Monday, June 30, 2014

Opening the eyes to technology risks

The worst blind is the one who doesn’t want to see. For this reason, you must be extremely careful when blindly trusting something or someone. Caution is especially important in the technological environment. Technology is not infallible. Both hardware and software can fail.

An example of this are the eight vulnerabilities recently detected in PHP 5.4 and 5.5. These security holes could be exploited to cause a denial of service and even compromise affected systems.

Sunday, June 29, 2014

Top 5 Infosec links of the week (XXXI)

"Sloppiness cybersecurity World Service, a new channel of communication between experts, daily attacks based Heartbleed, the threat to Domino's Pizza and target painted with the Brazilian sites". The five top post this week, directly in the Sunday compilation.

The SecInfo in recent days has been glued to the World Cup. From a team that appeared cybersecurity posing in their offices with the WIFI name and password you were using internal until the numerous attacks that have been suffering the websites related sporting event, or even own Brazilian government, in the interest of cyber to take media attention on the alleged precarious situation and corruption in the country.

Saturday, June 28, 2014

The internet we have harvested

The world may move at Internet speed, but the cybersecurity and risk management challenges organizations tackle seem to advance at a much slower pace. Hard to believe, right?, said Eric Chabrow Publisher GovInfoSecurity, after the Gartner Congress of Information Security and Risk Management, noticing, like many other attendees and industry experts, that the risks in information security remain the same as does two years.

The present as ransomware continues today as a few years ago, and yet there is now a greater awareness, as long as the end user becomes target not only your computer but on your smartphone, on your smart TV,... The impact of computer security in the business grows, and increasingly are taking more value in business intelligence programs.

Friday, June 27, 2014

Dear disruptive innovation

It seems impossible but the Spanish Royal Academy has not yet officially included the term "disruption" in its dictionary. However it will do it soon, according to well-informed sources such as Fundéu ( Nevertheless it does recognize the word "disruptive", although if we try to find a "killer" expression as "disruptive innovation" on Wikipedia, we need to go to its English version (

And yet, the "disruptive innovation" is closer than we might think. In time, it is only three days away, because that's the title of the Summer School session organized by this center - the CIGTR - starting next Monday, June 30. For three days, many of the most of the renowned experts of the cyber security and information security landscape will join us at the Vicálvaro Campus of Universidad Rey Juan Carlos (URJC) in Madrid.

Thursday, June 26, 2014

We start you up against cyber threats with The Rolling Stones

“If you start me up / If you start me up I’ll never stop / If you start me up / If you start me up I’ll never stop.” This is right, dear friends, we begin today's post listening to rock tones, listening to "Start Me Up" song by the Rolling Stones. Last night their Satanic Majesties visited Spain for the joy of 54,000 lucky people.

Let’s see if this injection of music really start we up because the arrival of new security threats will never stop. Taking advantage of the World Cup in Brazil, our friends at ESET Latin America presents a team formed by many of these cyber threats. They called rogue software "Christian Roguenaldo”, adware "Kun Adware-ro" and malware “Pibe Malwarerrama". A dream team that can score you a lot of goals, so start you up and watch your step!

Wednesday, June 25, 2014

The cyber threats World Cup

"b5a2112014". You may wonder why in the world we started this post with such a strange code. Well, we are going to explain you the reason.

That is the password for the WiFi network of the Brazil’s World Cup security center. We shouldn’t know such information, right? But the passcode has run through Twitter like wildfire after a photo of the control center was published in a Brazilian newspaper. On one of the screens, both the network ID and its password were clearly appreciated. The most embarrassing thing is that the same issue happened four months ago at the Super Bowl.

Disruptive innovation in security techonologies #dinnoTSEC14

URJC Summer University Courses
'Disruptive innovation in security techonologies (dinnoTSec14)'
From June 30th to July 2nd
Madrid (Vicálvaro Campus, URJC).
(Photo: 2013 edition).

The Vicálvaro Campus of the Universidad Rey Juan Carlos (URJC), in Madrid, hosts from 30 June to 2 July this year the course Disruptive Innovation in security technologies within the 15th edition of the Summer Courses of the University. Organized by the Research Centre for Technological Risk Management (CIGTR) and sponsored by BBVA since year 2011, this edition will be held at the URJC's Vicálvaro Campus.

Tuesday, June 24, 2014

Moving away the evil spirits of cybersecurity

The purifying fire scares away evil spirits, bonfires on the beach are become the main protagonists of the night of Saint John, the shortest night of the year. A magical night in which the rites and legends intertwine to make way for the summer. We wish it was that easy to keep us away from cybercriminals, right?

Two months ago, a very serious vulnerability was discovered in a highly popular cryptographic library called OpenSSL. The flaw, called Heartbleed, affected hundreds of thousands of servers worldwide. Half of them, about 300,000, have not yet been updated. Servers can not jump bonfires to keep out malicious minds, so their administrators should take action on the matter.

Monday, June 23, 2014

Cyber threats becoming a plague

The arrival of a locust plague in the natural world would be the closest thing to a denial of service (DDoS) in the online world, something completely devastating! Unfortunately, lately we're used to see such events too often.

One of the most extreme consequences that a DDoS attack can cause is to drive a business into bankruptcy, as it happened to Code Spaces. The beginning of the end of this source code hosting company began with an attack of this type. The cyber ​​criminals who perpetrated it demanded a large sum of money to stop it. Meanwhile, they gained access to the service administration console and ended up deleting most of the data, backups, server configurations, etc. Code Spaces has finally been forced to close its business for the tremendous financial blow and its loss of credibility brought by this incident.

Sunday, June 22, 2014

Top 5 Infosec links of the week (XXX)

"What they have in common hackers and imitators, major technological blackmail, terror to digital attacks, information leaks and the first virus for mobile". The five top post this week, directly in the Sunday compilation.
We started with a question: What they have in common hackers and imitators? We rode their similarities in an article CIGTR. Namely, the two have the same objective: to impersonate those who are not.

Saturday, June 21, 2014

DDoS, metadata and vulnerability: el Trío Ternura

“In a time when anyone can Google up a ‘botnet for hire’ and use it to execute a 20-to-40-gigabits-per-second attack, from several thousands sources, no threat can be truly dismissed”, said Igal Zeifman of Incapsula, a DDoS mitigation service, following the campaign of digital attacks the Brazilian government. One of the pillars on which the new hypothetical Trío Ternura of City of God would settle  if Marreco, Cabeleira and Alicates ( give for riding his band in the digital world. Let's see, therefore, who would each of them in the world of cybercrime:

Marreco be responsible for what you do best: cause chaos. A campaign use the pull of the World Cup media to the plight of poverty, corruption and police brutality to which its citizens are subjected supposedly. A denial of service attack throw for hours the game's official website.

Friday, June 20, 2014

Hacker mimics

Imitating voices is something that always amazes us, who knows why! It is maybe because it allows us to bring vocal chords that most humans do not exploit to the fullest to their limits. It's more than singing. It is to bring the voice to unexpected places. Put another way, it is doing with the voice what a hacker (understood as a developer) does with the code.

If imitating voices amazes you, you have to hear the next story. A team led by Michael Ossmann is doing with its own resources its own imitation of NSA’s spy devices, revealed a year ago by Edward Snowden. They are managing to develop hardware and software through reverse engineering that could be accessible to anyone with a single stated purpose: to show the weaknesses of any company so they will be forced to make more and better security investments.

Thursday, June 19, 2014

A new king will not affect cybersecurity

"Today it begins a renewed monarchy for new times." Here's how the new King of Spain, Felipe VI, declared this morning his intention to look to the future in this new phase. We do not know exactly if it will really drive a change in the political and institutional life of the country. What we can assure you is that in the field of cyber threats it will not have any effect at all.

We will continue to suffer malware infections, whether they are Trojans disguised as a WeChat app, as Kaspersky warns, or Trojans that are distributed on Facebook to infect user’s device in order to mine Bitcoins.

Wednesday, June 18, 2014

I'll tell you a story about cybersecurity

I'll tell you a little story. Once upon a time, in a little blue planet, there was a society whose citizens live permanently connected to each other through technology. However, despite all the benefits offered by such incredible level of intercommunication, endless threats were constantly hanging over them.

Some of them were apparently as harmless as a mobile phone. But in reality, the Chinese imitation of Samsung Galaxy S4, called Star N9500 ​​contained built-in spyware. So consumers who acquire this device could be monitored from a Chinese server.

Tuesday, June 17, 2014

Something creepy is happening on the Internet

“Dude, what is so funny? How did you know that I had a flower?” Jack laughs because he is not supposed to know that his friend was playing with a flower pen while talking to him on the phone.

Today we discovered this video on Graham Cluley’s blog. Comedian Jack Vale filmed it to show how easy and creepy is that someone hacks your webcam to spy on you in the privacy of your home. Although the scenes on the video are quite funny, hacking someone's webcam is both an attack on privacy and a crime, so you should not imitate Mr. Vale. And if you don’t want anyone spying on you, cybersecurity experts such as Graham Cluley himself or Spanish Chema Alonso usually advice to tape your webcam with a post-it or something similar. It is a not very sophisticated method, but a highly effective one.

Monday, June 16, 2014

Past, present and future of cybercrime

"It’s customary in the antivirus industry to name viruses not according to how their authors’ named them, but to come up with new names – so as not to fuel the authors’ egos… oh, and maybe stamp our authority all over the conquered viruses!." Here's how Aleks Gostev, Chief Security Expert at Kaspersky, explains why they named "Cabir" the first virus for mobile phones discovered 10 years ago, while its creators had called it "Caribbean."

The first virus for mobile phones detected in 2004 revolutionized the activity of security labs, now a new threat by Israeli researchers promise not to make it easy for security firms. This attack takes advantage of the air-gap network hacking technique to infect systems even if they are isolated from the Internet, previously infecting a mobile phone. The modus operandi works as follows: the hacker sends a seemingly harmless SMS to the victim with a link to a piece of malware especially designed to use this technique. Once infected mobile, the malware can scan the electromagnetic waves of different devices at a maximum distance of 6 meters and manipulate them to create a network connection using FM frequencies so the attackers could install a virus on a computer or server. Although it sounds like science fiction, it could become the worst nightmare for critical infrastructure systems, governments and companies of all kinds.

Sunday, June 15, 2014

Top 5 Infosec links of the week (XXIX)

"Attacks on digital content from the World Cup, the first computer algorithm promoted to manager of a company, Internet  as fears generator, Linux privilege escalation and horror of governments to social networks". The five top post this week, directly in the Sunday compilation.

We start the tour stating a fact: the World Cup draws a target around the digital of Brazil, which is a true test for IT departments that manage digital services in the country. From other web event, through government services and even personal pages. Nothing is safe.

Saturday, June 14, 2014

Attacks on mobile devices

“Banks can not clean the smartphones of their customers and have no control over this type of Trojans. [...] Even the protection of mobile banking applications and the strengthen processes for user authentication does not protect against such a situation”.  Words of Avivah Litan, vice president of Gartner, following the discovery of a new version of the Trojan Svpeng.
The statements call into question the safety of one of the most reliable banking methods see so far. Svpeng is a banking Trojan witch ransomware functions, appeared first in Russia, and that seems to have mutated users to attack American and British banks like USAA, Citigroup, American Express, Wells Fargo, Bank of America, TD Bank , JPMorgan Chase, BB & T and Regions Bank.

Friday, June 13, 2014

Cheating yourself

The new European System of Accounts (SEC 2010) assumes the inclusion of items not covered in national accounts so far, ie GDP. This is leading some media to write in their headlines that GDP will increase, "as a matter of magic." If you believe it, it's like if you are cheating yourself. Or hacking yourself.

In fact, cheating yourself is the source of many security incidents today. For instance, if you are going to host such an important event as the World Cup, and you don’t put all eggs in one basket to avoid shocks, it is quite likely that you end up suffering a DDoS attack and finding the event’s websites blocked and, for dessert, some government ones too.

Thursday, June 12, 2014

Cybercriminals silenced the hum of several cloud apps

They're dropping like flies! In the past 48 hours, several cloud applications have suffered different attacks, what has provoked a series of service disruptions.

The first to fall was Evernote. This notes and storage service in the cloud, which has over 100 million users, was affected by the stake of a denial of service (DDoS) which caused some problems of synchronization between different devices.

Wednesday, June 11, 2014

Don't be so innocent or cybercriminals will take advantage of it

How many times did you wish to see the world with the innocence of a child again? When problems come to us, when situations are beyond us, we usually feel this desire to return to a time when we felt protected and free from the evils of this world.

But let's face it. We have grown, we have matured. Now we look at life with suspicious and unbelieving eyes. Fortunately, this suspicion is useful. For example, to prevent becoming a victim of cybercrime. According to a report by the Center for Strategic and International Studies along with the security firm McAfee, it is estimated that the global economic cost of cyber attacks reached almost half a trillion dollars. In fact, we should keep our eyes more open than ever regarding the imminent start of the Soccer World Cup in Brazil. A huge event like that is always a very juicy target for cybercriminals as it offers endless possibilities to trick users, according to a recent report from Symantec.

Tuesday, June 10, 2014

A dangerous red button, an algorithm in the board and the right to be forgotten

The magnetism of a red button has been repeatedly reflected in literature and films. It is usually a round, thick and appealing button that invites you to be pressed even though the consequences are always completely unpredictable. Maybe you never realized that most of the TV remote controls today have a button like that.

In fact, modern TV devices are usually connected to the Internet and the main function of such button is to display web pages related to the content broadcasted. The problem is that some researchers have found that the standard (HbbTV) that develops this feature is vulnerable and can be exploited by evil minds to run malicious applications.

Monday, June 9, 2014

Internet: A generator of fear

“Fear is the foundation of most governments.” This was not said just by anyone, but by the second president of the United States, John Adams. It certainly seems that governments around the world are driven by a homogeneous fear of losing their power.

Probably such attachment to government positions is causing an increasing distrust in social networks. States such as China or Turkey block Facebook or Twitter at their convenience. In Spain, on the other hand, they begin to look with questioning eyes for defamation, glorification of terrorism, incitement to violence, etc. on social media. Where are the boundaries of freedom of expression? Where does crime start?

Sunday, June 8, 2014

Top 5 Infosec links of the week (XXVIII)

"OpenSSL vulnerability, passports posted on Twitter, intercom owned, CISOs in the management team of big companies and new vulnerability in WordPress". The five top post this week, directly in the Sunday compilation.

"A open secret" read the title of the article CIGTR into the top, and with good reason. OpenSSL library open communications encryption tools par excellence, has several critical vulnerabilities. And its creators seem to hid this situation until the truth has come to light. Can we now trust LibreSSL, the fork OpenSSL created after the discovery of the security breach in Heartbleed?

Saturday, June 7, 2014

Viagra and piracy in Spain

"The advent of Big Data and cloud storage are transforming the way in which data is stored, accessed and processed, and those responsible for ICT security need security strategies focused precisely on data". Words of Brian Lowans, Gartner analyst, to address the question of how corporate security here by 2016.

Responses of the firm, not for unilateral strategies, that minimizes decision 80% of companies whose safety management of Big Data is doomed to failure in just two years. As Achilles heel, also noted the disproportionate increase points of access to company data, a too permissive policies with executives and even palpable separation of the security department with the rest of the company.

Friday, June 6, 2014

An open secret

French writer and philosopher Voltaire wrote "who reveals the secret of others is taken as a traitor; who reveals his own secret is taken as a fool". So perhaps the best way to avoid others saying bad things of oneself is to have the minimum possible secrets. If you have a lot to keep, it is likely that sooner or later you end up being a traitor... or a moron.

The latter is what the founder of the OpenBSD operating system (Unix), Theo de Raadt, almost call to the OpenSSL team. While the consequences of Heartbleed are still blowing in the air, yesterday we had knowledge of new critical vulnerabilities in this toolkit designed to ensure cryptography in communications. De Raadt comes to say "thanks for nothing". In his opinion the OpenSSL team tried to keep these new vulnerabilities "secret", and they apparently did it due to the dispute with LibreSSL, an unofficial version developed since April because of Heartbleed. Actually the creator of this library removed many lines of "unnecessary" code from the original OpenSSL.

Thursday, June 5, 2014

Cybersecurity: It's not all about goals at the World Cup

“England have never lost a World Cup in which the players' passport numbers were on a pre tournament friendly team-sheet.” This tweet by former captain of the English national football team, Gary Lineker, was not intended to encourage their team and its fans with a strange statistic. Actually, this is a tweet from the irony. Why? We will tell you why.

We all agree that a person’s passport number is sensitive information that should not be published openly, right? Well, it is a detail wasn’t taken into consideration by the English team’s sponsor, Vauxhall, who tweeted a photo of an official FIFA team sheet which contained the list of players, along with their dates of birth and passport numbers, just before a friendly match against Ecuador. In any case, I do not think the subsequent draw with the South American team was a consequence of the concern raised by this incident.

Wednesday, June 4, 2014

Cybercriminals know how to make a lethal mix

“Drugs, alcohol and ego. They are a bad mix.”  For sure, rock star Don Dokken knew what he was talking about when he said so. Indeed there are sometimes some lethal combinations.

Of course, malware authors are completely aware of that. So they are increasingly mixing the features from different malware to produce more deadly viruses. Soraya is one of the cases. It is a malicious piece of  software that borrows capabilities from the infamous Zeus Trojan and Dexter POS malware.

Tuesday, June 3, 2014

The full weight of the law falls on cybercrime

“At his best, man is the noblest of all animals; separated from law and justice he is the worst.” This is how Aristotle emphasized the essential role of law in society. Unfortunately, some people insist on moving away from their nobility and show the worst side of human beings.

For example, that is the case of those who look for vulnerabilities in all kinds of technologies in order to exploit them later. Some weaknesses as the ones found by researchers in mobile roaming networks would allow a malicious hacker to intercept user communications in such networks quite easily.

Monday, June 2, 2014

This abdication will not ever be forgotten by Google

"His Majesty King Juan Carlos has just informed me of his desire to renounce the throne and begin the process of succession." These statement by the Prime Minister of Spain, Mariano Rajoy, have surprised all of us this morning. These words has transformed this second of June 2014 into a historical date.

Perhaps, the monarch would like to exercise the "right to be forgotten" now that he is retiring and request Google to remove some information about some not very memorable events of his personal life. Such request would have to be added to the 12,000 ones received by Google from European users on the first day they implemented the online form for that purpose, bound by the Court of Justice of the EU. However, the King, as a public personality has not such right.

Sunday, June 1, 2014

Top 5 Infosec links of the week (XXVII)

"Cyberwar, committed open source encrypted, beating records DDoS attacks, cyber fires and the Chinese / American cyber espionage". The five top post this week, directly in the Sunday compilation.
Was published, after a few months of waiting,  the RootedCON conferences since the CIGTR cover in several articles. And between them, the two giants of Spanish industry, Juan Antonio Calles and Pablo Gonzalez FluProject, who spoke about cyberwar.