Cyber Propaganda
"Pentagon says evicted Russian hackers, global cyber threat grows"
http://www.reuters.com/article/2015/04/23/us-usa-pentagon-cyber-idUSKBN0NE29E20150423
"Carter said that sensors guarding the Pentagon's unclassified networks detected the intrusion by Russian hackers, who discovered an old vulnerability that had not been patched.""On Thursday, Carter stressed the U.S. military needed closer cooperation with California's Silicon Valley, particularly after high-profile attacks on companies like Sony Pictures Entertainment. "
"As tech companies see every day, the cyber threat against U.S. interests is increasing in severity and sophistication," he said.
Hmmmm... *Maybe* Silicon Valley will have more success with the Pentagon then they did with Sony -- any defense starts with maintaining best practices, in this case, Updating Your Software. Why label it propaganda? Because the publicity push or tour is likely prelude to a request for both more regs & more money. Reward those sleeping on the job & punish everyone.
------------
"How exploit packs are concealed in a Flash object"
http://securelist.com/analysis/publications/69727/how-exploit-packs-are-concealed-in-a-flash-object/
Newer method(s) make it easier to get infected.
-----------
"Internet of Crappy Things, part 2: RSA conference edition"
http://blog.kaspersky.com/internet-of-crappy-things-2/
"Jacoby probably put it best he said that most of the vendors making these products simply do not care about the various security vulnerabilities he reported to them."
-------------
"Bypassing OS X Security Tools is Trivial, Researcher Says"
https://threatpost.com/bypassing-os-x-security-tools-is-trivial-researcher-says/112410
"Gatekeeper is one of the key technologies that Apple uses to prevent malware from running on OS X machines."
"“Gatekeeper doesn’t verify an extra content in the apps. So if I can find an Apple-approved app and get it to load external content, when the user runs it, it will bypass Gatekeeper,” Wardle said in a talk at the RSA Conference here Thursday. “It only verifies the app bundle.”"Backing up Gatekeeper is XProtect, Apple’s anti-malware system for OS X... Wardle found that by simply recompiling a known piece of OS X malware, which changes the hash, he could get the malware past XProtect and execute it on the machine. Even simpler, he could just change the name of the malware, which also lets it sneak in under the fence"
"OS X also now includes a sandbox, which Wardle said is well-designed, but there are a number of known kernel-level OS X vulnerabilities that can bypass the sandbox, as well. Google’s Project Zero has discovered and published several such bugs, and Wardle said using any one of them gets him the ability to bypass the sandbox."
"One of the other key security technologies in OS X is the use of code signing... “The code signing just checks for a signature and if it’s not there, it doesn’t do anything and lets the app run,” he said. “I can unsign a signed app and the loader has no way to stop it from running.” Starting with OSX Mavericks, all of the code that runs in the kernel has to be signed. But the mechanism that checks for the signature is flawed, too, Wardle said."