The good news?
Did you all hear the interesting news? During the last Microsoft’s Build developer conference (see https://build.microsoft.com/ ) Microsoft announced the latest tools and technologies and how they can help today’s developers be their most creative and productive. Besides a spectacular improved ‘Cortana’, an innovative HoloLens and a new update of Visual Studio, one specific fact came to us as an interesting surprise. Ubuntu is coming to Windows 10!
Actually it came from a secret project setup by Microsoft and Canonical and it was unveiled at Kevin Gallo’s opening keynote speech during the conference in March. (see https://blogs.windows.com/buildingapps/2016/03/30/windows-10-anniversary-sdk-is-bringing-exciting-opportunities-to-developers/ ) But the good news also has some security implications?
Is the IoT industry making the same mistakes again?
The Car Industry
Especially all hacked cars made it into the latest newsflashes from online news media to the biggest media broadcasters in the world. Some examples were the Fiat Chrysler where 1.4 million cars were called back after the vendors Jeep hack and a Corvette where the brakes of the car could be remotely controlled. These examples confirmed the problems related to the whole car industry described in our former blog (e.g. The BMW problems).
The Fitness Industry
Completely different but fully related to the Internet of Things are the new wristbands, step counters or mobile fitness devices and the data they gather in-the-cloud and on the device and your smartphone. Interesting was the test performed by AV-Test, a worldwide well known independent test organization for security products. This test tried to measure how the private fitness data is transferred from the devices to the smartphones or the cloud and how secure the apps of fitness trackers are. You can find the full test here. These new fitness wristbands are very popular and it is already a trend; all activity results are recorded and analyzed in an app on the user’s smartphone. This means it is possible to immediately see how well the user performed. The question remains, however, is the data transported securely from the wristband to the user’s smartphone? Or is it possible for someone to intercept this link, copying or even manipulating the data? Or could the app itself be manipulated? Those questions were investigated, where 9 fitness wristbands or trackers together with the corresponding Android apps were monitored in live operation. How well performed those trackers in terms of security? And what about eavesdropping? (more…)
IT security Information for everybody
“Writing a book about cyber threats in a comprehensible and comprehensive way is not an easy task, but the book ‘Cybergevaar ‘ succeeds in this”, certifies the book’s first review, conducted by a well-known Belgian IT magazine, Datanews. The book “Cybergevaar” tries to provide a very readable and very accessible overview of almost every information security related problem and malware. It reaches out to the general audience and does not only target the technically savvy reader but provides information for everybody.
“Cybergevaar” starts with an overview of the history of malware and looks into the many profiles of malware writers and hackers. One of the chapters touches the topic underground economy and is using a lot of examples to explain the involvements. It is based on a whitepaper written by G Data SecurityLabs. Furthermore, new developments in the fields of cyber attacks, sabotage and espionage are discussed and looked into from different angles. The daily threats and the myths about malware are described in a detailed way. Among this, the chapter about general security tips and tricks is interesting for everybody. The book also provides a special chapter with thorough advice for companies.
While exploring the book, the reader can find several exciting security anecdotes and entertaining situations one possibly has never heard of before. Additional clarifications are provided throughout the entire book by use of attractive illustrations and easy-to-understand graphs. High-level opinions of people with experience and interest in the ICT security industry are included: Professionals such as Natalya Kasperskaya (InfoWatch), Ralf Benzmüller (G Data), Peter Kruse (CSIS Security Group), Bob Burls (Independent IT Security Consultant) are amongst the contributors. The book also seeks to elaborate on how governments and the media can play a role in the ‘education’ of users. Moreover, it gives an inside look into the computer security industry and organizations like AMTSO and EICAR. And, of course, ‘Cybergevaar’ does not miss the opportunity to highlight how the problem and its solutions may develop in the future, with a special chapter in the form of a short story – ‘Radical Ransom’ – set in the year 2033.
“Cybergevaar” by Eddy Willems, Lannoo, 213 pages, is now available in Belgian and Dutch bookstores and online shops. Plans to publish this book in other languages, such as German and English, are currently being discussed.
You can also order your version of the book via this webpage: www.lannooshop.com/gdata
A turbulent beginning of 2013
We can determine threats on two major fronts: Ruby on Rails, Java and Microsoft’s Internet Explorer form the first one – all web-related. And then there are flaws in Foxit Reader and Microsoft’s Windows RT, which also got in the line of fire.
We always loved Microsoft’s operating systems as most of them are adopted very well in the whole world and security has been improving since years. The new incarnation of Windows 8 is somewhat different to the former ones as the interface underwent some notably big changes.
Windows 8 offers the same interface on many devices: Xbox, via desktop to tablet PCs and smart phones. Microsoft tries to make a user experience that is almost universal. Nevertheless, it appears that the app functionalities under Windows RT (the one for ARM tablets) and the program of the desktop version are not always the same.
You might think that having a very similar interface on the different devices enables you to do the same things on different hardware, but that doesn’t seem to be true in all the cases. Sometimes, the decision to change the user experience and the usability is a matter of security, and that is to be welcomed, but all in all, it creates confusion for the user.
A good example is Skype, from Microsoft. You can use it on any Windows device, but it is impossible to send over files under Windows RT – most possibly because of the security restrictions, due to the sandboxing approach. That is an ambiguous feature, from a user’s point of view. And that’s not the only critical view we have.
Online AV multi scanners are used quite often these days. However, not every user is aware of these sites and what their possibilities and limits are. Using the public online multi scanner services can be useful, but the analysis results don’t allow straightforward conclusions.
It is common for malware samples to remain undetectable for hours or even days. G Data has got comprehensive and fast detection rates for malware through our cloud technology. But still, some users might want to know more about a particular suspicious file or even analyze it themselves.
One of the easiest ways to accumulate a minimum of the desired information is provided by using online AV multi scanners. There is an interesting concept behind that: when you found a suspicious file on your pc, you can easily upload it to the service and have an immediate result as the file itself will be scanned with various up to date virus scan engines. This principle has been around for years now and gives you some immediate insight into a suspicious file. And there are indeed several of these scan service sites around. The most popular possibly is VirusTotal but you have several other ones like Jotti, NoVirusThanks, Metascan or Virscan, to name only some of them.
How does it work?
Let’s have a look at one of the most popular services, VirusTotal. You can submit your sample on a website but you could also use an email submission feature – whatever suits your needs. Online, you can even use some hash value searching, meaning that you can search their existing database of scanned files based on a sha1, sha256 or md5 hash. This feature is handy if you don’t have an actual file but know the hash value of it.
The English and French version of the press release …
G Data SecurityLabs expands team with Security Evangelist Eddy Willems
Bochum, 19. February 2010
G Data today announces they have a new team member: Security Evangelist Eddy Willems. He will divide his time between the G Data SecurityLabs in Bochum (Germany) and the Benelux team.
The Belgian Willems has been active in the field of IT security for over two decades. In that period, he has worked for influential institutes, such as EICAR, of which he is a co-founder and the director of press and information, several CERT associations, and the organization behind the Wildlist as well as for commercial companies, such as NOXS and Kaspersky Labs Benelux.
In his position of Security Evangelist at G Data, Eddy Willems will form the link between technical complexity and the user. He is responsible for a clear communication of G Data’s SecurityLabs towards the security community, press, distributors, resellers and end users. This means, amongst other things, organizing trainings about products, malware and security, speaking at conferences and consulting associations and companies about security.
This is Eddy Willems’ official and original homepage for anti-virus and anti-malware consultancy with links to most anti-malware sites and companies in the world.
This site is the reference in independent anti-malware advice and information. It is also known as the first Belgian anti-virus page and one of the oldest anti-malware sites on the Web. This site is completely renewed in September 2010 and exists since 1995. Within these pages you will find one of the most comprehensive lists of anti-malware sites in the world with over 4000 links.
I have been working over 25 years as Anti-Malware Technology Expert for the security industry ( NOXS (a Westcon Group Company), McAfee, TrendMicro and Symantec ) and as Security Evangelist for Kaspersky Lab . I am now working as Security Evangelist for G Data Software AG . I am a Belgian Cyber Security Expert who is member of most international security and malware organisations in the world. I am the first and only in Belgium being on the board of three ( EICAR, AMTSO and LSEC) international security organisations at the same time. Find more about me at the ‘about me’ page for a more detailed bio.
Take also a look at my Twitter, Facebook, LinkedIn or YouTube channel. Don’t forget to subscribe to my popular anti-malware Blog with continuous updates and to take a look at my new Blog and my press page with over 1000 interviews and articles.
This site is and will remain always completely independent! (Site Design: Sonia Auger and Eddy Willems)