What's New Around 5,077 applications, or 1.2 percent, of 420,646 Google Play apps analyzed by security firm Bitdefender are stolen from other developers and re-engineered to steal data and perform other malicious activities, related Loredana Botezatu, e-threat analyst for Bitdefender, in a blog. The survey shows that applications uploaded by 2,140 verified developers are over 90 percent identical, not including the library code (code that can be used by multiple developers), to the work of other developers on Google Play. "These duplicates or repackaged applications should not be mistaken with different versions of an app. Here, it's about a publisher who takes an application, reverse-engineers its code, adds aggressive advertising SDKs [software development kits] or other beacons, then repackages and distributes it as his own," explained Bitdefender Chief Security Strategist Catalin Cosoi. Some of these duplicates are able to access location information on the Android device, leak the device ID, or connect to social media platforms without the user's knowledge. "By design, Android applications can be disassembled, modified and reassembled to provide new functionalities. This way an attacker can easily rip an APK off the Play Store, turn it into program code, modify it and distribute it as its own," wrote Botezatu. "Most modifications add a new Advertising SDK in the repackaged app or change the Advertiser ID from the original app so revenue obtained through ad platforms gets diverted from the original developer to the individual who plagiarizes their work," she added. Bitdefender advised Android users "to exercise extreme caution" when installing Google Play apps and to review app permission requests carefully. For more:
- read Botezatu's blog Related Articles:
Trend Micro: Android malware threats, high-risk apps eclipse 1M mark
Symantec uncovers 1,200 malicious apps on Google Play this year Read more about: Google Play
back to top
Online forum software maker vBulletin has admitted that its network was breached and that personal information of users was stolen. "Very recently, our security team discovered sophisticated attacks on our network, involving the illegal access of forum user information, possibly including your password. Our investigation currently indicates that the attackers accessed customer IDs and encrypted passwords on our systems," explained Wayne Luke, vBulletin lead technical support, in a forum post on Friday. vBulletin said it reset passwords for account users. "Please choose a new password and do not use the same password you used with us previously. We also highly recommend that you chose a password that you are not using on any other sites," Luke advised. Hacker group Inj3ct0r Team took credit for the hack, as well as a hack of MacRumors.com. The group said it discovered a zero-day hole in vBulletin's forum software. "We got shell database and root server. We wanted to prove that nothing in this world is not safe [sic]. We found a critical vulnerability in vBulletin all versions 4.x.x and 5.?.x. We've got upload shell in vBulletin server, download database and got root," the group explained in a Facebook post. According to security researcher Brian Krebs, the hackers used a "clever cross-site-scripting attack" to hack into MacRumors, which runs vBulletin software. "Interestingly, several individuals appear to be selling what they claim are zero-day exploits in vBulletin 4.x and 5.x," explained Krebs. Inj3ct0r "advertised a copy of the supposed exploit for $7,000, available for payment via virtual currencies Bitcoin and WebMoney," he added. However, vBulletin said that it is not aware of any zero-day holes in current versions of its software. "Given our analysis of the evidence provided by the Inject0r team, we do not believe that they have uncovered a 0-day vulnerability in vBulletin," Luke wrote. "These hackers were able to compromise an insecure system that was used for testing vBulletin mobile applications. The best defense against potential compromises is to keep your system running on the very latest patch release of the software," he added. For more:
- see vBulletin's advisory
- check out Inj3ct0r Team's post
- read Krebs' blog Related Articles:
Enterprise users make up majority of mobile security client software market
Microsoft warns about zero-day hole that impacts Windows, Office and Lync Read more about: Brian Krebs, network breach
back to top
A majority of IT professionals said their companies are dissatisfied with their current BYOD security product and want to replace it, according to a survey of 895 IT and IT security professionals by the Ponemon Institute on behalf of email security firm Zix Corp. More than 60 percent of respondents said their companies support BYOD, yet 46 percent of those companies do not have tools or policies in place to secure corporate data. More than two in five respondents said their companies have limited BYOD deployment due to employee resistance to putting security tools on personal devices and inadequate security tools. "The speed at which BYOD took hold of the business community is unlike any technology trend we've seen before," commented Larry Ponemon, chairman and founder of the Ponemon Institute. "Companies are swiftly adopting BYOD to enable work productivity and create efficiencies but are hitting significant road bumps in cost, security and employee concerns. The evolution of BYOD solutions to overcome these challenges is necessary for full adoption across companies and among the entire employee base," he added. In addition, more than one-third of respondents said their companies only use mobile device password policies for security. "Understanding the current state of BYOD and companies' goals and concerns will enable the market to develop innovative answers that advance BYOD to its full potential. Securely streaming corporate data to mobile devices instead of controlling the devices themselves is one approach that meets both company needs and employee demands," added Zix Chairman and CEO Rick Spurr. For more:
- see the Zix release Related Articles:
BYOD is 'an unregulated mess,' says IT security expert
Most companies fail to explain BYOD policies, study finds Read more about: BYOD, Ponemon Institute
back to top
A full 84 percent of U.S. travelers admit that they are not protecting their data when they connect to public Wi-Fi networks, according to a survey of 2,200 U.S. adults by PhoCusWright on behalf of Wi-Fi hotspot VPN provider AnchorFree. While not taking measures to protect their data, most of these travelers are concerned about personal data theft when using public Wi-Fi. The top three concerns cited when using public Wi-Fi are the possibility of someone stealing personal information when engaging in banking or financial sites (51 percent), making online purchases that require a credit or debit card (51 percent) and making purchases using an account that has payment information stored (45 percent). "In the age of tablets, smartphones and ubiquitous hotspots, many travelers don't realize that they are unsuspectingly sharing sensitive information with others on public Wi-Fi," said David Gorodyansky, founder and CEO of AnchorFree. Check out AnchorFree's full-size infographic on the survey results here. 
Read more about: personal data theft, WiFi Hotspot
back to top
Increasing cyber threats are fueling growth in the smart grid cybersecurity market, which is forecast by TechNavio to increase at a 29.4 percent compound annual growth rate through 2016. Key vendors in the market are BAE Systems, Cisco, IBM, Industrial Defender, IOActive, Lockheed Martin, McAfee, Siemens, Symantec and ViaSat. Market growth is being spurred on by increasing cyber threats against the smart grid infrastructure, as well as new sources of vulnerabilities. TechNavio estimates that close to 4,400 new smart grid vulnerabilities were detected during 2010. The research firm identified a number of different components within smart grids that are vulnerable: "IT systems such as computers, servers, databases, and web services; communications networks such as Ethernet, Wi-Fi, and ZigBee; operational technologies such as supervisory control and data acquisition, power line communications, energy management systems, and intelligent electronic devices; end access points such as smart meters, smartphones, and other mobile devices; and human influences such as lack of training and misuse of universal serial bus drives." A major challenge to market growth is the lack of disclosure mechanisms. Power utilities are reluctant to disclose the occurrence of smart grid cyber attacks because of the fear that more grid vulnerabilities will be exposed, which could reduce customer loyalty. Last month, the National Institute for Standards and Technology announced that it was updating its smart grid cybersecurity guidelines to incorporate technology and legal changes since the guidelines were first issued in 2010. "Millions of smart meters are in use around the country now, and as the smart grid is implemented we have gained more knowledge that required minor tweaks to the existing document. There also have been legislative changes in states such as California and Colorado concerning customer energy usage data, and we have made revisions to the volume on privacy based on the changing regulatory framework," said NIST computer scientist Tanya Brewer. NIST is seeking public comment on the revisions until Christmas Eve. For more:
- check out TechNavio's stats
- see NIST's announcement Related Articles:
Big data's impact on utilities: from smart grid to soft grid
Security vulnerabilities threaten growth of M2M market, warns Juniper Read more about: cybersecurity
back to top
| 
Follow @fierceitsec on Twitter
While other parts of the economy are stagnating, cybercrime is booming, according to 
No comments:
Post a Comment
Keep a civil tongue.