Microsoft has released security intelligence report giving analysis of the threat and attack vectors globally. “The Microsoft Security Bulletins and Microsoft Security Advisories that are issued each month give IT professionals the latest information about vulnerabilities, the products they affect, and any security updates or actions they can implement to mitigate related risks.” (Microsoft Security Intelligence Report Volume 16, 2014 Microsoft Corporation).The reports are of three types;
The Microsoft Security Intelligence Report – Volume 16 is a 152 paged document, I tried to summarise in 17 points;
Continue reading The Microsoft Security Intelligence Report – Volume 16, 2014 summary based on Kenya information security environment in 17 points
Oracle has released April 2014 critical Patch Updates addressing serious flaws and vulnerabilities that have been identified. ” Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory” (Oracle, 2014). The patches address 104 security vulnerabilities consisting of Fusion Middleware, Hyperion, Oracle Database, Supply Chain Product Suite, Siebel CRM, Java SE, and Sun Microsystems Products Suite, including Oracle Linux and Virtualization, iLearning , People-soft Enterprise and Oracle MySQL (Summerised in table 1 below). Due to the serious security lapses caused by threats and vulnerabilities oracle recommends applying the patches as soon as possible . This Critical Patch Update contains 104 new security fixes across the product families listed below.
“Among the patches that should be prioritized are two bugs in Oracle’s database products. The more severe of these two issues could lead to a full compromise of impacted Windows systems, though exploitation would require that an attacker authenticate him or herself. Other platforms like Linux and Solaris are less affected because the database does not extend into the underlying operating system there”( Threatpost , 2014). Also fixing five vulnerabilities affecting Oracle Linux and Virtualization products. To find out more Click here to visit Oracle site Continue reading Oracle Critical Patch Updates for April 2014
OpenSSL is used by most of websites in Kenya (most i come across are open source and made from joomla), so the flaw impacts almost everyone who is using open source web servers like Apache and nginx . Those not impacted by this two year-old bug are immune either because their websites don’t support SSL or they’re using outdated versions of OpenSSL.
“Open SSL is a widely used technology for secure communication over the Internet. In general, that means it was implemented to protect secure data and communications to prevent unauthorized access to information. This vulnerability means attackers can gain access to information, transactions, and other sensitive or valuable data with little restriction – it is very serious.” Dwayne Melancon, CTO of Tripwire (CSO Online, 2014)
For more indepth analysis i have re blogged Codenomicon, 2001-2014 url: http://heartbleed.com/ Continue reading ‘Heartbleed’ critical bug affecting most websites in Kenya
Threat landscape is changing rapidly due to the growth of data services and smart phone market in Kenya. Users are streaming in mobile stores and customer care centers to redeem Bonga points and acquire smart phones . Its a craze sweeping around, walking the streets of Nairobi, I see people flashing trendy and sleek smart phones of all sorts (even kam-china smarphone). As an economist it portrays the growth of Kenya economy; the Government increased taxes. The marketers are hitting there end month targets and the mobile operators announcing huge growth of profits surpassing another billion mark (even though I believe most of subscribers fore-go a meal to top up with a kabambe kumi at-least) translating to fat cheques to the “Shareholders” smiling all the way to the bank.
Continue reading Threats android-based smart phone will bring on money transfer services in Kenya
Its migration season for Kenya, last year was digital migration which met a lot of resistance from consumers. Next in line is the wildbeast migration, which usually occurs on September. This time we have another one on 31st march (confused), lol! no its the “EMV MIGRATION” (Seems Kenya will have another worlds wonder of migrating nation).EMV is replacing almost 40 year old magnetic stripe card transaction processing and Kenya banking industry is gearing up to migrate to new EMV chip technology standard. But whats in all this hullabaloo of migrations? What are the benefits?
“Central Bank of Kenya data shows that there were more than 10.7 million ATM, credit and debit cards in circulation by year end 2012, this represented a 6 per cent increase over the previous year, while the value of the ATM transactions alone during the same period in 2012 was Kshs.156, 891 million which is up from 140,825 million the year before. This can be attributed to an impressive economic growth and rising levels of disposable incomes, Kenya is growing a developing nation remember we are headed somewhere if not nowhere.
Continue reading Kenya next great migration,the “EMV”
Google’s Android Is consolidating its position as the most popular mobile operating system and primary attack target for malicious actors interested in compromising mobile devices.
“FireEye Labs has recently discovered six variants of a new Android threat that steals text messages and intercepts phone calls” (fireeye.com, 2014) called Android.HeHe”.
It is a Trojan horse for Android devices that blocks incoming calls and SMS messages from specific numbers and disguises as a genuine android security update also known as OS update. “It contacts the command-and-control (CnC) server to register itself then goes on to monitor incoming SMS messages.he CnC is expected to respond with a list of phone numbers that are of interest to the malware author. If one of these numbers sends an SMS or makes a call to an infected device, the malware intercepts the message or call, suppresses device notifications from the device, and removes any trace of the message or call from device logs.
Continue reading The new Android Android.HeHe Trojan;blocks incoming calls and SMS messages
The malware has been hitting the news lately by stealing 2 Million Accounts passwords from Facebook, Twitter, Google, ADP. “The Pony malware is used to steal information: stolen credentials for websites, email accounts, FTP accounts, [and] anything it can get its hands on. In this case, attackers planted the malware on users’ machines around the world and were able to steal credentials for websites such as Facebook, Twitter, Yahoo, and even the payroll provider ADP,” says John Miller, security research manager at Trustwave. (trustwave.com, 2013).The malware has been around since beginning of this year – Jan 2013 (laboratoriomalware.blogspot.com, 2013).
PONY operates rates as a botnet controller. A Bot-net is a collection of interconnected computers (zombies) communicating with other infected computers in order to perform malicious attacks and controlled remotely. Continue reading Uncovering ‘PONY malware’