12.3.16

Android smartphones can be unlocked with 2D-printed fingerprints

Android smartphones offering biometric security can be tricked into unlocking with 2D fingerprints, say researchers – and all you need is some glossy paper and an Inkjet printer.
According to a paper published by Michigan State University researchers Kai Cao and Anil Jain, fingerprint scanners on Android devices can be duped with a high-resolution photo of the owner’s fingerprint. Photos need only be flipped horizontally and then printed on a certain paper with photo-conductive ink cartridges.
The flaw doesn’t appear to be limited to just one model of smartphone, as researchers were able to fool a Samsung Galaxy S6 and Huawei’s Honor 7 using the same method.
Fingerprint sensors have become an increasingly common form of smartphone security since debuting on the iPhone 5s back in 2013. As ZD Net points out, though, no system is perfect, and the iPhone was breached within weeks using a latex material.
That hasn’t stopped developers experimenting with biometrics, just as it hasn’t stopped cybercriminals experimenting with potential hacks. As the Daily Mail reports, it was recently suggested that an iPhone could be broken into with Play-Doh – although it requires the phone’s owner to press their finger into the modeling material for five minutes.
Meanwhile fingerprint scanners aren’t the only biometrics that manufacturers are experimenting with – heartbeat monitors are being trialled as a way to provide secure banking, and even wearables that measure your gait.

According to the two Michigan State University researchers, these too could be susceptible to attack. “It is only a matter of time before hackers develop improved hacking strategies not just for fingerprints,” says the report, “but other biometric traits as well that are being adopted for mobile phones”

9.3.16

Android banking trojan masquerades as Flash Player and bypasses 2FA


By posted

Active users of mobile banking apps should be aware of a new Android banking trojan campaign targeting customers of large banks in Australia, New Zealand and Turkey. The banking malware, detected by ESET security products as Android/Spy.Agent.SI, can steal login credentials from 20 mobile banking apps.The list of target banks includes the largest banks in each of the three target countries (A full list can be found in the final section of this article). Thanks to its ability to intercept SMS communications, the malware is also able to bypass SMS-based two-factor authentication.

Read the article on 
http://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+eset%2Fblog+%28ESET+Blog%3A+We+Live+Security%29

8.3.16

The women of ENIAC and the future of women in tech

In 1942, six mathematicians were selected to program a machine that would help the US army calculate complex wartime ballistics tables.
Using their combined mathematical and technical skill, these six programmers helped to create the Electronic Numerical Integrator And Computer (ENIAC) – one of the world’s first ever electronic computers.
They were also all women.
The ENIAC was hailed as a ‘giant brain’ in the contemporary media. Its capacity, with five thousand sums per second, was a thousand times faster than the calculators of the time. It is widely considered to be the grandparent of the computers that we all carry in our pockets today.
The efficiency of the machine owed a lot to its programming.
Before electronic computers existed, an applied mathematician would create models providing a general solution to a problem, which were published in large books called tables.
‘Computers’ (at the time, a job title) would then use these tables and perform arithmetic operations to generate accurate results.
The role of computer was largely considered to be a clerical job and was often assigned to women, especially during the war when many men had been enlisted.
The ENIAC was designed with hardware called function tables, which could be programmed to perform complex sequences of operations. Once the program had been figured out on paper it then had to be programmed into the ENIAC. This process took years.
Despite this, when the ENIAC was launched, the six programmers weren’t given any credit for their success. Kathleen McNulty, Frances Bilas, Betty Jean Jennings, Elizabeth Snyder, Ruth Lichterman and Marlyn Wescoff were not even invited to the launch party.
Remembering the female pioneers of computing
Their story was uncovered in the mid-1980s, when computer science graduate Kathy Kleiman, feeling discouraged about the lack of female role models in computing, set out to research the history of women in computer programming.
In her research she discovered a famous newspaper photo of the ENIAC. Only the men in the image were captioned.
When she asked around about the women in the photograph, “I was told they were models – Refrigerator Ladies’ – posing in front of the machine to make it look good,” she explained in an interview, “but that turned out to be far from the truth”.
The dwindling presence of women in computing
In the 1980s computers started regularly appearing in American homes. At the same time, the number of women studying computer science started to drop – from 37.1% in 1984 to 18% today.
One theory of why this might be is that personal computers first came in the form of toys that were almost entirely marketed to men and boys, therefore creating a narrative that computers were for boys.
At the same time, popular public figures, like Bill Gates and Steve Jobs, gave rise to the perception of computer programming as aspirational, respected and highly profitable.
This was great for computer science, but bad for women who were still being bundled into middle-earning clerical and secretarial work. And ironic, as women doing clerical work were instrumental in creating this new area of study.
The influence of unconscious bias on perception
Although much has improved for women since the 1980s, studies have shown that unconscious bias still affects the perceptions of whether or not women are competent enough to do jobs that are mentally and logically demanding.
A recent study found that on GitHub, an online platform where modified software is shared between users, code submitted by women was accepted more often than that submitted by men – but only when their gender was left ambiguous.
When a user’s gender became evident, the acceptance rate of code submitted by women dipped 10%.
Other studies have shown similar results. In 2012, a study at Yale University found that in considering applicants for a laboratory manager position, both male and female staff judged male candidates to be more competent and deserving of a higher salary. They were also more likely to hire them.
Empowering girls and women to get into computing
A consequence of historic gender inequality – and the constant undermining of women in tech – is that women like Kathy Kleiman interested in computer sciences just don’t have many role models.
Like the ‘computer geeks’ of the 1980s looking up to Steve Jobs and Bill Gates, girls need to know that there is a place for them to aim for.
Since Kathy Kleiman set up the ENIAC Programmers Project in 1985, a lot has been done to spotlight women in the tech industry and encourage girls to be interested in coding and computer sciences.
A 2015 documentary called ‘CodeGirl’ follows schoolgirls from groups across the world as they take part in an international competition to develop an app that solves a community problem.
Also in 2015, model Karlie Kloss backed a scholarship for a summer program for girls wanting to learn how to code. The resulting #KodewithKarlie made a significant impact on raising awareness of the position of women in the tech industry.
“I think it’s crucial that young women learn to code as early as possible, to ensure that we have a voice and a stake in what the world looks like,” said Ms. Kloss.
As well a providing a brighter future for girls, there is a growing realization that having women in the workforce is good for business.
Research amassed by the anthropologist Intel researcher Genevieve Bell has found that women are the lead adopters of technology, making them an important demographic in the tech industry and businesses.
In a hyper competitive market, it makes sense that broadening the talent pool can only reap positive affects.

Because if technology is mostly being designed by the male half of the population, we’re missing out on the innovations, solutions and creations that the other 51% of the population could bring to the table. The women of ENIAC certainly proved that, all those years ago.bb

7.3.16

New Mac ransomware appears: KeRanger, spread via Transmission app By Peter Stancik



New ransomware infecting Apple OS X surfaced on March 4th 2016, with the emergence of KeRanger.
The first inkling of trouble came at the weekend. Users of Transmission – a BitTorrent client widely used on OS X – might have noticed the following warning:
According to the warning, which was displayed within the Transmission application and on its website, version 2.90 of the application was infected. All users were recommended to upgrade immediately to 2.91, as they might have fallen victim to new file-encrypting ransomware to target OS X – dubbed KeRanger.
Analysis of this threat was first published by Palo Alto Networks. ESET researcher Anton Cherepanov also spotted it and has completed his own analysis. Here is what you need to know, followed by his technical analysis.
1.     Is KeRanger just a proof-of-concept or fully functional in-the-wild malware?
Unfortunately, the latter.
2.     How does KeRanger spread?
It’s spread via an infected version of an otherwise legitimate open source BitTorrent application – Transmission. Its malicious version (2.90) was available for download between March 4 and March 5, 2016 and was signed with a legitimate developer certificate.
3.     Is it still spreading?
As of March 5, the malicious version was removed from Transmission’s website. Also, Apple has revoked the misused certificate to prevent users from opening the infected installer even if it is downloaded from a third-party location.
4.     I haven’t seen any demand for ransom. Does that mean my Mac has dodged KeRanger?
Not necessarily. The version of KeRanger we have analyzed stays idle for three days after initial infection. To determine if KeRanger is present on your Mac, do the following:
·         If any of these files exist, delete them and uninstall the Transmission app:
o    /Applications/Transmission.app/Contents/Resources/ General.rtf
o    /Volumes/Transmission/Transmission.app/Contents/Resources/ General.rtf
o    %HOME_DIR%/Library/kernel_service/kernel_service
o    %HOME_DIR%/Library/kernel_service/.kernel_pid
o    %HOME_DIR%/Library/kernel_service/.kernel_time
5.     Is there any way to decrypt the files?
Unfortunately, there is not. The malware uses cryptographic algorithms (RSA-2048 and AES-256) that are effectively unbreakable.
6.     How can I protect my data?

Use reliable security solution. ESET’s users are protected – our software detects KeRanger under OSX/Filecoder.KeRanger.A. We strongly recommend that users back up all of their valuable data on a regular basis.

Big data specialist Talend haalt meer uit Hadoop


Veel organisaties gebruiken Hadoop om data op te slaan. Maar de truc is om de gegevens ook snel weer beschikbaar te hebben. Fergal McDonnell van big data specialist Talend vertelt hoe Hadoop sneller is te maken.

De Ier McDonnell is begin januari 2016 aangesteld als VP EMEA Emerging Markets bij Talend. Dit bedrijf is in 2006 opgericht in Silicon Valley. Het was de eerste commerciële open source leverancier van integratiesoftware. Veel data zitten tegenwoordig verborgen in het
framework van Hadoop. Alle reden, volgens McDonnell, om ontwikkelaars tips te geven hoe
zij Hadoop nog beter kunnen inzetten. “Gewoon door data integratie jobs die met MapReduce zijn gebouwd te verplaatsen naar Apache Spark lukt het om de jobs twee en een half keer sneller te laten verlopen”, geeft McDonnell een eerste tip. “Het mooie van Spark en Spark streaming is dat je nu één toolset hebt om operaties uit te voeren in bulk en batch én real time. Met Talend is het mogelijk integratielijnen te ontwerpen waarmee je kunt
putten uit historische databronnen – van Oracle en Salesforce – en ze te verrijken met real
time streaming data van websites, mobiele apparatuur en sensoren.”

Wees slim
McDonnell komt met het voorbeeld van Talend-klant Otto. “Zij gebruiken Spark om te
voorspellen – met negentig procent nauwkeurigheid - welke klanten op het punt staan hun
koopproces te beëindigen. Die krijgen meteen een mooie aanbieding voorgeschoteld. Overigens hoef je niet zo’n groot bedrijf te zijn als Otto; met deze tools kan iedereen over
real time analyses beschikken.”

Slim ben je ook als je stop met de hand te coderen. Tot slot komt hij met de tip te beginnen
met een big data sandbox. Dat is een virtual machine waarop Spark is voorgeïnstalleerd,
evenals een real time streaming gebruiksvoorbeeld.

In Benelux
Talend wil groeien in een aantal Europese landen. Daarom heeft het bedrijf sinds 1 februari
een kantoor geopend in Amsterdam. Auke Jilderda is verantwoordelijk voor de Nederlandse
vestiging. De tien jaar hiervoor werkte hij bij CollabNet, waarvan de laatste zes
jaar als Sales Director Benelux & Nordics.

In  Benelux begint Talend met twee mensen. Het is de bedoeling dit uit te breiden in de

loop van dit jaar. Jilderda begint met kennismaking met bestaande klanten in Benelux.

6.3.16

Managing agile virtual machine security across the enterprise: A closer look



Moving security to different digital intersections may serve to reduce the load on the endpoint – thereby avoiding duplicate scans, say, during a malware storm.
However, it is just as important to understand how and when an agile approach to deploying your network defenses in real-time should be performed, and how attacks might dictate that approach. Here we look at best practices, and striking a balance between network load, endpoint load and attack defense agility.
No two attacks are alike. If you have a server room full of payment-processing physical and VM servers, you deploy a very different mix of security tools (or should) than someone deploying thin clients for a call center, and (hopefully) different defense methodologies.
Increasingly, VM environments are housing a broad mix of machines, so you might have a few servers full of accounting database servers, a few servers of Windows desktop VMs, and a smattering of other VMs to round out the enterprise. This is where the need for agility applies.
For example, with VMWare’s vShield App and Endpoint, you can route potentially suspicious traffic across virtualized networks to VM host servers with lots of power for enterprise scanning, and then add and remove endpoints from that pool dynamically, as traffic dictates.
This kind of rethinking about enterprise deployment requires us to reconsider enterprise security in a different context, since not only is moving VMs around the enterprise de rigueur, moving entire networks ‘on the fly’ is as well, and this means, in turn, that tracking the changes and keeping an appropriate security defense layering schema current becomes much more nuanced, but also much more important. Add that to rolling out Software Defined Networks (SDN), and your enterprise becomes very agile indeed.
But with both network and host agility across a dynamic environment, mistakes are easy to make. Knowing the state of all your endpoints and networks – especially across datacenters – means dashboarding and snapshots (and versioning to be able to replay configuration steps) become paramount. Do you know what the parameters of your perimeters, networks, and clusters of endpoints’ security look like right now? If not, you’re not alone.
Not to worry though. Last year at VMWorld there were many presentations about the real pain and suffering that can accompany a migration to this type of architecture (along with accompanying workarounds). And while you may understand security of old static systems, it is not obvious that you will be able to manage a more dynamic environment until you learn and understand the tools and can fully understand each of the missions behind groups of VMs scattered around the enterprise.
So it’s best to roll out a small mockup of the eventual architecture you want to migrate to, and even create some pseudo-real workloads (of non-critical tasks) and spin it all up and watch what happens. In this way you can establish a Phase A mockup to stage, then roll to a Phase B, which is exposed to more traffic and more potentially hostile traffic. During this exercise you can start instrumenting and tuning your sensors for the right amount of threat intelligence for a given environment. Then, when you are ready to move into production, you’ll have a fairly good idea of what the pinch points and strengths are surrounding your system. You’ll also know what loads different systems can handle, and where best to locate your security sensors.

Ten years or so ago when virtual machines were in their nascent and emergent forms, no one thought there would be a strong need to engage in this level of management. But in today’s environment, when the technology has proven itself in heavy, continuous and continually changing environments, you may want to think twice about ramping up a full production environment without really understanding your security stance, and you only get there by testing, not just fire-and-forget.