Zero Day Weekly: WhatsApp, Blackphone, Citadel hits password managers
Welcome to Zero Day's Week In Security, our roundup of notable security news items for the week ending November 21, 2014. Covers enterprise, controversies, reports and more.
This week, WhatsApp went crpto, WireLurker malware went down, Blackphone encountered political controversy, the UK found a Russian hacked-webcam streaming site, and a new configuration of Citadel malware was found that exploits flaws in two popular password managers.
WireLurker — a debatable threat — went down: Three individuals behind the recently discovered Wirelurker malware were arrested last week by Chinese authorities, according to a report from Security Week. Additionally, the website the defendants used to disseminate the malware has been taken down.
Big Internet players are launching a free certificate authority they call Let's Encrypt. Mozilla, Akamai, Cisco, the EFF and IdenTrust are the sponsors. Larry Seltzer asks, Will Let's Encrypt threaten commercial certificate authorities?
WhatsApp made end-to-end encryption a default feature in the most recent update to its messaging app for Android this week. The encryption fete is significant, as it makes WhatsApp one of the most secure text messaging apps available.
Tor Project and its supporters all did a disturbingly bad job addressing and responding to criticism and questions about its funding sources, priorities, and new research showing it's possible to reveal the sources of anonymous traffic in 81 percent of real-world experiments.
Microsoft has delivered a new public preview of its enterprise security product formerly known as Forefront Identity Manager, and now known as "Microsoft Identity Manager." The new Identity Manager "gets your identities ready for the cloud, offers updated support for security identity self-service and enhances admin security," according to company officials.
Blackphone encountered unfortunate controversy this week when Silent Circle tweeted a now-deleted photo about delivering the company's anti-surveillance phones to Ukranian battalion commanders. The photo shows (left to right) Yuriy Bereza (Dnipro battalion), Andriy Teteruk (Myrotvorets battalion) and Semen Semenchenko (Donbas Battalion). Of concern by vociferous observers was the t-shirt worn by Mr. Semenchenko, whose emblem bears a striking resemblance to the emblem of the modern-day OUN battalion (itself the symbol of the Organization of Ukranian Nationalists; the origin of the openly neo-Nazi Ukranian political party Svoboda). During World War II, OUN collaborated with the Nazis and was responsible for the massacre of over 100,000 Poles, mostly women and children, in Nazi-occupied Poland. Today, OUN does not appear to endeavor to distance itself from the past. Blackphone's three batallion commanders recently met with Senator John McCain (early this year McCain came under fire for meeting with Svoboda's leader, who's accused of being anti-Semitic and neo-Nazi). Blackphone previously encountered political controversy in August for the Sean Hannity endorsement.
Cisco Security Solutions announced in a blog post on Monday, the San Jose, CA-based company said Opensoc, a framework that uses big data analytics to detect threats, is now available for businesses to integrate within their own systems.
The UK's Information Commissioner's Office (ICO) said a Russian website is streaming live footage from unsecured webcams. It accesses a range of devices such as corporate CCTV to baby monitors by using the default login credentials for thousands of models of cameras, which are freely available online. According to the BBC, around 500 of the feeds are from the UK and 5,000 from the US.
Google advances SSL with new Chrome versions: The latest stable version of Chrome removes the source of the POODLE bug and SSLv3 support will be out altogether over time. The Canary version disparages implementations not up to standards.
The infosec hiring crunch has hit the UK: Over half of UK corporations — 52 percent — said they would consider recruiting a hacker to bring inside information to their security teams, and the same number would also consider recruiting a security researcher even if they had a previous criminal record.
High-volume DDoS spiked in use during Q3 2014, according to new research released by Verisign. According to the Reston, Virginia-based firm's Q3 2014 DDoS Trends Report, through July to September this year there was an increase in the frequency of DDoS attacks exceeding 10 Gbps in size, accounting for more than 20 percent of all mitigations conducted by the company.
IBM’s Trusteer researchers have discovered a new configuration of the Citadel malware that attacks certain password managers. The configuration activates key logging when certain processes are running on the infected machine; the targeted processes include Password Safe and KeePass, two open-source password managers.
National Security Agency director Adm. Mike Rogers said on Thursday in testimony to the US House of Representatives' Intelligence Committee that China's hackers have performed "reconnaissance" missions in order to work out how networks function.