Thursday, March 20, 2014

Spring cybersecurity to the rhythm of rock & roll

“Spring fever, spring is here at last Spring fever, my heart’s beating fast Get up, get out spring is everywhere.” Today we have fallen into the clutches of this cheesy rock & roll performed by The King and we can not get it out from our mind. It brings us all the good vibes we will need to deal with the spring opening.

Hearing “Spring fever” in the background, we tell you that a renewed malicious software package is for sale in underground forums. It's called 'BlackOS' and is an improved 'Tale of the North' version. Its function is to automate traffic management and redirect it from malicious or compromised websites to other malicious ones.

Still listening to Elvis’ rock & roll: "So much is happening / Do not miss the joy of spring / The world's in love just look around..." and do not let anything fool you and spoil all that joy. For example, a phishing attack. Some of them are so sophisticated that it is easy to fall into the trap. They send an email asking you to check an important document on Google Docs. The link will take you to a fake, but very well-made, Google’s login screen. Even with SSL encryption for adding more realism. But once you enter your user credentials and press the ‘accept’ button... criminals can access your account!

But you may find fake phishing attacks even more interesting. On the one hand, they are harmless for their victims because, in most cases, they are only exercises made by organizations to check whether their employees know how identify these malicious techniques or not. But on the other hand, they need to be well coordinated so that the brand used for the test doesn’t end up damaged, as happened to the retirement services agency Thrift Savings Plan due to a U.S. Army’s phishing exercise. The situation went out of control and the small business has not previously been informed or asked for authorization.

Perhaps the responsible for that nonsense should have asked for help from specialists on controlling everything, such as the National Security Agency. In fact, according to leaked documents from its ex contractor Edward Snowden, the NSA would have the amazing ability to record 100% of phone calls made in any country worldwide and review them within 30 days.

“A little bird, he told me so / He said come on, get on the go.”  So we invite you to take what the little bird told to Elvis into consideration and go out to enjoy this new spring season, feeling even a bit more safe since Mozilla has corrected 20 vulnerabilities in Firefox, including five discovered in the Pwn2Own.


We invite you to rate our posts, to leave your comments and to share them on social networks. Also, if you want you can follow us on our profiles. At the sidebar, you’ve got the links ;-)


Post a Comment