Zimperium Blog

Cutting through the Weekly Mobile Security Noise: Past, Present and Future Threats

It’s been another eventful week in the cyber security world. We’ve been monitoring conversations around a security breach at the White House, another OpenSSL flaw, a new attack called “drive-by-logins” and a WordPress plug-in vulnerability. This week’s events highlight just how careful users need to be regarding the past, present and future state of cyber security.

The most significant news of the week involved Russian hackers and the White House. According to CNN, investigators believe the White House intrusion began with a phishing email that was launched using a State Department email account that the hackers had taken over, giving them access to sensitive information such as real-time non-public details of the president’s schedule. While such information is not classified, it is still highly sensitive and prized by foreign intelligence agencies, U.S. officials say. The Secret Service, intelligence agencies and FBI consider this breach to be one of the most sophisticated attacks on U.S. government systems.

According to research from Venafi, most of the world’s top businesses are still vulnerable to Heartbleed virus, which was discovered a year ago. A CSO article reported, “The OpenSSL flaw impacted organizations both large and small, but the latest figures show that 74-percent of the Global 2000 remain vulnerable.”The latest research from Venafi, says there were four steps to eliminating Heartbleed, and most organizations only completed one or two of them, the most common being updating OpenSSL.

A new attack called “drive-by-logins” allows hackers to leverage vulnerabilities in a website and directly install malware to their target. According to SC Magazine, “Drive-by-logins might be the phishing campaign’s ultimate successor, according to a High-Tech Bridge blog post detailing the attack. Lia Kolochenko, CEO of High-Tech Bridge said, “This type of information can be gleaned from social media alone and no infection or email access is necessarily needed. This new type of attack uses already existing, and trusted, online destinations, unlike phishing campaigns which require a convincing email or website.

On Tuesday, the FBI warned that hackers claiming to be the extremist group ISIS have been targeting websites that have vulnerable WordPress plugins. WordPress, a content management system has a large amount of third-party app makers who have created over 37,000 plugins. According to an article in PC World, “The vulnerabilities can allow the hackers to gain unauthorized access, inject scripts or install malware on the affected sites, according to FBI’s Internet Crime Complaint Center.” The attackers are targeting religious institutions, various government organizations, news agencies and several other websites.