Looks like Israel has approached a “wait and see” strategy, as these last days of cyber war have seen almost exclusively actions against that country without any appreciable response. In a certain sense, most of all at the Israeli site, the cyber conflict seems to have fallen into a rest, even if new actors have entered the scene, as is the case of the Mauritania Hacker Team, who opened with the leak of 2500 Israeli emails and claimed to have hacked the Central Bank of Israel. Despite these events the number and intensity of the attacks is no longer that of the early days.
If you need to know what Cyber Crime is but you are bored and fed up with the too many information security terms, loosing yourself among the acronyms, you have stumbled upon the correct place. I have just compiled a very special alphabet which collects the terms related to Cybercrime. Forgive me for some “poetic license” and enjoy this half-serious list.
Actually this post is nearly a couple of weeks in delay (last week I was skiing in at the Italian Dolomites!!). (Un)fortunately now that I am back to home (and to work), I have choosen this Friday The 13th, while preparing my traditional Cyber Attacks Master Index for the first half of January 2012, to give a quick look to the past year in terms of my blogging activity in order to discover which where the posts which collected most views (more than 60,000 in total), of course excluding the home page.
It is time of huge dumps in Italy. Yesterday Cyberwarnews reported of 9000 accounts leaked from qualitapa.gov.it, a website linked to Italian Minister of Public Administration and Innovation. It is not the first time a similar occurrence happens in “Belpaese” (you will remember the Hot Summer with the controversial hack of CNAIPIC, The Italian Cyber Police and the subsequent hack of some contractors), for sure it is the first time such a huge number of accounts is dumped in Italy.
Yesterday I posted evidence about the presence of the infamous Carrier IQ Software in Italy. Today another episode (I presume will not be last) of what it si becoming an endless Saga. Following the forthcoming investigations of privacy regulators in the U.S. and Europe, and the last-minute speculations concerning the fact Carrier IQ technology has been used by FBI, Carrier IQ has just published a 19 pages document trying to explain in detail what the IQ agent does. After reading the document, it is clear that the affair will not stop here.
This year is nearly at the end but it looks like it is really endless, at least from an Information Security Perspective. As a matter of fact this 2011 will leave an heavy and embarassing heritage to Information Security: the Certification Authority authentication model, which has been continuously under siege in this troubled year; a siege that seems endless and which has shown its ultimate expression on the alleged compromise of yet another Dutch Certification Authority: Gemnet.
I have dedicated several posts to NG-IPS, the next step of the evolution in network security (or better to say context security). I have pointed out that one of the main features of this kind of devices is the capability to enforce Location Based security services. Now it is time to make some practical examples indicating how Geo Protection features may be helpful and why they are needed in this troubled days.
Examples in which political news provide hints for Information Security are happening too often (think for instance to the UK Phone Hacking Scandal). The latest comes from the affair involving Dominique Strauss-Kahn and his alleged sexual encounter with a maiden during the horrible day of May, 14th 2011. The details which are being disclosed on that story show that the BlackBerry owned by DSK played a crucial role in the event, both because it had likely been hacked, and because it was used as a decoy to catch DSK at the airport.
Few days ago Juniper Networks has released a report on the status of Android Malware. The results are not encouraging for the Android Addicted since they show a 472% increase in malware samples since July 2011 (see the infographic for details).
This does not surprising: already in May in its annual Malicious Mobile Threats Report, report, Juniper had found a 400% increase in Android malware from 2009 to the summer of 2010. This trend is destined to further grow since the Juniper Global Threat Center found that October and November registered the fastest growth in Android malware discovery in the history of the platform. The number of malware samples identified in September increased by 28%. whilst October showed a 110% increase in malware sample collection over the previous month and a noticeable 171% increase from July 2011.