Tag Archives: cybercrime

April 17th updates

Updates to Anti-Social Media 

Brian Krebs: Deleted Facebook Cybercrime Groups Had 300,000 Members – “Hours after being alerted by KrebsOnSecurity, Facebook last week deleted almost 120 private discussion groups … who flagrantly promoted a host of illicit activities on the social media network’s platform … The average age of these groups on Facebook’s platform was two years.”

Updates to Meltdown/Spectre and other chip-related resources

Note that this page’s name has now been changed to reflect the fact that it addresses a wider range of chip issues and news than Spectre and Meltdown, as witnessed by these links.

[News and general resources section]

Help Net Security: Rambus launches fully programmable secure processing core – “At RSA Conference 2018, Rambus announced the availability of the CryptoManager Root of Trust (CMRT), a fully programmable hardware security core built with a custom RISC-V CPU.”

The Register: Microsoft has designed an Arm Linux IoT cloud chip… – “Microsoft has designed a family of Arm-based system-on-chips for Internet-of-Things devices that runs its own flavor of Linux – and securely connects to an Azure-hosted backend.”

Paul Ducklin for Sophos: Could an Intel chip flaw put your whole computer at risk? – “Well, the spectre of CIH is back in the news following a recent security advisory, numbered INTEL-SA-00087, from chip maker Intel.”

Updates to (new page) Internet of (not necessarily necessary) Things

  • National Cyber Security Centre: Advisory: Russian State-Sponsored
    Cyber Actors Targeting Network Infrastructure Devices
    “Since 2015, the US and UK Governments have received information from multiple sources including private and public sector cybersecurity research organisations and allies that cyber actors are exploiting large numbers of enterprise-class and SOHO/residential routers and switches worldwide. The US and UK Governments assess that cyber actors supported by the Russian government carried out this worldwide campaign. These operations enable espionage and intellectual property that supports the Russian Federation’s national security and economic goals.”
  • Commentary from Help Net Security: US, UK warn Russians hackers are compromising networking devices worldwide

Trend Micro: Not Only Botnets: Hacking Group in Brazil Targets IoT Devices With Malware – “What is the most common internet-of-things (IoT) device across network infrastructures, whether in homes or businesses? Answer: the router.”

Updates to Mac Virus

Security Research Labs: Mind the Gap – Uncovering the Android patch gap through binary-only patch analysis (HITB conference, April 13, 2018)

Commentary by Help Net: Your Android phone says it’s fully patched, but is it really?

E Hacking News: New malware strikes panic among B’luru bank customers – “The bankers in Bengaluru claimed to have discovered a new malware that helps the hackers siphon off money from a number of bank accounts … The policemen probing the cyber crime initially talk of MazarBot, a malware, used to sent some SMS to the bank account holders’ smart phones which provides the hackers with the banking details of the accountholders.

Kaspersky: GOOGLE PLAY BOOTS THREE MALICIOUS APPS FROM MARKETPLACE TIED TO APTs

 

David Harley

Advertisements

Virus Bulletin Seminar Announced

Virus Bulletin have announced the first in a new series of Seminars. Aimed towards the corporate IT Admins and security practitioners, the day long seminar will look at protecting organisations in the modern age of Internet enabled crime.

Speakers include

  • Bryan Littlefair, Vodafone Group
  • Bob Burls, Police Central e-Crime Unit
  • Graham Cluley, Sophos
  • Alex Shipp
  • David Evans, Information Commissioner’s Office
  • Andrew Lee, K7 Computing
  • Martin Overton, IBM
  • Richard Martin, UK Payments Administration

http://www.virusbtn.com/seminar/index.xml

There’s an early bird price available, and seats are likely to fill up fast, so get in early!

Andrew Lee CISSP
AVIEN CEO / CTO K7 Computing

Anti-Phishing Working Group: CeCOS IV

The Anti-Phishing Working Group has asked its members to publicize the forthcoming Counter eCrime Operations Summit in Brazil, which I’m pleased to do.

This year the APWG is hosting it’s fourth annual Counter eCrime Operations Summit (CeCOS IV) on May 11, 12 & 13 in São Paulo, Brazil.  The Discounted Early Bird Registration rate will end on April 9th.  Do not miss this opportunity to join our host CERT.br with APWG Members from around the globe at this one of a kind event. Counter-eCrime professionals will meet for sessions and discussion panels that look into case studies of organizations under attack and deliver narratives of successful trans-national forensic cooperation.

This is APWG’s first visit to South America and will help build our network of trusted friends worldwide.  The discounted registration rate of $250 USD covers all three days of content, lunch, breaks and the Wednesday night reception.  (NOTE: APWG Members will receive an additional discount during registration) This “Early Bird” rate will end on April 9th, after that through the beginning of the event on 11 May registration is $325 USD.

A partial agenda is posted at the link below.  Translation services for English, Spanish and Portuguese will be available for all session.

http://www.apwg.org/events/2010_opSummit.html#agenda

Register Here:

http://secure.lenos.com/lenos/antiphishing/cecos2010/

David Harley FBCS CITP CISSP
Security Author/Consultant at Small Blue-Green World
Chief Operations Officer, AVIEN
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://avien.net/blog
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com
http://macvirus.com