Threat Management, Threat Intelligence, Malware, Network Security, Vulnerability Management

News briefs: Flame, Stuxnet, breach at LinkedIn and other security news

»The Flame virus reignited conversations around cyber war. Flame, which spread by disguising itself as a Windows update and exploiting a zero-day vulnerability, was a heavily coded espionage toolkit – meaning it was designed to steal information, mostly from computers in Iran, and not sabotage anything, as had been the case with Stuxnet, which sought to destroy computers controlling Iran's nuclear centrifuges.

Photo: Israeli Minister of Defense Ehud Barak speaks at a security conference in the shadow of the discovery of the Flame virus and complicity of Israel in Stuxnet.

»Surprising few within the security industry, a New York Times report revealed that the Stuxnet worm, which was discovered in 2010, was a creation of the United States and Israeli governments. Quoting anonymous U.S. government sources who reportedly worked on the development project, dubbed Olympic Games, the Times article revealed that the National Security Agency collaborated with Unit 8200, a part of Israel's military, to build a worm designed to sabotage Iran's nuclear program. At the urging of federal lawmakers, the FBI is now investigating the leak of classified information. Sen. Dianne Feinstein expressed worries over copycat attacks, though some pundits and lawmakers believe Obama's administration purposely released the information to make him appear tough on enemies in an election year.

»Nearly 6.5 million passwords belonging to users of social networking site LinkedIn turned up on a Russian online forum. It is unclear how the hackers swiped the data. The passwords were cloaked using the SHA-1 algorithm, a cryptographic hash function created by the National Security Agency, but which is relatively easy to unscramble using widely available tools and methods. Salting, randomly appending the string of characters in each password, would have made it more difficult to decrypt the passwords, experts said. Online dating site eHarmony also admitted that “a small fraction” of its user base had their passwords stolen. Those credentials – as many as 1.5 million – turned up in the same data dump as the LinkedIn passwords.

»Google announced that it will begin warning Gmail users if they are being targeted by state-sponsored attacks. The web giant hopes this alert will allow its customers to take “immediate steps” to secure their accounts. Adversaries who are state-sponsored typically launch sophisticated, well-funded attacks at their targets with the goal of stealing sensitive information, often for spying purposes. More than two years ago, Google itself was the target of an espionage campaign, believed to have been orchestrated by state-backed Chinese hackers. The company would not say specifically how it determines whether malicious activity is state sponsored.

»In a surprising move, Apple went public with its iOS security features, releasing a detailed guide that highlights the technical specs of its products. The 18-page document, believed to be the computing giant's first public address of its security engineering framework, covers system architecture, encryption, data protection and network security for devices running on iOS, which includes the iPhone, iPad and iPod Touch. Although a majority of the features discussed in the report have been uncovered by researchers through reverse engineering, one notable topic covered by the document are the multiple security layers implemented into each iOS device.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.