Most cyberattacks involve criminals exploiting some sort of security weakness.
That weakness could be down to a poorly chosen password, a user who falls for a fake login link, or an attachment that someone opened without thinking.
However, in the field of computer security, the word exploit has a specific meaning: an exploit is a way of abusing a software bug to bypass one or more security protections that are in place.
Software bugs that can be exploited in this way are known as vulnerabilities, for obvious reasons, and can take many forms.
The online game of the moment is Pokémon GO, a mobile phone app that became so popular so quickly that its availability was limited outside the USA in order to stop the game servers being overloaded.
But what about everyone outside the US who wants to join in the fun?
On iOS, there’s not a lot you can do to install apps from alternative markets, because Apple only officially supports the App Store for downloads.
On Android, however, there’s an option called “Allow apps from untrusted sources” that opens up your phone to software from anywhere, not just Google Play.
So, millions of people all over the world are deliberately lowering their Android security settings to pirate Pokémon GO from unofficial download sites.
Is it safe to do this?
After all, millions of people have already pirated the app, apparently without anything bad happening, so surely the many millions who follow the crowd will be OK, too?
Sophos is aware of a widespread malicious email campaign sent out with subject lines like this:
These emails claim to come from addresses such as:
Please note that this attack did not originate from Sophos, and there is no indication that we have been compromised in any way.
Unfortunately, the “From” address in an email is part of the email itself, just like the subject line or the message, so the email sender gets to choose whatever they want.
We’ve all heard of the Internet of Things, or IoT.
What we aren’t yet quite sure of, however, is what actually qualifies as an Internet Thing.
Granted, it will have some kind of computer chip inside it, and you can hook it up to a computer network rather than just running it isolation.
For example, you get home thermostats that are considered IoT things, and baby monitors, and smart TVs, and webcams.
To that you can add light bulbs, doorbells and even kettles (no, we don’t know why, either)…
…as well as cars, trucks and heck, by some accounts, perhaps even power stations.
So there doesn’t seem to be any limit on the size, or price, or form, or function, of a “thing.”
Ever wondered how cybercrooks do it?
Do they need to be technology wizards? Programming geeks? Website developers?
Spam kings? Hard-core reverse engineers?
In fact, these days, they don’t need much more than a determination to break the law and to get rich illegally at other people’s expense. (And, increasingly, to risk a pretty serious prison sentence if they’re caught.)
That’s because there’s a sizeable underground “malware-as-a-service” industry, where technically adept cybercriminals rent out all the technical wizardry that wannabe crooks need to join the ranks of the criminally active.
Malvertising is short for “malicious online advertising”, and it’s a pernicious problem.
Simply put, it’s a way for crooks to infect innocent visitors via your website, to poison your website’s online reputation, and to trash your brand…
…without going anywhere near your servers, and without tripping any alarms on your own network.
All the crooks do is buy ad space from an ad network and start placing ads – because ads, very loosely speaking, are tiny little web pages of their own that appear in ad-sized windows on other people’s websites.
The second webinar in this week’s Security SOS series is in the bag!
In episode #2, Sophos VP of Product Management John Shaw took on the question, “Can you strengthen security by weakening it?”
As John quipped privately before the recording, “This really ought to be a really quick interview where all I have to say is ‘No.'”
Yet there is a lot of pressure on security vendors these days over what are known as backdoors.