – university helps authorities spy on Tor users
  • Crypto Wars 3.0 – will the FBI be given a licence to snoop, or can – Apple successfully lock down the unlocking?
  • Deadly bugs in hospital – ransomware Trojan Locky shuts down entire clinics and more
  • Mission: Possible – Big Data and automated law enforcement

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


New SWITCH Security Report available

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are

  • ICSI’s Haystack looking for Android needles – and beta testers for its field study
  • Staging a comeback with a blackout – macro-Trojans return and apparently cause Christmas power cut in western Ukraine 
  • Is it really smart? Many smart home solutions have security holes as big as a garage door
  • From Mad Men to Bad Boys – malware becoming harder to monitor due to malvertising

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.


2 Comments

Attack of the killer Ads

By Daniel Stirnimann and Serge Droz

Recently I was quoted saying “… .ch and .li are the most secure (top-level) domains!”. In the same meeting, Security Rock Star Mikko Hyppönen claimed, “Surfing the Web with your laptop is the most dangerous thing you can do in the Internet.”  So what is true, what is false? Rather than speculate about obscure statistics I’d like to illustrate one of the big problems we face in .ch today, namely using ads as a back door to reach victims through reputable sites.

Ads: enter through the hallway

Malware distributors have one goal: spreading their stuff as widely as possible. This is achieved through different means. Malware was traditionally distributed – and still is – through e-mail attachments. This was the case, for example, with the Retefe malware. Alternatively, web pages can be hacked and used to spread malware by exploiting browser bugs. SWITCH has been very active, through its Safer Internet initiative, in working to reduce this infection vector. In fact, we’ve been so successful, that drive-by is very scarce in Switzerland, hence the statement that ” … .ch is one of the most secure ccTLDs”. Drive-by websites are always hacked, but in most cases they are not very popular websites, since popular websites are typically well protected. Many of the later ones offer a backdoor tough: ads! News sites in particular make most of their revenue by selling on line ads, which explains the “ad-war” arms race between ad-blockers an news agencies (see our Security Report on anti-anti-ad features). A very common way is malvertising, a term coined by William Salusky. Salusky found ads that were in fact carrying malicious payloads. Let’s look at a slightly different scenario, namely a legitimate but compromised ad server. While technically a different scenario it has the same effect on the end user.

Most people would think that visiting a website just serves you content from that site but this is not true for most of the large sites, in particular news sites. They import contents such as videos, trackers, counters, scripts and especially ads from third-party sites. These are not controlled by the original site, and often import content themselves from yet another site. Thus, a well maintained site with high security standards will often import stuff from sites with lower security. Think of it as sitting in a highly rated restaurant that has one bad food supplier.

The image below shows all the external sites involved whenever you visit three popular news sites.

 

Ohne Addon

The above example shows what happens when you visit three popular Swiss newspapers. Triangles denote third-party sites from which content is imported when you visit the respective news site. The visualisation was done using the Mozilla addon LightBeam

Continue reading


New SWITCH Security Report available

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Does PrivaTegrity spell the end of crypto wars? David Chaum’s new encryption system bridges gap between completely anonymous communication and crime prevention
  • The boss is listening, and it’s OK – controlled surveillance of private communications at work does not violate human rights
  • Yesterday’s science fiction, today’s reality – forecasting software and systems to spot crimes before they are committed
  • A patchy start to the year – reports of security issues read like a who’s who of network equipment suppliers

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.


1 Comment

New SWITCH Security Report available – Invitation to take part in a Reader Survey

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • Pavlov in Paris – how the conditioned response to terrorist attacks links the real and online worlds
  • «Added value» as standard – new devices delivered complete with malware and extra vulnerabilities
  • Silent profilers – audio beacons allow advertisers to operate extensive tracking
  • Ads, adblockers, anti-adblockers, anti-adblock killers – the arms race continues
  • The Clipboard: interesting presentations, articles and videos

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

Invitation to take part in the SWITCH Security Report Reader Survey

SWITCH is carrying out a reader survey on the Security Report, and we would be grateful if you could share your views on how we can improve it. Your help will allow us to enhance the Security Report, and tailor it better to your needs.

It goes without saying we will handle your responses in the strictest of confidence and with due discretion. With this in mind, all of the information you provide will be analysed in completely anonymised form.

Please complete the questionnaire by Friday, 18 December 2015 at the latest. It will take you roughly 8-10 minutes.

You can take the survey at one of the following links:

German: http://swit.ch/befragung-secrep

English: http://swit.ch/survey-secrep

Please don’t hesitate to contact us if you have any questions about completing the survey!

Many thanks for taking part and helping us.


The November 2015 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • No safe harbour in the Land of the Free – EU Court of Justice restricts data transfer to US
  • A different kind of virus – medical equipment hackable online on a grand scale
  • Viruses, scanned – free anti-virus programs almost as good as those you pay for
  • Let’s hear it, buddy! ETH Zurich research team simplifies two-factor authentication with sound recognition
  • Situation critical – researchers find vulnerabilities in 87% of all Android devices

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.

 


The October 2015 issue of our SWITCH Security Report is available!

Dear Reader!

A new issue of our monthly SWITCH Security Report has just been released.

The topics covered in this report are:

  • XcodeGhost and Stagefright hit industry heavyweights Apple and Google and pose questions
  • BÜPF, NDG and government Trojans – debate on sense, senselessness, costs and risks of state surveillance enters next round
  • Privacy B2B – growing number of attacks on SMEs and critical infrastructure
  • Fingerprints of at least 5.6 million US federal employees stolen – who cares?
  • DIY 007 – Deep Sweep project spies on satellite communications

The Security Report is available in both English and German.

»»  Download the english report.      »»  Download the german report.

Did you miss our previous Security Report? Click here to go to the archive.