Pwn2Own IE11

image

There are no true winners in hackers contests or bug bounty rewarding programs. Someone will take the sweet prize, while we will end up in tears. Why? Because we will become more aware about the fragile and insecure character of our system. Yet, we cannot allow ourselves a luxury of neglecting them.

Some of them actually work. This is how a successful prevention has achieved. Can this be a comfort for Microsoft? Two HP security experts were able to find a weakness in the Internet Explorer 11. As a result, we have a complete malicious control over the computer, which runs the Windows 8.1.

As expected, Microsoft will clean this situation with the next security patch. However, we still have this bitter taste in our mouth. Why? Well, it is actually quite simple, and that is why is so painful. Who knows how many bugs are out there flying and crawling all over our cyber space? Do not bother to ask.

Unfortunately, we do not have enough hackers competitions or bug bounty programs to find and eliminate them all. If you want to say keep on trying, then you are moving into the wrong direction. Maybe, we are truly blessed with our cyber ignorance. There is a difference, though. What we do not know can hurt us badly in this case.

EASA Easy

image

The European Aviation Safety Agency (EASA) has turned an important new page. From now on, your shiny gadgets can be used during the entire flight period with no rigorous limitations, we all know very well. So, what exactly youncan or cannot do with your devices, once you set a foot in an airplane?

Well, you can use a smartphone or tablet freely during a flight. This also includes all available 3G or 4G networks. On the other hand, you still cannot use the Internet on your laptop. This is something that will be strongly appreciated by all passengers. Yet, we have some security questions we need to ask.

Have you heard something about hacking the airplanes, recently? Not so long ago the flight agenda of the Japanese PM circulated for a while on the Internet. The airline company’s IT infrastructure was hacked. Now, do you dare to think what could have happened, if the airport or airplane itself was to be hacked instead?

With this most recent change of regulations, we will allow hackers to freely surf while in a plane. Maybe, this was not such a good idea. We sure hope this was not a result of some profit related idea. Like, we are having some bad times in the airline business, let us do something about it. We really hope that was not the case.

China-Cyber-Town

image

The trouble for the Chinese government in controlling the Internet is that there are so many users in China. The Chinese busy little cyber bees come in such unimaginable numbers and communicate with such a speed that is literally impossible to control it effectively. This makes us ask the following question?

What if, when even the legendary Great Firewall of China is not enough? Well, you hire an entire cyber army to keep an eye on your national Internet. Yet, according to some very serious rumors Chinese government wants more control. So, what they are going to do about it? You should be prepared for this one.

We should never underestimate the true power of China. In the matter of hours, the Chinese government can shut down the entire national cyber network and launch the new one made entirely in China. The completely independent national Internet is not a secret, but no one thinks it is possible to introduce it on such a large scale.

We shall wait and see how it can be possible to control almost one billion online users. We sure hope that some other countries will not get funny ideas from this most probable scenario in China. The Internet was supposed to be all about freedom. Right? Can you control the World Wide Web?

Lock ‘n’ Roll

image

So, what is your excuse to keep forgetting to lock your smartphone? For the absolute majority of people this is an unbearably annoying thing. In addition, according to some researches and statistics you can lose up to one hour each month for locking and unlocking your smartphone. Is that all?

Some people are skeptical for a reason when it comes to the lock phone protection efficiency. That should not be much of a trouble for a skillful hacker. On the other side, a lucky finder of your smartphone could give you a call, if he can access its phonebook in the first place. Who wants to lock it after these reasonable arguments?

Now, let us move to the positive side of your smartphone being locked for the most of the time. With a password protection you are buying yourself some invaluable time to resolve your situation with a stolen or lost phone. Now, it is the right moment for you to think twice about locking your smartphone.

How hard could it be? This is a reasonable investment of your time, which can save you more time and money in advance you would have to spend in dealing the consequences of the cyber attack aftermath. Better to lose a couple of minutes each day for unlocking and locking thing, than to say goodbye to your smartphone.

Dial F For Murder

image

Can you believe that there is such a thing as a Facebook murder? This is not a game. Pay close attention. We are not talking about a situation when someone kills his own profile or remove a person from a friend’s list. Oh no, real murders with a link in the virtual world are our primary concern here.

For the UK police Facebook is a serious and respectable partner in crime against the crime itself. For what is worth, top crime experts are making the profiles of the most dangerous potential murders on Facebook. You do not have to be a police expert to figure out yourself that all comes down to the proper prevention.

On the other side, we do not want you to get a wrong impression that Facebook is to blame for some of these unwanted things. The people with bad intentions will always find a way to materialize their malicious desires. In this sense, the criminals are no different than the ordinary users on Facebook.

There is an important moral of this story. Do not leave an open door for the trouble on Facebook. The last thing we need is to turn ourselves into an easy prey for the Facebook predators. Who knows, you may stumble across a cyber troll, or even worse a truly dangerous man with an innocent profile.

Happy ATM Monday

image

Our new trouble has a name. It is called the Backdoor.MSIL.Tyupkin. Thanks to the busy little bees from Kaspersky Lab and the Interpol, we know that even the good old ATMs are not excluded from the malicious cyber intentions. With so many online opportunities for stealing money, who wants to be an ATM millionaire?

For what is worth, even the ATM can get infected with an efficient malware. This one empties an ATM in less than an hour. The funny thing about the way it operates, though, is that it allows you to withdraw the money at the very specific hour on Mondays. Why? No one knows for sure, but this is how it needs to be done.

We are not directly influenced as the ATM users. However, how can you feel confident when the financial system is not fully secured? Although, we do not love too much our banks and other financial institutions, we should not find joy in their misery. Who knows, we may easily turn out to be the next direct target?

Unfortunately, everything electronic can become extremely problematic. That is the hacker’s law. This should be an invaluable lesson for all of us. WE should not allow ourselves a luxury of thinking that there are machines out of hacker’s reach. Poor old ATMs, we should do something to protect them.

Nuremberg Star

image

The biggest European IT security fair takes place each October in Nuremberg. If you care about the cyber security and Europe is your cyber neighborhood, you should definitely pay it a visit. If you want to hear something different, pay attention to the following story. You will be surprised.

Who says that big security names have to necessarily deliver the top cyber security solutions? On the other hand, we had a nice chance to witness the arrival some of the most unusual partners in crime. One Japanese and one Serbian IT security companies have teamed up to shake the cyber ground.

Their Tower Netdefender is an inspirational cyber bodyguard. It is very reasonable when it comes to the process requirements. On the other side, it is a fully automatized system. You can Google about the other relevant security features. We would like to use an opportunity of pointing out something else.

We have two partner companies from half across the globe, which have found a way to communicate in this matter. Quite successfully and efficiently. This should be something to follow and apply all over the world. Till the next time in the Nuremberg, and some new creative cyber partnerships and solutions.

ENISA The Goddess of Cyber Security

image

European Union Agency for Network and Information Security or simply the Enisa is supposed to be the backbone of the EU cyber security system. So it is, that is not an issue here. What we would like to know is what can it do in order to protect us. One of the highly appreciated contribution is an event.

We are referring to the EU month of cyber security. Which is also the great thing, as well. Yet, under the current circumstances, it would be more suitable to organize an event with the more appropriate title. The year of the EU cyber security. We are not exaggerating and there is no bitter tone in these words.

We simply need to do much more. As you have probably realized by now, we are a little bit lazy when it comes to the Google research actions. Do we have some similar agencies at the international level? How about the UN? We even have one much better idea to solve the matters here as it should be.

Each major organisation in the world should have a special cyber security department or some kind of a committee. Can you imagine what we could achieve with all of these potential months devoted entirely to our cyber security? One organization. One month. We would not have enough years for all of these cyber months.

Money Makes The Mobile Go Malware Round

image

You do not have to be a rocket scientist to know that the numerous hacker groups are not the NGOs nor the non-profit organizations. They are after our money, that is for sure. They will do all what is necessary in order to get it. Kaspersky Lab has some bad news about this story. Are you prepared?

Your mobile will be used to make the money for your friendly neighbor hacker directly or as a resting place to a greater financial target. In the first case you are very likely to be infected by the Trojan SMS. In the second case, you will get some unexpected visitors, such as the Trojan Banker. Either way you lose.

What is even worse, you can easily end up with both of these on your phone. The Trojan SMS will use your phone to send messages and pay for services without your knowledge or approval. The Trojan Banker will get an access to all banking related data on your phone. Malicious busy little bees, aren’t they?

What can we do about it? It does not mean that Kaspersky is going to protect you necessarily, just for being able to warn you in time. You will have to do something about it yourself. For a start, make sure that your smartphone has only the necessary information. Do not put all eggs in only one mobile gasket.

Web Camera – Real Trouble

image

Do you put something over your web camera? Do not be shy. You are among your friends. According to the findings of the Kaspersky Lab one in five persons does it on a regular basis. On the other hand, in China, one in two people does not forget to disable his or her web camera in such a way. Why?

Well, it is quite simple. No one likes to be watched. We all appreciate our privacy. Especially when we sit in front our computers in the comfort of our homes. Some of us do not like to wear too much clothes in such situations. Some of us have tons of notes next to their computers. Is this enough for you?

However, you should be fully aware that there is no absolute protection in this matter. Although, your web camera may be neutralized, its microphone still works and records with no troubles. In addition, your pictures or videos you make with a web camera can be intercepted, as well.

Here is a simpler solution. Buy yourself a laptop or tablet with no web camera. How about the guys, who are disabling their smartphone cameras? Our privacy related fears and paranoia makes us to apply primitive and inefficient safety measures. Someone is watching you while you read this post.