Mobile users exposed: SSL/TLS vulnerabilities live on
Our lead Key Topic discusses cryptographic vulnerabilities in popular mobile apps that allow cybercriminals to establish man-in-the-middle attacks when users sign on to their mobile apps’ companion websites. Poor programming practices by these app developers expose their users to a variety of SSL/TLS vulnerabilities such as BERserk and Heartbleed, which relate to the formation of secure sessions. As a result, all communications between the mobile apps and their websites, including usernames and passwords, are potentially viewable by cybercriminals. This exposure, coupled with the commercial availability of mobile malware source code and the McAfee Labs prediction that mobile malware generation kits will soon be offered on the dark web, is a recipe for theft and could lead to an erosion of trust in the Internet.
After the death of Blacole: the Angler exploit kit
An exploit kit is an off-the-shelf software package containing easy-to-use
attacks against known and unknown vulnerabilities. Very quickly after the arrest of the Blacole exploit kit’s creator in 2013, cybercriminals migrated to the Angler exploit kit to deliver their payloads. Because Angler is simple to use and widely available through online dark markets, it has become a preferred method to transport malware. In the second half of 2014, the Angler exploit kit gained the attention of the security industry because of its prevalence and because of new capabilities such as fileless infection, virtual machine and security product detection, and its ability to deliver a wide range of payloads including banking Trojans, rootkits, ransomware, CryptoLocker, and backdoor Trojans. As of this writing, it remains one of the most popular exploit kits.
Fifty shades of gray: the challenging world of potentially unwanted programs
PUPs are applications that have legitimate uses but have functions and behaviors that can be exploited against the user without the user’s consent. The most common distribution techniques for PUPs include piggybacking legitimate apps, social engineering, online ad hijacking, unintended installation of browser extensions and plug-ins, and forced installation along with legitimate apps. They are hard to police because they don’t exhibit the kind of malicious behavior typically caught by security products. As this story highlights, some PUP creators are becoming more sinister, so PUP policies must be frequently updated to ensure proper protection
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program