In this episode we cover the new news and there is lots of it this week. And we cover the security predictions for 2013.
The 2013 Predictions
These are the predictions from a number of sources such as Computer World and Trend Micro.
- ZeuS. Though last updated around more than 2 years ago, ZeuS remains popular among cybecriminals due to its reliability. Because it was coded well, cybercriminals continue to earn money from this toolkit and evade law enforcement.
- Spyeye. Initially deemed as ZeuS’ rival, SpyEye’s creator Gribodemon offered the toolkit as an alternative while providing support to existing ZeuS customers. Since its debut in 2009, it underwent several improvements until its creator disappeared sometime in 2010.
- Blackhole exploit kits. Known to distribute malware by exploiting known software vulnerabilities, the stealthier version of Blackhole Exploit Kit was recently released. To avoid detection, its creator Paunch does not directly provide the kit, but instead installed in a web server somewhere that is connected to a database for logging and reporting.
- These kits will also likely to be more robust, reliable and harder to detect. The current life cycle for a kit is around 2 or 3 years, we should then expect a new wave of new kits anytime soon as we are already seeing some new kits popping up such as Red Kit, Sweet Orange, CritXPack and Cool ExploitKit.
- Increasing sophistication in malware attacks, not necessarily in the technical aspects of the malware itself but in the deployment of an attack. Such attacks will increasingly have a destructive capacity and that it will be challenging to determine attribution.
- increasing recognition that social, political and economic indicators must be used in conjunction with technical indicators to fully assess and analyze targeted attacks.
- destructive capacity
- We will see an increase in localized attacks such as malware that will not execute unless certain conditions are met, such as language settings, or “watering hole” attacks that will only affect certain geographic regions or even only specific netblocks.
- Africa will become a new safe harbor for cybercriminals.
- Conventional malware threats will only gradually evolve, with few, if any, new threats. Attacks will become more sophisticated in terms of deployment.
- Consumers will use multiple computing platforms and devices. Securing these will be complex and difficult.
- The volume of malicious and high-risk Android apps will hit 1 million in 2013.
- Since 2012 saw a surge of “ransomware malware which encrypts your data and holds it for ransom,” expect to see more “irreversible malware.”
This week in the News:
- Blackhole Spam
- Java Zero Day
- Phishing Attacks Increase In December
- Watering Holes
- IE Zero Day
- Adobe Flash and Microsoft Updates
- Ruby On Rails Flaw
- Facebook and Yahoo Security Hole
- Android Apps in Debug Mode
- Malware Author Funds An Exploit Buying Spree
- Hacker Arrested
- Android Spam Malware
These are the links to the references we used for news items during the show.
- Holiday Phish- Just because the holiday season is over – Phish campain all for the new year
- Exploits Exploits — 2.9 percent
Phishing Attacks increase in december
java zero day
- New years gift
- Another Java Zero day is being exploiting
- Cool – Blackhole – Reverton – Ruby on rails – ransomware
- Why Java – unplug
IE zero day
Adobe Flash and Microsoft Updates
Ruby On Rails flaw
- Can Steal information
- App must be in in debug mode
- Approximately 5% of apps in the Top Free apps list are set to be debuggable, so the risk is not insignificant.