Monday, August 24, 2015

Today it´s better not being multitask

Third time lucky they say, and we hope this time the proverbs book is wrong. If we had not enough with Stagefrigt and the critical vulnerability of the mediaserver, some researchers have just find a security hole in Android which affects to almost all devices. This is how this week starts, a week  with echoes from the last one, with the first suicide presumably caused by Ashley Madison´s case and a week in which we´ll hear the Pentagon is going to “take it all” when hunting cybercriminals.

The new vulnerability of the Google´s mobile system could be on the multitasking capacity of devices, and I could allow an attacker to take control over the whole device: espionage, credential stealing, malware installation, and as many misdeeds as you can imagine. The research was conducted by Fire Eye firm ant The Pennsylvania’s State University. As we know by now, this third security breach in a fatal month for Android could affect to almost any devices.

Dated with spam

We were waiting for it, and we could say it was taking it´s time to appear. But here it is: the spam by mail caused by the Ashley Madison leak. The issue couldn’t be more appetizing for those looking to harm somebody´s reputation or making some cash using social engineering. They just need a simple e-mail with the subject “you´re on Ashley Madison´s database” to make an unwary Internet user to commit all kinds of mistakes, even more  if it is really an user of the dating web for married people. Or even taking his own life, a black episode which story is appearing on this scandal chronicles.

To end with a DDoS in 10 seconds

The constant dripping of cyberattacks which jeopardize powerful companies has led the Pentagon to say, once more, that bad guys have their days numbered. This time the priority targets are the denial of services attacks (DDoS), and a three fronts strategy is being developed against them. The goal of the researchers who will be funded by the military is to reach a recovery rate of less than ten seconds after one of these attacks.

Black October

As time does fly, so when we want to realize it will be time for one of the most important events for the Hispanic infosec community, the black pocket knife from Albacete (#NNC5ed), which this time is celebrated in a joint venture with another well known event among Spanish hackers: ConectaCON. We remind you that we talked with this event´s promoters just a few days ago, on our regular Sunday interviews by our collaborator Mercé Mollist.

Who would tell us that one of the saint grails of the connected world, multitasking, was going to be so dangerous?  While we wait a quick end for the last vulnerability coming from Mountain View, we remind you, once more, that the weakest link of the chain is ourselves. Let´s stay with opened eyes, even if we are in August. 


Post a Comment