Connect with us

Security

Google Hacked In Malaysia

Published

on

As one of the world’s most sophisticated technology companies whose primary business is running web sites was hacked, a The New York Times Company (NYSE:NYT) reporter discovered his computer-automated car was stolen not by thieves using physical force, but the car was illegally opened by roaming computer hackers.

In other news, trends towards self-driving cars, “the internet of things” and military drones being considered to make kill decisions in the battle field – all of which are dependent on remote security technology – come as the hackers increasingly are winning the game over technical security measures.

Google Hacked

Google hacked in Malaysia through domain name service re-direction

Google Inc (NASDAQ:GOOG) (NASDAQ:GOOGL) Inc.’s Malaysian web site and the home page displayed a page that said “Google Malaysia Hacked by Tiger-M@te #Bangladeshi Hacker.”

The hack took place at the domain name service (DNS) and rerouted traffic to the pirate web site. A Google official contacted the firm operating the domain name service in Malaysia and corrected the problem within minutes of it being noticed.

“We’re aware that some users are having trouble connecting to google.com.my, or are being directed to a different website,” aGoogle spokesperson told The Wall Street Journal.  “We’ve reached out to the organization responsible for managing this domain name and hope to have the issue resolved shortly.”

Today’s hack follows an incident in February when someone re-directed traffic from the web site to a pirated web site.

Breaking into a locked car without breaking glass touching the vehicle

Nick Bilton found out how easy it is for someone to break into a car. The New York Times technology columnist, living in the Hollywood Hills section of Los Angeles, happened to watch a group of teenagers riding bikes when they stopped in front of Bilton’s Toyota Prius.

The teenagers pulled out a computerized device that essentially guessed at the code that opened the car doors without touching the car. The computer operates by continually trying different algorithmic numeric combinations to unlock the car.

When speaking on a CNN interview, Bilton said the issue is concerning for a host of reasons, but on a basic level cars with old fashioned locks require a thief to break glass (or manipulate the lock) to gain access, which attracts attention. When a hacker breaks into the car they look like the owner in a normal setting, he said.

 

source:http://www.valuewalk.com/2015/04/google-hacked-in-malaysia/

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Security

MEET THE MALWARE WHICH HIJACKS YOUR BROWSER AND REDIRECTS YOU TO FAKE PAGES

Published

on

The malware is currently being distributed through the RIG exploit kit.

The RIG exploit kit, which at its peak infected an average of 27,000 machines per day, has been grafted with a new tool designed to hijack browsing sessions. The malware in question, a rootkit called CEIDPageLock, has been distributed through the exploit kit in recent weeks.

According to researchers from Check Point, the rootkit was first discovered in the wild several months ago.

CEIDPageLock was detected when it attempted to tamper with a victim’s browser. The malware was attempting to turn their homepage into 2345.com, a legitimate Chinese directory for weather forecasts, TV listings, and more.

The researchers say that CEIDPageLock is sophisticated for a browser hijacker and now a bolt-on for RIG has received “noticeable” improvements.

Among the new additions is functionality which permits user browsing activities to be monitored, alongside the power to change a number of websites with fake home pages.

The malware targets Microsoft Windows systems. The dropper extracts a 32-bit kernel-mode driver which is saved in the Windows temporary directory with the name “houzi.sys.” While signed, the certificate has now been revoked by the issuer.

When the driver executes, hidden amongst standard drivers during setup, the dropper then sends the victim PC’s mac address and user ID to a malicious domain controlled by a command-and-control (C&C) server. This information is then used when a victim begins browsing in order to download the desired malicious homepage configuration.

If victims are redirected from legitimate services to fraudulent ones, this can lead to threat actors obtaining account credentials, victims being issued malicious payloads, as well as the gathering of data without consent.

CNET: That VPNFilter botnet the FBI wanted us to help kill? It’s still alive

“They then either use the information themselves to target their ad campaigns or sell it to other companies that use the data to focus their marketing content,” the team says.

The latest version of the rootkit is also packed with VMProtect, which Check Point says makes an analysis of the malware more difficult to achieve. In addition, the malware prevents browsers from accessing antivirus solutions’ files.

CEIDPageLock appears to focus on Chinese victims. Infection rates number in the thousands for the county, and while Check Point has recorded 40 infections in the United States, the spread of the malware is considered “negligible” outside of China.

“At first glance, writing a rootkit that functions as a browser hijacker and employing sophisticated protections such as VMProtect, might seem like overkill,” Check Point says. “CEIDPageLock might seem merely bothersome and hardly dangerous, the ability to execute code on an infected device while operating from the kernel, coupled with the persistence of the malware, makes it a potentially perfect backdoor.”

According to Trend Micro, exploit kits are still making inroads in the security landscape. RIG remains the most active, followed by GrandSoft and Magnitude.

 

 

Source:  https://www-zdnet-com.cdn.ampproject.org/v/s/www.zdnet.com/google-amp/article/meet-the-malware-which-hijacks-your-browser-redirects-you-to-fake-pages/?amp_js_v=0.1#amp_tf=From%20%251%24s&ampshare=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmeet-the-malware-which-hijacks-your-browser-redirects-you-to-fake-pages%2F

Continue Reading

Security

GOOGLE CAMPUS DOORS HACKED, ALLOWED UNAUTHORIZED ENTRY – OTHER COMPANIES VULNERABLE

Published

on

Google engineer found that he was able to hack the supposedly secure doors at the search giant’s Sunnyvale offices. He was able to unlock doors without the RFID key, and even lock out employees who did have their key.

 

Forbes reports that David Tomaschik found what turned out to be a completely inexcusable vulnerability in the Software House devices used to secure the site.

Last summer, when Tomaschik looked at the encrypted messages the Software House devices (called iStar Ultra and IP-ACM) were sending across the Google network, he discovered they were non-random; encrypted messages should always look random if they’re properly protected.

He was intrigued and digging deeper discovered a “hardcoded” encryption key was used by all Software House devices. That meant he could effectively replicate the key and forge commands, such as those asking a door to unlock. Or he could simply replay legitimate unlocking commands, which had much the same effect […] And he could prevent legitimate Google employees from opening doors.

Worse, the hack left no trace in the security logs, so there would be no evidence of whether or not the exploit had ever been used.

The same Software House tech is widely used by other companies, meaning that any number of businesses could be left vulnerable.

Google has been forced to segment its network to prevent exploitation of the flaw, and while Software House has now come up with a solution, that will require new hardware. Software House said only that ‘this issue was addressed with our customers.’

 

Continue Reading

Security

13 BIG CYBERSECURITY IDEAS FOR THE CISO BY CISOS

Published

on

Peers are a great source of information for the CISO because they are tackling the same security problems in different ways. Taking note of what they are doing is useful for replicating their successes in your own organization.

We recently sifted through dozens of interviews with, and reports about, CISOs, to uncover several knowledge gems. The emphasis highly effective CISOs place on the less tangible aspects of the job – leadership, culture and business savvy for example – is readily apparent.

What follows below is a roundup of useful comments, facts, and statistics – big cybersecurity ideas – for the CISO by CISOs.

1) Businesses do not exist to provide information security

It’s all too easy for security leaders to forget that the business of their business isn’t security – it’s to fulfill customer-demand for products or services:

“It is very easy to fall into a myopic view and focus strictly on information security without taking into consideration what is it ultimately that the organization is trying to accomplish strategically. So, keeping that front and center for our teams helps not only enable the business but keeps us all grounded because we, as a company, we exist because we sell toothpaste and tennis shoes and all of those things that customers count on us to provide. At the end of the day, we’re not in the information security business. So, the day that information security makes that prohibitively difficult, there is really no reason for us to be here, so we have to keep that organizational mission front and center.”

– Jerry Geisler, SVP & Global CISO, Walmart; source: Walmart’s Jerry Geisler on the CISO position, retail challenges by Kathleen Richards.

2) Understanding how IT supports the business

More than just understanding the IT infrastructure, security leaders need to understand how that infrastructure supports the business. While this comment stems from a healthcare security leader, it has broader applicability for any vertical market:

“CISOs need to know the entire architecture of a healthcare organization’s IT environment and how it supports each line of business. They need to fully understand the environment’s technological composition and nature of all the data contained therein, the process for storage and transmission, as well as the process of all critical and sensitive data and the complete flow of data in and out of the organization.”

– Mark Beckmeyer, Director of IT Security, Binary Fountain; source: Securing healthcare organizations: The challenges CISOs face by Zeljka Zorz.

3) Articulating the value of cybersecurity to the business

In business, cybersecurity is often seen as a cost. Yet one security leader found his experiences in government helped him translate the value of security in business:

“Cybersecurity is all about the management of enterprise risk. The value a CISO and security department provides to the company is the continuous management of this risk so the business units that directly generate revenue can focus on being innovative and helping the company meet its strategic objectives. So my value is risk management as a service: We support the business units so they can focus on what the business needs, and together we are all successful.”

– Gary Hayslip, CISO, Webroot; source: A Career CISO’s 7 Observations on Public vs. Private Sectorvia TechWire

Note: Mr. Hayslip co-authored a two-volume CISO Desk Reference Guide.

4) Managing security to your organization’s tolerance for risk

Experts say cybersecurity boils down to an exercise in risk management – the probability of an event – combined with the severity of impact. Investors might add another factor in tolerance, which is why this commentary from a CISO at a big investment bank is so relevant:

“To pre-empt this question, the CISO should have a conversation early on with the CEO to determine the organization’s risk appetite. This will allow the CISO to align and prioritize security initiatives accordingly.

We are in the business of information and technology risk management, so the ‘Are we secure?’ question is somewhat misguided. The question should be: ‘Are we managing risk according to our risk profile?’ To answer this, the CISO should be able to easily demonstrate, based on a recent risk assessment, how the various cybersecurity initiatives and projects are in fact reducing risk, shrinking the attack surface of the organization and aligning the security program with the firm’s overall risk profile.”

– Israel Bryski, Vice President, technology risk, Goldman Sachs; source: 8 Tough Questions Every CISO Should Be Ready to Answer by Joan Goodchild.

5) Translating security risk into business decisions

Some researchers say the best CISOs learn to lead without authority. It’s a nod to the idea that ultimately, successful security leaders identify and articulate the risks to business leaders so they can make the right decisions:

“It’s very important that the CISO take the time to translate the enterprise security/risk/compliance needs into what executives can assimilate and make the decision.”

– Rebecca Wynn, Head of Information Security and DPO, Matrix Medical Network; source: Leading Cyber Security Execs Describe CISO ‘Toolkits’ by Dan Gunderman.

 

6) Security leaders and technology leaders need leadership parity

Business wants to innovate – to deliver a service or make a product better and faster. Yet faster comes with risks and someone needs to examine those risks and pump the brakes when the risk exceeds the business’ tolerance level:

“You need to make sure that your heads of security are on equal footing with the heads of tech, otherwise there is an inherent conflict at play.”

– Anthony Belfiore, CSO, Aon PLC; source: Companies Unleash CISOs from Ties to Tech Chiefs by Kate Fazzini

7) A “security first” culture is a path to business efficacy

A “security first” approach is derived from culture and a security-conscious culture may enable a business to favor efficacy over stronger prohibitions and rigid policies:

“We’re not a blocker unless it’s absolutely essential. What I’m aiming for is when security does ‘say no’, the people take it seriously, because it’s so rare that they know it’s a serious occurrence.”

– Kevin Fielder, CISO, Just Eat; source: Just Eat’s first CISO is building security in from the ground up by Tom Allen.

8) Best-of-breed tools may help ward off future threats

The security tools fielded yesterday were designed to defend against yesterday’s threats. That’s why cybersecurity inherently involves economics. It’s may also part of the case for best of breed tools aimed at modern threats:

“As the threat landscape changes, some of the things that we think are a priority today may have a different priority tomorrow. And that’s part of the reason why when we have a vendor come in and do our security operations center, we will have the best-of-breed tools that will allow us to evolve in the next five years to deal with the current threats.”

– Marcelo Peredo, CISO, City of San José; source: San Jose’s first CISO braces for ubiquitous connectivity by Colin Wood.

9) The toughest questions a CISO must answer

Security leaders are often faced with difficult questions. A group of CISOs narrowed down what is surely a long list to the top five – as compiled by Kudelski Security:

> “Are we secure?”
> “How do we know if we have been breached?”
> “How does our security program compare to peers within the same industry?”
> “Do we have enough resources for our cybersecurity program?”
> “How effective is our security program, and is our current investment strategy aligned to it properly?”

– Survey of CISOs; source: The 5 most challenging questions CISOs face and how to answer themby Macy Bayern.

10) The 4 “Tribes” of CISOs

Personality tests strive to group people into categories based on characteristics, habits and communication style. Doing so is intended to provide insight into our preferences and weak spots so we can improve. A research project by Synopsys did something similar for the CISO “based on factors related to workforce, governance, and security controls.”  The research found CISOs can be used to grouped into one of four tribes:

> Tribe 1: Security as an Enabler;
> Tribe 2: Security as Technology;
> Tribe 3: Security as Compliance; and
> Tribe 4: Security as a Cost Center.

– CISO research project; source: Which CISO ‘Tribe’ Do You Belong To? by Kelly Sheridan

11)  What CISOs think makes CISOs successful

New York University Professor Nasir Memon once observed that security isn’t just a technical problem, but a legal problem, a policy problem and perhaps most importantly, a human behavior problem. CISOs it seems, agree with that assessment, according to a survey of CISOs by the Enterprise Strategy Group and ISSA.  The top skills CISOs say influence the success of a CISO are as follows:

> 54% say leadership skills;
> 49% say communications skills;
> 44% say strong relationships with executives;
> 33% say management skills; and
> 21% say upon technical skills.

– Survey of CISO; source: What makes CISOs successful? by Jon Oltsik

12) Individual consequences for getting phished?

While attacks have grown more sophisticated, many being with the same initiation stage: phishing emails. The organization can pay a heavy price when an individual gets phished and some say the risk and consequences should be shared:

“Someone who fails every single phishing campaign in the world should not be holding a TS SCI with the federal government. You have clearly demonstrated that you are not responsible enough to responsibly handle that information.”

– Paul Beckman, CISO, U.S. Department of Homeland Security; source: DHS infosec chief: We should pull clearance of feds who fail phish test by Sean Gallagher.

13) One upside to a breach:  a learning moment 

Once a breach has occurred, the dynamics between security and business may change. A breach is a learning moment, that makes conveying the message about the importance of security easier.

“One of the things that I really love about being a CISO in a post-breach environment is it gives you such an immense opportunity to drive fundamental, meaningful change in a very short timeframe. I felt like I did good things when I was at Los Alamos or at NASA, but it takes so frickin’ long to push some of this stuff. The barriers you face at any company not post-breach is you’re always fighting for budget, you’re always fighting for face time, trying to justify and convince people about the importance of security and risk management. When you’re in a post-breach environment, everyone already knows that it’s critically important.”

–  Jamil Farshchi, CISO, Equifax; source: Equifax’s Security Overhaul, a Year After Its Epic Breach by Lily Hay Newman.

Continue Reading
Advertisement

Trending