Your daily digest of “All Things Security” gathered, collected and researched by your very own 10Fold Security Practice team.
Big items to consider: Obama has asked for help from tech firms and law enforcement to intercept encrypted communication between terrorists in an address given late Sunday night in the oval office. FireEye has discovered yet another payment card malware that is designed to steal payment information and is difficult to detect and remove. The infamous APT group Sednit, has significantly increased activity over the last year with new “USB Stealer” module that is designed to target air-gapped networks. Lastly, and article about what no to do. IBM launched a twitter campaign that asks women in tech to try to hack a hair dryer, which left women angry that IBM would think that’s the one thing they should try to hack.
U.S. President Barack Obama is seeking the help of tech companies to combat terror threats, which he described as entering a new phase. Obama’s remarks could put into sharp focus again the demand by law enforcement agencies for tech companies to provide ways for the government to be able to access encrypted communications. In an address late Sunday from the Oval Office, Obama said he “would urge hi-tech and law enforcement leaders to make it harder for terrorists to use technology to escape from justice.”
FireEye says it has discovered a type of malware designed to steal payment card data that can be very difficult to detect and remove. The cybercriminal group behind the malware, which FireEye nicknamed “FIN1,” is suspected of being in Russia and has been known to target financial institutions. The malware, which FIN1 calls Nemesis, infected an organization that processes financial transactions, which FireEye did not identify.
The infamous APT group known as ‘Sofacy’ or ‘Pawn Storm’ has increased its activity nearly tenfold over the past year, including a new wave of attacks against defense targets since August, according to researchers. Kaspersky Lab’s Global Research and Analysis Team (GREAT) revealed in a new blog post that the group, also known as ‘Sednit’ or APT 28, has been spotted using new ‘USB stealer’ modules designed to jump target organizations’ air-gapped networks.
Looks like IBM needs to reengineer what it thinks about women. A tweet went out on IBM’s official Twitter feed asking women in tech to, I kid you not, “Join the #HackAHairDryer experiment.” Not hack computer software, math problems or something of social impact – a beauty product. According to IBM’s Twitter account, that’s “what matters in science” to women.