Monday, March 31, 2014

Daily run for cybersecurity

Without wasting a minute, we put on our sneakers, put the mobile’s headphones in our ears and start jogging while we review the latest news about cybersecurity.

While we feel the morning air brushes against our face, we learn that the Ecuador’s President, Rafael Correa, Twitter account was hacked for a few minutes. The attackers posted some tweets linking to alleged official emails and documents.

Sunday, March 30, 2014

Top 5 Infosec links of the week (XVIII)

Lawsuits and complaints related to the digital world, persuasive technology, ATMs and SMS attacked vulnerabilities in Office and Outlook. The five top post this week by the Sunday collection.

Internet is a difficult battle to control. While the last movement of governments and companies go together creating joint alliances for legislate the third environment. An environment that calls for more privacy, security, and a judicial system.

Saturday, March 29, 2014

Special 25th anniversary of Microsoft Spain

"We are not a sprinter but not a marathon runner". With these words Eric Boustouller, president of Microsoft Europe, was beginning the 25th anniversary of the company in Spain, noting the profound transformation that has occurred in recent years in the way people consume the software (and therefore in the business of technology).

It therefore fulfills an important date for the big M, and the CIGTR, didn't want to pass up the opportunity with this special with the latest news involving Microsoft in the world of computer security.

Friday, March 28, 2014

Infosec freaks in a business world

Do you feel kind of a freak when you talk to your superiors about security? Do they look at you as if you have no ability to fit into the business objectives? Do you feel that there is a divorce between what you are expected to say and what you in fact want to say? Courage. You're not alone.

Again: you are not alone. Look, for example, to the results of the latest Turkney’s survey on cyber risk perception. Some trends are quite disturbing: it increases the perception that the investments on security only serves to keep the auditors happy, it decreases theperception of return on investment (ROI), and security is put in the IT department’s hands instead of involving the whole organization. All of that, despite the fact that many companies recognize that they have suffered security incidents or information leaks.

Thursday, March 27, 2014

Cyberattacks all across the globe

The creator of the Perl programming language, Larry Wall, said: “Younger hackers are hard to classify. They're probably just as diverse as the old hackers are. We're all over the map.” However, we propose a very general classification to Mr. Wall: good hackers and bad hackers. Or if you wish,  criminal hackers and hackers who strive to protect us from such offenders.

Of course, the American programmer is absolutely right about one thing: hackers are everywhere! As Kaspersky Lab shows us on an real-time interactive mapthousands of cyber-attacks are constantly happening everywhere in the world.

Wednesday, March 26, 2014

The gavel of justice hovers over Internet

Aristotle said “the virtue of justice consists in moderation, as regulated by wisdom.” Therefore our judges should make a great exercise of moderation and wisdom to settle all that is upon them.

On the one hand, the class action lawsuit filed by a group of banks against retailer Target and security company Trustwave for the data breach suffered by the company in December which exposed the payment card information of 40 million customers.

Tuesday, March 25, 2014

Cybersecurity: choose the right boat

You call a security expert to audit your systems. After several hours testing your network, finally he approaches you, look you in the eyes and tells you very seriously: “You're gonna need a bigger boat”. On the Internet, we not only face one huge white shark, as happened in the famous Steven Spielberg's "Jaws", but thousands sharks of different types and sizes. So we better go very well prepared.

For example, to avoid being bitten by those cybercriminals who are currently using an unpatched vulnerability on Microsoft Word to hijack a computer, after opening a malicious RTF file. Or to prevent that one of your bank’s ATMs is attacked by thieves attempting to infect it with malware and connect it to a mobile phone with the aim of get cash via SMS messages.

Monday, March 24, 2014

Microsoft, in the eye of the hurricane for its legal terms and XP

Yes, we know, today is Monday. Mondays are hard. It is tough to get up,  your email inbox is full and there is a whole week ahead. But for many people in charge of ATMs, a much worse Tuesday is about to come.

We are talking about April 8th, date from which Microsoft will stop supporting Windows XP, installed on 95% of ATMs worldwide. It is likely that this operating system, which also has present on 40% of desktops computers, will become the favorite target for cybercriminals. Therefore, at this point, banks have two options: to upgrade to another operating system or to pay for extended Microsoft’s support.

Saturday, March 22, 2014

Heroe, traitor, American, citizen: Snowden

"Who I am really doesn't matter at all. If I'm the worst person in the world you can hate me and move on. What really matters is the kind of internet we want, the kind of relationship with society... I wouldn't use words like hero or traitor. I'm an American and a citizen."

These were the first words from whistleblower Edward Snowden, last March 18th, during TED Talk at Vancouver. It was an unexpected talk, with a little show business. “Somewhere from Russia”, said its presenter, Snowden appeared in a streaming screen, over the support of a humanoid robot that he was driving from the distance.

Friday, March 21, 2014

The Young Turks: Twitter, but not only

Who are the Young Turks? Are those who are leading one of the major political revolts of the era 2.0? Maybe, but not only. The Young Turks is also the name of a YouTube channel which claims to be the most widespread of the Internet. According to the open encyclopedia Wikipedia, the channel reached one billion views (a one, followed by nine zeros) in April 2013.

'The Young Turks' is a space for political debate, driven by Cenk Uygur and Ana Kasparian. With 17,545 videos posted, and nearly a half million subscribers, the analyses developed and the opinions expressed by their drivers go all over around the world. One of the last episodes is about the alleged ability of the NSA to supplant Facebook, inject malware via phishing and steal system administrator credentials. Since they reached almost 60,000 views in a week, you can have an idea of their scope.

Thursday, March 20, 2014

Spring cybersecurity to the rhythm of rock & roll

“Spring fever, spring is here at last Spring fever, my heart’s beating fast Get up, get out spring is everywhere.” Today we have fallen into the clutches of this cheesy rock & roll performed by The King and we can not get it out from our mind. It brings us all the good vibes we will need to deal with the spring opening.

Hearing “Spring fever” in the background, we tell you that a renewed malicious software package is for sale in underground forums. It's called 'BlackOS' and is an improved 'Tale of the North' version. Its function is to automate traffic management and redirect it from malicious or compromised websites to other malicious ones.

Wednesday, March 19, 2014

Cyber crime doesn't have a father

“I'm a father; that's what matters most. Nothing matters more.” Those are words from the former British Prime Minister Gordon Brown. Like him, many men see their children as their main reason for living. Today is a day to honor them, to recognize their work, their love and all the efforts given to their offspring.

Unfortunately, cybercriminals have other priorities, so the "Father's Day" is not enough good reason to stop their attacks. In fact, the situation in Crimea has led to a huge increase in cyberwar activity against Ukraine. Dozens of Ukrainian networks and government systems have been infected with spyware or malicious software that provides access and control of networks and databases to hackers. In addition, some servers are being bombarded with DoS and DDoS attacks.

Tuesday, March 18, 2014

The spring of cybercrime

In the northern hemisphere, spring is knocking at our door. In the coming weeks, we will witness a explosion of colors and fragrances. However, in the field of cyber threats, spring has come to us in advance and lasted 12 months.

In fact, 20% of all malware detected in history of mankind flourished throughout the year 2013, according to a report from Panda. If we created a botanical catalog with new malware, 7 out of 10 specimens would belong to the Trojans’ family.

Monday, March 17, 2014

Our particular Cybersecurity Trivial Pursuit

“God may not play dice but he enjoys a good round of Trivial Pursuit every now and again” (Italian film director Federico Fellini). Who wouldn’t like to test his knowledge from time to time? Do you want to do it now? Well here's our own version of Cybersecurity Trivial Pursuit.

- What is the biggest advantage of the new encryption algorithm developed by Nippon Telegraph and Telephone Corporation, Mitsubishi Electric Corporation and the University of Fukui? More confidentiality and integrity against multiple misuse in authenticated encryption operations.

Top 5 Infosec links of the week (XVI)

Requests for security experts, cyberbullying suicides, trojans broadcast on Facebook, Justin Bieber hacked and security of free operating systems to owners. The five top post this week by the Sunday collection.

Security is an issue that concerns both large companies and SMEs. And this is demonstrated with increased more than twice as many jobs for security experts. In any case superior to any other IT subsector, with an average of $ 93,000 according to a study of the technology company human resources Burning Glass Technologies Increase.

0days galore

”If us are so given to judge others, it is because we tremble for ourselves”. With these words picked Oscar Wilde human weakness, his fear of failure and how easy it is to point us to a third party errors.

Because if we are good at something is to find faults in the work of others. These days the famous Pwn2Own contest is taking place. A hackathon in which experts in finding exploits of each development team strive to find vulnerabilities in browsers of competition. For now, the worst located Mozilla Firefox, which has been lying with 4 0days. Although closely followed by Chrome, IE, Adobe and Oracle, they will have to put the batteries in their own security updates.

Friday, March 14, 2014

True hell for millions

If the German philosopher Arthur Schopenhauer were alive today, he could say that the true hell for millions and millions of human beings is Internet (and not the Earth, as the original quote says). Either the National Security Agency of the United States has a serious problem with what people say it does, or Edward Snowden likes to make headlines very much. So far, the battle for credibility is being won by the former contractor, instead of the NSA.

As if we didn’t have enough "bombing" news throughout 2013, this year it is being the same or even more accentuated. At this time, who has not been heard of this, directly, lives in a world apart: an employee of Snowden has published information from a leak: the NSA would be planning to infect millions computers around the world. To do so it would have designed a "turbine" able to automate processes and simulate legitimate behaviors on sites like Facebook.

Thursday, March 13, 2014

Death, a potential consequence of cybercrime

Can malware kill someone? It seems so, despite that is not its ultimate goal. No firearms, nor poison, nor any type of physical violence are needed. In very extreme cases, just impotence and despair generated on the victim can lead to a fatal end.

Sadly we look at the facts: In the small Romanian town of Movila Miresii, the computer of a 36 year old man was infected with ransomware. The malware blocked the device and showed an alleged police message informing the user that he must pay a fine of around 21,000 euros or face 11 years in prison. The individual believed the bogus message so much that he wrote a suicide note, killed his youngest son and hanged himself. He couldn’t afford the fine and could not bear the thought of going to jail. Obviously this is a very exceptional case, but that should give pause to cybercriminals on their actions and goals.

Evolution of cyber threats

“Evolution never looks to the future.” (evolutionary biologist Richard Dawkins). Indeed, evolution has more to do with present, with the need to adapt to ongoing situations that come to us.

Evolution of cyber threats

Cybercriminals know it, therefore they are constantly modifying its behavior and the nature of their attacks. Fortunately there are some companies, such as McAfee, which monitor the evolution of cyber threats and analyze trends. In the last quarter of 2013, they detected a dangerous increase of 52% on malware signed with digital certificates. In the same report, they highlight the increase of malware in the point of sales systems and a 197% jump in the number of virus for Android.

Tuesday, March 11, 2014

A tie for every cyber threat

The world of cyber threats is similar to a tie shop, there is one for every occasion.

A tie for every cyber threat

We wonder what would be the right tie to wear for ‘trojanizing’ apps, we mean for adding a trojan to a legitimate app and distribute it in order to infect as many devices as possible. A remote administration tool (RAT) called Dendroid, which does exactly that, is being sold in the black market at 300 euros.

Monday, March 10, 2014

The train of cyber security

The train of cyber security

"Dear travelers, the train to cyberspace, at platform 1, will depart in a moment." The rattle produced by the steel against the rails will come with us today in our review of cybersecurity news. Please place your belongings in the trunk and take your seat. This convoy is about to depart.

The first stop of our peculiar "Iron Horse" is at Java. Here, travelers can have a look to the "2014 IBM X-Force Threat Intelligence" quarterly report. According to this study, the Oracle’s Java has become the cybercriminals’ favorite target. In fact, half of the exploits detected in December last year were addressed to this software.

Sunday, March 9, 2014

RootedCON Chronicle: Day 3

Yesterday, the last day of the RootedCON. One of the largest conferences of Spain computer security, and that as we mentioned in previous articles, CIGTR cover day to day.


A Rooted which is now in its fifth year, and took on Saturday to get the creeps, and incidentally demystify this popular saying that the last day is the least significant.

Saturday, March 8, 2014

RootedCON Chronicle: Day 2

We continue covering RootedCON, chronicling the second day.


A more technical than the previous day, with the exclusive presentation of various security tools. José Luis Verdeguer (@pepeluxx) and Víctor Seva (@linuxmaniac) took time to surprise the audience with a communication architecture VoIP secure open to the community, and to remind us that no matter how much a project is Open Source, if we don't control each of the layers you may on the other hand security is insufficient.

Friday, March 7, 2014

RootedCON Chronicle: Day 1

The RootedCON congress, which is the biggest security event in Spain, started yesterday. 


An event that is commonly used by researchers and companies to disclose new vulnerabilities and / or tools, studies of several months (or years) ending with its moment of glory in the official presentation in front of more than one thousand people from the industry.

Thursday, March 6, 2014

Cocktail of interesting events

Cocktail of interesting events

What do Burgos and Madrid have in common today? That CIGTR will be covering one significant event in each of the cities.

In Madrid, the Rooted CON 2014 starts today, a meeting point for everyone interested in the cybersecurity field. There knowledge sharing will be encouraged and the enormous capacity of Spanish-speaking professionals will be claimed. From today until Saturday afternoon, we will keep you informed of everything that is happening there through our Twitter. Besides, from tomorrow until Sunday, our daily posts will become the best chronicle of these days.

Wednesday, March 5, 2014

Cyber threats, a question of trust

Cyber threats, a question of trust

"It's about trust. [...] Security companies like ours are built on trust.” The voice of Mikko Hypponen, the most relevant security researcher at F-Secure, didn’t tremble while he was making this statement. He tried to explain why he canceled his talk from the RSA Conference, after it was known that the company presumably make a private agreement with the NSA about using a weak encryption technology in their products.

Precisely overconfidence is the basis of most of the Internet and mobile devices scams. You install a very ‘cool’ app on your Android that promises to be a "night vision camera". Not only it doesn’t work, but it subscribes you to SMS payment services. The interesting fact about this app is that it is specifically designed to look for your phone number on Whatsapp, ChatOn or Telegram.

Tuesday, March 4, 2014

Watch your suede shoes when browsing the Internet

Watch your suede shoes when browsing the Internet

Imagine that the Internet is a street full of puddles and you are wearing suede shoes. Moving along it can be a nightmare if you want to reach your destination without damaging your shoes.

To avoid any problem, you would better have changed your outfit before leaving home. Well, Twitter is doing something like that. Given the possibility that some user accounts have been compromised by third-party applications, Twitter is sending messages asking them to reset their passwords for different ones.

Monday, March 3, 2014

Oscar worthy threats

Oscar worthy threats

"RT website has been hacked, we are working to resolve the problem." It is not an Oscar worthy tweet, but by it, the media agency Russia Today made evident that that not everyone in the cyberspace was looking at the red carpet last weekend.

In fact, the outstanding role of "Gravity" in the Hollywood’s show did not attract the attention of some hackers who devoted themselves to replace the words "Russia" or "Russian" with "Nazi" or "Nazi" on the Russian news website after Putin's order to move troops to the Ukrainian Cr

Sunday, March 2, 2014

Top 5 Infosec links of the week (XV)

Phones capable of destroying itself, malware in Spain, biometrics, anonymous smartphones and banking virus. The five top post this week by the Sunday collection.


If something can be summarized in the week, is in the clear predominance of new products, projects and focused on safety studies have been presented at the Mobile World Congress.

Regarding the former, two clear winners. For one thing, the smartphone Boeing's Black, an Android terminal capable of remotely destroyed, and aimed primarily at political office. Furthermore, the BlackPhone, which is born of the union of GeeksPhone with SilentCircle, and comes backed by a custom Android distribution focused anonymity.

If we go to the second, we will have projects like the biometric system Samsung Galaxy S5 focused include an extra layer of security where needed: online payments.

And speaking of others, highlight the "Report of mobile security threats" of Sophos, where are proof that Spain is one of the countries most threatened by malware in these systems, multiply by 6 in the last 12 months.

We could not end without a warning: Very careful when entering online banking credentials. iBanking, a dangerous banking malware which will force us to take appropriate action (to ensure that the browser URL is legitimate, and that has its own bank certificate).


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)7

Saturday, March 1, 2014

Terror to imaginary horrors

You have to see what William Shakespeare would think of the current market for personal data. Perhaps then resort to his famous quote: ”Visible dangers frighten us unless imaginary horrors”.


A statement that seems tailor-made for the situation in which we find ourselves. With eyes fixed on the RSA conference this week, we spend almost a danger even closer: GCHQ (Government Communications Headquarters), the British NSA, fraudulently obtained during 2008 (at least up to now) taken with a webcam of millions of Yahoo users images. The code name, “Optic Nevre”, which had to deal with the internal slippage facilitated by the use of GCHQ workers gave the explicit content images, and apparently became so overcrowded (without any purpose).

Scrambled for instant messaging, WhatsApp with Facebook bought, a Telegram trying to take off, a Line that augmented their share, and even Bittorrent Chat times that we were promised. Is there room for one more? It seems so, because TOR has just announced that is immersed in a new messaging system based on the characteristic of this service routing, and therefore, would be intended to secure and anonymous communications.

Inspiration comes from anywhere, even a game of Guild Wars 2. Have you ever struck you how these mafias mine virtual gold in online games farm day and night? The use of bots is the answer. And how these bots are able to locate the enemy and kill them? Based attacks with specific system dictionaries. A technique that @nodoraiz explains carefully, and has great potential to exploit passwords in desktop applications.

We ended up with a topic that affects us all: applications of in-app purchases. A technique monetization totally legal priori, being investigated closely by the European Commission. The trigger, a few unscrupulous companies that have some application development for children and youth and immoral tactics of deception that these purchases occur without adult intervention.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)