ICYMI: Spotting encrypted malware; Russia attacked; Power plant malware; Malicious Pokemon; Amazon breached?
A group of Cisco researchers have managed to spot malicious traffic in encrypted traffic without any need to decrypt data. The discovery could pave the way for products that can secure networks while maintaining privacy.
According to a paper published on Arxiv, malware within encrypted streams gives out enough clues to allow researchers to spot them. Traffic encrypted using TLS, is increasingly used by criminals to circumvent security products. More
There has been a significant increase in the number of cyber-attacks conducted by foreign special services on web-servers at Russian state bodies and critical infrastructure since the beginning of the current year, according to recent statements by Nikolai Patrushev, a Secretary of the Russian Security Council, (a consultative body that formulates the Russian President's policies on national security issues).
According to Patrushev, despite repeated warnings to desist, the majority of Russian officials continue to use Western IT-services in their work, a practice which is claimed to be associated with a high threat of information leakage and the possibility of a remote blockade of their work from abroad. More
A ‘sophisticated' new piece of malware has been discovered by Sentinel One Labs on the information networks of an unnamed European energy company. SFG, as Sentinel One Labs call it, not only collects information on the infected system but opens a backdoor through which a destructive payload could be launched. Sentinel One speculates that it could deliver malware to “potentially shut down an energy grid”.
It affects all versions of Windows and has been produced, by what the researchers believe to be many developers, to overcome next generation firewalls and anti-virus software. Furthermore, the malware shuts down when put into a sandboxed environment or a virtual machine to escape the notice of security teams. More
Security researchers have found malicious versions of the Pokemon GO app, while the firm behind new mobile phone gaming frenzy Pokémon GO, Niantic, has apologised for privacy mishaps.
The gamemaker Niantic has had to pull the app from both major app stores due to overwhelming demand, meaning the Pokémon GO app came and left the UK with a bang this week. More
A security researcher claims to have hacked an Amazon server and dumped the information of tens of thousands of users online. Even though several sources appear to speak for the data's legitimacy, Amazon says it's nonsense.
The hacker claims Amazon has been breached and the information of 80,000 of its users has been leaked online. The leaked information is supposed to contain a host of personally identifiable information about Amazon Kindle customers including emails, passwords, addresses, phone numbers, zip codes and LastLoginIPs
This new alleged dump was apparently perpetrated by a security researcher calling himself 0x2Taylor. More