Interview with Curtis KS Levinson – GovSec
[soundcloud url=”http://api.soundcloud.com/tracks/92166531″ params=”” width=” 100%” height=”166″ iframe=”true” /]
Curtis KS Levinson
Cyber Defense Advisory Subject Matter Expert for the U.S. at NATO
He directly interfaces with Federal senior executives and serves as trusted cyber advisor to multiple Agencies across all branches of government. Mr. Levinson has multi-faceted experience from multiple perspectives including Industry, Government, Military and Intelligence Community and served two sitting Presidents of the United States, two Chairmen of the Joint Chiefs of Staff and the Chief Justice of the United States.
Anonymous Taiwan takes down multiple Philippines Govt. Websites and Leaked Confidential data online
An interesting article from HackersNewsBulletin.com:
Read the rest here.
Microsoft warns of new Trojan hijacking Facebook accounts
A posting from Cnet News in there Security & Privacy section: Microsoft has issued a warning that a new piece of malware masquerading as a Google Chrome extension and Firefox add-on is making the rounds, threatening to hijack Facebook accounts. First detected in Brazil, Trojan:JS/Febipos.A attempts to keep itself updated, just like normal, legitimate browser extensions, Microsoft noted in a security bulletin late Friday.
Once downloaded, the Trojan monitors whether the infected computer is logged into a Facebook account and attempts to download a config file that will includes a list of commands for the browser extension. The malware can then perform a variety of Facebook actions, including liking a page, sharing, posting, joining a group, and chatting with the account holder’s friends.
Some variants of the malware include commands to post provocative messages written in Portuguese that contain links to other Facebook pages. The number of likes and shares on one such page grew while malware experts at Microsoft were analyzing the Trojan, suggesting that the infections are continuing to occur.
To read more click here:
Outbreak! Fake Amazon UK emails spammed out, delivering malware
A posting from Naked Security about malware : Beware! A spate of malicious emails have been spammed out by online criminals, disguised as legitimate communications from the UK branch of online retail giant Amazon. In a widespread attack, email messages have been distributed designed to trick computer users into opening an attachment disguised as information about an order for an unnamed item. Here’s part of a typical message seen by the experts at SophosLabs:
From the looks of things, the body of the email itself – which have a subject line of “Your Order with Amazon.co.uk” – is harmless. Any links contained inside the email do indeed go to the legitimate Amazon UK website, rather than a webpage hosting malware, and there are not attempts to phish for information. The danger arrives in the file attached to the emails. The emails carry an attached file called “Your Order Details with Amazon.zip” which contains a Trojan horse.
To read more click here:
3 Big Mistakes In Incident Response
A posting from DarkReading from there Security monitoring section: The incident response specialist investigating a recent breach of a government services firm was convinced the attack he was investigating was the handiwork of a group of Chinese hackers. The type of malware he found was commonly associated with that group of attackers, so he concentrated his efforts on cleanup and analysis of the malware, ultimately missing the real danger: the attackers had abandoned the malware and had since commandeered the victim company’s administrative tools.
It was a classic case of incident response tunnel vision that left the victim organization at the mercy of the attackers while the IR team was sidetracked. “Unfortunately, the analyst had tunnel vision and because of this didn’t address outside the spectrum of these Chinese attackers they believed [the malware] represented,” says Shane Shook, global vice president of consulting for Cylance, whose firm discovered the oversight after it was hired by the victim organization to perform of a review of the attack investigation.
To read more click here:
Is Application Sandboxing The Next Endpoint Security Must-Have?
A posting from Dark Reading in there Endpoint Security section : With the onslaught of zero-day attacks continuing to increase the barrage of unanswered threats against endpoints, there’s a growing contingent of security advocates championing the addition of a virtualized container layer in the endpoint security mix. Analyst predictions are rosy for the virtual containerization market to grow as a security niche and enterprises are certainly clamoring for a way to help them beat the signature-defense hamster wheel.
But this containerization approach, also referred to as application sandboxing, has some researchers pointing to what they call a potentially fatal flaw: kernel vulnerabilities. “Essentially if an application can pull the kernel into stumbling on a logic bug in the kernel itself when the kernel is working for the application, you can compromise the kernel directly and thereby step over and directly bypass any form of sandbox protection,” says Simon Crosby, co-founder and CTO of Bromium, which took the wraps off such a bypass earlier this spring at Black Hat Europe. Now Crosby says the firm plans to release new proofs of concept at Black Hat USA in August. “And, by the way, it’s a very large and rapidly growing list of kernel vulnerabilities, a huge footprint of code.”
To read more click here:
