Friday, July 4, 2014

The waving flag of malware

"O say can you see by the dawn's early light, What so proudly we hailed at the twilight's last gleaming." They possibly are two of the most sung phrases in history, they are the first beats of the U.S. national anthem. Today, 238 years ago, one of the key texts of history was printed: the Declaration of Independence of which is still the first world power.

The founders of this country could not imagine that eventually it would be an element called "cybersecurity" among the priorities of the national political agenda. It is worth remembering today, July 4, the words that President Barack Obama addressed the nation about such subject a year ago. It is a video of just over a minute, but it is a statement of intent.

It was also a statement of intent that Declaration in 1776. The text of one of the complaints against the mother stated that Britain "has excited domestic insurrections amongst us, and has endeavoured to bring on the inhabitants of our frontiers, the merciless Indian Savages, whose known rule of warfare, is an undistinguished destruction, of all ages, sexes and conditions." Today, the "merciless Indian Savages" are those who manufacture zero-days... one of whose main buyers curiously is the United States. The Electronic Frontier Foundation run out of patience and urged the NSA to declare what zero-days it buys and what for, because while it exploit them for espionage purposes, leaves businesses and citizens worldwide unprotected.

As a result of such traffic of zero-day vulnerabilities, sometimes the security world seems to become independent of itself. A former hacker technique from the 80’s against Unix systems can make any Unix-based system -  such as iOS, OSX or Red Hat system - go to pieces. The process is complex but well documented in a whitepaper by DefenseCode. And from revival to another, the Security Intelligence blog of TrendLabs has just revealed that 9 out of 20 spam emails seeking injection of malware are related to Conficker, one of the most serious threats in the industry since 2008-2009.

And so on,it has been discovered malvertising (ads with malicious intent) on one of the most used search engine in the U.S., Bing (Microsoft), aimed to bitcoins mining. Certainly it will not be the last threat of summer, but if you want to watch your step it is worth it to know the hit parade of summer scams. They are five frauds brought together by Infoworld that we will have to keep in mind to avoid falling into the clutches of a cybercriminal.

The current U.S. national anthem was not implemented until 1931. Its most popular chorus prays "'Tis the star-spangled banner, O! long may it wave O'er the land of the free and the home of the brave." We, perhaps without much poetry, continue deploying la crème de la créme of the news about security every day, so we all declare ourselves independent of the wicked people. Happy 4th of July!


Post a Comment