Every now and then, cyber criminals misuse "good" software in order to do bad things, and the latest instance of this modus operandi has been spotted by NSS Labs researchers.
The SANS Institute will be teaching the first European session of its new Security 540: VoIP Security course at the upcoming SANS Secure Europe event in Amsterdam this May.
UC is most often defined as the convergence of multiple communications applications typically VoIP, collaboration tools, instant messaging, presence-enabled tools, and IP video conferencing.
WatchGuard Technologies' security analysts provide their 2011 security predictions: 10. "APT" becomes security acronym of the year Heard of "APTs" (advanced persistent threats) yet? You will in 2011. Although there is no single, standard definition, APTs have these things in common:They apply the most advanced attack, infection, and malware propagation techniques known.APTs are designed to stay hidden within a victim network or host for a long period of time typically by using strong rootkit technology, cleaning logs, and slow, quiet Command and Control channels.They tend to have a specific, targeted goal in mind.In reality, APT is just a new way to say very advanced malware attack; so this prediction has two parts. First, WatchGuard expects security experts to jump on the term and over-use it throughout 2011. Secondly, WatchGuard expects to see many more treacherous attacks this year that fit the APT category.9. Cyberwar escalates Cyberwar skirmishes will occur almost daily. Many believe the Stuxnet worm is a perfect example of a politically motivated attack, likely created by a state-funded team of hackers. The amazingly advanced, highly targeted worm primarily infected Iranian uranium manufacturing facilities with the sole purpose of quietly disrupting the uranium enrichment process. Government, infrastructure and financials will need to be hardened to handle the next onslaught of web attacks. 8. VoIP attacks grow In 2011, WatchGuard expects to see full-force VoIP attacks. Just in the last few months, VoIP scans and attacks have increased significantly. Some of this has to do with the public availability of VoIP attack tools, such as SIPVicious. Moving forward, brute-force and directory traversal class attacks against VoIP servers will be as common as they previously have been against email servers. 7. Perimeters shrink and harden Many security researchers have rightly pointed out that networks have become more mobile, and that businesses need protection outside the perimeter to help ward off threats to mobile resources. While that's true, it doesn't mean that the perimeter disappears. In fact, WatchGuard expects to see organizations concentrate their perimeter around the assets that matter most data that results in concentrating primary perimeter defenses around data centers. 6. Cars hacked in 2011 Hackers are always trying to find new ways to infiltrate computing devices, cars are no exception. Because cars have become more "connected" than the average computer with built-in Bluetooth, 3G internet, GPS, OnStar, and dashboard computers - WatchGuard expects more attackers to get into the car hacking game, which is especially worrisome considering the potential for physical harm via a car attack/hack. 5. Facebook and other social media become lead threat vectors Remember when email attachments were the biggest threat businesses faced? Most of the malware infecting PCs arrived as an executable attachment that proxy firewalls could outright block. Now most attacks come from the web, and one site poses the largest risk of all Facebook. When you combine Facebook's culture of trust, the many potential technical security issues (Web 2.0, API, etc.), and it 500+ million users, computer attackers and social engineers have a huge and attractive playground. WatchGuard believes links on Facebook will become the most common threat vector, similar to how attachments in email were years ago. 4. Manufacturer-delivered malware keeps growing It used to be that one could buy a laptop, a storage device, or even an electronic picture frame and expect the thing to be malware-free. No more! Through 2010, there have reports of many popular products arriving with infections out-of-the-box. In some cases, big companies have even embarrassed themselves by handing out such infected devices at well-known security conferences. This year, WatchGuard expects this "manufacturer-delivered malware" trend to get even worse. WatchGuard recommends that businesses scan all of our new electronic purchases before connected to any corporate networks. 3. DLP for intellectual property protection WatchGuard believes that governments around the world will become more involved in protecting intellectual property this year. New laws and regulations will force more organizations to implement stronger IP protection, resulting in new security technologies to help keep data and IP from being stolen or used in an unauthorized manner. In 2011, expect to employ even better data loss prevention mechanisms than those currently available. 2. Detection becomes a priority When implementing security controls, most organization focus more on protection and prevention than on detection and analysis. This will change in 2011. As increasingly advanced threats surface, administrators will realize that even the best prevention technologies cannot stop malware from entering the network. This realization will help them recognize that it is just as important to be able to detect and analyze a threat that has already entered the network, as it is to prevent it from entering. As such, technologies will become very popular in 2011 that can: a. Increase network visibility b. Identify threats already infecting business networks c. Correlate aspects of a network attack d. Help with forensics 1. Malware as a Service (MaaS) Over the years, as hacking has become more organized and criminally controlled, the hacker underground has started to mimic commercial markets by releasing pre-packaged, black-market exploit kits. One can already buy web attack kits, pre-packaged botnets, and ready-to-go malware from underground web sites and forums. For 2011, WatchGuard predicts that the criminal underground will take this a step further by creating a convenient "app store" for malware, which means that script kiddies will be just one click away from instantly unleashing their own botnet.
Here's an overview of some of last week's most interesting news and articles: McAfee's Secure Short URL Service not so secure M86 Security Labs' researchers have decided to test if the service is working as it should, and chose to test if a phishing URL blocked by Facebook would be blocked when clicked on in its shortened form. Doorways on non-default ports make compromised websites harder to spot Are negligent site and server administrators at least as much to blame for compromised sites that redirect users to doorway pages to pirated software as the cyber criminals that took advantage of their poor security? Tracking a pirated software license When Avast Software spotted a license for its avast! Pro Antivirus software being distributed online, they decided to do a simple experiment - they didn't take any action that would curb its spread, and simply monitored how many time the license will be used to register the software. Most businesses vulnerable to cache poisoning attacks While DNSSEC adoption percentages appear to have increased dramatically by 340 percent this year, the actual number of zones that have been signed is very small: .02 percent. Securing the Smart Grid: Next Generation Power Grid Security Smart grids are a reality and the future, and they promise greater reliability, affordability, efficiency and, hopefully, a better and environmentally cleaner exploitation of available resources.