Security in the Headlines

Google Kills Chart-Topping Fake Antivirus App

April 8, 2014 | The Register

An android antivirus app which briefly hit number 1 on Google Play's new paid apps has been exposed as a fraud by the blog Android Police. "Virus Shield", which has since been removed by Google, was not simply overstated or misleading, it was an outright scam providing absolutely no useful functionality. Yet, the app cost $3.99, garnered upwards of 10,000 downloads, and scored an impressive rating of 4.7 out of 5 stars. Android Police has made the decompiled source code available on github to prove its claims. (read more)

Fridge sends spam emails as attack hits smart gadgets

January 17, 2014 | BBC

A fridge has been discovered sending out spam after a web attack managed to compromise "smart gadgets." Proofpoint, the security firm which uncovered the attack, reported that 25% of the messages seen by researchers did not pass through traditional computers like laptops, desktops, and smartphones. Instead, the messages came from smart devices such as kitchen appliances, home media systems, and web-connected televisions. (read more)

Reseachers Extract RSA Keys From Laptops via Acoustic Analysis

December 18, 2013 | Tel Aviv University

Many computers emit a high-pitched noise during operation, due to vibration in some of their electronic components. These acoustic emanations are more than a nuisance: they can convey information about the software running on the computer and, in particular, leak sensitive information about security-related computations. Using a new acoustic cryptanalysis key extraction attack, applicable to GnuPG's current implementation of RSA, researchers were able extract full 4096-bit RSA decryption keys from laptop computers (of various models), within an hour by analyzing the sound generated by the computer during the decryption of some chosen ciphertexts. The researchers demonstrated that such attacks can be carried out using either a plain mobile phone placed next to the computer, or a more sensitive microphone placed 4 meters away. (read more)

Target Investigating Data Breach

December 18, 2013 | Krebs on Security

Nationwide retail giant Target is investigating a data breach potentially involving millions of customer credit and debit card records, multiple reliable sources tell KrebsOnSecurity. The sources said the breach appears to have begun on or around Black Friday 2013 - by far the busiest shopping day the year. According to sources at two different top 10 credit card issuers, the breach extends to nearly all Target locations nationwide, and involves the theft of data stored on the magnetic stripe of cards used at the stores. (read story)

Pitt professor Dr. Balaji Palanisamy commented on the situation on WTAE Action News 4:

CryptoLocker Malware Holds Computers Hostage

November 1, 2013 | Krebs on Security

A particularly pernicious PC virus called CryptoLocker has recently been infecting thousands of computers. The malware, aptly described as "ransomware," effectively holds infected computers hostage by encrypting files until the user pays a ransom (in Bitcoins). The malware claims to use RSA-2048 encryption to generate a virtually unbreakable unique encryption key pair for each computer. If the demanded ransom is not paid within the given time limit, the malware claims the necessary decryption key will be deleted, rendering the encrypted files unrecoverable. Learn more about the virus and how to avoid it.

Meet "badBIOS," the mysterious Mac and PC malware that jumps airgaps

October 31, 2013 | Ars Technica

Three years ago, security consultant Dragos Ruiu was in his lab when he noticed something highly unusual. A computer running the Open BSD operating system began to modify its settings and delete its data without explanation or prompting. His network transmitted data specific to the Internet's next-generation IPv6 networking protocol, even from computers that were supposed to have IPv6 completely disabled. Strangest of all was the ability of infected machines to transmit small amounts of network data with other infected machines even when their power cords and Ethernet cables were unplugged and their Wi-Fi and Bluetooth cards were removed. (read story)

Facebook 'stalker' tool uses Graph Search for powerful data mining

October 18, 2013 | Computerworld

Graph Search granularly mines Facebook's vast user data: where people have visited, what they like and if they share those same preferences with their friends. 'FBStalker' is a Python script which runs in the Chrome browser on OS X, entering queries into Facebook's Graph Search and pulling data. Even if a person's profile is locked down to strangers, their interactions with others can be telling. FBStalker uses Graph Search to find photos in which two people are tagged, comments on profiles, and more. (read story)

Indonesia tops China as source of Internet attacks

October 16, 2013 | CNET News

Attack traffic from Indonesia nearly doubled in the second quarter of 2013, according to Akamai's latest "The State of the Internet" report. (read story)

Feds Take Down Online Fraud Bazaar 'Silk Road', Arrest Alleged Mastermind

October 2, 2013 | Krebs on Security

Federal agencies have taken over the Silk Road, a sprawling underground Web site accessible only via the Tor anonymity network which had earned infamy as the "eBay of drugs." The site's alleged mastermind, 29-year-old Ross William Ulbricht, has been arrested and charged with several criminal violations. (read story)