Community news and analysis: July 2014

Posted on August 4, 2014 - 17:05 by ccondon

July may bring out the summer sloth in all of us, but you wouldn't know it from last month's news cycle. Here's our monthly roundup of security news and malware analysis from our partner community.

Featured news

Google launched Project Zero to ‘significantly reduce the number of people harmed by targeted attacks.’ In the announcement post, Google’s Chris Evans made clear that they’re intentionally not limiting the scope of the project, though they do intend to engage in the traditional practice of hunting and reporting security vulnerabilities. You can follow the Project Zero blog here.

Mozilla is improving malware detection in Firefox: The latest version of the browser will use Google’s Safe Browsing service to check whether downloaded files are listed as malicious. According to the team at Mozilla, tests indicate this feature cuts in half the amount of malware that makes it through to users. Score.

Google is revamping their malware warnings in Chrome. The new warnings have a starker look and tone—take a peek.

Malware analysis

The latest variant of Simplocker Android malware encrypts archive files, demands a higher ransom, and is harder to remove. Get details from ESET here.

ESET also analyzed a new strain of the Win32/Aibatook banking malware, which has been spreading via Japanese adult websites since April 2014. The campaign is tailored against two Japanese banks and uses a Java vulnerability to target Internet Explorer users.

Bad passwords on point-of-sale terminals lead to card-stealing Backoff malware. More from Sophos.

Soraya malware combines Zeus- and Dexter-like techniques: read Fortinet’s technical analysis.

Injected malware redirects mobile users to porn app (Sucuri).

Updates to the Asprox botnet: new C&C command, better encryption. Read more (Fortinet).

Even more security news

How ZeroCMS could have avoided cross-site scripting vulnerability CVE-2014-4710 (Qualys).

The half-life of an IE vulnerability is now 17 days—down from 30 days in 2009 (Qualys).

Still not sure of your botnet terminology? SiteLock has you covered with Botnets 101.

Shylock banking malware C&C infrastructure seized in international takedown operation led by UK’s National Crime Agency (Sophos).  

What do carnivals and cybersecurity have in common? We’re not sure, but Internet Identity’s Paul Ferguson ties them together nicely in this short and sweet video on the security advice he’d give CEOs.

Sucuri on backups—the forgotten website security pillar.

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.