Tuesday, April 21, 2015

Is your webcam spying on you?

A new bug in Adobe Flash Player reminds us of one of the espionage techniques most widely used by cyber criminals: our computers cameras and microphones, phones and other devices. Experts recommend covering with stickers these cameras, but it's not so simple when you want to disable the microphones. We will talk about it, and also about a millionaire compensation to MasterCard, a new market for 0days and business security tips. Here we go. 



It is not the first time it's discovered a hole that could spy on what we do and say through our webcam and microphones. Much of malware dedicated to industrial and government spying allows to do so and the only defense is to have our devices upgraded. Adobe has already released a patch for this bug. Anyway, by way of a precaution, we recommend to be aware of, for example, how many sites are we going with our mobile phone in our pocket.
In another vein, the Target retail chain, which suffered in 2013 the theft of 40 million credit cards from their costumers due to their INFOSEC malpractice, has reached an agreement with MasterCard: they will refund 19 million dollars to these cards issuers organizations, as a compensation for the costs of canceling and create new accounts for the affected customer, plus sending new cards to their homes. The agreement comes after a long dispute and Target is expected to reach a similar agreement with VISA, which has a much larger number of affected cards.

Meanwhile, the cybercriminals responsible of these thefts and others are in luck: a new 0days market opens  in Tor and its administrators feel so unpunished that do not hesitate to giving an interview to a dark web specialized blog. They say the new market, called TheRealDeal, will offer nothing but quality and that it's been created for the needs of customers, mainly governments and large actors who can afford high prices, such as an exploit for iCloud for $ 17,000.

And when the United States is holding a major promotion and reflection meeting on INFOSEC world, RSA Conference, we also sink here  into reflection with an interesting article about paradigm and organization shifts which should be made by organizations against the steep increase in data theft. We could summarize it as follows: "When firewalls are totally useless".

We hope that this news selection have been of your interest.

0 comments:

Post a Comment