Security Alerts & News
by Tymoteusz A. Góral

History
#1364 First Twitter-controlled Android botnet discovered
Android/Twitoor is a backdoor capable of downloading other malware onto an infected device. It has been active for around one month. This malicious app can’t be found on any official Android app store – it probably spreads by SMS or via malicious URLs. It impersonates a porn player app or MMS application but without having their functionality.

After launching, it hides its presence on the system and checks the defined Twitter account at regular intervals for commands. Based on received commands, it can either download malicious apps or switch the C&C Twitter account to another one.

“Using Twitter instead of command-and-control (C&C) servers is pretty innovative for an Android botnet,” says Lukáš Štefanko, the ESET malware researcher who discovered the malicious app.
#1363 France, Germany push for access to encrypted messages after wave of terror attacks
France and Germany are to ask the EU for new powers that could see state intelligence agencies compel makers of mobile messaging services to turn over encrypted content.

The two member states have both numerous suffered terrorist attacks in the past year and a half, with hundreds killed by the so-called Islamic State group, but argue that their intelligence agencies are struggling to intercept messages from criminals and suspected terrorists.

Many mobile messaging providers, like WhatsApp, Apple's iMessage, and Telegram, all provide end-to-end encrypted messaging to thwart spying by both hackers and governments alike.
#1362 MIT scientists develop groundbreaking new WiFi that's three-times faster
Scientists at MIT claim to have created a new wireless technology that can triple Wi-Fi data speeds while also doubling the range of the signal. Dubbed MegaMIMO 2.0, the system will shortly enter commercialisation and could ease the strain on our increasingly crowded wireless networks.

Spectrum crunch is a huge problem for network operators, caused by a growing number of smartphones, laptops and other internet-enabled devices combined with a limited amount of space on the networks they're connected to.

Multiple-input-multiple-output technology, or MIMO, helps networked devices perform better by combining multiple transmitters and receivers that work simultaneously, allowing then to send and receive more than one data signal at the same time. MIT's MegaMIMO 2.0 works by allowing several routers to work in harmony, transmitting data over the same piece of spectrum.
#1361 Cisco begins patching equation group ASA zero day
Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump.

Users on affected versions of ASA, 7.2, and 8.0 through 8.7, are urged to migrate soon to 9.1.7(9) or later. Newer versions that are also implicated—9.1 through 9.6—are expected to be updated in the next two days in some cases.

“We have started publishing fixes for affected versions, and will continue to publish additional fixes for supported releases as they become available in the coming days,” Cisco’s Omar Santos said today in an updated advisory.
#1360 Asian companies have world's worst cybersecurity says study
Many Asian organisations are badly defended against cyber-attacks, a year-long investigation by US security company Mandiant indicates.

The median time between a breach and its discovery was 520 days, it says. That is three times the global average.

Asia was also 80% more likely to be targeted by hackers than other parts of the world, the report said.

It said an average of 3.7GB in data had been stolen in each attack, which could be tens of thousands of documents.

However, the bulk of the incidents were not made public because the region lacks breach disclosure laws.
#1359 APAC unprepared for security breaches: FireEye's Mandiant
Mandiant, a FireEye company, said it had responded to a number of high profile breaches in 2015, finding that organisations in the Asia-Pacific region were frequently unprepared to identify and respond to such events in a timely manner.

In its latest report, Mandiant M-Trends Asia Pacific, the cyberforensics firm found that organisations across APAC allowed attackers to dwell in their environments for a median period of 520 days before discovering them -- three times the global median of 146 days.

"In 2015, we continued to see heightened levels of cyber threat activity across APAC," the report says. "We surmise that this is likely fuelled by regional geopolitical tensions, relatively immature network defences and response capabilities, and a rich source of financial data, intellectual property, and military and state secrets."
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12