Carrier-targeting malware Regin linked to spy agencies

The biggest security news of the week revolves around Symantec’s comprehensive report about Regin, a sophisticated piece of malware which has been tracked back as far as 2008. It’s a story similar to leaks about the NSA’s mass surveillance capabilities last year which – until Edward Snowden’s revelations – was something we knew existed but didn’t realise as to what extent.

One particular case in the Middle East has victims creating a mass peer-to-peer network

You...

By Ryan Daws, 25 November 2014, 0 comments. Categories: Infrastructure, Research, Security.

NSA: China can shut down our power grid

At a hearing of the House Intelligence Committee, the director of the National Security Agency and head of US Cyber Command, Michael Rogers, revealed that several countries are performing regular electronic surveillance on the US to place themselves in a position where they are able to cause havoc with vital control systems.

It is easy to cover-up a cyberattack with the right know-how.

Experts outside of the government have warned about this potential scenario for some time, but it’s the first time it...

By Ryan Daws, 21 November 2014, 0 comments. Categories: Industry, Infrastructure, Research, Security.

Tor domains seized by police were fakes

For privacy advocates, Tor is a godsend. For the police, it's a nightmare. Tor is often used for illegal 'darknet' services due to its ability to anonymise users and make it difficult for law enforcement to track and seize the domains. Last week, authorities thought they had a win on their hands after claiming 414 domains had been taken down...

NSA workers discussed their frustration in spying on people who use Tor.

According to Australian blogger, Nik Cubrilovic, a web crawl he performed on the darknet...

By Ryan Daws, 18 November 2014, 0 comments. Categories: Research, Security.

France prepares for cyber-warfare, whilst US accuses Putin of JP Morgan attack

Cyber-warfare tensions are increasing with two big stories making the rounds; France has staged a large-scale cyber-attack to help the country defend itself from such a scenario, whilst Russia president Vladimir Putin has been accused of being behind an actual cyber-attack on a US-based financial firm.

JP Morgan was hit alongside seven other financial institutions and 76 million accounts had names and email addresses stolen but no evidence has been found of money being moved. There is a lack of evidence...

By Ryan Daws, 10 October 2014, 0 comments. Categories: Infrastructure, Security.

Marriott: The ethics of Wi-Fi blocking

(Image Credit: Hercwad)

Hotel-chain Marriott has caused a stir resulting in a $600,000 fine due to blocking customers Wi-Fi hotspots and using their advantageous position to charge a whopping $250 - $1000 per device to use the hotel's own service.

"Consumers who purchase cellular data plans should be able to use them without fear that their personal Internet connection will be blocked by their hotel or conference center," said Enforcement Bureau Chief Travis LeBlanc.

Gaylord Opryland...

By Ryan Daws, 06 October 2014, 2 comments. Categories: Government, Industry, Security, WiFi.

What are all these fake cell phone towers?

Interest in CryptoPhone's secure devices has skyrocketed since Edward Snowden's revelations of the NSA's mass surveillance programs. As part of their research, CryptoPhone’s mobile security team was able to find and fix 468 vulnerabilities in stock Android and has also found that the version which comes supplied on the Samsung Galaxy S3 they tested with is leaking data somewhere between 80 - 90 times per hour.

Fake cell phone towers can often be detected by CryptoPhone's devices. A...

By Ryan Daws, 04 September 2014, 0 comments. Categories: Industry, Infrastructure, Security.

Gemalto to facilitate telcos’ identity services offerings

Gemalto recently announced the release of its LinqUs Mobile ID platform. This platform helps telcos offer online authentication services at the three security assurance levels (as specified by the GSMA) to their subscribers using any SIM-enabled mobile device. This announcement comes at a time when the industry desperately needs alternate means to grow revenues, with telcos having seen slower growth and declining average revenues in recent years.

The Mobile ID platform provides an opportunity for telcos to...

By Ovum Research, 01 July 2014, 0 comments. Categories: Industry, Security.

Citizen Lab exposes malware network used by police worldwide

At the University of Toronto you can find Citizen Lab who, in collaboration with computer security firm Kaspersky, has exposed a massive network of mobile malware targeting all phone types. It is sold by an Italian firm for use in police forces around the world.

'Remote Control System' (RCS) can infiltrate Android, iOS, Windows Mobile, Symbian, and even BlackBerry devices. Most mobile malware targets Android, due to its market-share, but many industry experts warn other...

By Ryan Daws, 27 June 2014, 0 comments. Categories: Devices, Industry, Research, Security.

British government breaks the law by forcing data retention, but the need for it may be greater than ever…

A law enforced by the British government since the previous Labour administration, known as the Data Retention Act of 2009, has forced companies to breach citizens’ fundamental right to privacy and is now facing a high court challenge from the EU which would force it to be removed from law.

It was first enacted in response to the 2006 EU data retention directive, which required member states to store citizens’ telecoms data for a minimum of six months and a maximum of 24 months. The current...

By Ryan Daws, 25 June 2014, 0 comments. Categories: Government, Industry, Security.