Tag Archive | "mobile security"

Tags: , , , , ,

DDoS Attacks on Rivals of Facebook & WhatsApp

Posted on 30 September 2014 by SlimboCA

In the last weekend of September two of the technology companies, believed to be more secure alternatives of the giants Facebook and WhatsApp, fell victims of severe DDoS attacks. Recently Telegram and Ello were pronounced to be the latest rivals of the social media company Facebook and the recently acquired WhatsApp app for instant messaging.

The Nature of Ello

Ello is a social network with anti-Facebook nature, which is an ad-free platform that accepts new members only if they have an invitation. The new network does not sell data to third parties. The data that is collected by the new social network is aggregated and anonymous, which makes it useless to Google and the companies’ advertising purposes.

The Nature of Telegram

Telegram is an application for instant messaging, which is based in Russia and is famous for its privacy. The users consider it a great alternative to the WhatsApp platform. Telegram is based on a custom MTProto encryption protocol and applies end-to-end encryption for the secret chats. Telegram became even more popular after Facebook acquired WhatsApp since the company has been strongly criticized for lack of data privacy.
Telegram application is available for Google Android and Apple’s iOS.

DDoS Attack

Both Ello and Telegram were hit by independent distributed denial of service on the last weekend of September. The DDoS attack against Telegram lasted for two days. During the attack, the service was normal in most of the countries, though in some places people lost connections and were not able to send outgoing messages. The user data had not been compromised despite the attack.

There were speculations by some of the social media users that the DDoS attacks and the disruption of service might be associated with the situation in China, since these attacks coincided with the reports that the government of China has hacked WhatsApp as it believed that activists are exchanging messages through that application.

On the same day, Ello also reported that it underwent a DDoS attack that lasted for 45 minutes. The situation was fixed when Ello blocked the IP addresses that were associated with the attack.

The Security Experts

The security expert Martin McKeay from Akamai Technologies stated in front of the SCMagazineUK.com that both Telegram and Ello are targets for two main reasons: they have limited security support and they are growing in popularity. These two reasons make Telegram and Ello the perfect targets for the DDoS attacks.

The security professionals further pointed the fact that the popularity of the communication channel Ello increased overnight, and that brought negative attention as well. The experts further say that the volumetric attacks are now becoming the norm, and they advise all organizations that do business on the Internet to be prepared for such attacks.

The cyber criminals find it easy to carry out DDoS attacks up to 100Gbps, 200Gbps, 300Gbps. That is why the companies have to be active in defending their data from the malicious attacks using mitigation and real-time detection.

Popularity: 30%

Comments (0)

Tags: , , , ,

Over 60% of Malware Analysts Report Investigations of Undisclosed Security Breaches

Posted on 22 November 2013 by GranTorinoGuy

Security breaches are almost a common expected thing to take place in today’s massively technology-intrigued world. In a new ThreatTrack Security study, it was revealed that security breaches are occurring at a much higher rate than initially reported by many security researchers.

ThreatTrack has found that about 6 out of 10 of US-based malware analysts interviewed about security breaches failed to disclose breach incidents that their own company experienced in the past. This very detail, had led to further investigations uncovering IT security works as the main problem when it come to protecting their company against attacks.

In about 35% of cases where security breaches occur, the security professionals or staff responsible for securing the attacked network was the ones initially responsible for clicking on a malicious link in shady emails or mobile apps.

ThreatTrack CEO Julian Waits Sr said, “While it is discouraging that so many malware analysts are aware of security breaches that enterprises have not disclosed, it is no surprise that the breaches are occurring. Every day, malware becomes more sophisticated, and US enterprises are constantly targeted for cyber espionage campaigns from overseas competitors and foreign governments.” Basically, the study has revealed the idea that malware analysts are aware of the threats they face, but many of them may fail to report their inability to fight the given cyber-attacks. Additionally, they will commonly point out their lack of proper resources and tools to protect their own company from attacks.

About 40% of the 200 professionals taking part in the survey, originally conducted by Opinion Matters on behalf of ThreatTrack Security, are deemed as the main culprit in cyber-attacks against their own company. By knowing this bit of information, the rates and numbers of security breaches actually reported is totally skewed in the broad scope of finding out how many security breaches actually take place. Essentially, it makes everyone’s job a little more difficult, but the attackers are basking in their glory in knowing how they can take advantage of some companies.

Bottom line is that over 60% of security researchers are now reporting cases of undisclosed breaches from surveys and simple inquiries among US-based companies who have at one time been suspected to be a vulnerable asset in a security breach. That is rather scary in the full scope of things when you consider some of these companies may harbor your personal information or banking data.

Popularity: 19%

Comments (0)

Tags: , , , , , , , , ,

More Hacking Threats Are Expected to Spread As Mobile Phones Continue to Evolve

Posted on 21 December 2009 by admin

Mobile phones are like computers these days. So if you can do with a phone what could only be done on a computer before, then hackers can to.

Mobile phones have become more vulnerable to traditional computer menaces like hackers and viruses. Russian anti-virus company Kaspersky Lab has reported on a new malicious program that stole money by taking over Nokia phones and making small charges to the owners’ wireless accounts. Recently, an Australian student created a worm that spread through “jailbroken” (altered to run software Apple has not authorized) iPhones. The worm did not cause any damage, it uploaded a photo of ’80s pop star Rick Astley. To security experts, this suggested that cyber attacks on iPhones are possible. Where there are security threats, there are always money-hungry cyber crooks looking to capitalize on the innocent.

Earlier in December, Khosla Ventures, a prominent Silicon Valley venture capital firm, led an investment group that injected $5.5 million into a fledgling security start-up called Lookout. Lookout is set to introduce security applications for the BlackBerry and iPhone after testing security software for phones running the Windows Mobile and Android operating systems. The software protects phones against rogue programs and gives phone owners the ability to remotely back up and erase the data on their phones.

A basic version of the software is free, while the company plans to charge a monthly subscription for a version with more features. It feels a lot like it did in 1999 in desktop security, according to John Hering, Lookout’s 26-year-old chief executive, who for years has done research demonstrating security vulnerabilities in phones. Hering says people are using the mobile Web and downloading applications more than ever before and there are threats that come with that.

Lookout represents the latest attempt to build a new business that capitalizes on the surge of smartphones. Thousands of companies making mobile games, shopping tools and other programs have sprung up in the last two years as the iPhone, in particular, has taken off. Lookout and its investors believe this is the right time to get into the market. The rules of mobile are different, says Vinod Khosla, founder of Khosla Ventures, which also recently invested in Square, a mobile payments start-up. He says phones are people’s most personal computer, and needs to be protected.

Companies like Research In Motion, who made the BlackBerry, and Good Technology, a Silicon Valley-based mobile messaging firm, already offer mobile security tools, but their systems are aimed at businesses. Security firms like Symantec also have mobile security divisions, and a five-year-old company, Trust Digital, based in McLean, Va., has set its sights on this market.

Lookout says it can address the unique challenges of protecting cellphones, like preserving battery life. While the company will not give details, it says it has figured out how to get its software to work on the iPhone, which does not allow non-Apple programs to operate in the background, as security software typically does. Hering and his co-founder, Kevin Mahaffey, have been publicly demonstrating the weaknesses of mobile phones for some time.

In 2005, they camped outside the Academy Awards ceremony in Hollywood and scanned the phones of stars walking the red carpet, using a short-range Bluetooth wireless connection. They found that as many as 100 of the phones were vulnerable to hacking over such a connection. That year, at the Black Hat security conference in Las Vegas, they hacked into a phone over a mile away using Bluetooth.

Lookout’s founders and backers concede that for now, snoops and bad guys pose much less of a threat to cellphones than to PCs. But they believe there is an immediate need for software that preserves and protects a phone’s data, from email to corporate information, and they say current systems do not work when a family or business has multiple types of cellphones on various wireless networks. For instance, a small business could install the Lookout software on many different types of devices, back up all the data and remotely erase a phone if, say, an employee leaves it in a cab.

Jeff Moss, a security expert and organizer of the Black Hat conference, said mobile security had historically been a solution in search of a problem. But he said that mobile viruses had recently become more common in Asia. His own Nokia N97 phone even caught a bug recently, but the software he was running from F-Secure, a Finnish security company, caught it in time. Moss says the tipping point will be when we start using phone to shop and conduct banking, because the more we do with a phone, the more valuable a target it will become.

Popularity: 28%

Comments (0)