Time for another security news round up, and we got some good stuff this week as well. Enjoy!
- Kim DotCom of MEGA, and MegaUpload fame is continuing his fight for privacy by announcing that he is working on a new project, a decentralized Non-IP based network that he claims would be immune to government spying, and the like. Color me curious. Details are scarce at the moment, but I am curious to see what it turns into.
- Read More @ http://thehackernews.com/2015/02/meganet-decentralized-internet.html
- It looks like the next incarnation of the HTTP protocol (HTTP/2) is finished and ready to be assigned an RFC.
- Read More @ https://www.mnot.net/blog/2015/02/18/http2
- Looks like U.S and the U.K are not the only ones getting into the cyber-espionage game. New malware codenamed “Babar” has been discovered and the attribution points to France. I doubt anyone is surprised by such news at this point as this is almost becoming expected at this point, but hey, good read either way.
- Read More @ http://motherboard.vice.com/read/meet-babar-a-new-malware-almost-certainly-created-by-france
- Next, another APT group has been detailed in new research by TrendMicro and Kaspersky, that seems to be of Arabic speaking origin. They mention that it’s not so much a nation state based group, but rather one based on a movement targeting “enemies of Islam”. Good analysis as always.
- Read More @ http://www.darkreading.com/researchers-report-details-on-arabic-speaking-cyberespionage-gang/d/d-id/1319122
- Next, another article based on research by Kaspersky, this time in regards to an NSA malware that seems to have been implanted into the firmware of various Hard Drives. Kaspersky has dubbed the group behind this as the “Equation Group” and they say it’s some of the most sophisticated malware they have ever seen. Most of the well known HDD manufacturers are affected, including Samsung, Toshiba, Seagate, Western Digital, as well as several others.
- Read More @ http://thehackernews.com/2015/02/hard-drive-firmware-hacking.html
- Next, another paper by Kaserspky, they are on quite a roll this week. This time it’s another APT group named “Carbanak” that managed to steal almost 1 billion dollars from various banks. This is an absolutely massive financially focused campaign, as you can tell. Absolutely fantastic read as well.
- Read More @ https://securelist.com/blog/research/68732/the-great-bank-robbery-the-carbanak-apt/
- Lenovo is in some hot water this week as it was discovered that some of their PCs sold between September 2014, and January 2015 contained the “Superfish” adware. What made this really bad is that this adware installs it’s own certificate in order to be able to Man-in-the-Middle encrypted traffic as well. This poses massive security concerns and has created quite a PR nightmare for Lenovo. Software has been disabled and Lenovo has apologized but the damage has already been done.
- Read More @ http://thehackernews.com/2015/02/lenovo-superfish-malware.html
- For our last story of the week, we got another, yet rather significant revelation revealed through the released Snowden files that detail the fact that U.S and U.K intelligence agencies (NSA and GCHQ) stole the encryption keys of a SIM card manufacturer “Gemalto” that provides SIM cards for some of the largest carriers in the world. This allows them to spy on a large portion of mobile communications, without anyone being the wiser.
- Read More @ https://firstlook.org/theintercept/2015/02/19/great-sim-heist/