Security Week 13: Facebook fuss, extortionists' popularity, Specter patches

A broad discussion of the privacy issues of users on Facebook is a more public topic, and if you try to find some technical features in it, it turns out that nothing has happened to Facebook over the past month. Is that the developers of the browser Firefox at the end of March released a solution that allows you to isolate your Facebook user account from other activity on the web. As for the rest, as usual: the journalists dig up even more shocking details about the data leak, then Apple’s Tim Cook speaks about “we sell products to users, not users to advertisers”, then Mark Zuckerberg will respond that “everything is not so simple”. In the technical community, they are mostly surprised: what is new here? It has long been understood that any public activity on the Internet will be analyzed by someone and, possibly, used somehow - for the benefit of users or as it will. Not always the processing of big data is a necessary evil. The question is how to make this process more transparent.


In the wake of the hearings in the US Congress with the participation of the CEO of Facebook, the English-language Threatpost publishes a detailed description of possible legislative initiatives that are aimed specifically at greater transparency in the collection and transmission of personal data. Moreover, in the United States, there is already a definition of the Federal Trade Commission that social networks should ask the user's permission if they want to transfer information about it to a third party. So they warn, but who reads these warnings? The conditionally inoperative structures include the initiative Do Not Track , and the European Cookie Law . Obviously, because of the hustle and bustle around Facebook, there will be more initiatives, and perhaps big data operators will become more compliant. Despite the powerful news background, this problem will be solved by political methods for a long time, there is always the case. Technology to replace the existing status quo, too, is not expected, except that some decentralized social Internet with a thick layer of the blockchain. Type Diaspora , but better. Much, much better.

On the topic: Why is the “delete Facebook” too late - the history of the scandal in the details in the blog LC.

Almost 40% of cyber attacks on business come from Trojan encryption
')
News

The Verizon Telecommunications Company Report on Business Threats has been built outside the box. Companies in the sample of only 67 (they represent 65 countries), but each, apparently, provided detailed information about the incidents for the year. A total of 53,000 incidents and 2216 successful attacks were analyzed - English breaches can be interpreted as data leaks and how an attacker gains control over part of the corporate infrastructure. 39% of successful attacks with the use of malware somehow relates to infection with a cryptographic trojan. In Verizon, they note that the complexity and scale of attacks is growing: not only workstations, but also — more and more often — file servers are being hit. The reason is clear - the more data “captured”, the greater the potential ransom.

Some more interesting facts from the study. Email remains the primary mode of entry. Phishing, sending malicious programs under the guise of financial documents - depending on the method of counting up to 93% of successful attacks accounted for precisely these tools. It can be concluded that the malware industry is rapidly monetizing. To develop this criminal business, it is not even necessary to use the latest hacking methods. For example, the Kryptos Logic report says there are 2.7 million computers still infected by the WannaCry cipher. Although the attack was non-standard, it happened almost a year ago, it was immediately stopped and, since then, it would seem that it should be stopped without any problems. Despite this, in March, a WannaCry incident occurred on the Boeing network, and, as we can see, millions of computers are still infected with this trojan.

One line

AMD releases patches to protect against Specter vulnerabilities. The patches are relevant for processors released since 2011, but microcode updates are not enough: you can completely close the vulnerability only in combination with the latest version of Windows (update for Windows 10 also released this week) or with the current Linux kernel, the patch for which available for some time.

The April release of Microsoft patches fixes 66 vulnerabilities, including 24 critical ones. Among them - XSS-vulnerability in the Sharepoint server, which allows a little increase privileges.

If someone else is using the Adobe Flash Player, they also have a couple of holes in it .

Schneider Electric has released patches of software for industrial systems, eliminating, among other things, a serious vulnerability allowing them to seize control remotely. The set of problems is no different from that of a home computer: a vulnerability in Samba, SQL injection, and the like.

Disclaimer: The digest was prepared with the support of magical fairies, whose opinion does not always coincide with the official position of Kaspersky Lab.