Experts Concerned About the Lack of Security Around “The Internet of Things”

More and more people are using devices that connect to the internet to improve their home. It’s nice to be able to control your thermostat from your phone or receive a tweet when your refrigerator detects that your milk has gone bad. Unfortunately, with the rise of internet connected things, or “The Internet of Things”, security experts are questioning the security of these devices. The fact of the matter is, there is minimal protection of the internet connected things.

An example would be the fact the 95% of the worlds ATMs are running Windows XP (an operating system that will no longer be supported as of April 8th, 2014). Other creators of internet connected things do not include or have minimal methods of issuing patches or updates. Studies show that even when a system does have a patch available, consumers are not likely to apply it.

‘Thingularity’ Triggers Security Warnings- Information Week’s Dark Reading

Android Malware Found in Apps

At least two apps available in the Google Play store have been found to contain an interesting form of malware. The apps Songs and Prized each contain malware, now known as KageCoin, that utilizes the device as a crypto-currency mining device. Crypto-currency mining is when a device uses a part of its processing power to facilitate crypto-currency transactions, and in return earns the owner (or malware attacker) a portion of the currency.
While annoying, the malware isn’t as bad as it could be. It only performs its mining actions while the device is charging. Because of this, its power consumption is less noticeable.

Android Apps Hide Crypto-Currency Mining Malware-

Microsoft Warns of Vulnerability in Microsoft Word

Microsoft recently warned of a particular vulnerability in Microsoft Word, specifically the 2010 version. This vulnerability is a defect when a user opens an RTF file with Word. This includes when a users uses Outlook, as Outlook uses Word as its default email viewer. When exploited, Microsoft Word parses a particular RTF file, and the computer’s memory can become compromised. This gives the attacker access to the users computer with the same rights as the user. While standard users may be less affected by the attack, users with administrator rights become more vulnerable. While Microsoft Word 2010 seems to be the most at risk, Microsoft notes that Word 2007 and 2013 also contain the vulnerability. While Microsoft says Word 2013 can be exploited, current research suggests the attack attempt crashes when executed in 2013.

Microsoft has released one of their Fix It tools in order to patch the vulnerability.

New Microsoft Word Zero-Day Used in Targeted Attacks-
Microsoft Advisory and Fix It

How To Protect Against Attacks Via Third-Party Vendors

The breach of Target’s system can be traced back to an HVAC services provider that was given access to the network. With this information coming to light, awareness of third-party vendor vulnerabilities is at an all time high. Security consultant John H. Sawyer has a number of recommendations for protecting your business against the vulnerabilities that can arise by giving a trusted third-party access to your network.

He recommends that you should make sure your vendors have security polices that are “regularly reviewed, updated, and enforced”. There should also be a validation of effectiveness of these policies. These vendors should also only be given access to areas of the network that are absolutely needed, and no more. Once the access is no longer needed, it should be removed.

Remember that your business data is yours to protect. Even well-trusted vendors should be considered untrusted when given access to your network. It is your responsibility ti make sure all access to your data is secure at all times.

Tech Insight: How To Protect Against Attacks Via Your Third-Party Vendors- Dark Reading

Samsung Galaxy Backdoor Vulnerability

Certain models of Samsung’s Galaxy line of phones and tablets have a back door exploit that leaves them vulnerable to attackers. Researchers from the Replicant Project, a group that builds alternative versions of Android, first went public with the notice of the exploit this Wednesday. They noted that the exploit was pertaining to the devices’ radio modems, which can sometimes be capable of executing Remote File System commands. This gives hackers access to the phone or tablet’s private files as well as the ability to remotely turn on the camera and microphone in the device. With access to the user’s personal information, it is possible for hackers to copy, edit, remove, or add files to the device.
Replicant’s researchers state that the problem could be resolved with a mere software patch. Samsung has yet to comment on the exploit or release a patch. The models known to be affected are: the Nexus S, the Galaxy S, the Galaxy S 2, the Galaxy Note, the Galaxy Nexus, the Galaxy Tablet 2 7.0, Galaxy Tab 2 10.1, Galaxy S 3, and Galaxy Note 2. It is possible that other models are affected as well.
Replicant claims that the exploit does not exist on their versions of Android.
Samsung Galaxy Security Alert: Android Backdoor Discovered- Information Week