Infosec Weekly Roundup , March 12 – 18, 2012

BlackHat Europe Amsterdam

This week we have the Blackhat Europe where new tools have been released, some interesting presentations and researches are posted online, for the tools you can find them on Toolswatch website:  http://www.toolswatch.org/

While all slides and presentations can be found on the official website: https://www.blackhat.com/html/bh-eu-12/bh-eu-12-archives.html

Microsoft blames security info-sharing program for attack code leak

After we have published the emergency update for the RDP vulnerability, a PoC have been released to make the exploitation of this bug public and this of course have been expected, here Microsoft alert about this issue to urge customers update their systems:

 “The proof-of-concept exploit now circulating among hackers does not allow remote code execution — necessary to compromise a PC or server, and then plant malware on the system — but instead crashes a vulnerable machine, said Portnoy. The result: The classic Windows “Blue Screen of Death.”

http://www.networkworld.com/news/2012/031812-microsoft-blames-security-info-sharing-program-257397.html

Mobile malware accelerating, says Juniper

Security problem of BYOD increasing everywhere even in New Zealand:

According to Ian Quinn, Juniper’s country manager in New Zealand, more and more New Zealand companies are looking at how to deal with the BYO device trend and the increase in the number of tablets and other mobile devices. “There is a lot of malware out there, regardless of the platforms,” says Quinn, adding that “security is high on the list” of things companies are looking at.

http://www.csoonline.com/article/702340/mobile-malware-accelerating-says-juniper

Cyber Threats and Trends 2012, Verisign

2012 report by Verisign include very important information about malwares and how they are changing so we have ZeuS Trojan goes open source, this mean that its code is now available for any user beside the increasing service created by malware writer that is called Malware-as-a-Service (MaaS):

http://www.verisigninc.com/assets/whitepaper-idefense-2012-trends.pdf

Share