CTO Security Report

We have a lot of news on the mobile front this week; This is unsurprising given that the mobile sector is expanding so fast that some have taken to calling today the “Post-PC Era”. We all know very well that it’s not over yet, but it’s exciting to see such prolific changes in our day-to-day operations and see the mobile platform take shape as it heads rapidly towards maturity. This isn’t without bumps in the road — this week the FCC announced initiatives to curb phone theft through the use of a deactivation database while a malicious application posing as “Angry Birds Space” tore through gullible users on the Android App Store.

Boeing Secure Android Phones

Boeing is seeking to provide customers with a low-cost, high-security phones with familiar consumer interfaces. To facilitate this, they’ve chosen to develop a secure version of the android operating system for secure communications. While the operating system will be consumer-based, the prices will be oriented towards corporations and government. This is Boeings first foray into the mobile communications solutions market.
With the recent instability of RIM, it may turn out to be a smart move for Boeing (and other companies) to begin fielding mobile solutions for Federal and Private space when/if the mobile solutions provider collapses.

Read More: http://www.theregister.co.uk/2012/04/12/boeing_secure_smartphone/

FCC ‘Protect’ Initiative

The FCC Protect initiavtive is a program designed by the FCC to curtail the theft and sale of stolen phones by making the phones inoperable via the service provider. Phone details including the MEID and other unique network identifiers which allow the devices to communicate on mobile networks are placed into an industry blacklist. Mobile phones attempting to be activated onto a carrier network would first be checked against this list to ensure that the phone is not stolen before allowing the device on the network.
Recently AT+T has come under legal fire for allowing stolen iPhones to remain active and allowing them to re-activate on their networks. Initiatives such as this will prevent further legal actions and hopefully dry up the motivation to steal mobile phones.

Read More: http://www.v3.co.uk/v3-uk/news/2166919/fcc-takes-plan-track-stolen-phones

Angry Birds Trojan

If you needed any more evidence that off-brand Android application stores are rife with malware, this is it — a malicious application posing as “Angry Birds Space” was discovered on a third-party app store this week. What makes this interesting is that the trojan made an attempt to hide it’s payload inside of a JPEG file which contained two linux executable files. These files, when detached and ran by the trojan, prompted the phone to open specific URL’s, essentially rolling it into a “Botnet” according to Sophos Security. This is another in a long line of Android exploits, but with the always-on capabilities of Android phones combined with poor virus detection services, expect to see more advanced malware proliferate.

Read More: http://nakedsecurity.sophos.com/2012/04/12/android-malware-angry-birds-space-game/?utm_source=twitter&utm_medium=gcluley&utm_campaign=naked%2Bsecurity

HP Ships Infected Product

HP ProCurve 5400zl switches may come with infected flash memory cards, which, when used in a computer, will load an infection onto the users machine. While the memory cards were likely infected from a third-party-supplier, this type of malicious activity is far from unheard of — Dell,

for one was infected in a similar manner, and several years ago Energizer released a USB charger with preloaded malware as well. Many security professionals have also heard stories of infectious USB keys being passed to officials at conferences or other trade and industry gatherings.

Read More: http://www.theregister.co.uk/2012/04/11/hp_ships_malware_cards_with_switches_oops/

Remote Samba Exploit Affects All Current Versions

A critical exploit in Samba (a service which provides file and print services to Unix, Linux, and Windows operating systems) affects all recent versions of the Samba software. The remote exploit does not require authentication, which makes it extremely dangerous, and affects versions of the software from 3.0.x up to and including 3.6.3. Due to the ease with which the exploit can be successfully launched, those behind the open-source product recommend immediately upgrading to the most recent version of Samba.

Official Announcement Here: http://www.samba.org/samba/security/CVE-2012-1182

Original post

Leave a Comment

Leave a comment

Leave a Reply