News Brief – 03/13/14

Critical crypto flaw in Facebook’s WhatsApp for Android exposes chats

Tread carefully when allowing apps access to features on your phone like access to the SD card.

The Android version of WhatsApp, the cross-platform instant messaging app purchased by Facebook for $16 billion, has a loophole that leaves chat histories wide open to other apps installed on the same smartphone, a security consultant says.

162,000 WordPress instances abused for DDoS attack

Security researchers have uncovered a recent distributed denial-of-service (DDoS) attack that used at least 162,000 WordPress-powered websites to knock another site offline.Source

If you use wordpress, it must be updated as soon as updates are released.  Standard security practices should be followed including:

  1. Using logins other than the admin account and disabling or reducing privileges of that account.
  2. If possible changing the default wp- prefix to a different prefix for virtual directories.
  3. Installing logging plugins to monitor logins.
  4. Keeping plugins up to date.
  5. If possible, putting a web application firewall in front of the WordPress installation.

Security updates available for Adobe Flash Player

Today’s release does not include critical updates, but Adobe should be updated as soon as updates are released.  Adobe is often the target of phishing attacks.

Release date: March 11, 2014

Vulnerability identifier: APSB14-08

CVE number: CVE-2014-0503, CVE-2014-0504

Platform: All Platforms

290k+ users possibly affected in North Dakota University breach

The affected server contained the name, Social Security number, and other student information for 291,465 current and former students including some Fall 2014 applicants, as well as the SS number and employee ID number for 784 faculty and staff members. 

Apparently, the compromised dates back to October 2013.

Again, as another breach has been reported we find out that it has been ongoing for a significant amount of time.  Logging alone is no longer a viable option for discovering and preventing attacks.  SIEM solutions that can analyze and interpret logs and correlate them from many systems are necessary in today’s data driven, fast paced environments.



VERIS Community Database (VCDB)

VERIS as described by it’s creators:

“One of the most critical and persistent challenges plaguing efforts to manage information risk is a lack of data. To aid removal of this barrier to more widely available security data, we offer the Vocabulary for Event Recording and Incident Sharing (VERIS) for public consideration and use. VERIS is a set of metrics designed to provide a common language for describing security incidents in a structured and repeatable manner. The overall goal is to lay a foundation on which we can constructively and cooperatively learn from our experiences to better manage risk.”