Friday Five: 8/7 Edition (2015)
Your weekly roundup of information security news.
Happy Friday! Close out the work week with our picks for the hottest articles from the IT and security presses:
- "Researchers Create First Malware Worm That Attacks Macs" by Kim Zetter
When asked “why would you rather have a Mac over a PC?” – One of the most popular answers is usually: “because it is more secure, I won’t get attacked by malware”. While that is not completely false, researchers have recently found vulnerabilities that can hit the firmware of Macs, which would then spread the malware from MacBook to Macbook without the need for network connections. To read more about these firmware vulnerabilities of MacBooks and know what to watch for, check out this article.
- "Yahoo Malvertising Attack Points to More Flash Problems" by Larry Loeb
Malvertising has been making the rounds in the months of June and July, carrying into the month of August. Yahoo has been victimized, on an extremely large scale – possibly the biggest malvertising campaign ever seen. Malvertising is so stealthy merely browsing a website with infected advertisements can put you in danger. In the Yahoo attack, attackers appear to have targeted a vulnerability in Adobe Flash, a platform that has historically been subject to security concerns. To learn more about the malvertising attack and more flash problems, read this article.
- "Man-In-The-Cloud Owns Your DropBox, Google Drive -- Sans Malware" by Sara Peters
We’ve all heard of “man-in-the-middle” attacks. Researchers at Imperva released details about a new “man-in-the-cloud” attack, where attackers can compromise cloud sync services via the user’s endpoint machine. To learn more about how the “man-in-the-cloud” attack can be executed by malicious actors, read this article.
- "Chinese VPN Service as Attack Platform?" by Brian Krebs
VPN Service is widely used in China due to the censorship of the Internet, users include online gamers or citizens who simply want to watch some videos on YouTube – it’s harmless. However, recently, security experts at RSA Research have claimed that VPN services are also being used as platforms to launch attacks on non-Chinese corporations. The hacker group thought to be responsible for mis-using the VPN platforms is also tied by security experts to the OPM hack, and one of the biggest data breaches of 2015 -Anthem. To learn more about how VPN service is being used as an attack platform, read this article.
- "Hackers penetrated Pentagon email" by Tom Vanden Brook and Michael Winter
In what appears to be yet another state-sponsored attack, the email system used by the Joint Chiefs of Staff at the Pentagon was subject to a “sophisticated cyber intrusion” which has affected around 4k civilian and military personnel. Even though there is no direct link to the Russian government, sources of NBC say that “it was clearly the work of a state actor”. For more, give this article a read.