Friday, April 29, 2016

Securmática is still being a success on its 27 edition

This week was successfully celebrated the XXVII edition of the oldest Spanish cybersecurity congress, Securmática. Under the suggestive slogan: "CISOs, what is happening to cybersecurity?", the best of the Spanish cybersecurity, professionals, companies and administrations, have met in the congress organized by the SIC magazine, under the watch of the incombustible Pepe de La Peña and Luis Fernández Delgado, since 1990. 

Photo from @info_CCI
As they say on their web,"this event – crucial in the creation of fluid and efficient market and professional relations against corporate users, the industry and the services-, it has won the title of the main reunion forums of the cybersecurity sector in our country and Hispanic environments". With a seating of 300 assistants per edition, the event organizers estimate that more than 6.600 professionals have been in the congress in this 27 years.

Wednesday, April 27, 2016

We make it easy for cybercriminals according to Verizon

Weak passwords and victims still falling in "phishing" traps are the most usual things a cybercriminal will found on his work. This are the conclusions of the last annual study of the company Verizon "Data Breach Investigation Report", based on an analysis made over 100.000 security incidents and more than 3.000 confirmed data robberies in the last year, known by Verizon or other 50 collaborating organizations. 

We provide facilities to cybercriminals, and sometimes they don't have to investigate new tactics because the old ones are still working in present days. Practically two thirds of the present data robberies happened because stolen or weak passwords. People are not sitting in front of consoles, looking for SQL Injections before running a manual, they are stealing credentials, planting malware, pivoting and exfiltrating data." ensured Dave Ostertag, from Verizon on the study presentation.

Monday, April 25, 2016

RoMaNSoFt: "A good defender should have been a good attacker already"

Román Medina-Heigl Hernández. Cybersecurity Engineer for Repsol YPF. 

Román Medina-Heigl, better know as RoMaNSoFt, has earn a place in the Spanish hackers pantheon. His curriculum begins at the beginning of the "underground" times, when hackers showed off proudly the computing pirate flag. Then he came to light, writing a best seller of this time: the "IRC War tactics". And he hasn't stopped.

Today his most known location is the Int3pids group, warriors of the hacking contest from Russia to Las Vegas, passing by Korea. Sometimes too much punctilious (as a good hacker), relentless and flawless critic (which gave him great friends and enemies), Román lives today as yesterday in the periphery of the Community present, in a BatCave where he receives to another great and dark hackers who are still there, without making too much noise, but very careful.

Friday, April 22, 2016

Cybercrime also pays (and it's increasingly)

Watch out bad guys: it's hard, but not impossible, to prove someone committed a crime in the cyberspace. Two important judgments have corroborated it this week. And little by little the crime also pays on Internet and not always the technical superiority is synonymous of  impunity. Great experts have been hunted by mistakes or, even worst, cause their ego.

Panin, SpyEye author
This Monday the lawyer Ruth Sala tell us how in our weekly interview and he is the living evidence of more and more lawyers are applying to learn the technical intricacies, because without them it's impossible to manage a case on Internet.

Thanks to all the hard and original work of professionals like Ruth Sala we are safer and we celebrate judgments like the one we met this week: 7 years in prison for Dmitry Fedotov, a.k.a. Paunch, author of Blackhole , one of the most historic famous "exploits kit", pioneer in the "rent-an-exploit-kit" model. Pauch and his breed will pass between 5 and 8 years in prison for provoking 25 million roubles damages to different banks.

Others who haven't covered themselves on glory are a Russian and an Argelian, involved in the creation, maintenance and commercialization of the baking troyan and financial botnet SpyEye. Aleksandr Andreevich Panin (Gribodemon), the troyan developer according to the FBI, has been condemned to 9 years in prison and Hamza Bendelladj (Bx1), who developed different modules and the backend, to 15 years.

Other news which have attracted our attention specially this week move away of cybercrime but not too much: the MIT confirm they have created a system based on Artificial Intelligence which could detect better the digital attacks, concretely three times better than the rest of this kind of systems.

Another information we highlighted at the beginning of the week and it has been amplified on the social networks was referred to how a German hacker proved to a USA politician how easy was to spy him without knowing more information than his phone number. Luckily, it was only a demonstration although nobody can know if this attack have been made in "real fire".

This are the lights and shadows of crybercrime, sneaky, unpredictable but, luckily, not completely unpunished.

Tuesday, April 19, 2016

Half of the population like hacktivism according to a survey

The population is divided on their opinion concerning to hacktivism: on one side, they disapprove the inconveniences and the fact that it operates out of the law, but on the other side, they feel the hacktivism benefits the society, denouncing criminal organizations, governments and corporations responsible of bad practises. It's ,after all, the eternal struggle against virtues and evils of the antiheroes like the mythic Robin Hood. 

The 66% of the respondents think the hacktivists should be arrested by attack against the law but, at the same time, the 58% think this same hacktivists play an important role denouncing the abuse and society abusers. It's the main conclusion of a survey made to 25.000 people of 24 countries by the Center for International Governance Innovation (CIGI) and the Ipsos market research company.

Monday, April 18, 2016

Ruth Sala: "The Lawyer´s behavior must be different on the network"

Ruth Sala. Lawyer specialized on cybercrimes.

We wouldn't like to be in a trial where the other´s part lawyer was Ruth Sala. Tireless hard worker, tenacious, aggressive, sportswoman admitted. Ruth gives much energy with her big -sometimes fierce- smile. Ruth came and conquered, assuming more than interesting cybercrime cases and investigations, whose knowledge is shared in monographic chats and round tables.

We don't know any much further about her work and the public sphere, where she has appeared frequently in the last three years. She's usual in the Spanish "cons", where she is presented like this: "Penal Lawyer, specialized in cybercrimes and electronic evidence. Director of the law firm and collaborator professor in the Digital Law Master on the University of Barcelona".

Friday, April 15, 2016

Cybersecurity peaks and fears

What a week. We All know cybernetic dangers are there. But there are some classic teachings to no scare us easily, as the dramatic poet of the roman empire Publio Sirio, who wrote "no one reached the summit accompanied by fear". And maybe in the last days we haven't reached the peak, but it is happening something which allows us to see it, at least.

The week coudn't start better, with researchers who have developed a decode tool to recover all the encrypted files by Petya, and it's capable to do it in less than seven seconds. We know the bad guys search to do the as more damage as possible. That the good guys found the way to fight against this intentions is always a new to celebrate.

Wednesday, April 13, 2016

The energy sector and its dual relationship with cybersecurity

All days we have uncountable warnings. But it isn't enough, because the data remind us with its usual perseverance that it's necessary - we would say more necessary than ever- to deepen in the cybersecurity on the economic strategic systems.

A recent survey made by Tripwire to electric sector professionals leaves us an encouraging news and others to warn us. The first one, nobody doubts it will be attacked. The second one, almost all the final responsibles are perfectly prepared for attacks.

One of the most curious aspects of this research, with the participation of 150 professionals with executive and non-executive profiles, is it was made on November 2015. That is to say, a month before the shut down suffered on Ukraine which has been catalogued as "the first real-world cyber-attack on an electric grid during an actual war".

Tuesday, April 12, 2016

José Carlos Norte: For many years the only thing I programmed was malware

José Carlos Norte. CTO of EyeOS company.

José Carlos,28 years old, is one of these self-taught hackers with the curiosity worm in his blood and he doesn't stop to investigate, although he is the CTO of the EyeOs company, pioneer on virtualization and today property of Telefónica. Recently he has discovered that thousands of trucks, ambulances, trucks, vans and other fleet vehicles use brand devices to communicate with the central to allow geolocating them, stoping the engine and other remote outrages.

With this discovery, José Carlos has appeared in the worldwide media. Isn't the first time José Carlos appears in the media although the first time, when he had 18 years old, was unfortunated. He remember it with a mix of sad and proud: The Civil Guard arrested him, accused of leading a young boys group who "defeaced" websites of different media. He had to wait 8 long years to be judged and paid a 60 € penalty.

Sunday, April 10, 2016

A new CIGTR is to come

The playwright and scriptwriter Lillian Hellman said 'people change and forget to tell each other'. If it's true entities are the people's souls which make them possible, the people who are this Investigation Center won't contradict the north American writer. We are going to change tomorrow, and we think we must tell you. Is the less we can do with people who show their compromise with this blog and social networks daily
Starting tomorrow, we'll publish the interviews with security experts and cybersecurity on Mondays, when from May 1st 2015 until now we were publishing on Sunday. Prestigious and recognized professionals as the cyberpolice Silvia Barrera, the Radare creator Sergi Álvarez, the recent entrepreneur David Barroso, the RootedCon visible face Román Ramirez or the Hack&Beers responsible, Miguel Ángel Arroyo; or all we didn't mention, but these are the top 5 of our interview, as we said here just a week ago.

Friday, April 8, 2016

Google will warn to admins when their networks are attacked

Google launch a new service: it will share URLs related to Social engineer or malicious software to help network admins, who just have to join to this. We'll expand this information as well some keys to defend ourselves on the network with two interesting articles about how don't fall on phishing and what to do if we are under attack. We'll drive to end recommending some cybersecurity Twitter accounts.

Google ensure being monitoring 22.000 independent systems, what would be the 40% of all active networks, and it provides each day to 1.300 administrators with 250 security reports. Now they want increase this number and ask to network administrators who aren't yet on in this experience to join it. In exchange, Google says,"we'll provide network admins with even more useful information for protecting their users".

Thursday, April 7, 2016

Mossack Fonseca network security was "very lax"

The speculations about how the Panama Papers were filtrated continue and some experts start to offer specific data cases. We'll explain it, as well as the Domino's app failure resolution which allowed to order free pizza, a raid against the cybercriminality and a campaign to avoid our smartphone use monitoring.

All started with a "spear-phising", a mail sent to a Mossack Fonseca high position allowing to install a malware in the company network, whose security was "astonishingly lax". Wayne Rash tell us this on "eWeek", mentioning credible sources. This version is parallel to the angry employee's version, because someone had to indicate who must suffer the attack. Every executive should read this text, to learn what NOT to do.

Wednesday, April 6, 2016

Whatsapp encrypts messages and phonecalls by default

Many readers have started the day with a Whatsapp notification: "Messages you send to this chat and calls are now secured with end-to-end encryption". We'll also talk about two technological monsters, the CERN and Google, because they tell us how do they protect themselves and we´ll meet the Bug Bounties expert, Katie Moussouris.

WhatsApp, with more than one thousand million users, has become in the end-to-end encryption tool most used in the planet. WhatsApp had promised this upgrade two years ago, when it was ordered to the popular hacker Moxie, Signal protocol creator, the same protocol used by the Signal voice and messenger app, the Edward Snowden's preferred option. But, caution: the content will be encrypted, but not whom we write or call to.

Tuesday, April 5, 2016

Subgraph: the most effective operating system at the moment

It's still yet on Alpha phase but available for being downloaded, and its creators want "feedback" from the users. It's called Subgraph and it presents itself as the most safer open code operating system at the moment. We'll explain why and we'll  also talk about how to decode ransomware, a cybercriminal who is being judged and a new strategy to finish with traditional passwords.

Subgraph is an operating system created by the company with the same name, designed thinking on security, anonymity and usability, "to reduce risks on final systems, in such a way that worldwide people and organizations can communicate without fear to monitoring or interferences of sophisticated attackers". It's available to be downloaded since middle of March, but it's currently being tested, and we should consider it unsafe for now.

Monday, April 4, 2016

Was it a hacker who unveiled Panama papers?

Are we before a new Snowden, an employee who robs the information from inside? Or is it a hacker surgical operation with dark motivations? Today the network is mad with these questions without answers for the moment. We'll expand this information as well as another security holes that left us really surprised: not so intelligent bulbs, unsafe Firefox extensions and spying on Gmail and Facebook Messenger.

Do you know anything about the Panamá leak? It is asked to people on Reddit. And someone answers: "If this has been made by a hacker, he would have hacked the company email server". This would mean the majority of the leaked files would be emails, almost 5 millions, in front of 3 million database documents, 2 million PDFs and a million images. Anyway, the huge amount of information suggests that someone from the inside has made it, because via network many days would have been necessary.

Sunday, April 3, 2016

And Silvia broke the bank... of our interviews ranking

The cyberpolice Silvia Barrera, our most read interview

In less than a month, the wittiest cyberpolice, Silvia Barrera, has reached the top of our most read interviews. We started this interview Sunday section a year ago, talking with another charming cyberpolice: Angelucho. To our surprise, the interviews have become in our most read posts, achieving visitor records.

Friday, April 1, 2016

Rouding up to Tor

In the last weeks there wasn't a day without disturbing news about the Tor network.  Yesterday we knew the police had entered in the house of two people who support this network. We'll also talk about how to install malware on iOS, about the Brazilian cybercriminal scene and about Social engineering applied in electoral processes.

Some people talk about a criminalization campaign against Tor, which would have been opened officially by a study which affirmed what we already knew: the crimes are the principal essence in this network. Every day more and more websites are blocking Tor users, or they offer them a gelded navigation, among them CloudFlare. In a theatrical gesture, the Seattle police entered the past Tuesday in a couple's house, co-founders of the Seattle Privacy Coalition and responsible of the maintenance of Tor, searching for child pornography. It is the end of the Tor's good image, the networks which anonymize who need it?