Mar 312016
 

Algumas ideias para minimizar as infeções de malware que se espalha através da execução de macros, entre elas uma funcionalidade nova disponível no Office 2016 de “Block macros from running in Office files from the Internet”:

 

https://blogs.technet.microsoft.com/mmpc/2016/03/22/new-feature-in-office-2016-can-block-macros-and-help-prevent-infection/

https://www.opswat.com/blog/how-stop-macro-based-malware-its-tracks
http://www.thewindowsclub.com/block-macro-malware-microsoft-office
http://thehackernews.com/2016/03/macro-malware-protection.html
https://blogs.technet.microsoft.com/mmpc/2016/02/24/locky-malware-lucky-to-avoid-it/

 

Mar 112016
 

Some usefull tips:

  • Turn on disk encryption.
  • Use biometrics for unlocking normally with a longer passcode (instead of a simpler 4-character PIN).
  • Disable developer access.
  • Disable third-party app store access.
  • Evaluate and uninstall apps with excessive permissions using Android Permission Apps or other tools.
  • Install Android platform updates when they become available.
  • Turn on “Android Device Manager” for remote location services for lost devices or a third-party “Find my Android” tool if your Android device doesn’t support this feature.
  • Periodically erase your network settings to forget about old, insecure WiFi networks you don’t use anymore.
  • When plugging in USB, don’t say yes to “Trust this PC” when prompted, unless it is a personally owned system.
  • Set a strong Google password, better still, enable two-factor authentication.
  • Disable wireless and leave it off unless you’re actively using it.
  • Install a VPN for when you need to use Wi-Fi, and always use the VPN when connecting to Wi-Fi.
  • Only use known Wi-Fi connections, beware of free public Wi-Fi.
  • Don’t leave your device unattended, treat it like your wallet.

 

source http://pen-testing.sans.org/blog/2016/03/10/mobile-device-security-checklist

Mar 032016
 

“If you’ve been following cryptographic news about TLS/SSL over the past year, you’ll probably smell something familiar in the mention of “obsolete and weakened encryption.”

Loosely put, DROWN depends on a cryptographic backdoor known as EXPORT_GRADE, baked into US products by law until the end of the twentieth century.

EXPORT_GRADE was supposed to make our regular communications safe enough against everyday attackers, while giving national-level organisations such as the NSA a fighting chance to crack enemy traffic, given enough time and money.”

 

Source: https://nakedsecurity.sophos.com/2016/03/02/the-drown-security-hole-what-you-need-to-know/

Feb 172016
 

“Os números fazem parte do relatório da comarca de Lisboa para o ano de 2015 que foi divulgado online e mostra a prevalência do cibercrime e das atividades relacionadas com crimes informáticos entre a atividade criminal investigada na região.”

cibercriminalidade

In http://tek.sapo.pt/noticias/computadores/artigo/cibercrime_em_segundo_lugar_na_investigacao_do_ministerio_publico_em_lisboa-46235xzo.html

Feb 122016
 
  • Regularly install WordPress core updates and plugin updates to ensure you are running code having all the latest security patches.
  • Use a modern and updated WordPress theme. Older themes often have embedded plugins that haven’t been patched and can present vulnerabilities.
  • When researching the use of any plugin, check the date it was last updated and its WordPress version compatibility. Avoid older plugins, as those haven’t been tested with the current WordPress version.
  • When deciding between plugins having similar functionality, choose those having greater numbers of active installs and better ratings. Generally speaking, such popular plugins are regularly updated and have a lower risk factor.
  • Even inactive plugins on your WordPress site pose a security risk. Delete those that are unnecessary plugins and don’t actively use. The fewer the plugins you use, the fewer options a hacker will have.
  • No plugin is 100% safe, but the WordPress Plugin repository (https://wordpress.org/plugins/) vets each one located there before offering them to users. Only download plugins from the repository site and from third-party theme and plugin developers known to be reputable.
  • Use WPScan’s Vulnerability Database (https://wpvulndb.com/) to monitor plugins known to have vulnerabilities, as well as to learn when they are patched.

based on https://www.incapsula.com/blog/wordpress-plugin-vulnerabilities.html

Feb 122016
 

“Our new intelligence on BlackEnergy expands previous findings on the first wide-scale coordinated attack against industrial networks. Based on our research that we will further outline below, attackers behind the outages in two power facilities in Ukraine in December likely attempted similar attacks against a mining company and a large railway operator in Ukraine.

This proves that BlackEnergy has evolved from being just an energy sector problem; now it is a threat that organizations in all sectors—public and private—should be aware of and be prepared to defend themselves from. While the motivation for the said attacks has been the subject of heavy speculation, these appear to be aimed at crippling Ukrainian public and criticial infrastructure in what could only be a politically motivated strike.”

http://blog.trendmicro.com/trendlabs-security-intelligence/killdisk-and-blackenergy-are-not-just-energy-sector-threats/

Feb 032016
 

“Adversaries have achieved considerable advances too. No Snowden or Heartbleed-like events have been reported. Instead, cyber-threats have undergone significant evolution and just as in 2014, significant breaches have covered front pages of media. And exactly this is an alerting fact: seemingly, cyber-threat agents have had the tranquillity and resources to implement a series of advancements in malicious practices. In particular:

  • Performing persistent attacks based on hardware, far below the “radar” of available defence tools and methods.
  • Achieving enhancements in the provision of “cyber-crime-as-a-service”, tool developments for non-experts and affiliate programmes.
  • Highly efficient development of malware weaponization and automated tools to detect and exploit vulnerabilities.
  • Campaigning with highly profitable malicious infrastructures and malware to breach data and hold end-user devices to ransom.
  • Broadening of the attack surface to include routers, firmware and internet of things.”

 

https://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape/etl2015

Feb 032016
 

What?

Twitter é muito limitativo…
Facebook está muito massificado e a mensagem fica perdida…
Google+ é para um nicho…

For now?
Back to the blog.