Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Thursday, July 26, 2012

Virus attacks nuclear power plant in Iran and requires computers to play AC / DC

8:00 AM  , , , , , , , , , , , , , , , , , ,  No comments

 http://i.imgur.com/Sh7vZ.jpg

"E-mails sent by a scientist from the Atomic Energy Organization of Iran reported that a malware has forced computers to play "Thunderstruck" at maximum volume"

Scientists reported earlier this week that computers of a nuclear plant in Iran were attacked by a virus that forced them to play the song "Thunderstruck" the Australian band AC / DC - and at maximum volume.

Mikko Hypponen, chief research officer at security company F-Secure, says he received "a series of e-mails from Iran" this weekend about the attack. The emails have been sent by a scientist at Atomic Energy Organization of Iran (AEOI, which stands for Atomic Energy Organization of Iran, in free translation).

One of the emails was published by the analyst in a blog post on F-Secure , on Monday (23/7).

"I am writing to inform you that our nuclear program was once again attacked and compromised by a new virus that ended our network automation at Natanz and Fordo another facility near Qom [...] The automation network and hardware Siemens were attacked and shut down. [...] There were also some random songs playing in several of the workstations in the middle of the night at full volume. "

However, Hypponen ended the post stating that there "can confirm any details. However, we can confirm that the researcher was sending and receiving e-mails from within the AEOI."

It is not the first time Hypponen has been bombarded with e-mails of this type. Last month, the analyst would have written in Wired about his experience of having received an email from the Computer Emergency Team of Iran, who reported on the discovery of the Flame.

For those who do not remember, the Flame is a spy supervirus developed at the behest of the U.S. government in partnership with Israel, in order to attack and destroy the program of uranium enrichment in Iran

Read More

Tuesday, July 24, 2012

X-Ray, check your Android vulnerabilities

11:07 PM  , , , , , , , , , , , , ,  No comments

 http://i.imgur.com/VDUkR.jpg

Android , operating system, has a number of advantages and very notable strengths but also some very negative, related to security. Not that the latest versions are safe, if you have Ice Cream Sandwich, or Jelly Bean, you can be more or less calm. The problem is that previous versions had many vulnerabilities. Unfortunately, older versions are still widespread. X-Ray is an application that has been developed to detect whether your phone is vulnerable.

One of the problems of X-Ray is his name, and title it shares with hundreds of applications that claim to be able to find X-ray shots of our body. We all know that these applications are not real and do not work. However, X-Ray , developed by Duo Security, is much more useful. It is like antivirus or conventional security applications, but is something that has a very different purpose, that of detecting if your device is vulnerable or not.

Older versions of Android, such as Gingerbread or Honeycomb, have security flaws that hackers exploit many experts to penetrate the system and obtain data that can be very private, such as certain photographs, messages, data access certain services, and even banking passwords. X-Ray aims to expose the vulnerabilities that have the devices so that, at least, if no solution, users are aware of what they have.
X-Ray is a free application, however, is not available in Google Play, so you will have to be downloaded directly from the developer page . To install, you should first go to Settings> Security> Unknown sources, and checking this box, which is what allows us to install applications that do not come from Google Play.

Read More

Wednesday, July 11, 2012

Privacy complaint filed by the attack on PlayStation Network

10:54 AM  , , , , , , , , , , , , , , , , , ,  No comments


The Data Protection Agency has filed a complaint against Sony Facua by 'hacking' the online service of the PlayStation. The agency could not prove that you can apply the Law of Protection of Information (Act) Spanish to incidents involving the company and its impact to users.

In late April 2011, Sony announced that the company closed its network of online gaming worldwide for "maintenance problems". However, later acknowledged that the global moratorium was due to infiltration of a group hacker could have compromised the security of the data of millions of passwords, purchase history, billing addresses and even credit card data .

For these reasons, in Spain FACUA-Consumers in Action denounced the Data Protection Agency (AEPD) to Sony, saying the company was responsible for "security hole in its network of online games on the PlayStation Network was a cracker accessed confidential data. "

The Spanish subsidiary of Sony claimed during the inspections of the AEPD that the incident occurred on the premises of San Diego, and Sony Spain tended not responsible or liable, because "there had not tried to access data from service users, and their business scope is limited to the sale of consoles from Sony and video game developed by companies contracted by Sony. "

Moreover, while 334,453 users had provided credit card details to Sony, the company said that these data were specifically protected, and passwords of users, which were stored encrypted using an algorithm.

NOT CLEARED THAT MAY APPLY THE LOPD

Accepting the explanations of the company, from the AEPD, have decided to close the case, in a ruling issued in April July, when not accredited that can be applied to the Spanish Data Protection Act incidents involving company Sony.

According to the law firm specialized data www.salirdeinternet.com data protection "to apply the Data Protection Act, the penalty could have been put SONY, would reach € 300,000."

In this sense, according to these experts, the AEPD "has not had an easy, neither the ICO (British Authority data protection equivalent to the AEPD) or Sony Computer Entertainment Europe have responded to requests for information during the proceedings of research. "

On the other hand, Sony Spain explained to Data Protection took the following measures to minimize the problem: speed data transfer models, which was previously planned, a new processing center with increased security measures, implementation of automated software control and configuration management, improvements in levels of protection and data encryption, improvements in the detection of intrusions, unauthorized acessos and abnormal patterns of activity, addition of new electronic walls, and the creation of the position of Chief of Security Information, reporting directly to the Chief of Security of Sony Corporation, among others.

Read More

Tuesday, July 10, 2012

AlienVault platform closes a financing round 18.2 million

1:15 AM  , , , , ,  No comments


The unified management platform for security AlienVault has closed a third round of funding worth $ 22.4 million (18.21 million euros), as reported by the company Monday.

AlienVault use the new funding to expand the capabilities of sales, marketing and customer service company and to increase investment in research and development (R & D).

The financing round also participated at Kleiner Perkins Caufield & Byers (KPCB) and Sigma existing investors Trident Capital and Adara Venture Partners.

To the Chairman and CEO of AlienVault, Barmak Meftah, is a "honor" to working with Kleiner Perkins and Sigma.

"We are extremely fortunate to have ongoing support and involvement of Trident Capital and Adara Venture Partners. Currently we have one of the best teams of managers and investors in information security at the forefront of AlienVault" added Meftah.

Read More

Sunday, July 8, 2012

First trojan for the iPhone and iPad is identified by security expert

9:39 PM  , , , , , , , , , , , , , , , , , ,  No comments

 

A security specialist Kaspersky claims to have identified a trojan designed for Apple's mobile devices - iPhone, iPhone and iPod. The worm was disguised as a digital application called "Find and Call" and also have a version for Android devices. Apple has removed the malicious application of the store.
In one post , Denis Maslennikov, Kaspersky Lab expert, says that installing Trojan horse (malicious program that opens up security holes on the device is installed), the application sends the contact list of devices to a remote server. The data are used later in this remote server to send spam via SMS. The main target users in Russia.
Maslennikov said he had contacted Apple and Google to report the malicious application, but did not yet return. In App Store, the app no ​​longer appears, but you can still find it via search engines.
For the "Wired," the Apple spokesperson Trudy Muller said only that the application was removed from the App Store for "unauthorized use of your contact list, a violation of the rules of the store."
It is not the first time that an application "steals" the catalog of contacts in iOS devices. In 2008, the game Aurora Feint was removed from the App Store for security and privacy problems. Aurora sent the contact list of users to their own servers without using encryption features.
More recently, the Path, application to share posts, photos and videos, also captured private data from users of iOS. The company apologized for what happened and claims to have deleted the data collected.
The "Find and Call", unlike the Aurora Feint and Path was developed exclusively for stealing data from mobile devices - what would rank as the first malware for Apple's system.

Read More